Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Vista
      Digg this story   Add to del.icio.us  
FOCUS on Microsoft: Securing NT - Installing and Securing Part 6
SecurityFocus 2001-08-16

Installing and Securing Windows NT 4.0

Getting Started
Installing NT
Installing Service Packs and Hotfixes
Installing Drivers, Applications, and Services
Test the Server
Update Repair Information
Modify ACLs on Files and Directories		 Create and Modify Registry Keys
Modify Registry Key ACLs
Enable Auditing
Set Account Policies
User Rights
Password Selection and Management

CAUTION: The information contained below is aimed towards securing the NT Operating System. This information represents a "high security" posture and may break or disrupt performance on your own machine. The suggestions listed on this page may not be suitable for your environment. Test all changes on a non-production host before applying them to your production machine. Security-Focus is not responsible for any damage that may result from applying these suggestions.

Modify Registry Key ACLs

20
 For each of the keys listed below, make the following change:

Replace Everyone group with Authenticated Users group and give the following permissions for the keys below:

QueryValue, Enumerate Subkeys, Notify and Read Control
(leave other existing permissions intact)

Except where noted, DO NOT apply changes to subkeys

In the HKEY_LOCAL_MACHINE on Local Machine:

\Software (do not replace permissions on existing subkeys)
\Software\Microsoft\RPC (and its subkeys)
\Software\Microsoft\Windows NT\CurrentVersion
\Software\Microsoft\Windows NT\CurrentVersion\Profile List
\Software\Microsoft\Windows NT\CurrentVersion\AeDebug
\Software\Microsoft\Windows NT\CurrentVersion\Compatibility
\Software\Microsoft\Windows NT\CurrentVersion\Drivers
\Software\Microsoft\Windows NT\CurrentVersion\Embedding
\Software\Microsoft\Windows NT\CurrentVersion\Fonts
\Software\Microsoft\Windows NT\CurrentVersion\FontSubstitutes
\Software\Microsoft\Windows NT\CurrentVersion\Font Drivers
\Software\Microsoft\Windows NT\CurrentVersion\Font Mapper
\Software\Microsoft\Windows NT\CurrentVersion\Font Cache
\Software\Microsoft\Windows NT\CurrentVersion\GRE_Initialize
\Software\Microsoft\Windows NT\CurrentVersion\MCI
\Software\Microsoft\Windows NT\CurrentVersion\MCI Extensions
\Software\Microsoft\Windows NT\CurrentVersion\PerfLib
(Remove Authenticated Users (Everyone):Read access on this key. give INTERACTIVE:Read access)
\Software\Microsoft\Windows NT\CurrentVersion\Port (and all subkeys)
\Software\Microsoft\Windows NT\CurrentVersion\Type1< >Installer
\Software\Microsoft\Windows NT\CurrentVersion\WOW (and all subkeys)
\Software\Microsoft\Windows NT\CurrentVersion\Windows3.1MigrationStatus (and all subkeys)
\System\CurrentControlSet\Services\LanmanServer\Shares
\System\CurrentControlSet\Services\UPS

In the HKEY_CLASSES_ROOT on Local Machine dialog:

\HKEY_CLASSES_ROOT (and all subkeys)

In the HKEY_USERS on Local Machine dialog:

\.DEFAULT

<< PREVIOUS INDEX NEXT >>

Download Links

 Securing Windows NT Installation
Self Extracting Word Document (85k)
Microsoft

SecurityFocus Shell Script for Securing NT
by Security Focus

Microsoft Security Advisories
Microsoft


SecurityFocus accepts Infocus article submissions from members of the security community. Articles are published based on outstanding merit and level of technical detail. Full submission guidelines can be found at http://www.securityfocus.com/static/submissions.html.
    Digg this story   Add to del.icio.us  
Comments Mode:







 

Privacy Statement
Copyright 2008, SecurityFocus