Hello dear members ! I intend to have a sever with Windows Server 2008 R2 Standard to get RDA (Remote Desktop Accounts) and I have some questions and need your help! 1) As Administrator, what i need (of software or else) to protect from any attack, what is the best way to safeguard it? 2) Is there anyway (or software) to monitor (measure) Bandwidth (or traffic) for any user? 3) What is the best way (or software) to hide some files or folders (in C: partition,where OS is running) from users? Thanks for your help !
1. This is the usual stuff - Make sure you use an anti-virus and anti-malware software that automatically updates several times per day. - Keeps Windows Patched with the latest software updates. - Lockdown your Stack - Widows 2008 has a decent software firewall to close down ports, so use it. The default setttings aren't the best for an internet facing server so adjust it to suit your needs. There are better software firewalls, but they cost. - Adjust the local security policy to provide tighter control - Tighten security on the registry There are plenty of articles about securing Server 2003 (not so many specifically for 2008) which will provide a good guide. Also, look for guides on IIS security (again, IIS 6.0 - 2003 - is better catered for) because there is usually a lot of information about tightening server security that is worthwhile even if you aren't planning on using IIS. Server 2008 is pretty secure out of the box but it leaves a lot of ports open by default. 2. Probably, but you'll get the best results from monitoring the switch port your server is plugged into. Your host should be able to provide this info via MRTG or Cacti or something. SNMP on your network card might work too if your card supports it. 3. User Permissions. They are very granular on Windows, so make good use of them. For shared hosting we strip out all permissions, on all drives, leaving just System and Administrator Group, then we add them back in where necessary. It's not something you want to do lightly, and we've scripted it so it only takes a few seconds to run, but it's the most effective method of control - even when a web site is hacked due to a poor script the problem is contained to that single site. You'll find lots of articles on user permissions on the internet. Can't give specific advice because it depends on the software you want to run and the level of permissions users need to run the software you want. Once you have decided on what is required, creating a VBS script or BAT file is the easiest method to get consistent results each time.
What are these users going to be using the RDS accounts for? Office applications, or? You can restrict their permissions as needed. You want to make sure you are behind a hardware firewall if possible. I would advise on the Windows Firewall as well, only allowing specific IP addresses of your clients to make RDP connections to the server to prevent 24/7 brute force attacks on your RDS accounts. The server itself also needs to be locked down depending on how your hosting companies base template are configured. Most enterprise hosting companies have very skilled admins and the default OS templates on the servers have already been secured to best practices. Good choice with 2008 R2 though, definitely a solid OS that is more secure out of the box than previous Windows Server OS's. Edit: Also, don't browse the web from your server. Please.