Which is better?

[rok]

Hi people
I have been watching and reading for some time now and am impressed at the depth and diversity of knowledge out there.

Heres the scenario

I have recently joined an organisation and picked up the dubious priviledge of network administrator.

The place has a server running nt4 sr4 and sbs 4.5 it has connected to it a total of 17 machines. The os are 95 on two 98 on the rest.

I need to increase the security levels on my first examination one could drive a mack truck through the system and not even be noticed.

What i am after is a logical approach to tightening up procedures.

13 of the machines are in a training room with multiple users
so do I implement local security and restrict access to server or would it be better to do a full users shares policey from the server.

I would appreciate any info or previous stratagies used that would assist me

regards roger

email rok_oh@hotmail.com

 

[ackka]

First step, increase password protection on NT server, us atleast 10 characters, use a combination of upper, lower, and digits, also use !@#$#% really weird characters. Good way to remember is to remember a number sequence , then hold shift and put that number sequence in. The famous Lopht crack by lopht heavy industies, you can choose this option to crack, but most hackers, would look for stupid people with A,a,digit based passwords to attack first. Second change the passwords on your NT shares to a higher level. Make sure that none of the shares have an access to the c:\winnt\ folder. You can also look into programs that hide the password file that password crackers extract in a newer safer location with a higher level of encryption on it.
Well good luck, just doing these things should increase your security by a little bit. You will have to implement these steps first, then move up.

later B-)
[sig]<p>ackka<br><a href=mailto:tmoses@iname.com>tmoses@iname.com</a><br><a href=

http://home.cyberarmy.com/ackka>

my site</a><br>"Do No Harm, Leave No Tracks"<br>
ICMP Summer 2000, 2600 Article<br>
<br>
[/sig]

 

[DarkShad]

Security has always been a problem in a classroom enviroment, on one hand you have students who need to access there files without lenghty password schemes and on the other hand the students may choose to violate your trust by downloading viruses, enter chat channels, etc. Use of a shared files system is both benificial and a handicap at the same time, one user may corrupt the everyones work. However, the best solution perhaps is to increase current audit levels, perhaps use network monitoring agent. You may choose to do modest changes with-in the registry to block changing control panel options or use some of these useful applications at:

http://packetstorm.securify.com/NT/IDS/

Thank you.

 

[waynemaples]

You need to secure your server and then work on locking down your workstations. Use the Policy Editor to secure the workstations. Each logon, the policies will be reapplied (in case students have been twiddling).

See

http://is-it-true.org/nt/books/btips6.shtml

for NT admin book recommendations including a couple of good texts on NT policy editor.

-Wayne
Contentmaster
NT/Windows 2000 Tips for NT Admins and NT Users
Hacking Tips for NT Admins

http://is-it-true.org/