1. Software

Windows Server Update Services 3.0 SP2 Deployment Guide Abstract


Add to my manuals
129 Pages

advertisement

Windows Server Update Services 3.0 SP2 Deployment Guide Abstract | Manualzz

To enable additional IIS logging options

1. On the Start menu, point to Programs, point to Administrator Tools, and then click

Internet Information Services Manager.

2. Expand the local computer node.

3. Right-click Web Sites, and then click Properties.

4. On the Web Site tab, under the Active log format box, click Properties.

5. In Logging Properties go to the Advanced tab, and select the check boxes for the following logging options:

 Server Name

 Time taken

 Host

 Cookie

 Referer

Remove header extensions

By default, IIS enables header extensions for HTTP requests. We recommend removing any header extensions for IIS.

To remove header extensions for HTTP requests

1. On the Start menu, point to Programs, point to Administrator Tools, and then click

Internet Information Services Manager.

2. Expand the local computer node.

3. Right-click Web Sites, and then click Properties.

4. On the HTTP Headers tab, select the X-Powered-By: ASP.NET check box, and then click Remove.

SQL Server

The following are security recommendations for SQL Server with WSUS.

SQL registry permissions

Use access control permissions to secure the SQL Server registry keys.

HKLM\SOFTWARE\MICROSOFT\MSSQLSERVER

ISEC setting

Administrators: Full Control

Rationale

These settings help ensure limited access to

124

ISEC setting

SQL Service Account: Full Control

System: Full Control

Rationale

the application’s registry key to authorized administrators or system accounts.

Stored procedures

Remove all stored procedures that are unnecessary and that have the ability to control the database server remotely.

Unnecessary SQL Server 2005 stored procedures

Description Stored procedures

Delete stored procedures by using the following command:

use master exec

sp_dropextendedproc stored

procedure where stored procedure is the name of the stored procedure to be deleted.

 Sp_OACreate

 Sp_OADestroy

 Sp_OAGetErrorInfo

 Sp_OAGetProperty

 Sp_OAMethod

 Sp_OASetProperty

 SP_OAStop

 Xp_regaddmultistring

 Xp_regdeletekey

 Xp_regdeletevalue

 Xp_regenumvalues

 Xp_regread

 Xp_regremovemultistring

 Xp_regwrite

 sp_sdidebug

 xp_availablemedia

 xp_cmdshell

 xp_deletemail

 xp_dirtree

 xp_dropwebtask

 xp_dsninfo

 xp_enumdsn

 xp_enumerrorlogs

 xp_enumgroups

Rationale

Remove all stored procedures that are not necessary for WSUS and could possibly give unauthorized users the ability to perform command-line actions on the database.

125

advertisement

Was this manual useful for you? Yes No
Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Related manuals

ABB COM600 series 5.0 Cyber Security Deployment Manualline

ABB

COM600 series 5.0

  • Cyber Security Deployment Manualline
Wyse Technology R90L Server Administrator's Guide

Wyse Technology

R90L

  • Administrator's Guide
Wyse R90LEW Administrator's Guide

Wyse

R90LEW

  • Administrator's Guide
Parallels Mac Management for Microsoft SCCM 7.3 Guide

Parallels

Mac Management for Microsoft SCCM 7.3

  • Guide
Parallels Mac Management for Microsoft SCCM 6.0 Guide

Parallels

Mac Management for Microsoft SCCM 6.0

  • Guide
VMware VCENTER CONFIGURATION MANAGER 5.3 Getting Started Guide

VMware vCenter

VCENTER CONFIGURATION MANAGER 5.3

  • Getting Started

advertisement

Table of contents