Need a Windows expert for Windows Server Configuration, Installation of third Party Tools.
Software Installations :
- MS XML 6
- MySQL Database Server 4.1.x, ODBC Drivers (ODBC 3.51.12, ODBC 2.50.39, [login to view URL], MySQL [login to view URL] 1.0.7), phpMyAdmin
- MySQL Front 2.5 ( GUI Tool to Manage MySQL )
- AwStats 6.5
- Active Ports
- MBSA 2.0
- IIS Password/URL Protector
- Python 2.4.x
- ASP.Net 1.1
- SmarterMail 3.x and its Webmail setup on IIS.
- SmarterStats 3.x
- MSSQL 2000
- SQL 2000 Client
- Front Page Extentions
- ASPSmartMail, JMail
Server Security, Optiomisation and Tweaking:
1) Will assign restrictive permissions possible at root of drive and other application folder and system folders.
Drive Root Permissions
Microsoft IIS Folder Permissions
Microsoft FTP Folder Permissions
CDONTS/CDOSYS Folder Permissions
PHP Folder Permissions
Perl Folder Permissions
Python Folder Permissions etc.
2) Will disable Null sessions to prevent unauthorized access to user list on machine, which can then be used with a password cracker to gain illegal access to machine.
3) Will install URL Scan to prevent malicious requests from getting to IIS and causing a buffer overflow. ( URL Scan – Security Tool for IIS - [login to view URL] )
4) Configuration of ASP.Net 1.1
5) Hardening of the TCP/IP stack against Denial of Service Attacks.
6) IIS Modifications/Permissions/Various Log File Generation, Disable Rapid Fail Protection, Full W3SVC Log Generation for AWStats and other Stats Program.
7) Mail Server Security/Mail Relaying settings to protect SPAM, Abuse Detections setup. Microsoft IIS SMTP Security and Relay Settings and Log Generations.
10) Disabling some unused accounts. Disabling the Guest, Support_xxx, and ASPNET accounts. Some of these are disabled by default, and the ASPNET account is only used if IIS 6.0 is run in IIS 5.0 isolation mode (which we don’t). IIS 6.0 now uses “Network Services†account instead of ASPNET.
11) Restricted the system tools that are commonly used by attackers to assist with both the initial compromise and expansion beyond the server. tftp(.exe), ftp(.exe), [login to view URL], bash, [login to view URL], [login to view URL], and telnet(.exe).
12) Disabling Windows Shell Execution.
13) Configuring Windows 2003 Internet Connection Firewall.
14) Installing Microsoft Windows Defender (Antispy Program).
16) MS DNS Server Security - Disabling Recursion and Forwarders.
17) NTFS Hacks and Tuning like Turning off NTFS 8.3 Name Generations etc.
18) MySQL Server Security. Disabling Anonymous Accounts, etc.
19) Local Audit Policies Setups like :-
- Account Logon Events
- Account Management
- Directory Service Access
- Logon Events
- Object Access
- Policy change
- Privledge Use
- Process Tracking
- System Events
20) User Rights Assignments like :-
- Audit the access of global system objects
- Interactive Logon to not to display last user name
- Changing all Event Logs properties to maximum Log Size of 16MB Overwrite old Events as needed
21) NIC Settings/ LAN Connection Settings :
- Disabling Client for MS Networks
- Disabling LMHOSTS lookup
- LAN-Connection shows ICON in Tray when connected (easier access)
22) Installing all Security Patches and Pending Service Packs.
23) Enabling HTTP Compression ( GZip/Deflat ) for IIS 6.0