Have to know the Win2003 system security common sense

Win2003 system has a large number of user groups, system security is also relatively safe and stable, but the security system is inevitably attacked by hackers. Then, we need to maintain the safety of the system in the daily life. We have to know some skills in the maintenance, and now we share with you what aspects should be maintained.

First, limit the number of users in the administrator group

Strictly limit the users of the administrator group, and always ensure that only one Administrator (that is, you) is the user of the group. Check the users of the group at least once a day, and find that more users are deleted! There is no doubt that the new users must be the back door left by the intruders! At the same time, pay attention to the Guest users, smart intruders generally do not add strangers. Usernames, so it's easy for administrators to find their whereabouts. They usually activate the Guest user first, then change its password, and then put it in the Administrators group, but the Guest runs to the Administrators group for no reason? Stop!

Second, stop unnecessary services

Too many services are not a good thing, turn off the necessary services, especially even the administrator does not know what to do, What are you doing? Turn it off! Don't bring disaster to the system.

In addition, if the administrator does not need to remotely manage your computer, it is best to turn off all remote network login functions. Note that if you need it, disable "Task Scheduler", "RunAs Service" service!

The method of closing a service is very simple. After running cmd.exe, you can directly stop net stop servername.

Third, the administrator is safe, do not use the company's server for personal use

Windows 2003 Server In addition to the server, you can also do the same as a personal user's computer, browse the web, send and receive E-mail and so on. As an administrator, you should use the server's browser to browse the web as little as possible to avoid Trojan infection and company privacy information exposure due to browser vulnerabilities. Microsoft IE has a lot of vulnerabilities, I believe you will not know it? In addition, there are few tools on the server to use Outlook and other tools to send and receive E-mail, to avoid the virus, and bring losses to the enterprise.

Fourth, pay attention to local security

Preventing remote intrusion is very important, but the local security of the system can not be ignored, the intruder is not necessarily in the distance, it may be around!

(1) In time to put the latest version of the patch to prevent input method loopholes, this is no need to say. The input method vulnerability is not only caused by local intrusion. If the terminal service is opened, the system door will be opened, and a machine with a terminal client can easily enter!

(2) Not displayed Secondary login users

If your machine has to be shared by multiple people (in fact, a real server should not be like this), it is important to prohibit the user who last logged in, so as not to guess Password. The setting method is: in [Start] → [Program] & rarr; [Administrative Tools] & rarr; [Local Security Policy], open the "local policy" & rdquo; security options & rdquo;, double-click on the right side of the login screen Do not display the last login user name ”, select “Enabled”, and then click [OK], so that the next time you log in, the user name that was last logged in will not be displayed in the username box.

1. Don't choose to install from the network

Although Microsoft supports online installation, it is definitely not safe. Do not connect to the network until the system is fully installed, especially the Internet! Don't even connect all the hardware to install. Because Windows 2003 is installed, after entering the password of the user administrator account <Administrator", the system will create a shared account of “$ADMIN”, but it does not protect it with the password just entered. This situation will always be Continue until the computer starts up again. In the meantime, anyone can enter the system through “$ADMIN” at the same time, the installation is complete, the various services will run automatically, and the server is full of loopholes, which is very easy to invade from the outside.