Any hacker who wants to attack your systems will start by trying to gather information about them. Your job is to make that as difficult as possible. Here are some tips to help you safeguard your Windows server information.
Throughout the Internet, it's easy to find a plethora of beginner's guides to hacking Windows. And the first lesson in almost all of those guides is to identify the Windows service packs that are installed on the systems you want to attack. Obtaining information about a server's operating system is the first goal of both rookie and veteran hackers. Once armed with your system information, they're ready to seek out the endless number of hacking sites to discover the exploits that exist on your servers. Your job is to make the process of acquiring Windows system information a challenge for them.
Getting to know your server
So how does a would-be hacker get information about your server? The answer is easy. Windows servers are made to announce themselves to whoever needs their services. For instance, a Telnet command to port 80 of a Windows Web server will quickly reveal OS and service pack. Then, for example, an attacker might notice that you're running a Windows 2000 server with IIS 5.0 and no service pack. This information can help the hacker discover holes in your system.
Most hackers want even more information about your system. Many free programs are available for download that can provide key information beyond that of simple OS types and versions. One of the most common tools is GFI LANguard Network Scanner. Among other things, it provides information such as:
You can see where this kind of information could be used to compromise your systems.
Lose what you don't use
The days of choosing Select All from the Windows components screen during an initial server installation are long gone. The rule now is, "Don't install it if you don't need it." Remember, the less attractive you look to a hacker, the less of a target you will be. This may mean turning off services you don't necessarily use, such as HTTP, FTP, Telnet, and/or SMTP. The mere fact that these services are disabled may be enough to discourage a hacker from going to the next level -- actually attempting to break into your system.
4%
4%
