Webserver and default admin shares

[MoFunk]

If I have a webserver up (nothing big just more to play with) should I disable all those default hidden admin shares? If I do can I still remote administor that box? Right now I use remote desktop from an XP machine into a 2000 server.

Thanks.

 

[SoulAssassin]

Is is behind a firewall? If so, I wouldn't sweat it. If not, you're better off putting it behind a firewall than you are disabling the admin shares. Obviously make sure your local admin group is restricted to the right people no matter what the situation.

 

[MoFunk]

Thank you. It is behind a smoothwall firewall. Just want to be as secure as possible!

 

[RaySun2Be]

Originally posted by: MoFunk
Thank you. It is behind a smoothwall firewall. Just want to be as secure as possible!

turn it off, unplug it, and lock it in a very secure place with a hardened lock and through away the key/destroy the combination. That's pretty close to "as secure as possible".

Not very practical though.

Other things to do, is rename the administrator id, use strong passwords, do NOT use an administrator level id to surf the net, instead create a "user" userid to surf with. Run antivirus, check for updates every day if possible. The firewall is good.

There are many more things you can do to "harden" your network and PC against attacks.

It's also good that you monitor logs.