Using Security Templates to Secure a Server

Windows Server 2003 contains built-in support for security templates, which can help to standardize security settings across servers and aid in their deployment. A security template is simply a text file that is formatted in such a way that specific security settings are applied uniformly. For example, the security template could force a server to use only Kerberos authentication and not attempt to use downlevel (and less secure) methods of authentication. Figure 12.5 illustrates one of the default templates included in Windows Server 2003, the securedc.inf template file.

Figure 12.5. A sample security template file.

The application of a security template is a straightforward act and can be accomplished by applying a template directly to an OU, a site, or a domain via a Group Policy Object (GPO). Security templates can be enormously useful in making sure that all servers have the proper security applied, but they come with a very large caveat. Often, the settings defined in a template can be made too strict, and application or network functionality can be broken by security templates that are too strong for a server. It is therefore critical to test all security template settings before deploying them to production.

Shutting Off Unnecessary Services

Each service that runs, especially those that use elevated system privileges, poses a particular security risk to a server. Although the security emphasis in Windows Server 2003 reduces the overall threat, there is still a chance that one of these services will provide entry for a specialized virus or determined hacker. Subsequently, a great deal of effort has been put into the science of determining which services are necessary and which can be disabled. Windows Server 2003 simplifies this guessing game with an enhanced Services MMC snap-in. To access the Services console, choose Start, All Programs, Administrative Tools, Services.

As evident in Figure 12.6, the Services console not only shows which services are installed and running, but also gives a reasonably thorough description of what each service does and the effect of turning it off. It is wise to audit the Services log on each deployed server and determine which services are necessary and which can be disabled. Finding the happy medium is the goal because too many running services could potentially provide security holes, whereas shutting off too many services could cripple the functionality of a server.

Figure 12.6. Using the Services console to administer the server.

Note

Windows Server 2003 Service Pack 1 introduced the Security Configuration Wizard, which streamlines the ability of administrators to intelligently disable unneeded services and apply security settings to a server. Although it doesn't replace traditional securing techniques, it increases the amount of securing methods available.