In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-05 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/02 Report--
This article mainly introduces the group policy and user settings of win2008 R2 WEB server settings. Friends who need it can refer to it.
Improve system security by optimizing the setting of group policy, renaming the default administrator of the system, users, creating trap accounts, and so on.
When doing the following security, you must make sure that your server software has been fully configured and can be used properly, otherwise if you install the software after the security setting, the installation may fail or other errors may occur, resulting in the failure of the environment configuration.
Password policy
The strength of the system password is directly related to the security of the system, if your password is too simple, in case your remote connection port is swept, it will be minutes to crack your password. Therefore, our system password must be set up to meet the security requirements, such as the use of uppercase and lowercase English, numbers, special symbols, length of not less than 6 digits and other measures to strengthen password security. In systems above Windows 2008, the system provides a "password policy" setting. Let's set it and enter the "local security policy" first.
Open Security Settings-account Policy-password Policy-password must meet complexity requirements, enable.
Audit strategy
The role of the audit policy is that in case a malicious user is cracking your password, logging in to your system, or modifying your system, you can detect and deal with it as soon as possible.
The default is no audit, and we have to modify it. Here is the audit policy I modified.
We can basically capture the required information, and we only need to analyze these generated logs to find out where the problem lies.
User rights assignment
Here is mainly to limit which users can log in to the server using remote connection, the default is Administrators group and Remote Desktop Users group, members of these two groups can log in to the server remotely, and we generally as WEB servers, there are not too many users, there may be only one administrator, so there is no need to specify groups, just specify users directly.
Modify system users and groups
1. Rename the default user name and user group of the system, which is divided into two steps.
⑴, rename the default administrator administrator and guest account, such as I rename administrator to wobushiad and guest to wobushiguest
Later, you will log in to the server using the modified user name wobushiad.
⑵, create a new user named administrator, who belongs to the Guests group, set a super complex password (type a string of characters in notepad, including case, numbers, and special symbols to copy into it, you do not need to remember this password yourself), and disable the account. This account is a trap account and we will not use it ourselves.
Then modify the default administrator group administrators and Guest group
Security option
Interactive login: do not display the last user name, enable
Network access: anonymous enumeration of SAM accounts and shares is not allowed, enable
Network access: do not allow storage of network authentication passwords and credentials, enable
Network access: remotely accessible registry path, emptying Baidu included batch queries
Network access: remotely accessible registry paths and subpaths, empty
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.