windows 伺服器安全問題
DESCRIPTION
Windows 伺服器安全問題. Windows 伺服器安全問題. 本機安全原則設定( Local Security Policy Settings ) 系統組態設定( System Configuration Settings )之中。 Windows 2003 特殊的設定問題. 本機安全原則設定. Windows 是採用圖形化介面( GUI )的本機原則編輯器。 點選 『 控制台 』 / 『 系統管理工具 』 / 『 本機安全原則 』 (詳見圖 15-1 ),即可開啟本機原則編輯器視窗。 工具程式除了允許管理員設定帳戶原則之外,也允許設定本機安全性原則。. - PowerPoint PPT PresentationTRANSCRIPT
-
Windows
-
Windows Local Security Policy SettingsSystem Configuration Settings Windows 2003
-
Windows GUI15-1
-
15-1 GUI
-
GUIRegistryregeditregedit32Windows 2000
-
15-2
-
Windows
-
Windows 2000
-
LAN Manager LAN ManageerWindows 2000Windows 9598WindowsLAN ManagerWindows NTWindows 2000NTLM v2
-
NTLM v21.LAN Manager2. LMNTLMLMNTLMNTLM v2
-
LMNTLMNTLMv2NTLMNTLM v2NTLM v2LMNTLM v2LMNTLM
Windows95Windows98LAN Manager
-
SAM
-
Windows 2003 Windows 2003Windows 2000Software Restriction PoliciesSRP15-3SRP
-
15-3
-
Service pack
-
Windows 2000NTFSFATNTFSFATCONVERTNTFS
-
Windows 2000 NTFS NTFS-5NTFS-5
-
Woindows 2000
-
Encrypting File SystemDOSWindows 2000Windows NTNTFSDOSNTFSWindows NTWindows 2000NTFSWindows 2000Encrypting File SystemEFS
-
EFS EFS EFSAdministratorEFSEncrypting File System
-
EFSNTFS 5.0 Encrypting File System
-
ShareWindows NTWindows 2000C$D$IPC$ADMIN$NETLOGON15-4Administrator
-
15-4
-
Windows135137139Windows2000Kerberos88SMB over IP445Kerberos kpasswd464 Key ExchangeIKE500UDP
-
NetBIOSWindows 2000NetBIOSFile and Printer Sharing for Mircosoft Networks15-5
-
NetBIOS15-5 NetBIOS
-
Windows 2000AdministratorGuestGuestGeuestWindows 2000Administrator
-
15-6Active Directory
-
PASSFILT.DLL
-
15-6
-
15-7AdministratorAdministratorconsole
-
15-7
-
Service packUpdate
-
Windows 2003Windows 2000.NET framework
-
Windows 2003Windows 2000sessionProperties15-8
-
15-8
-
56128FIPS140-1
-
15-9
-
15-9
-
.NET Framework .NET framework15-10.NET framework 1.1
-
.NET Framework 15-10 .NET
-
.NET Framework
-
15-2 Windows 200015-2-1 15-2-2 15-2-3
-
15-2-1 15-11
-
Windows NTID
-
15-11
-
15-1215-13Administrators
-
15-12
-
15-2-2 GuestsGuestGuest
-
15-2-3
-
30EFS30
-
15-13
-
15-3 Windows 2000
-
15-3-1 secedit15-3-2 15-3-3 15-3-4
-
15-3-1 seceditWindows 2000secedit.exesecedit
-
seceditWindows 2000secedit /analyze [/DB filename] [/CFG filename] [/log filename] [/verbose] [/quiet]/DB filenamefilename/CFG filename
-
/CFG filename/log filename/verbosesecedit/quietsecedit
-
seceditsecedit /configure [/DB filename] [/CFG filename] [/overwrite] [/areas area1 area2] [/log filename] [/verbose] [/quiet]/DB filename/CFG filename
-
/overwrite/CFG/areasSecuritypolicyGroup_mgmtUser_rightsRegkeysFilestoreServices/log filename
-
/verbosesecedit/quietsecedit
-
secedit secedit /validate filename
-
secedit:secedit /refreshpolicy [machine_policy or user_policy] [/enforce]machine_policyuser_policy
-
/enforce
-
seceditsecedit /export [/MergedPolicy] [/DB filename] [/CFG filename] [/areas area1 area2] [/log filename] [/verbose] [/quiet]/MergedPolicysecedit
-
/DB filename/CFG filename/areasSecuritypolicyGroup_mgmtUser_rightsRegkeysFilestoreServices/log filename
-
/verbosesecedit/quietsecedit
-
15-3-2 Windows 200015-14
-
15-14 Windows 2000
-
15-3-3 Windows 2000\%systemroot%\system32\config
-
*.txtCSV
-
15-3-4 Windows 200O
-
Windows 2000
-
Windows 200015-15CPU
-
15-15 Windows 2000
-
CMDCMDDOSCMDCMD
-
Windows 2000Windows 2003Group PolicyGPOUADGP
-
GP
-
Group PolicyGPUser ConfigurationscriptGP
-
Computer ConfigurationGPbootGPGPOU
-
GPOUGP
-
GPO Default Domain PolicyDefault Domain Controller Policydomain container
-
GPOGroup Policy ObjecttreeGroup Policy Object Editor
-
SMBLAN40
-
IPWindows Explorer AuthenticodeWindows
-
Windows Windows Windows Installer
-
Windows Update Active DesktopActive Desktop
-
ADM
-
Windows 2003 Windows 2003ADSoftware Restriction PoliciesIEEE 802.11OU
-
IEEE 802.11802.1XOUGPOWindows XPWindows
-
802.11802.1x15-17EAPPEAPPEAPEAP-MSCHAP v2
-
15-17 IEEE 802.1x
-
1.2.3.4.OUOUOU
-
1.2.3.4.OU
-
Loopback GPMicrosoftLoopbackGPGP
-
mergeGPreplace
-
ACLGPOUblock policy inheritanceGPOUGPOUGPstart fresh from here, and work down
-
child containerGPGPOOU
-
Group Policy Management ConsoleGPMCMicrosoftMicrosoft Management ConsoleMMC GP15-18jiloa.com GPMCMicrosoft Windows 2003http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=C355B04F-50CE-42C7-A401-30BE1EF647EA
-
15-18
-
15-19
-
15-20 Administratorjiloa.comIHS
-
15-20 IHS Administrator
-
Resultant Set of PolicyRSoPOU
-
15-21IHSRSoPRSoPMMC MicrosoftActive DirectoryActive Directory
-
15-21 IHS RSoP
-
15-4-4 AD
-
Activate Directory
-
Activate Directory Aactivate DirectoryActivate Directory15-22OUDC
-
MMC