Building in Security for Applications in Windows Server 2003
This white paper outlines how the flexible, out-of-the-box
security technologies in Windows Server 2003 and the Microsoft
.NET Framework can help prevent malicious code from breaching a
corporate firewall. It also offers suggestions for making programs
of all kinds more secure and easier to manage.
HOW TO: Apply Predefined Security Templates in
Windows Server 2003
Microsoft Knowledge Base Article: 816585 - This step-by-step
article describes how to apply predefined security templates.
Windows Server 2003 includes several predefined security templates
that you can apply to increase the level of security on your
network. You can modify security templates to suit your
requirements by using Security Templates in Microsoft Management
Console (MMC).
HOW TO: Analyze System Security in Windows Server
2003
Microsoft Knowledge Base Article: 816580 - This step-by-step
article describes how to use Security Configuration and Analysis
in Microsoft Management Console (MMC) to analyze and to configure
security on a computer that is running Windows Server 2003.
HOW TO: Configure Group Policies to Set Security
for System Services in Windows Server 2003
Microsoft Knowledge Base Article: 324802 - This article describes
how to use Group Policy to set security for system services for an
organizational unit in Windows Server 2003. When you implement
security on system services, you can control who can manage
services on a workstation, member server, or domain controller.
Currently, the only way to change a system service is through a
Group Policy computer setting.
HOW TO: Configure Security for Files and Folders on
a Network in Windows Server 2003
Microsoft Knowledge Base Article: 325361 - This step-by-step
article describes how to configure security for files and folders
on a network in Windows Server 2003. This may be useful to protect
data from unauthorized access.
HOW TO: Enforce a Remote Access Security Policy in
Windows Server 2003
Microsoft Knowledge Base Article: 816522 - This step-by-step
article describes how to enforce a remote access security policy
in a Windows Server 2003-based Native-mode domain.
HOW TO: Find and Clean Up Duplicate Security
Identifiers with Ntdsutil in Windows Server 2003
Microsoft Knowledge Base Article: 816099 - This article describes
how to check for and clean up or remove duplicate security
identifiers (SIDs) in the SAM database. A unique SID identifies
each security account such as users, groups, and computers. You
use an SID to uniquely identify a security account and to perform
access checks against resources such as files, file folders,
printers, Microsoft Exchange mailboxes, Microsoft SQL Server
databases, objects that are stored in Active Directory, or any
data that is protected by the Windows Server 2003 security model.
HOW TO: Harden the TCP/IP Stack Against Denial of
Service Attacks in Windows Server 2003
Microsoft Knowledge Base Article: 324270 - Denial of service (DoS)
attacks are network attacks that are aimed at making a computer or
a particular service on a computer unavailable to network users.
HOW TO: Install a Certificate for Use with IP
Security in Windows Server 2003
Microsoft Knowledge Base Article: 323342 - When IP Security (IPSec)
is configured to use a Certificate Authority (CA) for mutual
authentication, you must obtain a local computer certificate. This
article describes how to install a local computer certificate for
use with IPSec from a.stand-alone Windows CA
HOW TO: Set Event Log Security Locally or by Using
Group Policy in Windows Server 2003
Microsoft Knowledge Base Article: 323076 - Windows Server 2003
permits administrators to customize security access rights to
their event logs. These settings can be configured locally or
through Group Policy. This article describes how to use both of
these methods.
HOW TO: Set SMTP Security Options in Windows Server
2003
Microsoft Knowledge Base Article: 324285 - This step-by-step
article describes how to set Simple Mail Transfer Protocol (SMTP)
virtual server security options.
HOW TO: Configure Network Security for the SNMP
Service in Windows Server 2003
Microsoft Knowledge Base Article: 324261 - This step-by-step
article describes how to configure network security for the Simple
Network Management Protocol (SNMP) service in Windows Server 2003.
The SNMP service acts as an agent that collects information that
can be reported to SNMP management.
HOW TO: Rename the Administrator and Guest Account
in Windows Server 2003
Microsoft Knowledge Base Article: 816109 - This step-by-step
article describes how to change the administrator account and
guest account names by using Group Policy in Windows Server 2003.
This may be useful if you want to change the name of the
administrator or guest user accounts to minimize the chance of
misuse of these accounts.
HOW TO: Set WMI Namespace Security in Windows
Server 2003
Microsoft Knowledge Base Article: 325353 - This article describes
how to set Windows Management Instrumentation (WMI) namespace
security in Windows Server 2003. WMI security is based on
namespaces. The schema is logically into namespaces for
organizational and security purposes. Use the WMI Control snap-in
to modify the security on WMI namespaces. With this tool, you can
set security that is based off the root or select individual
namespaces. You can also set inheritance that is based on
namespace hierarchy.
HOW TO: Use Cipher.exe to Overwrite Deleted Data in
Windows Server 2003
814599) - Administrators can use Cipher.exe to encrypt and decrypt
data on drives that use the NTFS file system and to view the
encryption status of files and folders from a command prompt. The
version of Cipher.exe that is included with Windows Server 2003
HOW TO: Use Group Policy to Audit Registry Keys in
Windows Server 2003
Microsoft Knowledge Base Article: 324739 - This article describes
how to use Group Policy to configure auditing of Windows registry
keys.
HOW TO: Use the Secedit.sdb Database to Perform a
Security Analysis in Windows Server 2003
Microsoft Knowledge Base Article: 816119 - This step-by-step
article describes how to use the Secedit.sdb database to analyze
your security settings. This analysis can identify security holes
that may exist in your current configuration, and can also
identify changes that will occur if you use a security template to
configure your computer.
HOW TO: Use Software Restriction Policies in
Windows Server 2003
Microsoft Knowledge Base Article: 324036 - This article describes
how to use software restriction policies in Windows Server 2003.
When you use software restriction policies, you can identify and
specify the software that is allowed to run so that you can
protect your computer environment from untrusted code. When you
use software restriction policies, you can define a default
security level of Unrestricted or
Disallowed for a Group Policy object (GPO) so that
software is either allowed or not allowed to run by default. To
create exceptions to this default security level, you can create
rules for specific software
Using Attack Surface Area and Relative
Attack Surface Quotient to Identify Attackability
Support WebCast: Microsoft Windows 2000 Server and
Windows Server 2003: Password and Account Lockout Features
In this Support WebCast session, you will hear about security and
administrative costs that you may see when you configure the
password and account lockout feature set. This WebCast will
provide information about configuring the password and account
lockout settings, security and administrative considerations, new
features in Microsoft Windows 2000 Server Service Pack 4 and
Microsoft Windows Server 2003, procedures to troubleshoot account
lockout events, and recommendations from the new account lockout
white paper |
