Solved

Important Services in Windows 2003,

Posted on 2006-06-12
3
339 Views
Last Modified: 2008-02-01
I would like to know more about important services in Win 2003 that should be set to disabled. In unix we had r-services, telnet as opposed to SSH. In there any services that should be set to disabled or replaced by newer services in Windows.
I have looked at MSB , CISE Security guide, but still confused which services have the greater impact on security.
0
Comment
Question by:kecoak
3 Comments
 
LVL 14

Expert Comment

by:alimu
Comment Utility
A good start is to not install anything you are not using (eg: don't install IIS if you're not using web services, don't install FTP if you're not using it, etc).
You can get Microsoft Baseline Security Analyser from Microsoft at http://www.microsoft.com/technet/security/tools/mbsahome.mspx which will identify major security issues you have.  It will show you problems, missing patches and also give you an explanation of what you need to do to correct issues.

How you lock down your server depends very much on what roles it plays, if you can tell us more about what functions it performs we may be able to provide more directed information.
0
 
LVL 48

Expert Comment

by:Jay_Jay70
Comment Utility
usually by default, 2003 server is fairly locked down to a "whats needed" basis, most thins that arent needed but are an option are disabled by default, usually, you don't need to go playing with the services that you may need to one a client OS such as xp.....
0
 
LVL 4

Accepted Solution

by:
mattbcs earned 500 total points
Comment Utility
One MAJOR point, as far as w2k3 server goes, is installing Service Pack 1. Lots of security fixes are included.

Go through the add/remove programs (windows components) and remove everything you don't absolutely need.
The next step is to go through the services, and evaluate exactly what services you need to run, and disable the rest.

As far as services to disable - it depends on the what the role of the server is going to be.

One more important thing - run windows update, but click on "MICROSOFT UPDATE" - Run that, and keep your updates frequent.

Thanks,
Matt
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

by Batuhan Cetin Within the dynamic life of an IT administrator, we hold many information in our minds like user names, passwords, IDs, phone numbers, incomes, service tags, bills and the order from our wives to buy milk when coming back to home.…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now