Closely guarding against security threats to Windows Server 2008

With the Windows Server 2008 system, we can easily build our own servers in our local area network so that ordinary workstations with other systems installed are randomly accessible. Although the security performance of Windows Server 2008 systems is much higher than that of other systems, in a LAN environment, Windows Server 2008 still has the potential to be illegally accessed by other LAN workstations. To do this, we can take some steps to subtly hide the Windows Server 2008 system to avoid the disclosure of privacy information in the server system.

1. Turn off the network discovery function

In the same work subnet, other workstation users can easily find the Windows Server 2008 server host on the LAN through the "Network Neighborhood" feature, so that illegal users can take the opportunity to peek at the various privacy information on the server. To avoid the Windows Server 2008 server host being searched by the Network Neighborhood feature of other workstations, we can temporarily shut down the Web Discovery feature that is brought from the server system, so that the "shadow" of the Windows Server 2008 Server host Will not appear in the Network Neighborhood window of other workstations, so that the likelihood of a server host encountering illegal access is greatly reduced; now, let's do a little bit of work. How to turn off the network Discovery feature of the server system:

First log in to the Windows Server 2008 Server system with Super Administrator privileges, right-click the network icon in the system desktop, and execute the Properties command on the shortcut menu to enter the network and Shared Center window of the local server system. Here we will see a lot of information about shared access parameters settings;

To prevent your Windows Server 2008 server host from appearing in the Network Places window of another workstation, we can find the Network Discovery Settings item under the Sharing and Discovery list, and click the Drop-down button next to the settings item to open the Settings page shown in Figure 1; We will see that the server system will automatically turn off the Network Discovery feature by default, and if we find that the feature has been enabled, just uncheck the "Turn Off Network Discovery" option, click the "Apply" button, and finally reboot the server system. As a result, other workstations in the LAN will not be able to find Windows Server 2008 server hosts from their own Network Neighborhood windows, so server system security can be effectively guaranteed.

Figure 1

Some people may ask, if the server system to turn off the network Discovery function, then the network administrator in the server system can not through the Network Neighborhood window to find other ordinary workstations in the LAN, then how can we avoid this defect? To avoid this shortcoming, We can start the Network Discovery feature by selecting the "Enable Network Discovery" project at the Network Discovery Settings item in the Network and Sharing Center List window of the server system to enable it to be enabled so that the server system can see other workstations on the LAN through the Internet Neighborhood window. But this time other workstations also can see the server system through the Network Neighbor window, at this time, we also need to modify the registry key value in the server system, in order to prevent the normal workstation to search the server host through the Network Neighbor window, the following is the concrete modification procedure:

First, open the server system's Start menu, select the "Run" command, in the pop-up System Run dialog box, the input string command "regedit", click Enter, enter the server system Registry editing window;

Second, in the display pane on the left side of the edit window, position the mouse over the registry branch option Key_local_machine, and then select the System\currentcontrolset\services\lanmanserver under the branch option. \parameters, in the right display pane of the corresponding "parameters" subkey, recreate a Double-byte key value "hidden" and set the value of the key to "1", and then restart the server system. In this way, we can see that although the server system has turned on network discovery, other workstations in the local area network cannot see the server host through the Network Neighborhood window, but the server host is able to view other workstations on the local area network.

2, the public folder closed

In a local area network workspace, when other workstations access the Windows Server 2008 Server host, the network administrator can still see the "Public" folder in the Web-neighborhood window, even if no shared folders are set up on the server system, because Windows Server 2008 servers system by default, the public folder is still automatically set as a shared folder, so that some illegal users can still use this shared "channel" to carry out illegal attacks on the server system, or to peek at the privacy information in the server system. To avoid a security threat from the server system, we simply turn off the public folder feature that is automatically enabled on the server system by doing the following:

First log in to the Windows Server 2008 Server system with Super Administrator privileges, right-click the network icon in the system desktop, and execute the Properties command on the shortcut menu to access the network and Shared Center Management window of the local server system;

Figure 2