Running network services on Windows
If you are running network services on Windows, including:
- A web server such as Apache or IIS
- MS SQL Server
- An FTP server
or any other network services that you have installed, it is important that you keep these services up-to-date with respect to patches, and change any insecure default configurations and/or passwords that come with the software (in particular, you must change the default sa password that comes with MS SQL Server).
If you install IIS, you must patch it before activating this service and putting it on the network. Failure to do so may result in your PC being broken into within minutes of being placed on the network. See the Microsoft IIS 5 support center for complete information on securing IIS. It is recommended that you run URLScan and the IIS Lockdown Tool to provide additional security for your web server. The IIS 5 security checklist has some additional information on steps you can take to secure IIS 5.
MS SQL Server security
Like IIS, MS SQL Server is extremely vulnerable to remote exploits if it is not patched and configured securely, and SCS hosts are constantly being scanned for these exploits. If you are running MS SQL server, you should:
- Make sure that it is up-to-date wrt patches before activating the service and placing it on the network.
- Make sure that all passwords (especially the sa password) are reset from the defaults and are strong passwords. SQL Servers here are frequently the target of brute-force password guessing attacks.
You can run the Microsoft Baseline Security Analyzer to check for needed patches and some common MS SQL security configuration issues. The Microsoft SQL Server Security Center and http://www.sqlsecurity.com have additional information on security SQL Server.
Other networked services
If you are running other networked services, such as Apache or an FTP server, you should regularly check the software vendor's web page or subscribe to the relevant mailing list in order to make sure that the software does not need to be patched for some recently discovered security vulnerability.