Win2008 R2 WEB Server Security Settings Guide: Detailed introduction to disabling unnecessary services and closing ports

This article mainly introduces the Win2008 R2 WEB serverSecuritySetting guide to disable unnecessary services and close ports, friends in need can refer to it

Security is the top priority , with the least service in exchange for the greatest security. By enabling only the services you need and turning off services that are temporarily unused or unused, you can maximize security.

As a web server, not all default services are required, so printing and sharing services can be disabled. Of course, your system patch also needs to be updated to the latest one. Some port vulnerabilities have been fixed with the update of the patch. Some articles on the Internet are copies of each other and are mostly based on the win2003 system, and win2008 itself is much safer than win2003.

Then why do we still talk about closing the port? Because we want to nip it in the bud. It would not be fun if the server was hacked.

Disable unnecessary services

Control Panel--Administrative Tools--Services: Stop and disable all the following services.

TCP/IP NetBIOS Helper

Server This server needs to be careful. Tianyi cloud host needs to use this service, so it cannot be disabled on Tianyi cloud host.

Distributed Link Tracking Client

Microsoft Search If available, disable

Print Spooler

Remote Registry

Because we are using a cloud host, which is different from a single machine, some services cannot be generalized, such as the Server service above. For example, Tianyi Cloud's hosts, Shanghai 1 and Inner Mongolia Pool's hosts are different. Inner Mongolia Pool's host needs to rely on the Server service, but Shanghai 1 does not need to rely on this service, so Shanghai 1 can be disabled, but Inner Mongolia Pool cannot.

So you must be careful when disabling a service.

DeleteFile Printing and Sharing

Local Connection Right-click Properties, delete TCP/IPV6, Microsoft Network Client , file and print sharing.

Open the firewall, inbound rules, and disable all "Network Discovery" and "File and Printer Sharing" rules.

Close port

Close port 139

Right-click on the local connection properties and select "TCP/IPv4 Protocol ", Properties, select "Advanced" under the "General" tab, select the "WINS" tab, select "Disable NetBIOS over TCP/IP", thus closing port 139.

Close the port using IP security policy

1. Click Control Panel-Administrative Tools" and double-click to open "Local Policy". Select "IP Security Policy", right-click the mouse in the blank space to the right of "Local Computer", the shortcut menu will pop up, select "Create IP Security Policy", and the wizard will pop up. Click Next in the wizard, and when the "Secure Communication Request" screen is displayed, Leave the box to the left of "Activate Default Corresponding Rules" blank by default and click "Finish" to create a new IP security policy

2. Right-click the new IP security policy you just created and select "Properties". In the dialog box, remove the check mark on the left side of "Use Add Wizard", and then click the "Add" button on the right side to add a new rule. Then the "New Rule Properties" dialog box will pop up, and click the "Add" button on the screen. The IP filter list window pops up. In the list, first remove the hook on the left of "Use the Add Wizard", and then click the "Add" button on the right to add a new filter.

3. Enter "Filter." In the "Server Properties" dialog box, the first thing you see is the search address. Select "Any IP Address" for the source address, select "My IP Address" for the destination address, click the "Protocol" tab, and select "Select Protocol Type". Select "TCP" in the drop-down list , then enter "135" in the text box under "To this port" and click OK. This will add a filter that blocks the TCP135 port, which can prevent the outside world from passing through the 135 port. Connect to your computer. Click OK and return to the filter list dialog box. You can see that a policy has been added. Repeat the above steps to continue adding TCP137 139 445 593 1025 2745 3127 3128 3389 6129 port and udp 135 139. 445 port, create corresponding filters for them, and finally click the OK button.

4. In the "New Rule Properties" dialog box, select "New IP Filter List" and click the checkbox to the left of it, indicating that it has been activated. Finally, click on the "Filter Operation" tab, remove the hook to the left of "Use Add Wizard", click the "Add" button, and in the "Security Method" tab of "New Filter Operation Properties" , select Block, then click Apply and OK.

5. Enter the "New Rule Properties" dialog box, select the check box to the left of "New Filter Action", indicating that it has been activated, and click the "Close" button to close the dialog box. Finally, in the "New IP Security Policy Properties" dialog box, check the left box of "New IP Filter List" and click OK to close the dialog box. In the "Local Security Policy" window, right-click the newly added IP security policy and select "Assign".

Script House editor's note: For more detailed IP security policy setting methods, please refer to this article: http://www.jb51.net/article/86271.htm

Original work , reprinting is allowed. When reprinting, please be sure to indicate the original source of the article, author information and this statement in the form of hyperlink. Otherwise held liable.

The above is the detailed content of Win2008 R2 WEB Server Security Settings Guide: Detailed introduction to disabling unnecessary services and closing ports. For more information, please follow other related articles on the PHP Chinese website!