Some users on my network brag about their "back door" abilities to hack into our relatively new system, which is based on three Windows Server 2003 servers. We have a domain controller, a file server and a terminal server. What should be my first three moves to bolster intrusion prevention and improve
Windows network security
Here is how I would approach this, from a Windows network security perspective:
- Enact a strong password policy. You can do this from the Local Security Policy under Administrative Tools. Make your passwords complex. While you're at this step, change the administrator password and force your users to change their passwords upon their next logon.
- Audit group memberships to make sure that no one has added himself (or has the ability to add himself) to powerful groups, such as domain admins.
- Make sure your file and terminal services machines are joined to your domain so they benefit from domain-level security.