Description
This article is from the Windows NT Security FAQ, by Christopher Klaus cklaus@iss.net with numerous contributions by
others.
02 Network Access (Windows NT Security)
Give careful attention to who is allowed to log on from the network and
locally.
One thing to consider is that the administrator account is on every machine,
and can't be locked out from too many bad passwords. A good way around this
is to remove the administrator's group from the permissions to log on from
the network, and add back in the individual users who are the admins.
Now go set it up to audit failed login attempts, lock out users for a few
minutes if there are too many login failures, and require a password of
decent length - 6 characters is acceptable. This makes brute force attacks
very difficult. If you want to prevent other users from accessing the
machine remotely, you can also remove the users from the right to log on
from the network - that confines the users to having to use the shares on
the server. This also prevents anyone not given that right from accessing
the event log, the registry, and the shares on the machine. Pay attention to
who can and cannot shut the machine down, and make it require you to log in
to shut it down.
Continue to:
Share and Enjoy
Bookmark this story so others can enjoy it:
Tags
security, Windows NT
