Windows Server 2003 Recommended Baseline Security
Windows Server 2003 Recommended Baseline Security
Windows Server 2003 Recommended Baseline Security
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
<strong>Windows</strong> <strong>Server</strong> <strong>2003</strong><br />
<strong>Recommended</strong> <strong>Baseline</strong> <strong>Security</strong> (ITSG-20)<br />
4.4.3.56 Network security: Minimum session security for NTLM SSP based (including<br />
secure RPC) servers<br />
machine\system\currentcontrolset\control\lsa\msv1_0\ntlmminserversec=4, 537395248<br />
The ‘ntlmminserversec’ registry value defines the minimum session security for NTLM SSP<br />
based (including secure RPC) servers. The setting ‘537395248’ enables all options, as<br />
recommended. This requires message integrity, confidentiality, NTLMv2 session security and<br />
128-bit encryption be used for logon.<br />
4.4.3.57 Recovery console: Allow automatic administrative logon<br />
machine\software\microsoft\windowsnt\currentversion\setup\recoveryconsole\securitylevel=4,<br />
0<br />
The ‘securitylevel’ value determines if the recovery console requires an Administrator password<br />
to logon. The setting ‘0’ requires an Administrators password. Enabling this setting to allow<br />
anyone to shut down a server is not recommended.<br />
4.4.3.58 Recovery console: Allow floppy copy and access to all drives and all folders<br />
machine\software\microsoft\windowsnt\currentversion\setup\recoveryconsole\setcommand=4,<br />
0<br />
The ‘setcommand’ registry value determines if the Recovery Console ‘SET’ command is<br />
available. The setting ‘4’ disables the ‘SET’ command. (e.g. Copy to removable media is<br />
disabled).<br />
4.4.3.59 Shutdown: Allow system to be shut down without having to log on<br />
machine\software\microsoft\windows\currentversion\policies\system\shutdownwithoutlogon=4<br />
, 0<br />
The ‘shutdownwithoutlogon’ registry value determines if the system can be shutdown without<br />
the user logged on. The setting ‘0’ requires the user to logon. This ensures only authorized users<br />
may shut down the system.<br />
4.4.3.60 Shutdown: Clear virtual memory page file<br />
machine\system\currentcontrolset\control\sessionmanager\memory\management\clearpagefile<br />
atshutdown=4, 1<br />
The ‘clearpagefileatshutdown’ value determines if page file contents are overwritten on a clean<br />
shutdown. The setting ‘1’ causes clears the page file on a normal shutdown. Sensitive system and<br />
user information may be contained in the page file. By ensuring it is cleared, the risk that<br />
information be available to an attacker is reduced.<br />
<strong>Server</strong> Policy Files March 2004 67