Access "Windows Server 2003 hardening services ensures better security"
This article is part of the July/August 2008 issue of Everything you need to know about today's information security trends
Shutting down unneeded services, ports and accounts makes Windows Server 2003 tough to beat. Hackers often gain access to servers through unused (not configured or secured) ports and services, such as Internet Information Services (IIS). To limit entry points, server hardening includes blocking unused ports and protocols as well as disabling services that are not required. Microsoft's latest release of Windows Server 2008 may be on the streets, but the majority of organizations will still rely on Server 2003 for as long as Microsoft supports it. While Server 2003 may not be the latest and greatest, you can ensure a better security posture by taking some easy--but essential--steps to harden your system. @exb Windows Server 2008 A Step Up Windows Server 2008 adds some significant security enhancements. Here are some of the highlights. Tighter control of services. The number of services installed and/or running by default has been greatly reduced, presenting fewer targets for malware. Server 2008 tackles the issue of privilege with more granular service account... Access >>>
Premium Content for Free.
How to be an Information Security Know-it-all
The essentials every chief information security officer must master, including PCI compliance, server and desktop security, securing the data lifecycle and how to best align security and business.
Information Security and Business Integration
INTEGRATION Security professionals can rely on the same models and frameworks used by traditional business to earn a seat at the table.
Product Review: Vantos' V-Flex
Product Review: Configuresoft's Enterprise Configuration Manager 4.9
Product Review: RSA Security's RSA enVision
McAfee Secure for Websites security service review
McAfee's new security service scans websites and network infrastructure for vulnerabilities, malware, spam, malicious links and sharing of personally identifiable information.
- How to be an Information Security Know-it-all
Secure Configuration of Windows XP Desktops
DESKTOP SECURITY 5 steps to properly configure desktop security.
Tech FocusShield Your Enterprise
VA scanning works with Web app firewalls to thwart assaults.
Product Review: Applicure Technologies' dotDefender
Windows Server 2003 hardening services ensures better security
Shutting down unneeded services, ports and accounts makes Windows Server 2003 tough to beat.
Data Lifecycle Management Model Shows Risks and Integrated Data Flow
Information flows through business processes in an orderly fashion; security must flow right along with it.
Avoiding Audit Trouble: Getting PCI Compliant
Get compliant with Payment Card Industry Data Security Standard Compliance (PCI DSS) with solutions and tips from auditors and audit survivors.
- Secure Configuration of Windows XP Desktops
Time to Implement DNSSEC
Editor's Desk: DNS turns 25 this year. It's high time DNSSEC is added to the protocol.
Interview: CISO Adrian Seccombe on Eli Lilly from FIPCO to FIPNET
In this interview, CISO Adrian Seccombe discusses how Eli Lilly went from FIPCO (fully integrated pharmaceutical company) to a FIPNET (fully integrated pharmaceutical network, the importance of collaboration and the work of the Jericho Forum.
Face-Off: Chinese Cyberattacks: Myth or Menace?
Bruce Schneier and Marcus Ranum debate the threat of Chinese hackers and whether they are state-sponsored?
Loud Cries for National Data Protection Law
Perspectives: A national data protection law would help curtail identity theft and could boost international relations.
- Time to Implement DNSSEC
More Premium Content Accessible For Free
Deploying data protection technologies properly requires a lot of time and patience. While most firms can get started by using preconfigured policies...
The bring your own device (BYOD) movement, which has flooded the enterprise with employee-owned smartphones, tablets, phablets and purse-sized ...
For so long penetration testing meant hiring an expert to use skill and savvy to try to infiltrate the company system. But, as with most ...