Solved

Important Services in Windows 2003,

Posted on 2006-06-12
3
369 Views
Last Modified: 2008-02-01
I would like to know more about important services in Win 2003 that should be set to disabled. In unix we had r-services, telnet as opposed to SSH. In there any services that should be set to disabled or replaced by newer services in Windows.
I have looked at MSB , CISE Security guide, but still confused which services have the greater impact on security.
0
Comment
Question by:kecoak
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 14

Expert Comment

by:alimu
ID: 16891564
A good start is to not install anything you are not using (eg: don't install IIS if you're not using web services, don't install FTP if you're not using it, etc).
You can get Microsoft Baseline Security Analyser from Microsoft at http://www.microsoft.com/technet/security/tools/mbsahome.mspx which will identify major security issues you have.  It will show you problems, missing patches and also give you an explanation of what you need to do to correct issues.

How you lock down your server depends very much on what roles it plays, if you can tell us more about what functions it performs we may be able to provide more directed information.
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 16891696
usually by default, 2003 server is fairly locked down to a "whats needed" basis, most thins that arent needed but are an option are disabled by default, usually, you don't need to go playing with the services that you may need to one a client OS such as xp.....
0
 
LVL 4

Accepted Solution

by:
mattbcs earned 500 total points
ID: 16892461
One MAJOR point, as far as w2k3 server goes, is installing Service Pack 1. Lots of security fixes are included.

Go through the add/remove programs (windows components) and remove everything you don't absolutely need.
The next step is to go through the services, and evaluate exactly what services you need to run, and disable the rest.

As far as services to disable - it depends on the what the role of the server is going to be.

One more important thing - run windows update, but click on "MICROSOFT UPDATE" - Run that, and keep your updates frequent.

Thanks,
Matt
0

Featured Post

Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Numerous times I have been asked this questions that what is it that makes my machine log on so slow, there have been cases where computers took 23 minute exactly after taking password and getting to the desktop. Interesting thing was the fact th…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question