Shulou(Shulou.com)05/31 Report--

This article introduces the relevant knowledge of "what is the method of remote security management of the server". In the course of the operation of the actual case, many people will encounter such a dilemma. Then let the editor lead you to learn how to deal with these situations. I hope you can read it carefully and be able to achieve something!

First, set up strictly to strengthen account security.

1. Rename the account

Administrator and guest are the default system accounts for Server 2003, which is why they are most likely to be used by attackers to log in to the server. We can take precautions against this by renaming it.

Administrator renamed: "start → run", enter Secpol.msc enter to open the local security group policy, expand "Security Settings → Local Policy → Security options" in the left pane, find and double-click on the right to open "account: rename system administrator account", and then enter a new name such as gslw.

Guest renamed: as a server, the guest account is generally not opened, but it is often used by intruders. For example, after enabling guest, add it to the administrators group to implement later control. We can prevent similar attacks by renaming, just like administrator, find "account: rename Guest account" under Group Policy above, and enter a new name in it.

2. Password policy

Password policy acts on domain or local accounts, which includes the following aspects: forced password history, maximum password life, minimum password life, minimum password length, password must meet complexity requirements, and use reducible encryption.

Storage

Password.

For user accounts on the local computer, the password policy settings are made in the Local Security Settings administrator. Here is the specific configuration method: execute "start → Management tools → Local Security Policy" to open the "Local Security Settings" window. Open the user Policy option, and then select the password Policy option, and the current configuration of the configurable password policy option will be displayed in the details window on the right. Then double-click the appropriate item to open the Properties and configure it. It is important to note that the two password policies of "forcing password history" and "storing passwords with recoverable encryption" are best kept by default and not modified.

3. Account lockout

When the server account password is not strong enough, it is easy for illegal users to "guess" the user password and log in to the system by retrying many times, which is a great security risk. So how to prevent hackers from guessing or server passwords?

In fact, to avoid this situation, it can be solved perfectly by setting the account lockout policy through the group policy. At this point, when a user tries to log in to the system and enter the wrong password a certain number of times, the account is automatically locked out, and the user will not be available until the account lockout expires, unless the administrator manually unlocks it. The setting method is as follows:

Type "Gpedit.msc" in the search box of the start menu to open the Group Policy object Editor, and then click navigate to "computer Settings →"

Windows

Set → Security Settings → account Policy → account lockout Policy. Double-click "account lockout threshold" on the right to set the number of failed login attempts that trigger user account lockout. The value is between 0 and 999, and the default value of 0 means that the number of logins is unlimited. You can set it according to your own security policy, such as 5.

This is the end of the content of "what is the method of remote security management of the server". Thank you for your reading. If you want to know more about the industry, you can follow the website, the editor will output more high-quality practical articles for you!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.