Microsoft published a new guide about the security settings in Windows Server 2008. This Technet article gives an overview and the guide itself can be downloaded here. What makes this guide so useful is not only the 214 page security guide (plus a 76 page appendix about security related Group Policy settings). Most interesting are the Excel files that come with the guide.

One lists all network related services with their DLLs and TCP ports, and the other one gives an overview of all security relevant Group Policy settings. The fact that they come as Excel sheets allows you to use them for your documentation.

I have met admins who argue that Group Policy settings don't have to be documented because you can just check the Group Policies itself, if you want to know which settings are actually being used. That is a very poor argument, in my opinion. Of course you can always create a list of all your current Group Policies. But we are talking about security here. What if an intruder changed your policies? By the way, this guide has all Group Policy Settings of Windows Server 2008/2003 and Windows Vista/XP/2000.

So you better have an external documentation at hand that allows you to verify how your Group Policy settings are supposed to be. I recommend adding the name of the admin who configured a certain policy. The same applies to Firewall rules. It is absolutely necessary to list them all in a document. You can use the second Excel file for this purpose.

The guide itself is quite useful, too. I just skimmed over it, though. The first thing that came to my mind was that I should really read all this. The second thing was when can I find the time to digest 300 pages. Security is always a thankless obligation for an administrator. You can invest a lot of time in hardening your network, but usually nobody from the management will really value your efforts. Maybe they will even complain because your security measures reduce productivity. However, if a virus or a hacker devastates your network they will certainly blame you.

Subscribe to 4sysops newsletter!

Of course, you won't have the time to read and learn about all this new stuff immediately. But maybe one way would be to read a page or two every morning when you start working. From what I have seen so far, you will be able to skim over parts of this guide because not everything will be relevant in your environment.

3 Comments
  1. Michael Pietroforte 15 years ago

    Aaron, thanks! I wasn’t aware of this Webcast. I think it is a good way to get started and also motivated to invest some more time in security.

  2. Ronin Vladiamhe 14 years ago

    I have a client using Server 2k3, and one still using Server 2k. Are there similar guides for each?

Leave a reply

Your email address will not be published.

*

© 4sysops 2006 - 2022

CONTACT US

Please ask IT administration questions in the forums. Any other messages are welcome.

Sending

Log in with your credentials

or    

Forgot your details?

Create Account