Windows Server Security

Web Server Defacements (Part 1)

The urban art of grafitti has traversed to the online world in the form of web server defacements. Just how do these online vandals do it though? Read on to learn how it is done, and therefore gain a deeper understanding which will help you defend against it.

Security Configuration Wizard in Windows Server 2003 Service Pack 1

Microsoft has developed an almost ideal tool to help you configure security on computers in your organization. The tool is the Security Configuration Wizard, which is available in Windows Server 2003 service pack 1. The tool can help you configure services, network security, auditing, registry settings, and more. The wizard accomplishes these goals by producing security policies, which can be used in conjunction with security templates and specific server roles

Web Server Security Issues and Front Page Server Extensions

It's "common knowledge" (at least in some circles) that FrontPage Server Extensions are insecure and Web Sites created with FrontPage are vulnerable — but is it true? What are the risks associated with FrontPage and what can you do about them? What are the recommended best practices for securing FP Web sites? In this article, we'll look at Web security from the FrontPage perspective.

Windows Server 2003 Hardening List (Part 1)

In this article, we will cover the most common issues that you will need to look over to make certain that your Windows Server 2003 is completely locked down from attack. We will look at the most common items you will need to address in Part 1, and then in subsequent parts, we will look at other items such as advanced techniques, as well as how to use GPOs and dealing with services running on Windows Server 2003 like File, Print as well as IIS. In this first installment, we cover the most common items you should address.

SSL Acceleration and Offloading: What Are the Security Implications?

Secure Sockets Layer (SSL) is a popular method for encrypting data transferred over the Internet. It is commonly used to provide secure transfer of credit card information and other sensitive data in an e-commerce situation. SSL can also be used to create a virtual private networking (VPN) tunnel, as an alternative to “old standbys” IPSec and PPTP. I will discuss SSL VPNs in next month’s article titled VPN Options.

MSSQL and Security

When planning a secure MS SQL-based computer system you have to focus on several key elements: an appropriate installation with proper access rights, well-set rules for MS SQL users and a mechanism which would register all the operations performed in a database so that in case of problems the administrator could take closer and easier guesses about their real source. Moreover, do not forget that you have to design emergency procedures, such as data recovery and transferring them to another server, and test them, too.

Securing Server 2003 Domain Controllers

Because the domain controller, as its name implies, in many ways has control over your Windows domain and all of the computers that belong to it, it is essential that you take extra precautions to ensure that your DCs are and remain secure. In this article, we will look at a few of the important security measures you should take in regard to your domain controllers.

Making Microsoft Software Update Services Part of your Patch Management Strategy

Windows Server 2003 includes a number of interesting and useful new features, and one that will be especially helpful to administrators who are struggling with a way to keep a large number of systems updated with the appropriate patches and fixes is the Software Update Service (SUS). SUS can also run on Windows 2000. In this article, we’ll describe how SUS works and give you some pointers on deploying SUS within your organization.

Scroll to Top