NT 4.0 armoring prior to Real Secure installation

Fri, 24 Mar 2000 10:48:31 -0800 


TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
[EMAIL PROTECTED]  Contact [EMAIL PROTECTED] for help with any problems!
----------------------------------------------------------------------------

There was a thread on this issue 6 months ago.  Based on the information I took the 
following steps to harden my NT RealSecure Engines.  They have be running in this 
configuration for about 5 months.  I think the most important step in hardening the 
workstation was NOT intsalling the NT Network.  RealSecure and the Consol works fine 
without being part of the network. I am willing to walk to the computer room when I 
need to work with the engines.


reformat c:
change setup to boot from CD_ROM
cntl_alt_del;f2;alt P;
Boot from CD_ROM NT workstation CD
delete particion
create new particion: 2047
format particion using NTFS

Install NT4.

- Setup Options: custom
- Select Componets: Accesories only
- Network:Do not connect.
- Overwrite newer files: yes
Interface Drivers
- Control Pannel; Network;
        

Install Sercive Pack 4 128 bit encryption
3 Install 3com eithernet card "3com fast Etherlink XL NIC (3c905B-tx)
        NT Network is not install do you want to install: no
          tab: Adapters:add;have disk; 3cometherlink CD
          tab: proticals: add(button): select(window) tcp/ip
                Warning window if there is a DHCP server...;no(button).
                properties(button);

5 Remove uneeded stuff.
        control panal;add/remove
                remove
                music control
                outlook express
                microsoft wallet
                VDOLive Player
5. implement secure screen saver.
        control panel; display; screensaver(tab);3d pipes (window); password (check 
box);
                wait 15 minutes (drop box)
6. Implement protocal security
        control pannel; network; no(button); protocols(tab);properties(button); 
advance(button);
        enable security(check);configure (button);
                "TCP Ports"; permit only (check) add (button);
                        TCP port (window)"2998"; add (button)
                        TCP port (window)"901"; add (button).
                        TCP port (window) "80"; add (button)
                "UDP Ports"; permit only (check)
                "IP Protocols"; permit only (check) add (button);
                        IP Protocol (window)"6"; add (button)



8 Disable unneeded services
        services;tcp/ip netbios helperstartup;disable 
9 Delete unneeded icons: mail & briefcase
        desktop highlight and delete.
10. Install run system scanner 1.1


----------------------------------------------------------------
Get your free email from AltaVista at http://altavista.iname.com

Reply via email to