Security Checklist for System Administrators

This tip is excerpted from Windows NT/2000 Network Security, by E. Eugene Schultz, published by New Riders.

1. If you need high levels of security, change the Registry of critical servers to restrict null session access, or at least to limit access via shares and named pipes. Test these changes in a nonproduction environment first to ensure that they do not disrupt your operational environment.
2. Observing the same constraints as in step 1, consider disabling the NetBIOS bindings if security needs so warrant.
3. Ensuring first in nonproduction environment that no application breaks, consider disabling Administrative shares if security needs so warrant.
4. Install the most recent SP in all your Windows hosts.
5. Ensure that access to devices and programs that capture network traffic is properly limited only a few of the most trusted systems and network administrators should be given such access.

For more information about Windows NT/2000 Network Security, or to buy the book, click here.