Trying to protect the server system is efficient and safe operation, has been every network administrator needs to seriously address the "issues."
To the extent possible, improve the system security, many network administrators will be upgrading server system Windows Server 2008, and Windows Server 2008 operating system security does have a very significant way than ever before upgrading; However, this does notmeans that Windows Server 2008 system to perfect the security, and network administrators are not at that time if the operation itself, but also bring trouble to bring security to the system.Of course, such security problems, we can set up appropriate systems to avoid.
This does not, this contribution of you all now account settings Several Newly skills, so that the system is running Windows Server 2008 security better!
1, Qiao account security backup protection system
Very often, Windows Server 2008 server system also stores have a number of client users to access accounts in the event of Windows Server 2008 system, the phenomenon of sudden paralysis of the fault, then the system is stored in the server for all users to access accounts will be automatically lost; future network administrator tried their best to Windows Server 2008 server system working condition is restored, the previously lost all the users to access accounts can not automatically restore the network administrator can manually set the method often re-create the missing users to access accountit is clear that through this method to restore user access account, not only workload but also unable to restore complete.In fact, the network administrator can skillfully use the new Windows Server 2008 server system backup features to increase user account to the user account running time will be stored on the server system backup of all user account data to other storage mediathe future even if the system suffered paralysis or loss of account the phenomenon occurred, as long as the network administrator using Windows Server 2008 Server System Restore feature account, you can quickly lose all the data the system returned to normal account, and the following is the Windows Server2008 backup server system user access accounts under specific steps:
First of all privileged accounts to access Windows Server 2008 system, open the desktop in the "Start" menu, select from the "Run" command, the system is running in the subsequent text box, enter "credwiz" string command, clickEnter key, the system will automatically pop back up or restore the settings dialog;
Then in the Settings dialog box select the "backup stored user names and passwords" project, and then the wizard prompts click "Next" button, when asked about the backup wizard to back up a user name and password to what location, we can thenwindow "back to the" Department Click "Browse" button, open the System Settings window, select the file from which to select to save the backup file name and path information, then click the Settings window in the "Save" button, so ifstored in the Windows Server 2008 systems for all users to access account information will be saved to the specified backup location in the Department crd file;
当 Windows Server 2008 server operating system in the later process, the experience of the system paralyzes or user access account to be lost, we just Xian ways to turn the server system to resume normal working state, then under the new system, followed by clicking "Start"/" Run "command, and the system is running in the pop-up text box implementation of the" credwiz "string command, the subsequent reduction in the account wizard dialog box, will" restore the stored user name and password "item is selected, then open thefile selection dialog box, and transferred to another location before the Office of the user account to select the backup file to import in, that case has been destroyed by the users to access account information can be quickly returned to normal.
2, Qiao view to guard against secretly log
In the office of public occasions when, many people often encounter Guo Zhe Yang Hui's one kind of 现象 is that when Zi Ji Shi Qing suddenly You urgently need to be temporary Li Kai Chu Lier when the workstation, there may be much ado about nothing the user to take advantage of our absentWhen secretly log into their workstation, to freely seek, search for an important part of the workstation.In fact, if we workstation system is not very important to save the privacy of information, just do not care; but if we save a workstation system unit or related to the contents of their privacy, while these important privacy content is malicious userbe the case, that might give units or bring their own economic or other losses.So, for those who sneak malicious behavior login workstation system, as the network administrator can we find a suitable response, such bad behavior secretly log system to automatically monitor, log on once to see a sneak workstation systemimproper behavior, allow Windows Server 2008 server operating system to automatically record such a trace log for future evidence to further investigate the responsibility of malicious login? The answer is yes! we only subtly on Windows Server 2008 systems groupstrategies appropriate parameters set, you can log on to secretly record the system user account, wait until the next time we re-sign-on system, they will automatically see the last logged on Windows Server 2008 system, all user accounts, then we can at a glanceto ferret out secret malicious user account login system has:
First of all privileged accounts to access Windows Server 2008 system, open the desktop in the "Start" menu, select from the "Run" command, the system is running in the subsequent dialog box, enter the string command "gpedit.msc",then click the Enter key, open the Windows Server 2008 system, Group Policy Editor window;
Then the mouse positioned to the left of the Group Policy Editor window, the list of regions in the "computer configuration" option on the branch, and then click on the branch option and then click the following "Administrative Templates", "Windows 组件", "Windows logon Xuankey "children, in the" Windows Login Options "sub-entry corresponding to the right of the display area using the mouse double-click the" displayed during the user login before the login information about "Group Policy option, open the target Group Policy Properties window, theProperties window "has been activated" option is selected, then click "OK" button to exit the target Group Policy Properties window, as if Windows Server 2008 system will automatically record all of the previous user account login system has.
After our brief leave their workstation the moment, there are illegal user secretly visit our workstation system, how do we go to see if there is new to secretly access your user account system? Very simple, we just re-own workstation systemStart look, and then enter the correct login account information, then click "OK" button, Windows Server 2008 Server System will pop up a list of information system login account, from which we will be able to log in a strange secret account is found, then we willunknown user account can be found to he held responsible.
