I’m working through Stefan Norberg’s “Securing Windows NT/2000 Servers for the Internet”, trying to create a ‘hardened’ bastion server. A lot of the recommendations involve using the DACL to restrict any program and key file access to ONLY administrators. This is probably a howler newbie question, but I can’t find the answer anywhere. The Security settings tab in the properties boxes allows denying all access to “System” (the local system). My gut tells me that will kill the system, but a literal reading of the book says to nuke all access besides adminstrators.
Any guidance much appreciated.
TIA, Mark
|
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
-
Disabling ‘System’ on DACL = Certain Death??
- This topic has 0 replies, 1 voice, and was last updated 23 years ago.
Author
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Recent Topics
-
Windows 11 Insider Preview build 27863 released to Canary
by 8 hours, 51 minutes ago
-
Windows 11 Insider Preview build 26120.4161 (24H2) released to BETA
by 8 hours, 52 minutes ago
-
AI model turns to blackmail when engineers try to take it offline
by 1 hour, 36 minutes ago
-
Migrate off MS365 to Apple Products
by 5 hours, 1 minute ago
-
Login screen icon
by 16 minutes ago
-
AI coming to everything
by 9 hours, 2 minutes ago
-
Mozilla : Pocket shuts down July 8, 2025, Fakespot shuts down on July 1, 2025
by 1 day ago
-
No Screen TurnOff???
by 1 day ago
-
Identify a dynamic range to then be used in another formula
by 1 day, 1 hour ago
-
InfoStealer Malware Data Breach Exposed 184 Million Logins and Passwords
by 1 day, 13 hours ago
-
How well does your browser block trackers?
by 23 hours, 20 minutes ago
-
You can’t handle me
by 10 hours, 53 minutes ago
-
Chrome Can Now Change Your Weak Passwords for You
by 15 hours, 57 minutes ago
-
Microsoft: Over 394,000 Windows PCs infected by Lumma malware, affects Chrome..
by 2 days ago
-
Signal vs Microsoft’s Recall ; By Default, Signal Doesn’t Recall
by 1 day, 3 hours ago
-
Internet Archive : This is where all of The Internet is stored
by 2 days ago
-
iPhone 7 Plus and the iPhone 8 on Vantage list
by 2 days ago
-
Lumma malware takedown
by 1 day, 13 hours ago
-
“kill switches” found in Chinese made power inverters
by 2 days, 9 hours ago
-
Windows 11 – InControl vs pausing Windows updates
by 2 days, 9 hours ago
-
Meet Gemini in Chrome
by 2 days, 13 hours ago
-
DuckDuckGo’s Duck.ai added GPT-4o mini
by 2 days, 13 hours ago
-
Trump signs Take It Down Act
by 2 days, 21 hours ago
-
Do you have a maintenance window?
by 1 day, 2 hours ago
-
Freshly discovered bug in OpenPGP.js undermines whole point of encrypted comms
by 2 days ago
-
Cox Communications and Charter Communications to merge
by 3 days, 1 hour ago
-
Help with WD usb driver on Windows 11
by 12 hours, 18 minutes ago
-
hibernate activation
by 3 days, 10 hours ago
-
Red Hat Enterprise Linux 10 with AI assistant
by 3 days, 13 hours ago
-
Windows 11 Insider Preview build 26200.5603 released to DEV
by 3 days, 16 hours ago
Remembering Woody
