Securing Windows 2003 Server
I'm a FreeBSD guy. I have it on both my desktop, and my server.
However, it turns out I'm now going to run a rather critical server (or, at least in my case, critical). A friend of mine knows that I do some *nix hardening in my spare time, and so he thought I could help him out. But there's one problem.
It's a remote, Windows 2003 Enterprise Server. Something I've never hardened, or secured. The most securing I've ever done with a Windows box was an XP desktop for a buddy of mine.
So, I've read some articles (most of which pertaining to stuff I already know), and was wondering: Do any of you Win2k3 Server folk have some tips for SECURING a server?
I have of course, done what I would consider to be the basics:
1) Disable IP routing
2) Windows Update
3) AV/Spyware/Firewall
4) Couple of registry fixes (SynAttackProtect, etc.)
The server will be running MSSQL 2000 (for recording of gameserver information), and of course the gameserver.
I'm at a loss as to how I can completely keep people out. It's easy to do when you're familiar with the OS, however in this case, I'm not.
Obviously, running WINE or an emulator (ie: reformatting and using a non-Windows client) isn't going to solve my dilemma. I need some actual sure-fire tested protection tips.
Any help is of course appreciated! Thanks.
