First of all you should reinstall your system from the ground to make sure that no backdoors or other bad things are left on your server. Next, deactivate all services and deinstall all software you don't need. (perhaps this guide can help you a bit, while it is not up to date it can still give you basic ideas: Building a Windows NT Bastion Host in Practice: http://people.hp.se/stnor/hpntbast13.pdf ). If you want to have something quite up to date, perhaps this book is an option:
http://www.ora.com/catalog/securwinserv/ After deinstalling all unneeded programs and services, you should apply the latest service pack, patches and hotfixes. This should give you quite much protection, but never forget to look for new vulnerabilities in services you use. Greetings, ------------------------------------------------------- BlueScreen / Florian Hobelsberger (UIN: 101782087) Member of: www.IT-Checkpoint.net www.Hackeinsteiger.de www.NGSecurity.de www.DvLdW.de.vu Für Fragen im Bereich Datensicherheit wenden Sie sich bitte an: www.Hackeinsteiger-Board.de www.Securitypoint-board.de.vu ================================================================== This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. Forwarding this E-Mail or parts of information out of it is strictly forbidden - legal actions may be taken. If you are not the intended recipient or the person responsible for delivering to the intended recipient, be advised that you have received this email in error and that any use of the information contained within this email or attachments is strictly prohibited. Internet communications are not secure and BlueScreen/Florian Hobelsberger does not accept any legal responsibility for the content of this message. Any opinions expressed in the email are those of the individual and not necessarily those of the Company. If you have received this email in error, or if you are concerned with the content of this email please notify the Sender by telephone on +49 (0)162 337 98 40. ================================================================== To encrypt classified messages, please download and use this PGP-Key: http://www.florian-hobelsberger.de/BlueScreen-PGP-PubKey.txt ==================================================================
