Use mcafee to create secure windows Server Security Settings

Comments: In order to make the server more secure, it is better to extract and run Backdoor programs. The following settings are very necessary for the server. Here are some guiding settings that more people can use on their own. The premise is that you set permissions for all disks, as shown in disk C, disk D, and so on.

1. Set the system disk of the server to prevent some hackers from installing programs on the drive C and other disks. According to the above settings, things basically cannot be moved. Except for obtaining system permissions.
Prevents dll, exe, vbs, and other files


W3wp.exe,svchost.exe,dllhost.exe
C: \ windows \ ** \ *. dll
Two ** match n subdirectories

C: \ windows \ ** \ *. exe
If you think of more, you can add them, such as vbs, vbe, and hta.
Step 2: extract data to prevent hackers from entering the system and change normal users to specific system administrator-level permissions.




Privilege Escalation and tampering with user
Hklm
/SAM/Domains/Account /**

User permission tampering B
/SAM/Domains/Account /**
Step 3: do not allow webpage modification of js, asp, php and Other File Settings



Master site asp
H: \ webroot \ jb51 \ ** \ *. asp

Img asp
H: \ webroot \ b51 \ ** \ *. asp
This included process is * indicating that no program or ftp can be used to completely solve the problem. However, this is more suitable for users with server control permissions, generally, w3wp.exe Code cannot be repaired online.

Step 4: This is installed on many servers that raise permissions for serv_u. This operation is also required in addition to changing the default password.




Disable serv-u Privilege Escalation r1
W3wp.exe
/SOFTWARE/Cat Soft/Serv-U

Disable serv-u Privilege Escalation f1w3
W3wp.exe
**/ServU *.*

Server Software s.jb51.net Original article.