Clear paging file at shutdown
Clear the paging file at shutdown, as there is no need to have an old memory dump on disk when the
system is rebooted.
Under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory
Management
Modify
Value Name: ClearPageFileAtShutdown
Value Type: REG_DWORD
Value: 1
Disable Autorun from CD
If a hacker has physical access to the server, and auto run is enabled, the hacker could leave a CD in
the CD-ROM drive. The next time an administrator logs in to the server the CD could launch programs
that access any resources on the server. To prevent this, edit the following registry key:
Under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom
Modify
Value Name: Autorun
Value Type: REG_DWORD
Value: 0
Protection against denial of service attacks
In order to harden the TCP/IP stack, go into the following hive.
Under HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\ create
the values shown in Table 9.
Table 9 Hardening the TCP/IP stack
Registry entry
EnableICMPRedirect
SynAttackProtect
EnableDeadGWDetect
KeepAliveTime
DisableIPSourceRouting
TcpMaxConnectResponseRetransmissions
TcpMaxDataRetransmissions
PerformRouterDiscovery
Check status of logon screen shutdown button
Make sure that the server cannot be shutdown from the login screen. Verify that this key is set to the
correct value. By default this functionality is disabled.
Under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\Current Version\Winlogon
Modify
Value Name: ShutdownWithoutLogon
Value Type: REG_DWORD
Value: 0
Cisco TMS Secure Server Configuration Guide 13.0
Securing Windows Server 2003 tasks
Format
Value
DWORD
0
DWORD
1
DWORD
0
DWORD
300,000
DWORD
2
DWORD
2
DWORD
3
DWORD
0
Page 29 of 34