Solved

How do I secure a Windows Server 2003/2008 Fileserver?

Posted on 2011-03-06
3
480 Views
Last Modified: 2012-05-11
What are the steps most systems administrators take for securing file servers? What security monitors do you set etc?
0
Comment
Question by:victor2008
  • 2
3 Comments
 
LVL 5

Expert Comment

by:sykojester
ID: 35048168
Proper permissions is one of the biggest things for a file server.  Antivirus is also a big thing as client computers can be notorious for becoming infected and spreading via shares which gets other client machines infected.

I don't quite understand what you are referring to by security monitors.  Possibly audit logs?
0
 

Author Comment

by:victor2008
ID: 35048293
yes, i meant audit logs.  do you use the built in security auditing or third party? how would a virus infect a share and then spread to other computers?
0
 
LVL 5

Accepted Solution

by:
sykojester earned 500 total points
ID: 35048350
I generally don't audit file/folder access on shares for small business.  Usually the issue is the user modifies or deletes a file and needs the previous version which is where previous versions, shadow copy, & backups come in handy.

You can enable domain or local policies for audit tracking on who accesses files and folders including when they read and modify them.

If you're doing this on the file server itself it can be done via Local Security Policy / Audit Policy / Audit Object Access.  You can audit both success and/or failure.

Some viruses do spread via network shares, esp. mapped drives.  Some create autorun.inf's with the shares as well as drop files within the share for users to execute.  They can also attach to existing file formats depending on the virus/malware such as .exe, .doc, xls, .pdf, and so on.  I've finally eliminated this within my environment as I've recently gotten a new job.  Fun Fun.
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question