Basic Configuration

After installing the operating system, any applications, the latest service pack, and all relevant hotfixes, the next step is to ensure that the bastion host has rudimentary security in place. This involves some GUI-based configuration steps that remove unneeded or possibly unsafe components from the operating system.

Configuring Network Services

A Windows NT network service is software that provides some kind of network-based service. The Computer Browser, SNMP (Simple Network Management Protocol), and Server services are examples of network services.

By default, Windows NT installs five network services:

Remote Procedure Call (RPC) configuration

Enables RPC programs to call components on other computers over the network.

NetBIOS interface

Responsible for resolving names, establishing connections, and supporting reliable data transfer between computers running NetBIOS applications.

Computer Browser

Provides users with the ability to browse the Network Neighborhood for shares and printers.

Server

This service is the SMB/CIFS Server. It consists of two parts: the user mode interface (services.exe), which controls the behavior of the kernel mode driver, and the driver (srv.sys), which is responsible for printer and file sharing to CIFS clients, such as the Workstation service. This service relies on the NetBIOS interface.

Workstation

This service is the SMB/CIFS client software. Like the Server service, the Workstation service also consists of two parts: the user ...

Get Securing Windows NT/2000 Servers for the Internet now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.