Hello guys I'm setting up NT SERVER 4.0 in my house as my server for my other PCs. I have a cable modem and plan to use wingate to proxy the other PCs through NT. Now I am using my best PC as the proxy the NT SERVER is a new PC from ground up. Is there any advise you guys can give me to make my transition easier. I am very experienced with WIN 95/98 but NT is new to me. Any advise Will be greatly appriciated. Thanks in advance

Dwayn

Make it a stand alone server. I had some experiences with server 4 a while back and a guy from TWEAK-IT gave me some pointers, so here is what he said:

"Here are a few things you can do to lock down your NT Server box:
A. Detecting unwanted attacks:
1. Audit failed logins (this can be enabled by going to User Mgr for Domains and under Policies, choose Audit and click the failed box by Login/Logoff and File & Object access.
2. Use Perfmon to alert you when logon failures exceed some reasonable value.
B. Deterring Attacks:
1. Don't use obvious passwords( I know you know this)
2. Don't enable the Guest account.(by default, NT Server disables the
guest account, just verify)
3. Rename the built-in Administrator account and change the password to an alph-numeric value. Keep this unique to this account.
4. Don't let the built-in admin account access servers over the network(internet)
5. Lock out users after a certain number of failed attempts.(this is enabled in user mgr for domains under Policies - Accounts. Also enable a min password length.
6. Occasionly check your logfiles located in %systemroot%\system32\logfiles. This will give you ip addresses of machines accessing your W3 and FTP sites. You also want to check that iisadmin of your W3 and FTP sites have logging enabled. By default this is checked.
7. If you setup any shares on your NT Server do not give Everyone full control or write permissions. Lock down your shares by giving only specific users access. If an outsider has write access to your volumes
they could cripple your server by filling up that volume with nonsense files, crashing your server. You will also want to not give anonymous users write permissions to your FTP site.
Keep in mind, once someone finds out your machine name they can enter your IP address and machine name in their lmhosts file and if you have an open share and the guest account enabled, all they have to do is use net use x: \\machine name\share and have a field day.
Now for some one to do this they have to know a couple of things:

1. A valid user name on your network
2. The password for the account
3. The IP addr of the server on the domain
4. The name of a share on the domain.

As for Firewalling you already have a pretty good package in Proxy 2.0 and will most likely be all you need. You will have to properly configure the Local Address Table to mask your local address away from the public internet. The only worry then is that you have left your Proxy box as your first line of defense, hence leaving it exposed to hackers, the sacrificial lamb sort of speak.. Optimally you would want a seperate box for W3 services behind the router and ahead of the FW, on a seperate domain and on a seperate ethernet segment, but that's in a perfect world. The best design is: Internet-------router--------FW--------router.
To find out more about configuring Proxy and it's security goto http://www.winntmag.com/Magazine/Article.cfm?ArticleID=3848
Also Cabletron will be coming out with a real nice hardware solution in May of this year which provides a total solution. Check out: http://www.cabletron.com/products/items/SSR245/
Other software solutions include, as Bighammer mentioned, Sygate, AtGuard http://www.atguard.com/ , Newlix Omega http://www.newlix.com/ , Signal 9 Solutions http://www.signal9.com/ .
However, Proxy 2.0 should provide you with most of the protection you need. HTH,

Paul"


PS: I used MS Proxy 2.0 back then, now I use SYGATE 2.

Hope this helps.

BBA


[This message has been edited by BBA (edited 06-01-99).]

Why not try Linux? It's fast...and free.