Re: Security Hardening

---

• From: DD <DD@xxxxxxxxxxxxxxxxxxxxxxxxx>
• Date: Fri, 25 May 2007 00:09:00 -0700

---

My domain is Windows 2000 and the server that I would like to disable
autorun is WIindows 2000 server (member server).

Can I disable the autorun from registry ?

I still do not know how to hide the server from browser list ?

Really need your help.






"Paul Bergson [MVP-DS]" wrote:

It should be under the domain. Are you running 2003?

--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.

"DD" <DD@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:8DF051BD-B827-422F-BB91-7DA1D2D79083@xxxxxxxxxxxxxxxx

Hi Paul,

I Only have one GPO on my DC and I can't find this system policy setting.

Is it under the local security setting - security option ?

Hiding drives isn't going to do much for you and will only create
problems
if you did do it.


To turnoff auto play you can use a gpo (This is what we do)

Machine / Administrative Templates / System / Policy - Turn off Autoplay
=
Enabled, Turn off Auto play on = all drives

--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.

"DD" <DD@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:83184562-003E-4CC1-B65A-3711C93CA94E@xxxxxxxxxxxxxxxx

Would like to know

1) how to hide the computer from network browse list -
Prevent a potential attacker inside the firewall from generating a list
of
available network resources

2) Disable Autorun- Prevent a malicious program from starting when
media
is
inserted

on windows 2003 server and DC

.

---

• References:
  • Re: Security Hardening
    • From: Paul Bergson [MVP-DS]
  • Re: Security Hardening
    • From: Paul Bergson [MVP-DS]

• Prev by Date: Re: Deny Right to Local Admin Group to Log On Via Terminal Services?
• Next by Date: Server has been hacked, need to delete hidden user account
• Previous by thread: Re: Security Hardening
• Next by thread: Re: Security Hardening
• Index(es):
  • Date
  • Thread

---

Relevant Pages SecurityFocus Microsoft Newsletter #154 ... MICROSOFT VULNERABILITY SUMMARY ... ISS RealSecure Server Sensor SSL Denial Of Service Vulnerabi... ... Roger Wilco Remote Server Side Buffer Overrun Vulnerability ... available for Microsoft Windows operating systems. ... (Focus-Microsoft) Re: GPO error no appropriate rights ... Microsoft CSS Online Newsgroup Support ... GPO error no appropriate rights ... >> Windows XP SP2 via GPO to verify your configuration: ... Install the Windows Small Business Server 2003 Update for Windows ... (microsoft.public.windows.server.sbs) SecurityFocus Microsoft Newsletter #49 ... Subject: SecurityFocus Microsoft Newsletter #49 ... Microsoft Windows NNTP Denial of Service Vulnerability ... Microsoft IIS SSI Buffer Overrun Privelege Elevation Vulnerability ... Microsoft ISA Server H.323 Memory Leak Denial of Service... ... (Focus-Microsoft) Re: GPO error no appropriate rights ... > message when you try to edit a GPO while logged on as the system admin. ... Install the Windows Small Business Server 2003 Update for Windows XP ... > from disabling the ISA Firewall client. ... (microsoft.public.windows.server.sbs) ~~~~~~~~~~~~~~~ CANNOT FIND ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ... cannot find server or dns error ... windows cannot find null ... windows cannot find the network path ... cannot find internet explorer on computer ... (comp.protocols.snmp)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.windows.server.security  > 2007-05