I wnat to hardend my domain controller, exchange 2003, citrix, and file server . All servers have windows 2003 std os. please provide me steps.

Here are some guides to hardening Windows 2003 Server and Exchange. http://technet.microsoft.com/en-us/library/cc163140.aspx http://www.windowsecurity.com/articles/Windows-Server-2003-Hardening-List-Part1.html Exchange http://technet.microsoft.com/en-us/library/aa996732(EXCHG.65).aspx

what ever security template or settings you implement best practice is to test in a lab first. win 2003 http://www.microsoft.com/downloads/en/details.aspx?FamilyId=8A2643C1-0685-4D89-B655-521EA6C7B4DB&displaylang=en exch 2003 http://www.microsoft.com/downloads/en/details.aspx?FamilyId=6A80711F-E5C9-4AEF-9A44-504DB09B9065&displaylang=en

Good start, and easy is MBSA (Microsoft Baseline Security Analyser). It will run against Server and Exchange. Basically, the application will run a scan on your machine and verify youre up to date on updates. It will also run a best security pratices scan against your machine and provide some recommendations. Best of all, the tool is free, and is not a bad start. There are many guides online, however, what youre requirements are may differ depending on your environment. Bottom line is, remember that nothing can replace the actual SME (subject matter expert) or SA (systems administrator) of the system to be hardened. Additionally, this is also free, and is comprehensive, and applies to your post http://iase.disa.mil/stigs/stig/index.html

Hello, Aside from all the other good suggestions posted above: Uninstall all unnesessary services and/or software If you have IP filtering on your firewall where you can control traffic on LAN/WAN/DMZ, close all ports/protocols. Allow ONLY the services required for each server to operate. For example, file server should not be allowed SMTP traffic, HTTP traffic etc, either from the inside, the DMZ or the outside. This is a lot of work but it greatly reduces the surface area for an attack. MiguelMiguel Fra / Falcon ITS Computer & Network Support, Miami, FL Visit our Knowledgebase Sharepoint Site