Export (0) Print
Expand All

Microsoft Security Tool Kit: Installing and Securing a New Windows NT Server 4.0, Terminal Server Edition System

This is a brief guide intended to help you understand the basic steps necessary to safely install a new copy of Windows NT Server 4.0, Terminal Server Edition.

On This Page

Step 1: Performing a Base Installation
Step 2: Securing the Base Installation
Step 3: Securing the Base Installation (continued)
Step 4: Ongoing Maintenance Program

Step 1: Performing a Base Installation

When setting up a new system, the first step is making sure the network environment which the system is connected to has not been compromised by security attacks or that the system's vulnerable services are disabled before the system is connected to the compromised network. For more information about how to find out if your system or network has been compromised, click here.

IIS 3.0 is vulnerable to security attacks and should not be installed on Windows NT Server 4.0, Terminal Server Edition. Also, IIS 4.0 is not supported on Windows NT Server 4.0, Terminal Server Edition. It is recommended to use a separate server to run IIS services.

Choose one of the two following installation methods.

  • Install Windows NT Server 4.0, Terminal Server Edition while not connected to a network. Typically this is done by using a CD.

  • Install Windows NT Server 4.0, Terminal Server Edition while connected to a network that has not been compromised.

Step 2: Securing the Base Installation

Now that the operating system is up and running, it is time to make it more secure. Depending on how your initial setup was completed in Step 1, you might be able to skip some of the following steps.

Install Windows Media Player 6.4 patches

Step 3: Securing the Base Installation (continued)

Terminal Server was designed to host many applications that would not usually be installed on a typical server. For this reason, you need to give extra attention to securing the individual applications.

  • For information regarding installing and deploying Microsoft Office applications, see the Microsoft Office Resource Kit Web Site.

  • For information about installing and securing non-Microsoft applications, refer to your application documentation.

To continue securing your system, you must follow the checklists below that apply to your installation.

Windows NT 4.0 Server Baseline Security Checklist

Windows NT 4.0 Workstation Baseline Security Checklist

Step 4: Ongoing Maintenance Program

Your system has now been installed with a good security baseline, but without ongoing maintenance, your system can become vulnerable to new forms of attacks.

  • Subscribe to the Microsoft Security Notification Service. This is a free email notification service that Microsoft uses to send information to subscribers about the security of Microsoft products.

  • Use the Microsoft Update Web site to check for the latest Recommended and Critical updates.

  • As new security fixes become available, it is important to apply these new fixes. Microsoft has created the Qchain tool to chain hotfixes together in order for only one reboot to be required when installing several fixes.

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft