J
jfuller
Are you familiar with AD and W2k? Or just starting out?
Do you know LAN/WAN?
When I took over at a company a couple of years ago they
had a backup system they used daily to back up 1 of 3
servers, a Virus scanner that was 2yrs out of date, the
NT servers had never had updates or SPs installed on
them, and most passwords were blank. That list went on
and on.
What I am saying is make sure to cover the basics first.
If there is no backup system GET ONE! Make sure that
you have a good virus scanner on the server ASAP then
worry about the VS on the workstations. Get rid of back
doors and weaknesses intentionally left by
predecessors. And install updates, SP, and security
fixes the day they are released.
I would start by running the Microsoft Baseline Security
Analyzer on all servers and workstations in the network
to document the basic security and software issues you
might be facing. I would also suggest auditing the user
accts in the AD and disabling all of the accts that are
not legitimate (look for back doors left by the prior
admins.) Look for accounts that are able to log on the
servers for remote admin using TS.
I would also be checking the Firewalls for either
overlooked or intentional vulnerabilities.
Than use a mapping program such as LAN MapShot Automatic
Diagramming Software From Fluke to map and inventory the
entire system quickly. (14 day free trial on their site)
I would also reference these articals:
The Basics of Security (Microsoft technet)
Best Practices for Enterprise Security (Microsoft Technet)
Do you know LAN/WAN?
When I took over at a company a couple of years ago they
had a backup system they used daily to back up 1 of 3
servers, a Virus scanner that was 2yrs out of date, the
NT servers had never had updates or SPs installed on
them, and most passwords were blank. That list went on
and on.
What I am saying is make sure to cover the basics first.
If there is no backup system GET ONE! Make sure that
you have a good virus scanner on the server ASAP then
worry about the VS on the workstations. Get rid of back
doors and weaknesses intentionally left by
predecessors. And install updates, SP, and security
fixes the day they are released.
I would start by running the Microsoft Baseline Security
Analyzer on all servers and workstations in the network
to document the basic security and software issues you
might be facing. I would also suggest auditing the user
accts in the AD and disabling all of the accts that are
not legitimate (look for back doors left by the prior
admins.) Look for accounts that are able to log on the
servers for remote admin using TS.
I would also be checking the Firewalls for either
overlooked or intentional vulnerabilities.
Than use a mapping program such as LAN MapShot Automatic
Diagramming Software From Fluke to map and inventory the
entire system quickly. (14 day free trial on their site)
I would also reference these articals:
The Basics of Security (Microsoft technet)
Best Practices for Enterprise Security (Microsoft Technet)