Windows 2003 Server Security Configuration complete article (4)

3. Hide important files/directories

You can modify the registry to achieve complete concealment: "Hkey_local_machine\software\microsoft\windows\ current-version\explorer\advanced\folder\hi-dden\ ShowAll ", the mouse right click" CheckedValue ", select Modify, change the value from 1 to 0.

4. Start the system with Internet Connection Firewall, check the Web server in the Setting service option.

5, Prevent SYN flood attack.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

New DWORD value, named SynAttackProtect, with a value of 2

6. Prohibit responding to ICMP routing notification messages

HKEY_LOCAL_MACHINE \ SYSTEM \ currentcontrolset\ services\tcpip\parameters\interfaces\interface

Creates a new DWORD value with the name PerformRouterDiscovery value of 0.

7. Prevent ICMP redirect packets from attacking

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

Set the Enableicmpredirects value to 0

8. IGMP protocol not supported

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

Creates a new DWORD value with the name IGMPLevel value of 0.

9. Disable DCOM:

Enter Dcomcnfg.exe in the run. Enter, click Component Services under Console root. Open the Computers subfolder.

For the local computer, right-click My Computer, and then select Properties. Select the Default Properties tab.

Clear the Enable distributed COM on this computer check box.

Finally, it is recommended that the safety of the above steps to do the friends, each one step first to test, the province of irreparable, after all, Microsoft will have some unconventional problems!