Network security is a serious consideration for administrators with machines exposed to public networks. Microsoft's TCP/IP stack has been hardened against many attacks and in its default state handles most of the common attacks. Some additional protection against popular Denial of Service attacks can be added by enabling the SynAttackProtect key in the registry. This key allows the administrator to choose several levels of protection against SYN attacks. Here are general guidelines that can lower your vulnerability to attack: Disable unnecessary or optional services (for instance, Client for Microsoft Networks on an IIS server). Enable TCP/IP filtering and restrict access to only the ports that are necessary for the server to function. (See the Microsoft Knowledge Base article number Q150543 for a list of ports that Windows services use.) Unbind NetBIOS over TCP/IP where it is not needed. Configure static IP addresses and parameters for public adapters. Configure registry settings for maximum protection (see Appendix D). Consult the Microsoft Security Web site regularly for security bulletins.
|
|
|
|
|
|
|
|