1. System Partition
A) All partitions use NTFS, C:SYSTEM system partition 10G, D:software Software Installation 10G e:website Web site Directory F: Tools and Backup 50G soft,backup,other
2. Install the operating system:
Windows Server 2003 Enterprise Edition with Service Pack 1, upgraded with WindowsUpdate.
And hit the SP2 and all the patches
serv-u6.0 (replaces Servadmin.exe and servudaemon.exe with files in the installation directory and ODBC storage)
3. No Guest user
4. Installation components (jmial, dynamic, UPLOAD,ASPJEPG, etc.)
5. The new Iisuser user group, as well as the SERVU user, does not belong to any group, SERVU password set is more complicated: for example: Servu_pass_ip address. That is, all IIS users join the Iisuser group SERVU boot Select Use service to start. Then set the Servudaemond startup user for Servu in services.msc.
6. Delete C:\Inetpub Directory
7. Disable NetBIOS on TCP/IP
Network Places-Properties-Local Area Connection-Properties-internet protocol (TCP/IP) Properties-Advanced-wins panel-netbios Settings-disables NetBIOS on TCP/IP. This way cracker cannot use the nbtstat command to read your NetBIOS information and the NIC MAC address.
8. Rename the administrator to the Cytz_admin_ip mantissa.
9. Modify 3389 Port
1. Run Regedt32 and go to this item:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\winstations\rdp-tcp
And: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal server\wds\rdpwd\tds\tcp
Note: The above registry entry is a path, it has been wrapped for readability.
2. Find the "PortNumber" subkey, and you will see the value 00000d3d, which is the hexadecimal representation of 3389. Use hexadecimal values to modify this port number (f79d), which is decimal 63389, and to save the new value.
10. Run gpedit.msc => Computer Management => Windows Settings => security Settings => Local policy => Audit policy is set as follows:
Account Management failed successfully
Logon event failed successfully
Object access failed
Policy Change failed successfully
Privilege usage failed
System Event failed successfully
Directory Service access failed
Account Logon event failed successfully
Current 1/2 page
12 Next read the full text