PDA

View Full Version : HOWTOs and tools on security

jpetrov
02-27-2005, 12:07 AM
This should be a must for every win 2003 server admin... to start with:

http://www.microsoft.com/technet/security/topics/ServerSecurity.mspx

http://www.microsoft.com/technet/security/checklists/default.mspx

http://www.windowsecurity.com/articles/Windows-Server-2003-Hardening-List-Part1.html

You should also investigate on Firewall options (some free some paid) - BUT it should be noted that if you are not careful in planning of remote deployement of the firewall you might block yourself out and loose many hours to come back online...

Also here are some GUI tools that automatize part of the hardening process:

http://www.securiteam.com/tools/6Y00M1FBPI.html

http://www.sniff-em.com/hardenit.shtml

http://www.sniff-em.com/secureit.shtml#

I got all of these googling. Some of them are from trusted companies (MS) and some are from third parties. You should play with all of these on your own risk - especially having in mind that these things can break your box in a second.

I might update this thread...
Tony
02-27-2005, 12:59 AM
SecuriTeam I would consider trusted - they're rather well known in the field.

Sniff-em I have never heard of.
charles
02-27-2005, 07:35 AM
Thanks Jovan!

Please do let us know how apply these works out.

charles
jpetrov
03-01-2005, 10:35 AM
UPDATE:

HOWTO Install free email virus scanner (still testing but it seems all right):

First check in the System/Services if Dr.Web AV is stopped. Dr.Web AV needs licence above the 15th email. There is tested and free alternative.

ClamAV - is available in windows in 2 variants - ClamWIN which is more user friendly and more aimed to scanning computers - and exact replica of Linux ClamAV which is the only working variant supported by Plesk:

http://www.sosdg.org/clamav-win32

Go to the page, download the latest version and install it. Run freshclamav once in a while or even better setup a scheduler to do it once daily.

Then go to System/Services and find the clamav service. Click on properties and set it up to run automatically.

Restart the VPS.

Go to Plesk and login as administrator.

Click on System-Server

Click Defaults Components (should it be Default components I would say?)

ClamAV should be one of the available antivirus options. Select it, and (maybe) restart VPS once again.

That would be it. If you want to know how to use antivirus from plesk then consult their manuals.

In a week I will post a HOWTO on setting up Visnetic Firewall. I must go off now on a business trip.

See ya guys soon.