Securing Windows 2000 Server
| Archived content. No warranty is made as to technical accuracy. Content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist. |
Overview
Published: November 17, 2004 | Updated : May 31, 2006
Note: Welcome to the TechNet Archive. We've created this Archive area so that we can continue to make available older content that is still of interest to some of our users. This allows us to streamline the content offerings on the site and keep it focused on the newest, most relevant content.
This Securing Windows 2000 Server solution reinforces the Microsoft Trustworthy Computing initiative by providing structured guidance to help you understand, evaluate, and address security issues in Microsoft® Windows® 2000 Server environments. This prescriptive solution is designed to help reduce security vulnerabilities and lower the costs of security management.
The guidance provides advice to help secure your Windows 2000 Server environment throughout the IT life cycle. It includes information about risk assessment and analysis, securing specific critical Windows 2000 Server roles, and operating a secure environment after the initial lockdown phases have completed.
.gif "Cc723541.DefPgFig(en-us,TechNet.10).gif")
Solution Content
The Securing Windows 2000 Server solution guide consists of 11 chapters, four appendices, and a collection of tools and templates that include security templates and script files. The following summaries describe each chapter of the guide.
Chapter 1: Introduction to Securing Windows 2000 Server
This introductory chapter provides a brief overview of the entire Securing Windows 2000 Server guide.
Chapter 2: Defining the Security Landscape
This chapter defines the security components that need to be understood to perform a security analysis of your organization. It provides general guidance about how to perform a preliminary asset analysis for your organization and explains how threats, exposures, vulnerabilities, and countermeasures relate to each other.
Chapter 3: Understanding the Security Risk Management Discipline
This chapter draws upon proven practices from security analysis methodologies in use today that leverage the Microsoft Solutions Framework (MSF) and the Microsoft Operations Framework (MOF). The Security Risk Management Discipline (SRMD) is explained in detail.
Chapter 4: Applying the Security Risk Management Discipline
The SRMD is applied throughout this chapter to determine which threats and vulnerabilities have the most potential impact on a particular organization. A fictitious company, with needs common to many organizations today, is used to illustrate the steps taken to assess real-world vulnerabilities and decide how to configure Windows 2000 Server. The chapter's conclusion fully defines, describes, and analyzes the specific risks that are addressed.
Chapter 5: Securing the Domain Infrastructure
Determining the criteria on which to base decisions that affect the organization at a domain level is the focus of this chapter. It provides a high-level overview of the Active Directory® directory service design, the organizational unit (OU) design, and domain policy. In addition, specific domain policies that are implemented in this guide's fictional customer scenario are discussed in detail.
Chapter 6: Hardening the Base Windows 2000 Server
This chapter explains the base settings applied to the member servers in the fictional customer scenario. Group Policy is used to apply as many of the changes to the default Windows 2000 Server configuration as possible. For the member servers in this scenario, the Group Policy settings described are stored in the security template, MSS Baseline.inf. To apply the settings, this template is imported into the Member Server Baseline Policy, which is linked to the Member Server OU.
Chapter 7: Hardening Specific Server Roles
Domain controllers, file servers, network infrastructure servers, and Web servers in any organization require different settings to maximize their security. This chapter describes the steps that should be taken to ensure that the domain controllers and other primary member server roles are as secure as possible.
Chapter 8: Patch Management
This chapter describes how to ensure that an environment is kept up to date with all necessary security patches. Information is provided about how to learn about new patches in a timely manner, implement them quickly and reliably, and monitor your environment to ensure that patches are deployed consistently.
Chapter 9: Auditing and Intrusion Detection
This chapter focuses on how to audit an environment to provide the best chance of detecting attacks. It also discusses intrusion detection systems—software that is specifically designed to detect behavior that indicates an attack is occurring.
Chapter 10: Responding to Incidents
The best ways to respond to different types of attacks are discussed in this chapter. It includes the steps needed to report the incidents effectively and a case study that illustrates a typical response to an incident.
Chapter 11: Conclusion
This chapter briefly reviews the material that was presented throughout the guide.
Appendix A: Purpose of Microsoft Windows 2000 Services
This appendix lists all available services in the Windows 2000 operating system and briefly explains the purpose of each.
Appendix B: Registry Access Control Changes
This appendix provides information about additional registry settings that can be applied to computers that run Windows 2000 Server to make them more secure.
Appendix C: Disabling NetBIOS on Servers in Untrusted Networks
This appendix discusses the recommendation that NetBIOS be disabled on servers in untrusted networks, and provides instructions for doing so.
Appendix D: Configuring Digital Certificates on Domain Controllers
This appendix provides information about installing and configuring a certification authority, and also how to install and configure digital certificates on domain controllers in a Windows 2000 Server environment.
Related Resources
Read other security solutions from the Microsoft Solutions for Security and Compliance (MSSC) team.
Give Us Your Feedback
The MSSC team would appreciate your thoughts about this and other security solutions.
Have an opinion? Let us know on the Security Solutions Blog for the IT Professional.
Or e-mail your feedback to secwish@microsoft.com. We often respond to feedback that is sent to this mailbox.
We look forward to hearing from you.
Download
Get the Securing Windows 2000 Server
Solution Accelerator Notifications
Feedback