Now that you have received the impression that we (or at least Jesper, who wrote most of this chapter) are the most cynical people on the planet (which, according to our respective lovely, talented, and beautiful wives, is probably true) is there really anything left to do? Yes, there is. There are certainly very useful tweaks that every environment should at least consider. However, it is important to understand the myths, and why they are myths, before we go on to the tweaks. Otherwise, it is really easy to fall into the traps represented by the myths.
This section is very simply structured. There are 10 or so server tweaks, 10 or so client tweaks, and a list of tweaks you should not make. For each, we describe the tweak, the threat it mitigates, and the side-effects (where known).
Throughout these tweaks, we refer to the various Windows security guides from Microsoft. Those guides are available for download as follows :
Windows Server 2003 Security Guide http://go.microsoft.com/fwlink/?LinkId=14845
Windows XP Security Guide http://go.microsoft.com/fwlink/?LinkId=14840
Windows 2000 Security Hardening Guide http://go.microsoft.com/fwlink/?LinkId=28591
Threats and Countermeasures: Security Settings in Windows Server 2003 and Windows XP http://go.microsoft.com/fwlink/?LinkId=15159