Security Basics mailing list archives

RE: security advice

From: "Mike" <mike () superiorholidayadventures ca>
Date: Tue, 27 Jan 2004 14:06:40 -0500

1.  Disable File and Printer Sharing on all clients
2.  Disable all unneeded services
3.  Get yourself MSBSA and HFNetChk

4.  I would NAT on a separate box as opposed to your server.  I'm
assuming your server is Windows based?  Even a cheap Linksys "router"
would be a better choice than having a Windows fileserver doing Internet
sharing as well.

5.  If this is a Windows (2000/2003) server I would make it a DC and
join all clients to the domain.  I would then throw a rather restrictive
Group Policy at the clients.

6.  Nessus wouldn't be a bad idea to baseline your network and find any
possible insecure configurations.

Not so security related:

7.  Do backups of some sort
8.  Image clean systems
9.  Get users to store all their data on the server

Mike Fetherston

-----Original Message-----
From: coder [mailto:elite.coder () ntlworld com]
Sent: Sunday, January 25, 2004 6:40 PM
To: security-basics () securityfocus com
Subject: security advice

Hi I just need a bit of advice,

I have recently been appointed network administrator at a charity.
The network consists of a windows server 2003 central server
and about 10 windows XP clients.

can anyone give me some tips to secure the network?

so far I have:

installed patches and updates
changed passwords to "strong passwords"
installed AV software on all clients & server


I am also planning on setting up the NAT thing in the server and
installing
a proxy then disabling all
ports except the proxys (is this a good idea?)

I appricate any help
thanks

~Davie

------------------------------------------------------------------------
--

-
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off

any

course! All of our class sizes are guaranteed to be 10 students or

less.

We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion
Prevention,
and many other technical hands on courses.
Visit us at http://www.infosecinstitute.com/securityfocus to get $720

off

any course!

------------------------------------------------------------------------
--

--



---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any
course! All of our class sizes are guaranteed to be 10 students or less.
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention,
and many other technical hands on courses.
Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off
any course!
----------------------------------------------------------------------------

Current thread:

security advice coder (Jan 26)
- Re: security advice Brad Arlt (Jan 27)
- Re: security advice Meritt James (Jan 28)
- <Possible follow-ups>
- RE: security advice Thomas F. Szabo (Jan 27)
  - Re: security advice Alvin Oga (Jan 28)
- RE: security advice Mike (Jan 27)
  - Re: security advice Byron Sonne (Jan 28)
  - RE: security advice Jimmy Sansi (Jan 28)
- RE: security advice Jean-Paul Baillon (Jan 28)
- RE: security advice Mike (Jan 28)