Talk about a loaded question. First of all, make sure you have a firewall on your network with solid rules blocking all ports and allowing only the ones you need to access your network open. And then only to selected IP Addresses (via NAT). You may even want to consider rolling out software firewalls and make sure you have good AntiVirus software throughout your network.
Then, scan your network with something like Nessus (www.nessus.org), LanGuard (www.gfi.com), or the Cisco Scanner (www.cisco.com *Commercial App running about $500). This should give you a fairly complete report of what is open on each device in terms of ports/services. Close up ports that you don't need. Don't stop there. Do a system by system audit (Servers and Workstations, they are all vulnerable). Document what software is running, what services are running. Then, get rid of anything that is unwanted or unneeded. You don't want to keep spending CPU cycles on something you don't use that can be a security threat. Now, in terms of a tool to use, I point you right back at the OS you are running. Sit down and think seriously about implementing stronger policies. The stronger they are, the harder you are to hack. A great book on the subject of securing Win2k is Hacking Windows 2000 Exposed (www.hackingexposed.com). Read it, it will scare the hell out of you yet really help you lock down your network. Patch all OS'es with the latest SP's and Hotfixes. Stay on top of this for all servers AND WORKSTATIONS. Lastly, consider installing a program like Snort (www.snort.org) as a Network Intrusion Detection System (NIDS). These are usually implemented in front of the firewall, in a DMZ and behind the firewall. But at the very minimum, install one behind the firewall to see what traffic is on the local wire. A lot of work? Yes, securing a network often is. There is no one way to keep a system from being hacked. AND, with all I have suggested here, you can still be hacked. But this makes it much tougher. Good luck, Bejon -----Original Message----- From: ++WayanS [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 20, 2002 5:33 PM To: [EMAIL PROTECTED] Subject: win 2k all please help me i have win 2k server tree days ago, some one hack my server what can i do to secure my server please tell me, tip, trik and tool to secure my server regard Way
