Windows 2000 Built-in Security command usage instructions

The Windows Server operating system is the next generation of Windows NT Server family operating systems. In addition to providing a comprehensive Internet and application platform, Windows Server 4.0 features some of the characteristics of Windows NT Server, including enhanced end-to-end management reliability, availability, and scalability. Windows Server allows organizations to leverage the latest network technologies to provide comprehensive Web and Internet services.

From simple platform management to advanced network applications and dynamic Media Services, Windows Server provides a comprehensive, complete, resilient network platform that organizations need to configure Intranet and important WEB business solutions. Whether you're running a small business, or a high-volume Web site, Windows 2000 delivers systems that are easy to manage with high system startup time, and platforms for the most demanding e-business and business applications.

Windows Server, a multipurpose operating system developed for the server, provides a variety of servers, such as file, print, application software, Web, and communications, for departmental workgroups or small and medium business users, especially the increased multi-user Terminal Services technology that can serve as Terminal Server for Windows terminals. Windows terminal, windows-based Terminal Devices (WBT), is a client device in the Thin-client/server system that can be used through the ICA of Citrix and the RDP of Microsoft Company Protocol access to multi-user Windows NT Terminal servers, using all the hardware and software on the server and data resources, running on the server for all software that is displayed on the client run results.

Winframe,citrix Company's multi-user Windows NT Server software, which supports the ICA protocol for Windows terminal access. Citrix is developed on the basis of Windows NT3.51 Server, adding Multi-win technology, is the first multi-user Windows NT System, has been widely used abroad. The Wins,windows Internet Name Service provides resolution of name to address for NetBIOS client requests. It provides a Plug and Play method for windows-based customers looking for windows-based services, protecting available resources from existing Windows customers. Provides scalable management of NetBIOS namespaces.

No anti-virus software, firewalls and Trojan removal programs, and other tools, how do you defend the server? In fact, as a server operating system of Windows, itself built-in a lot of commands to maintain network security, as long as you can skillfully use them, can also effectively protect the security of the server. Below, let us feel a little command, in the maintenance of network security Power!

1, refused to start the unknown service

How did it happen that the server suddenly became "unresponsive" one day? This phenomenon, mostly illegal attackers through the intrusion server system in the server to enable a special network services, if not stopped in time, server system resources will soon be exhausted.

In fact, with the "net start" command built into the Windows Server system, you can clearly understand what services the current system is opening and prohibit the routing of unknown services in a timely manner. The screen will be switched to MS-DOS after you open the system's Run dialog box, and then enter the cmd command, and then click Enter. At the DOS command line, you can execute the net start command directly, and then the system will automatically list the services that are currently started (as shown in Figure 1), examine carefully what services are of dubious origin, and then execute the "net stop server" on the command line Command (where server is a specific unknown service), temporarily stop the unknown service.

2, forced to specify the password policy

To prevent the login server's account from being "stolen" by other outlaws, you can use the "net accounts" command to force the login user to change bad password usage habits. For example, a "forced" password must have a minimum number of digits, forcing the user to change the password on a regular basis.

For example, the server logon user to create Access account password when the number of digits not less than 6 digits, you can directly in the DOS command line input "Net accounts/minpwlen:6" command, click Enter, the new account password number will be "forced" not less than 6 digits.

If you want to "force" the user to modify the password in a specified time, you can execute the following command "Net Accounts/minpwage:n" (where n is the specific number of days); For example, require users to modify passwords every 6 days, as long as the implementation of the "net Accounts/ Minpwage:6 "on it. If you want to specify that the user must modify the password within a certain time period, you can execute the "Net accounts/minpwage:n1/maxpwage:n2" command, where "N1" is the minimum number of days, "N2" for the maximum number of days.