Solved

How do I secure a Windows Server 2003/2008 Fileserver?

Posted on 2011-03-06
3
483 Views
Last Modified: 2012-05-11
What are the steps most systems administrators take for securing file servers? What security monitors do you set etc?
0
Comment
Question by:victor2008
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 5

Expert Comment

by:sykojester
ID: 35048168
Proper permissions is one of the biggest things for a file server.  Antivirus is also a big thing as client computers can be notorious for becoming infected and spreading via shares which gets other client machines infected.

I don't quite understand what you are referring to by security monitors.  Possibly audit logs?
0
 

Author Comment

by:victor2008
ID: 35048293
yes, i meant audit logs.  do you use the built in security auditing or third party? how would a virus infect a share and then spread to other computers?
0
 
LVL 5

Accepted Solution

by:
sykojester earned 500 total points
ID: 35048350
I generally don't audit file/folder access on shares for small business.  Usually the issue is the user modifies or deletes a file and needs the previous version which is where previous versions, shadow copy, & backups come in handy.

You can enable domain or local policies for audit tracking on who accesses files and folders including when they read and modify them.

If you're doing this on the file server itself it can be done via Local Security Policy / Audit Policy / Audit Object Access.  You can audit both success and/or failure.

Some viruses do spread via network shares, esp. mapped drives.  Some create autorun.inf's with the shares as well as drop files within the share for users to execute.  They can also attach to existing file formats depending on the virus/malware such as .exe, .doc, xls, .pdf, and so on.  I've finally eliminated this within my environment as I've recently gotten a new job.  Fun Fun.
0

Featured Post

Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question