?
Solved

hardening windows servers.

Posted on 2013-11-04
4
Medium Priority
?
418 Views
Last Modified: 2013-11-19
Hi,

Can someone suggest security guidelines to hardening Windows servers - Exchange, SQL, File and Print, IIS?
0
Comment
Question by:nav2567
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 15

Expert Comment

by:Giovanni Heward
ID: 39622065
Here's some more sources:
http://www.nsa.gov/ia/mitigation_guidance/security_configuration_guides/operating_systems.shtml
http://web.nvd.nist.gov/view/ncp/repository

Some excellent training is provided by SANS.
http://www.sans.org/windows-security/2013/06/03/download-scripts


Operating System and Applications Hardening:

    How your anti-virus scanners can fail you
    AppLocker whitelisting
    EMET, ASLR, SEHOP, DEP (EMET 4.0)
    Windows OS and Applications Hardening tools
    The Group Policy Management Console (GPMC)
    INF and XML Security templates
    How to manage Group Policy
    WMI filtering and GPO preferences
    Custom ADM/ADMX templates
    Hardening Adobe Reader
    Hardening Java
    Hardening Internet Explorer
    Hardening Google Chrome
    Hardening Microsoft Office
    Virtual Desktop Infrastructure (pros and cons)

High-Value Targets & Restricting Admin Compromise:

    What makes something a high-value target?
    Users in the local administrators group
    Secretly limiting the power of administrative users
    Limiting privileges, logon rights and permissions
    Token abuse and pass-the-hash attack mitigations
    Group Policy control of Windows security
    User Account Control (UAC)
    Delegating IT power more safely
    Organizational units for role-based controls
    Active Directory permissions for delegation
    Active Directory auditing and logging
    Painless (or Less Painful) Patch Management

PKI, BitLocker and Secure Boot:

    Why must I have a PKI?
    Examples: Smart Cards, VPNs, Wireless, SSL, S/MIME, etc.
    How to install the Windows PKI
    Root vs. subordinate certification authorities
    Should you be your own root CA?
    Detecting malicious trusted CA changes
    How to manage your PKI
    Group policy deployment of certificates
    How to revoke certificates
    Automatic private key backup
    Deploying smart cards
    Best practices for private keys
    BitLocker drive encryption
    BitLocker for USB drives
    UEFI Secure Boot
    TPM chip options for BitLocker
    BitLocker emergency recovery

IPSec, Windows Firewall, DNS, and Wireless:

    Isn't IPSec just for VPNs? No!
    IPSec for TCP port permissions
    How to create IPSec policies
    Windows Firewall and IPSec integration
    Group Policy for IPSec and firewall rules
    NETSH and PowerShell rules scripting
    DNSSEC response validation
    DNS secure dynamic updates
    DNS sinkholes for malware
    Wireless attack vulnerabilities
    Configuring RADIUS policies (NPS)
    Wi-Fi Protected Access (WPA2)
    Secure access to wireless networks
    Secure access to Ethernet networks
    Smart cards for wireless and Ethernet

Server Hardening & Dynamic Access Control:

    A recipe for hardening most servers
    Dangerous protocols: SSL, RDP, IPv6, SMB
    SMBv3 encryption and downgrade attacks
    Pre-forensics and incident response preparation
    Service accounts and recovery
    Scheduling elevated tasks safely
    Protocol stack hardening
    Kerberos armoring and restricting NTLM
    Server Core vs. Server Minimal/Full
    DMZ cross-forest Active Directory trusts
    Dynamic Access Control (DAC)
    DAC for data loss prevention
    DAC for complying with regulations
    Automatic File Classification Infrastructure

PowerShell Scripting:

    Getting comfortable in your shell
    PowerShell remoting
    Running cmdlets and scripts
    Writing your own functions
    Writing your own scripts
    Flow control within scripts
    Managing the event logs
    Managing Active Directory
    Windows Management Instrumentation (WMI)
    Accessing COM Objects
    Security and execution policy
0
 

Accepted Solution

by:
nav2567 earned 0 total points
ID: 39624118
Thanks, guys.  

I will check out these links and will respond before the end of this week.  

Thanks.
0
 

Author Closing Comment

by:nav2567
ID: 39658839
Thanks.  I will look into it and do more research on them.
0

Featured Post

Does Your Cloud Backup Use Blockchain Technology?

Blockchain technology has already revolutionized finance thanks to Bitcoin. Now it's disrupting other areas, including the realm of data protection. Learn how blockchain is now being used to authenticate backup files and keep them safe from hackers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Getting to know the threat landscape in which DDoS has evolved, and making the right choice to get ourselves geared up to defend against  DDoS attacks effectively. Get the necessary preparation works done and focus on Doing the First Things Right.
A look at what happened in the Verizon cloud breach.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question