nist.gov and csrc.nist.gov before getting started.
Once the system is installed as you like, unnecessary services should be disabled
using the Services Management Console. Some examples of services you should
consider disabling are:
?– Computer Browser
?– Terminal Services
?– Remote Registry
?– Print Spooler
?– TCP/IP NetBIOS Helper
Lastly, there are some hardening options that fall outside of the scope of the fi rst
two categories. One primary precaution that should be taken is to disable NetBIOS
on the WAN adapter. In addition, I would recommend that NetBIOS be disabled on
all adapters unless it is absolutely necessary.
388 Chapter 11 ??? Confi guring Microsoft Internet Security and Acceleration Server 2006
This can be done in this way:
1. Right-click the WAN adapter and select Properties.
2. Select Internet Protocol (TCP/IP) and click Properties.
3. Click Advanced, and then select the WINS tab.
4. Select the radio button option to Disable NetBIOS over TCP/IP as
shown in Figure 11.3.
Figure 11.3 Disabling NetBIOS
My last system hardening recommendation also happens to be the one I can??™t
adequately cover in a small section here. It involves locking down various aspects and
functions of Windows, user capabilities, and other components of the system, and
Configuring Microsoft Internet Security and Acceleration Server 2006 ??? Chapter 11 389
requires a great number of settings to be confi gured.
Pages:
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385