The Security Guide Security Guide RSS Feed


Internet and Data Security Knowledgebase

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 


Hacker Illegally breaking into systems or writing viruses and other malware.
Hardening Servers Rename the built-in Administrator and Guest accounts, and change their descriptions. Renaming these accounts to use unique names can make it easier to identify attempted attacks against these accounts.
Assign long and complex passwords or pass-phrases to these built-in accounts.
Use scripts or third-party utilities to periodically check local passwords on all workstations and servers.
Use different passwords for these accounts on each server so that a compromise of one of these accounts on one server does not enable an attacker to compromise additional servers.
Use restricted groups to limit the memberships of administrative groups. By using the Restricted Groups option in Active Directory directory service, you can ensure that administrative groups contain authorized users.
Restrict the users who can log on locally on the servers. Use Group Policy to configure the user rights so that only authorized administrators can log on locally on the servers.
Restrict access to the system for built-in and nonoperating-system service accounts.
Do not configure a service to log on using a domain account. Whenever possible, use a local account for each service.
Use NTFS permissions to secure files and folders. Convert any FAT or FAT32 volumes to NTFS, and then apply the appropriate permissions to the files and folders on those volumes.
Hidden SSID There are programs available that will show all Wireless networks, even hidden ones. It may hurt you to use this since Windows will sometimes have trouble keeping a connection with this on.
Hoax email An otherwise harmless email that is designed to cause alarm or get itself forward to other users (or both). For example a fake virus warning or a chain letter.
Host layer Network segmentation, Internet Protocol security (IPSec), and network intrusion-detection systems (NIDS).

© RuleWorks - All Rights Reserved - Policy -