Clear Paging File At Shutdown; Disable Autorun From Cd; Protection Against Denial Of Service Attacks; Check Status Of Logon Screen Shutdown Button - Cisco TELEPRESENCE MANAGEMENT SUITE SECURE SERVER - CONFIGURATION GUIDE 13.0 Configuration Manual

Clear paging file at shutdown

Clear the paging file at shutdown, as there is no need to have an old memory dump on disk when the
system is rebooted.
Under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory
Management
Modify
Value Name: ClearPageFileAtShutdown
Value Type: REG_DWORD
Value: 1

Disable Autorun from CD

If a hacker has physical access to the server, and auto run is enabled, the hacker could leave a CD in
the CD-ROM drive. The next time an administrator logs in to the server the CD could launch programs
that access any resources on the server. To prevent this, edit the following registry key:
Under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom
Modify
Value Name: Autorun
Value Type: REG_DWORD
Value: 0

Protection against denial of service attacks

In order to harden the TCP/IP stack, go into the following hive.
Under HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\ create
the values shown in Table 9.

Table 9 Hardening the TCP/IP stack

Registry entry
EnableICMPRedirect
SynAttackProtect
EnableDeadGWDetect
KeepAliveTime
DisableIPSourceRouting
TcpMaxConnectResponseRetransmissions
TcpMaxDataRetransmissions
PerformRouterDiscovery

Check status of logon screen shutdown button

Make sure that the server cannot be shutdown from the login screen. Verify that this key is set to the
correct value. By default this functionality is disabled.
Under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\Current Version\Winlogon
Modify
Value Name: ShutdownWithoutLogon
Value Type: REG_DWORD
Value: 0
Cisco TMS Secure Server Configuration Guide 13.0
Securing Windows Server 2003 tasks
Format Value
DWORD 0
DWORD 1
DWORD 0
DWORD 300,000
DWORD 2
DWORD 2
DWORD 3
DWORD 0
Page 29 of 34