Windows Server 2003 Recommended Baseline Security
19.06.2014 Views
Share Embed Flag

Windows Server 2003 Recommended Baseline Security

Windows Server 2003 Recommended Baseline Security

Windows Server 2003 Recommended Baseline Security

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
cse.cst.gc.ca

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

<strong>Windows</strong> <strong>Server</strong> <strong>2003</strong><br />

<strong>Recommended</strong> <strong>Baseline</strong> <strong>Security</strong> (ITSG-20)<br />

5.5.2 [Registry Values]<br />

machine\system\currentcontrolset\control\lsa\lmcompatibilitylevel=4,4<br />

machine\system\currentcontrolset\control\print\providers\lanman print<br />

services\servers\addprinterdrivers=4,0<br />

machine\system\currentcontrolset\control\securepipeservers\winreg\allowedpaths\machine=7,Sof<br />

tware\Microsoft\<strong>Windows</strong><br />

NT\CurrentVersion\Print,System\CurrentControlSet\Control\Print\Printers<br />

5.5.3 [Service General Setting]<br />

"lanmanworkstation", 2,<br />

"D:AR(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCDCLCSWRPWPDTLOCR<br />

SDRCWDWO;;;SY)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)"<br />

"lanmanserver", 2,<br />

"D:AR(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCDCLCSWRPWPDTLOCR<br />

SDRCWDWO;;;SY)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)"<br />

"browser", 2,<br />

"D:AR(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCDCLCSWRPWPDTLOCR<br />

SDRCWDWO;;;SY)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)"<br />

"spooler", 2,<br />

"D:AR(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCDCLCSWRPWPDTLOCR<br />

SDRCWDWO;;;SY)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)"<br />

5.5.4 Workgroup Print <strong>Server</strong> IPSec Policy<br />

The following file has been modified from the Microsoft <strong>Windows</strong> <strong>Server</strong> <strong>2003</strong> <strong>Security</strong><br />

Guideline. The CSE IPSec policy does not reference Domain Controllers. Run the file as a<br />

command to load the policy. The procedure outlined in 5.1 Role Based IPSec Policies is used to<br />

apply the policy.<br />

REM (c) Microsoft Corporation 1997-<strong>2003</strong><br />

REM Packet Filters for <strong>Server</strong> Hardening<br />

REM<br />

REM Name: PacketFilter-Print.CMD<br />

REM Version: 1.0<br />

REM This CMD file provides the proper NETSH syntax for creating an IPSec Policy<br />

REM that blocks all network traffic to a Print <strong>Server</strong> except for what is<br />

REM explicitly allowed as described in the <strong>Windows</strong> <strong>2003</strong> <strong>Server</strong> Solution Guide.<br />

REM Please read the entire guide before using this CMD file.<br />

Role Based <strong>Server</strong> Policies March 2004 127

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!