NT Security

The Logon Process

Security Architecture Components

Introduction to Securing an NT Box

Physical Security Considerations


Networks and Security

Restricting the Boot Process

Security Steps for an NT Operating System

Install Latest Service Pack and applicable hot-fixes

Display a Legal Notice Before Log On

Rename Administrative Accounts

Disable Guest Account

Logging Off or Locking the Workstation

Allowing Only Logged-On Users to Shut Down the Computer

Hiding the Last User Name

Restricting Anonymous network access to Registry

Restricting Anonymous network access to lookup account names and network shares

Enforcing strong user passwords

Disabling LanManager Password Hash Support

Wiping the System Page File during clean system shutdown

Protecting the Registry

Secure EventLog Viewing

Secure Print Driver Installation

The Schedule Service (AT Command)

Secure File Sharing


Threat Action

Enabling System Auditing

Auditing Base Objects

Auditing of Privileges

Protecting Files and Directories

Services and NetBios Access From Internet

Alerter and Messenger Services

Unbind Unnecessary Services from Your Internet Adapter Cards

Enhanced Protection for Security Accounts Manager Database

Disable Caching of Logon Credentials during interactive logon.

How to secure the %systemroot%\repair\sam._ file

TCP/IP Security in NT

Well known TCP/UDP Port numbers