Standards & Guidelines - Windows Workstation Security: Problems, Solutions & Resources
Main Problems
- Administrator accounts (Default admin-level accounts such as administrator, root, admin, sqlagent, wwwadmin, etc) having no passwords or weak passwords
- Unsecured file shares --- for example, Everyone group on ACL for file shares
- Not keeping systems updated with security patches and/or current anti-virus software
Solutions & Resources
- Follow the Guideline for Securing Windows XP Systems
- Utilize the scanning service to have systems scanned for security vulnerabilities.
- SANS Step by Step Securing Windows 2000 and Securing NT documents.
- Center for Internet Security (CIS) Benchmark documents are available at http://www.cisecurity.org They give recommended baseline security settings for Windows and other operating systems. They also have sample security templates for Windows machines.
- Windows 2000 and XP both provide facilities for IP filtering -- that is, to block certain IP addresses from your machines. Its called the Internet Connection Firewall in XP, and in 2000 it's "buried" under Networking/TCPIP/Properties/Advanced/Options/TCPIP FIltering. An alternative is to install a personal firewall on the machine.
- The SANS Top 20 Vulnerabilities list has some very basic precautions that should be followed, too. See http://www.sans.org/top20.htm for their consensus document.
- Make sure the workstation anti-virus software is kept updated daily.
- Use the Windows Update function regularly, and consider turning on the Automatic Update program, so you are alerted when updates are available
|
|
|
