I
Ice Czar
Guest
Start > Run > (type) secpol.msc > Local Security Settings MCC Modual
We are assuming that in this case the computer is not part of a Domian
If your local computer is joined to a domain, you are subject to obtaining security policy
from the domain's policy or from the policy of any organizational unit that you are a member of.
Local Security Policy Overview
Security policy ia a combination of security settings that affect the security on a computer.
You can use Local Security Policy to edit account policies and local policies on your local computer
With Local Security Policy, you can control:
Who accesses your computer.
What resources users are authorized to use on your computer.
Whether or not a user or group's actions are recorded in the event log.
Account Policies
Password Policy
Enforce password History (DClick)........................0 passwords remembered
Maximum password age......................................0 days
password doesnt expire, but set a really complex password and store it someplace safe
Minimum password age.......................................0 days
see above
Minimum password length...................................14 characters
the highest it can be set, my password is longer than 20 alphanumeric and symbol characters both upper and lower case
Password must meet complexity requirements......Enabled
Store Password using reversible encryption...........Disabled
Account Lockout Policy
Account lockout duration...................................0
Account is locked out until administrator unlocks it
Account lockout threshold.................................3 invalid logon attempts
three strikes and the are out till you let them back in
Reset account lockout counter after...................1440 minutes
one day
Local Policies
Audit Policy
The Security log is part of Event Viewer
Audit account logon events.................Success, Failure
Audit account managem.....................Success, Failure
Audit directory service acc..................Success, Failure
Audit logon events..............................Success, Failure
Audit object access............................Success, Failure
Audit policy change............................Success, Failure
Audit privelege use.............................Success, Failure
Audit process use..............................Success, Failure
Audit system events...........................Success, Failure
User Rights Assignment
Security Options
Additional Restrictions for anonymous connections.........No access without explicit anonymous permissions
Allow server operators to schedual tasks (domain controllers only)...........
Allowed system to be shutdown without having to log on..........................Disabled
Allowed to eject removable NTFS media.................................................Administrators
Amount of idle time required before disconnecting session.......................
Audit the access of global system objects..............................................
Audit use of Backup and Restore privilege...............................................
Automatically log off users when time expires (local)................................
Clear virtual memory pagefile when system shuts down.............................Enable
Digitally sign client communication (always).......................................................
Digitally sign client communication (when possible)............................................
Digitally sign server communication (always)......................................................
Digitally sign server communication (when possible)...........................................
Digitally sign client communication...................................................................
Public Key Policy
I have all these seyt to the default values
IP Security Policy on local Machine
Start > Run > (type) gpedit > Group Policy Editor
Local Group Policy
Each computer running Windows 2000 has exactly one local Group Policy object. Using these objects, Group Policy settings can be stored on individual computers whether or not they are part of an Active Directory environment or a networked environment.
Because its settings can be overwritten by Group Policy objects associated with sites, domains, and organizational units, the local Group Policy object is the least influential one in an Active Directory environment. In a non-networked environment (or in a networked environment lacking a Windows 2000 domain controller), the local Group Policy object's settings are more important because they are not overwritten by other Group Policy objects.
.
We are assuming that in this case the computer is not part of a Domian
If your local computer is joined to a domain, you are subject to obtaining security policy
from the domain's policy or from the policy of any organizational unit that you are a member of.
Local Security Policy Overview
Security policy ia a combination of security settings that affect the security on a computer.
You can use Local Security Policy to edit account policies and local policies on your local computer
With Local Security Policy, you can control:
Who accesses your computer.
What resources users are authorized to use on your computer.
Whether or not a user or group's actions are recorded in the event log.
Account Policies
Password Policy
Enforce password History (DClick)........................0 passwords remembered
Maximum password age......................................0 days
password doesnt expire, but set a really complex password and store it someplace safe
Minimum password age.......................................0 days
see above
Minimum password length...................................14 characters
the highest it can be set, my password is longer than 20 alphanumeric and symbol characters both upper and lower case
Password must meet complexity requirements......Enabled
Store Password using reversible encryption...........Disabled
Account Lockout Policy
Account lockout duration...................................0
Account is locked out until administrator unlocks it
Account lockout threshold.................................3 invalid logon attempts
three strikes and the are out till you let them back in
Reset account lockout counter after...................1440 minutes
one day
Local Policies
Audit Policy
The Security log is part of Event Viewer
Audit account logon events.................Success, Failure
Audit account managem.....................Success, Failure
Audit directory service acc..................Success, Failure
Audit logon events..............................Success, Failure
Audit object access............................Success, Failure
Audit policy change............................Success, Failure
Audit privelege use.............................Success, Failure
Audit process use..............................Success, Failure
Audit system events...........................Success, Failure
User Rights Assignment
Security Options
Additional Restrictions for anonymous connections.........No access without explicit anonymous permissions
Allow server operators to schedual tasks (domain controllers only)...........
Allowed system to be shutdown without having to log on..........................Disabled
Allowed to eject removable NTFS media.................................................Administrators
Amount of idle time required before disconnecting session.......................
Audit the access of global system objects..............................................
Audit use of Backup and Restore privilege...............................................
Automatically log off users when time expires (local)................................
Clear virtual memory pagefile when system shuts down.............................Enable
Digitally sign client communication (always).......................................................
Digitally sign client communication (when possible)............................................
Digitally sign server communication (always)......................................................
Digitally sign server communication (when possible)...........................................
Digitally sign client communication...................................................................
Public Key Policy
I have all these seyt to the default values
IP Security Policy on local Machine
Start > Run > (type) gpedit > Group Policy Editor
Local Group Policy
Each computer running Windows 2000 has exactly one local Group Policy object. Using these objects, Group Policy settings can be stored on individual computers whether or not they are part of an Active Directory environment or a networked environment.
Because its settings can be overwritten by Group Policy objects associated with sites, domains, and organizational units, the local Group Policy object is the least influential one in an Active Directory environment. In a non-networked environment (or in a networked environment lacking a Windows 2000 domain controller), the local Group Policy object's settings are more important because they are not overwritten by other Group Policy objects.
.