3, Qiao login account password security protection
To the extent possible, log on Windows Server 2008 server to improve efficiency of the system, we often will the system administrator account login status set to automatically log on, in the hope Meici log server O'clock can not directly enter the login account access; but try to automaticallylogon server, some special Trojans may Juyou imitation log function enables the use of functional Trojan can easily access the system administrator account name and login password to the server as a system security will be seriously threatened.In order to prevent easy access to the system administrator Trojans log server system account information, we can set up Windows Server 2008 system registry parameters, to require all users must enter the password for secure login, the following is the concrete implementation steps:
First of all, the super administrator privileges in Windows Server 2008 system, open the desktop in the "Start" menu, select from the "Run" command, the system is running in the pop-up text box, enter the string command "control userpasswords2", singlehit the Enter key, open the Windows Server 2008 Server system user account setting window;
Then click the Settings window in the "User" tab, the option page in the "To use the machine, the user must enter a user name and password" item is selected, then click the "Advanced" tab,open the option to set the page; select the Settings page "secure login" Department "requires users to press Ctrl + Alt + Delete" item, then click "OK" button, so all attempts to access Windows Server 2008 server user loginsystem, to have pressed the keyboard in the Ctrl + Alt + Delete keys, enter the system login account input dialog box, and then to enter the system administrator account name and password to access the content server system, and this time enter the loginAccount information is not easily stolen by the Trojan program.
4, skillfully tracing the illicit accounts to avoid creating
Very often, we are surfing the web, a little inattentive may open some virus website, hidden in the pages of these viruses in the Trojan program may automatically in the background creating illegal accounts for future illegal account by the malicious attacks on the local system.In fact, Windows Server 2008 systems, we can use the Event Viewer, the additional task of binding functions to create system accounts on the incidents of illegal automatic alarm for the first time to remind the network administrator so that an early response measuresremove the illegal account, now we take a look at the concrete steps of the method:
First, the system administrator privileges in Windows Server 2008 systems, open system, the "Start" menu, from which in turn click on the "Settings" "Control Panel" command, open the System Control Panel window, double-click the window "management tool"options, and then double-click the Administrative Tools window, the "Local Security Policy" option, open the Windows Server 2008 system security policy settings window; in turn set the window by clicking on the "Local Policies", "Audit Policy" node optionThe following options to find the target node "Audit Account Management" option, and Double click this option, then select one of the "success" option and click "OK" button, so Windows Server 2008 system will automaticallyaccount management system audit events, which also includes events on the creation of system accounts audited account when creating the system event operation is successful, we can from the Windows Server 2008 System Event Viewer to see the corresponding operational records.
Then, in Windows Server 2008 system desktop, click System and then click "Start" menu in the "Program", "Server Manager" command, and click the left side of the list then the interface area of the "configuration" option, and fromeach of the branches of the following options click "Local Users and Groups", "user" subkey and right-click "user" subkey, right from the pop-up menu in the implementation of the "new user" command, create a new user account accessWizard window, the window of the wizard prompts to create a system to access any account.
From the system after the "Start" menu, then click click on the "Settings" "Control Panel" "Administrative Tools", "Event Viewer" option, open the Windows Server 2008 System Event Viewer window, use the mouse to start the eventViewer window on the left display area in the "Windows Logs" / "security" branch, we have seen in the branches of the following to create a user account any previous operation of the event, and then right-click the event options, from the pop-upshortcut menu, click the "Add a task to this incident," project, enter the setup wizard interface, add the basic task, the wizard prompts click "Next" button until the Settings dialog box appears on the screen, select one of the "display message"project, and then set up a message title and content, for example, where we set the message title," Note, it was secretly creating system account ", the message content is set to" system account to create a sudden success, please review the legality of it "Finally, click the wizard to set window "Done" button.
After the completion of the above set operations, as long as the Trojans back in the Windows Server 2008 system, create system account secretly, we immediately from the server system will be able to see on the screen similar to the "system account to create a sudden success, please review the legality of it," soTips for information, according to the alarm information we will be able to get to know the current illegal system of secret accounts were created at this time we re-order click the System "Start" menu in the "Program", "Server Manager"command, and click the left side of the list then the interface area of the "configuration" option, then the following options from the branch one by one click "Local Users and Groups", "user" children, in the corresponding "user" subkeythe right side of the display area, creating a strange new account can be deleted, and as the one running Windows Server 2008 system security can be effectively guaranteed.
5, clever tips to protect the security system operation
I believe with the Windows Vista system had "zero distance" contacts, many of my friends will be enabled by default the system's User Account Control feature (UAC function) are appealing because every time we try to make some Windows Vista systems could endanger the systemsafe operation, the system always pop-up prompt, we are required to confirm whether to continue the operation, if we click on the prompt window in the "Cancel" button, then Windows Vista system will not continue the current operation.Obviously, User Account Control feature to some extent to ensure the system is running Windows Vista security to prevent users from accidentally errors to the system operator and a security threat.However, 在 Windows Server 2008 server systems conduct similar Shanchu Wenjianzheyang operation that, we 发现 system and user account control Ti Shi Mei You pop-up window to remind us Dangqian operations have to continue to go, Is Windows Server 2008 systems without the userAccount Control feature abandoned lost? In fact, Windows Server 2008 systems also support the User Account Control feature, but by default Windows Server 2008 system does not enable the feature; to allow the server system more secure, we can try the following in accordance withsteps to Windows Server 2008 system, user account control back to enabled, that case will be able to avoid some Trojan is installed in the background at random, but can also prevent the misuse of our server system will bring security problems:
First of all, the super administrator privileges in Windows Server 2008 system, open the desktop in the "Start" menu, select from the "Run" option, open the Run dialog box system, in which the input string, the command "msconfig", singlehit the Enter key, open the Windows Server 2008 System Configuration Utility dialog box;
Then click the dialog box "Tools" tab, open the option page, from which the tool list box click on "Enable UAC" option, then click "Start" button, then click "OK"button, and restart Windows Server 2008 system look, as if the system in Windows Server 2008 User Account Control feature has been successfully enabled.