How to make Windows 2003 more secure

Windows Server 2003 is Microsoft's latest server operating system. Compared with Windows 2000/XP system, all aspects of the function have been enhanced, especially in terms of security, the overall feeling is done. not bad. But "gold has no foot" is not perfect, and Microsoft Windows 2003 is the same, there are system vulnerabilities, there are many security risks! Whether you use your computer to enjoy music, surf the Internet, run games, or write documents, you will inevitably be threatened by the proliferation of new viruses. How to make Windows Server 2003 more secure has become a concern of users.

First, cancel the IE security prompt dialog box

In the face of hacker organizations malicious programs, Microsoft has been working hard to reduce the security risks of the product, which is obvious to all. Microsoft's next-generation Windows Server 2003 operating system has been enhanced in terms of security. For example, when using

Windows Server 2003's own IE browser to browse the webpage, a security prompt box will pop up every time, “Trouble” to remind us whether we need to add the currently visited website to ourselves. Trusted sites; if you don't trust, you can only click the "Close" button; if you want to browse the site, you must click the "Add" button to add the page to the trusted site. Go to the list. However, every time you visit a web page, you have to go through such steps, which is really cumbersome. In fact, we can use the following method to let IE cancel the security check of the website:

1. Once the system opens the security prompt page, you can use the mouse to "when the content of the website is blocked". Continue to prompt & rdquo; check the selected;

2. In the browsing interface, click the “Tools” menu item with the mouse to execute the “Internet Options” command from the open drop-down menu; >

3. In the pop-up option setting interface, you can set the highest security level in the system default state to medium level;

4. When setting, just click on the “Security” tab page. In the middle, drag the security slider to the "where" position;

5. After completing the settings, click the "OK" button to open the browser automatically. The prompt page has been cancelled.

After modifying the default security level settings of IE, when you go online, IE will not automatically check the security of the website, and the trouble is solved!

Second, re-support ASP script

Filed ASP (ActiveServerPage) everyone will associate with Windows, it is popular with the majority of WEB developers with its powerful features, easy to learn. However, in order to minimize system security risks, the Windows Server 2003 operating system does not support ASP scripts running by default. — The system will not perform any operations on the ASP code in the website; but now Many web page service functions are implemented by ASP scripts. What should I do? In fact, we can completely support the ASP script under the premise that the system security is guaranteed. The specific implementation method is:

1. In the system's Start menu, click the “Administrative Tools” button, and then click the “Internet Information Service Manager” command (Figure 1).

Figure 1

2. In the subsequent Internet Information Service Properties Settings window, use the mouse to select the "Web Server Extensions" option in the left area;

3. Then in the area to the right of the corresponding option, double-click the "Actives server pages" option with the mouse, and then click the "Allow" button at the "Taskbar" setting item, in the system IIS6 can re-support ASP scripts (Figure 2).

Figure 2

The question that users are most concerned about is whether the original ASP component can still be used. I can tell you that after this modification, IIS6 in the system re-supports ASP scripts, and all operations are very simple!

Third, clear the default shared hidden dangers

Users who use Windows Server 2003 will encounter a problem, that is, the system will generate the default shared folder when installed by default. Although the user does not set up sharing, each drive letter is automatically shared by Windows, and the share name is the drive letter

followed by a symbol $ (share names are c$, d$, ipc$ respectively) And admin$). In other words, as long as the attacker knows the administrator password of the system, it is possible to open the specified folder of the system by the method of "workstation name\\share name", so that the user carefully sets the password. Is security precautions not a device? Still safe! For this reason, it is necessary for us to remove the default shared vulnerability of Windows Server 2003 system and immediately remove it from the system.

1. Delete the default share of Windows Server 2003

First write the batch file of the following content: