Today it is necessary to configure computer systems securely to avoid and minimize attacks to your IT-infrastructure and preserve reliability of your enterprise or home PC's. I wrote 'minimize' conciously because there can't be an absolute (means 100%) security at any time.

To apply this security practically there where some manuals published at www.kssysteme.de (sorry, but this site doesn't exist anymore), which describe a safe and secure configuration of NT-services for Windows2000 (mirror) and Windows XP (mirror). This manual also describes how to change the start type (auto, demand, disabled) of the services so that you don't offer unnecessary services outside to the world wide web in order to avoid and minimize the risk of damage.

The variety of differnt services makes it difficult to confirm secure configuration you have to manage many machines (i.e. in small sized industries). To avoid failures there is a script using the WindowsNT command line interface to configure services safely and comfortably. This script performs the following procedures:

* changes start type (auto, demand,disabled) according to kssysteme.de
* stops critical services immediately
* deactivates DCOM and removes standard protocol bindings
* closes SMB and consequently port 445 (only if you use switch "/all")
* deactivates DHCP if it is not used
* stop and deactivate "Distributed Transaction Coordinator" and
* leaves "scheduler" and "automatic updates" unchanged

Today many people simlpy click on everything that appears under their mouse cursor, creating a real potential danger for damage to IT-systems. I decided to introduce some parameters which are discribed as follows:

+++

Source: http://www.ntsvcfg.de/ntsvcfg_eng.html


Catweazle