Hardening

	Hardening
advICE :OS :Windows :WinNT : Hardening

Like most operating systems, a default Windows NT installation is vulnerable to hacker exploits until it has been hardened. In particular danger is remote file access, remote registry access, and the many subsystems that come with Microsoft's web server IIS.
The first hardening step is to consider the difference between local access and remote access. A "local user" is anybody logged into the console directory, or remotely via Terminal Server, SMS, etc. A "remote user" is somebody logged onto via the webserver or file service.
Hardening concerns itself mostly with remote rights, especially against hackers that do not already have rights (other than anonymous) to the machine.

accounts (6)
C2 (2)
services (0)

Building a Windows NT bastion host in practice-READ THIS! This paper presents a checklist for converting a default Windows NT installation to a bastion host. A "bastion host" is a computer system that is exposed to attack.
Microsoft: IIS 4.0 Checklist-READ THIS! This paper from Microsoft lists all the steps necessary to set up a web server on the Internet.
http://www.microsoft.com/NTServer/nts/exec/overview/changed.asp
The Hardening of Microsoft Windows NT-by Micheal Espinola Jr.
NTBugTraq: What must I fix?-Quick basics on what to fix.
Steve Sutton's paper
Navy Secure Windows NT Guide
Windows NT Security for the Paranoid Systems Administrator-by John Kozubik
http://tns.sdsu.edu/security/securing_nt.html

RESOURCES

Books
FAQs
Intro
News
Lists
Notes

SEARCH