N
NormRumac
Hi.
I need to setup a desktop computer system in a retail store. This
system will be accessible to the general public (i.e. anyone can use
it).
The purpose of this system is to allow users to access one single
custom made database application that will run on Windows XP Pro
persistantly 24 hours a day, 7 days a week.
Since anyone is allowed access to the computer, there are obviously a
number of potentially dangerous security risks (this computer will be
connected to a local network).
But, if we can assume that the database application and its asscociated
resources are secure, what are the steps we need to take in order to
virtually elimiate any possible damage that can be done by malicious
(or curious) users?
Basically, I just want to have the database application running all the
time. If possible, users shouldn't even know that Windows XP is the OS
behind the application. They should not be able to kill the
application process, minimize/close the application window, start any
new applications, read any files, access the internet...install/run any
other programs...nothing....they should only be able to use this one
intended application. Note that this application requires access to
SQL server, and a local instance of this service will need to run on
this computer, so i understand that I will need to turn on the MSSQL
service locally.
Can anyone give me step by step instructions on how to lock down the
system so it does what I want? I need to elminate as many potential
security holes as possible.
Thanks,
--Norm
NormRumac
I need to setup a desktop computer system in a retail store. This
system will be accessible to the general public (i.e. anyone can use
it).
The purpose of this system is to allow users to access one single
custom made database application that will run on Windows XP Pro
persistantly 24 hours a day, 7 days a week.
Since anyone is allowed access to the computer, there are obviously a
number of potentially dangerous security risks (this computer will be
connected to a local network).
But, if we can assume that the database application and its asscociated
resources are secure, what are the steps we need to take in order to
virtually elimiate any possible damage that can be done by malicious
(or curious) users?
Basically, I just want to have the database application running all the
time. If possible, users shouldn't even know that Windows XP is the OS
behind the application. They should not be able to kill the
application process, minimize/close the application window, start any
new applications, read any files, access the internet...install/run any
other programs...nothing....they should only be able to use this one
intended application. Note that this application requires access to
SQL server, and a local instance of this service will need to run on
this computer, so i understand that I will need to turn on the MSSQL
service locally.
Can anyone give me step by step instructions on how to lock down the
system so it does what I want? I need to elminate as many potential
security holes as possible.
Thanks,
--Norm
NormRumac