Você está na página 1de 20

Follow this Steps to assure a Desktop is been Harden as per the Parameters.

Computer Name Disable MMC tool

OS.Version Add PC Asset code and Serial No. in Registry

IP.Address Modems should disabled

DNS IP Address Unofficial Mp3.MPG.avi removed

Admin-Members Only no Users Local Disks NTFS

Rename Local Administrator Boot Drive must be C:

Rename Computer name add to Domain Restriction on anonymous connections

Disable Guest Account Firewall enabled

Change Admin Password Dual Boot removed

Service Pack I.E Version

Disable Sharing of local drives Pointsec Installation

Password Protected Screen Saver Pointsec PME Installation

Disable access to network properties Security Patches

Disable FDD from CMOS LANDesk Agent

Disable CDD from CMOS Std.Wallpapers

Antivirus Updated Std.ScreenSaver

Legal Notice Installed Std Softwares

Disable Remote Control Disable Games


Machine Boot Drive must be C: , if not please format and change the installation to C:
How to Check:

Start - Programs - accessories  System Tools - System Information


Please check proper entry of DNS Server Address
Disable Guest Account
My Computer  Rig Click  Manage - local User and Groups 
Disable Access to Registry
Start-- Run - Gpedit.msc - User Information - Admin Templates- System
Disable access to Microsoft Management Console (MMC)
Start-- Run - Gpedit.msc - User Information - Admin Templates- MMC
Enabled Access to the Computer Management. To disable sharing of Local Drives
Remove Games and Mp3 Applications

Start control Panel- Add Remove Components- Accessories and utilities-Details Uncheck the Games
Disable access to Network Properties

Start-- Run - Gpedit.msc - User Information - Admin Templates- Network


Password Protected Screen Saver

Start-- Run - Gpedit.msc - User Information - Admin Templates- ControlPanel-Display


Partition must be NTFS for All drives.

 For WinXp and Win2000 file System should not be formatted as FAT
Partition.

In the command prompt window, type: convert drive letter: /fs: ntfs

 For example, typing convert D: /fs:ntfs would format drive D: with the ntfs
format.

 You can convert FAT or FAT32 volumes to NTFS with this command.
To Check Dual Boot Parameter

Any of the Machines Dual Boots should not be present; each machine should have Single OS…!!

In Windows XP Professional

My Computer- Properties- Advanced-Start and recovery-Setting-


Edit.

In Windows 2000 Professional

Start- Run- cmd- boot.ini


Service Pack Updating

For all the devices latest service pack should be updated.

For E.g.  For WinXp Service Pack 2 or greater.


For Win2000 Service pack 4.
Legal Notice Caption:

This caption appears before users logged in at the startup.


If this captions is not available.

AdminGroup Members:

None of the user should be member of Admingroup, if present remove the User from the Group.

Disable Floppy and CD Rom

Go to BIOS Setting and Disable the Access of CD Rom and Floppy Drive.
Firewall Enable

Go to Control Panel Firewall


Disable Remote Control

Go to My Computer  Properties  Remote


Change Admin Password

Go to My computer Manage  Users


Rename Local Administrator

Go to My computer  Manage  User


Change Computer name and add to domain

Go To My Computer  Properties  Computer name  Change


Restriction on anonymous connections

Disable Registry Editing Tool for User