TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems!
----------------------------------------------------------------------------
I think there is a documented process somewhere in the ISS Archives or I
have it.. I can't remember, but they are very detailed in nature..
/m
[EMAIL PROTECTED]
Sent by: [EMAIL PROTECTED]
03/24/00 10:04 AM
To: [EMAIL PROTECTED]
cc: [EMAIL PROTECTED]
Subject: NT 4.0 armoring prior to Real Secure installation
TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message
to
[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any
problems!
----------------------------------------------------------------------------
There was a thread on this issue 6 months ago. Based on the information I
took the following steps to harden my NT RealSecure Engines. They have be
running in this configuration for about 5 months. I think the most
important step in hardening the workstation was NOT intsalling the NT
Network. RealSecure and the Consol works fine without being part of the
network. I am willing to walk to the computer room when I need to work
with the engines.
reformat c:
change setup to boot from CD_ROM
cntl_alt_del;f2;alt P;
Boot from CD_ROM NT workstation CD
delete particion
create new particion: 2047
format particion using NTFS
Install NT4.
- Setup Options: custom
- Select Componets: Accesories only
- Network:Do not connect.
- Overwrite newer files: yes
Interface Drivers
- Control Pannel; Network;
Install Sercive Pack 4 128 bit encryption
3 Install 3com eithernet card "3com fast Etherlink XL NIC (3c905B-tx)
NT Network is not install do you want to install: no
tab: Adapters:add;have disk; 3cometherlink CD
tab: proticals: add(button): select(window) tcp/ip
Warning window if there is a DHCP server...;no(button).
properties(button);
5 Remove uneeded stuff.
control panal;add/remove
remove
music control
outlook express
microsoft wallet
VDOLive Player
5. implement secure screen saver.
control panel; display; screensaver(tab);3d pipes (window);
password (check box);
wait 15 minutes (drop box)
6. Implement protocal security
control pannel; network; no(button);
protocols(tab);properties(button); advance(button);
enable security(check);configure (button);
"TCP Ports"; permit only (check) add (button);
TCP port (window)"2998"; add (button)
TCP port (window)"901"; add (button).
TCP port (window) "80"; add (button)
"UDP Ports"; permit only (check)
"IP Protocols"; permit only (check) add (button);
IP Protocol (window)"6"; add (button)
8 Disable unneeded services
services;tcp/ip netbios helperstartup;disable
9 Delete unneeded icons: mail & briefcase
desktop highlight and delete.
10. Install run system scanner 1.1
----------------------------------------------------------------
Get your free email from AltaVista at http://altavista.iname.com
