Re: inheriting a network
From: Jeff Cochran (jcochran.nospam_at_naplesgov.com)
Date: 07/18/03
- Next message: Herb Martin: "Re: tar or zipping files to which you have no explicit access?"
- Previous message: Shenan T. Stanley: "Re: ** READ THIS BEFORE POSTING - answers to frequently asked questions"
- In reply to: THHAWK: "Re: inheriting a network"
- Next in thread: Mike Danseglio \(MSFT\): "Re: inheriting a network"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 18 Jul 2003 18:27:50 GMT
Audit account logins as well, both successful and unsuccessful.
Jeff
On Thu, 17 Jul 2003 17:20:07 -0500, "THHAWK" <replyinthe@group.com>
wrote:
>Thanks for the response Fuller.
>
>Yes, I am familiar with both AD & W2k and I know LAN/WAN. This is my first
>"solo" flight; I want reassurance that I'm doing the right things and doing
>those things right. So far, I changed all admin passwords, and checked for
>remote dial-in access. Changed the passwords to the firewall and removed
>the VPN to their offices. I'm considering blanking the router and completely
>reconfiguring it for good measure. Any other golden nuggets of admin
>wisdom that you may pass on?
>
>Thanks a bunch.
>
>HAWK
>
>
>"jfuller" <jfuller@replyinthe.group.com> wrote in message
>news:0b6e01c34cad$bec79570$a001280a@phx.gbl...
>>
>> Are you familiar with AD and W2k? Or just starting out?
>> Do you know LAN/WAN?
>>
>> When I took over at a company a couple of years ago they
>> had a backup system they used daily to back up 1 of 3
>> servers, a Virus scanner that was 2yrs out of date, the
>> NT servers had never had updates or SPs installed on
>> them, and most passwords were blank. That list went on
>> and on.
>> What I am saying is make sure to cover the basics first.
>> If there is no backup system GET ONE! Make sure that
>> you have a good virus scanner on the server ASAP then
>> worry about the VS on the workstations. Get rid of back
>> doors and weaknesses intentionally left by
>> predecessors. And install updates, SP, and security
>> fixes the day they are released.
>>
>> I would start by running the Microsoft Baseline Security
>> Analyzer on all servers and workstations in the network
>> to document the basic security and software issues you
>> might be facing. I would also suggest auditing the user
>> accts in the AD and disabling all of the accts that are
>> not legitimate (look for back doors left by the prior
>> admins.) Look for accounts that are able to log on the
>> servers for remote admin using TS.
>> I would also be checking the Firewalls for either
>> overlooked or intentional vulnerabilities.
>> Than use a mapping program such as LAN MapShot Automatic
>> Diagramming Software From Fluke to map and inventory the
>> entire system quickly. (14 day free trial on their site)
>> I would also reference these articals:
>> The Basics of Security (Microsoft technet)
>> Best Practices for Enterprise Security (Microsoft Technet)
>>
>> >-----Original Message-----
>> >I'm about to inherit a network where the company
>> administering it was asked
>> >to leave; no network documentation, no knowledge
>> transfer, nothing left
>> >behind. Can you give me or direct me to a "best
>> practices" checklist of
>> >things to do/check in inheriting the network? I've got
>> some ideas, but I
>> >wanted to tap the knowledge of an "expert". :^) It's
>> aW2k SBS environment, <
>> >than 100 users.
>> >
>> >Appreciate it.
>> >
>> >-HAWK
>> >
>> >
>> >.
>> >
>
- Next message: Herb Martin: "Re: tar or zipping files to which you have no explicit access?"
- Previous message: Shenan T. Stanley: "Re: ** READ THIS BEFORE POSTING - answers to frequently asked questions"
- In reply to: THHAWK: "Re: inheriting a network"
- Next in thread: Mike Danseglio \(MSFT\): "Re: inheriting a network"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
