Intrusion prevention for Windows network security

You can prevent crackers from accessing your network through back doors with this intrusion prevention advice from Jonathan Hassell. Learn to improve Windows network security in Windows Server 2003.

Some users on my network brag about their "back door" abilities to hack into our relatively new system, which is based on three Windows Server 2003 servers. We have a domain controller, a file server and a terminal server. What should be my first three moves to bolster intrusion prevention and improve Windows network security?
Here is how I would approach this, from a Windows network security perspective:
  1. Enact a strong password policy. You can do this from the Local Security Policy under Administrative Tools. Make your passwords complex. While you're at this step, change the administrator password and force your users to change their passwords upon their next logon.
  2. Audit group memberships to make sure that no one has added himself (or has the ability to add himself) to powerful groups, such as domain admins.
  3. Make sure your file and terminal services machines are joined to your domain so they benefit from domain-level security.
This was first published in August 2007

Dig Deeper on Network intrusion detection and prevention and malware removal



Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: