Windows 2003 server and Win XP security Issues

Overview . For external network security , write-access to non critical areas of the network (e .g . sales and marketing , product showcase , etc should be password protected . All unsolicited web traffic should be excluded , and permission granted to only those which can give password and authentication . The general rule of thumb for internal security is that the s in each division should be accessible by personnel in that division only or other authorized users via an encrypted password protocol . For highly sensitive information such as personnel records and IT data , additional restrictions of data

access such a physical location of the computer and person accessing it should be restricted , to avoid accidental security breaches . Security for Windows 2003 and XP can be set up through paying attention to the following

Firewalls internal and external for PC access restrictions and protecting against some software weaknesses . Use the available firewall in either operating system . Microsoft Windows XP provides Internet security for local area network (LAN ) or dial-up connections by the Internet Connection Firewall (ICF ) and prevents scanning of ports and resources ( and printer shares ) from external sources . When your computer gets an unsolicited request , Windows Firewall blocks the connection . If you run a program such as an instant messaging program or a multiplayer network game that needs to receive information from the Internet or a network , the firewall asks if you want to block or unblock (allow ) the connection . If you choose to unblock the connection , Windows Firewall creates an exception so that the firewall won 't bother you when that program needs to receive information in the future , though you must be careful if the software is a susceptible software and may wish to only authorize temporary access . In addition to blockingcomputer viruses and worms and asking for permission to block or unblock certain connection requests , it creates a record (a security log , that records successful and unsuccessful attempts to connect to your computer useful in troubleshooting and investigations . Windows Server 2003 also provides Internet security using ICF , and protects computers directly connected to the Internet , behind an Internet Connection Sharing (ICS ) host computer that is running ICF . By setting firewall exceptions Windows Server 2003 will let a system administrator use policy or execution enforcement to prevent executable programs from running on a computer For example , specific corporate-wide applications can be restricted from running unless they 're executed from a particular directory . Software restriction policies can also be configured to prevent virus-infected or malicious code from running . The Internet Authentication Server (IAS , a Remote Authentication Dial-in User Server (RADIUS ) manages user authentication and authorization , and connections to the network such as dial-up , virtual private networks (VPNs , and firewalls . It also supports the IEEE 802 .1X protocols and public certificates deployed using autoenrollment or smart cards , enabling the authentication and authorization of users and computers that connect to wireless and Ethernet LANs . For wireless connections the following steps are needed in addition to the mandatory use of the above measures : 1 ) the System...