Delete the following registry primary key:
.1
.1
.1
regsvr32/u Enter, regsvr32/u Enter
Windows 2003 Hard Drive Security Settings
c:\
administrators all
system All
iis_wpg Only this folder
List folders/read data
Read properties
Read Extended Properties
Read permissions
c:\inetpub\mailroot
administrators all
system All
service all
c:\inetpub\ftproot
Everyone read-only and run
c:\windows
administrators all
Creator owner
Not inherited
Only subfolders and files
completely
Power Users
Modify, read and run, list folder directories, read, write
system All
IIS_WPG read and run, list folder directories, read
Users read and run (this permission can be cancelled after the final adjustment is completed)
C:\WINDOWS\
administrators all
Creator owner
Not inherited
Only subfolders and files
completely
Power Users
Modify, read and run, list folder directories, read, write
system All
Users read and run, list folder directories, read
'
C:\WINDOWS\
administrators all
Creator owner
Not inherited
Only subfolders and files
completely
Power Users
Modify, read and run, list folder directories, read, write
system All
Users read and run, list folder directories, read
C:\WINDOWS\\temporary Files
administrators all
Creator owner
Not inherited
Only subfolders and files
completely
Power Users
Modify, read and run, list folder directories, read, write
system All
Users All
c:\Program Files
Everyone This folder is the only one
Not inherited
List folders/read data
administrators all
iis_wpg Only this folder
List files/read data
Read properties
Read Extended Properties
Read permissions
c:\windows\temp
Administrator All permissions
All System permissions
users All permissions
c:\Program Files\Common Files
administrators all
Creator owner
Not inherited
Only subfolders and files
completely
Power Users
Modify, read and run, list folder directories, read, write
system All
TERMINAL SERVER Users (if there is this user)
Modify, read and run, list folder directories, read, write
Users read and run, list folder directories, read
c:\Program Files\Dimac (if there is this directory)
Everyone reads and runs, lists folder directories, and reads
administrators all
c:\Program Files\ComPlus Applications (if any)
administrators all
c:\Program Files\GflSDK (if any)
administrators all
Creator owner
Not inherited
Only subfolders and files
completely
Power Users
Modify, read and run, list folder directories, read, write
system All
TERMINAL SERVER Users
Modify, read and run, list folder directories, read, write
Users read and run, list folder directories, read
Everyone reads and runs, lists folder directories, and reads
c:\Program Files\InstallShield Installation Information (If there is)
c:\Program Files\Internet Explorer (if any)
c:\Program Files\NetMeeting (if any)
administrators all
c:\Program Files\WindowsUpdate
Creator owner
Not inherited
Only subfolders and files
completely
administrators all
Power Users
Modify, read and run, list folder directories, read, write
system All
c:\Program Files\Microsoft SQL (if SQL is installed in this directory)
administrators all
Service All
system All
d:\ (If the user's website content is placed in this partition)
administrators All permissions
d:\FreeHost (If this directory is used to place user website content)
administrators All permissions
SERVICE Read and Run
From a security perspective, we recommend that WebEasyMail (WinWebMail) be installed in a separate disk, such as E:
E:\(If weweasystemmail is installed in this disk)
administrators All permissions
system all permissions
IUSR_*, the default Internet guest account (or dedicated running user)
Read and run
E:\WebEasyMail (if weweasystemmail is installed in this directory)
administrators all
system all permissions
SERVICE All
IUSR_*, the default Internet guest account (or dedicated running user)
All permissions
C:\php\uploadtemp
C:\php\sessiondata
everyone
all
C:\php\
administrators all
system all permissions
SERVICE All
Users read-only and run
c:\windows\
administrators all
system all permissions
SERVICE All
Users read-only and run
Prevent marine *s from listing users and processes on WIN servers
Disabling the penultimate workstation service among the services can prevent users and services from being listed.
.1
.1
.1
regsvr32/u Enter, regsvr32/u Enter
Windows 2003 Hard Drive Security Settings
c:\
administrators all
system All
iis_wpg Only this folder
List folders/read data
Read properties
Read Extended Properties
Read permissions
c:\inetpub\mailroot
administrators all
system All
service all
c:\inetpub\ftproot
Everyone read-only and run
c:\windows
administrators all
Creator owner
Not inherited
Only subfolders and files
completely
Power Users
Modify, read and run, list folder directories, read, write
system All
IIS_WPG read and run, list folder directories, read
Users read and run (this permission can be cancelled after the final adjustment is completed)
C:\WINDOWS\
administrators all
Creator owner
Not inherited
Only subfolders and files
completely
Power Users
Modify, read and run, list folder directories, read, write
system All
Users read and run, list folder directories, read
'
C:\WINDOWS\
administrators all
Creator owner
Not inherited
Only subfolders and files
completely
Power Users
Modify, read and run, list folder directories, read, write
system All
Users read and run, list folder directories, read
C:\WINDOWS\\temporary Files
administrators all
Creator owner
Not inherited
Only subfolders and files
completely
Power Users
Modify, read and run, list folder directories, read, write
system All
Users All
c:\Program Files
Everyone This folder is the only one
Not inherited
List folders/read data
administrators all
iis_wpg Only this folder
List files/read data
Read properties
Read Extended Properties
Read permissions
c:\windows\temp
Administrator All permissions
All System permissions
users All permissions
c:\Program Files\Common Files
administrators all
Creator owner
Not inherited
Only subfolders and files
completely
Power Users
Modify, read and run, list folder directories, read, write
system All
TERMINAL SERVER Users (if there is this user)
Modify, read and run, list folder directories, read, write
Users read and run, list folder directories, read
c:\Program Files\Dimac (if there is this directory)
Everyone reads and runs, lists folder directories, and reads
administrators all
c:\Program Files\ComPlus Applications (if any)
administrators all
c:\Program Files\GflSDK (if any)
administrators all
Creator owner
Not inherited
Only subfolders and files
completely
Power Users
Modify, read and run, list folder directories, read, write
system All
TERMINAL SERVER Users
Modify, read and run, list folder directories, read, write
Users read and run, list folder directories, read
Everyone reads and runs, lists folder directories, and reads
c:\Program Files\InstallShield Installation Information (If there is)
c:\Program Files\Internet Explorer (if any)
c:\Program Files\NetMeeting (if any)
administrators all
c:\Program Files\WindowsUpdate
Creator owner
Not inherited
Only subfolders and files
completely
administrators all
Power Users
Modify, read and run, list folder directories, read, write
system All
c:\Program Files\Microsoft SQL (if SQL is installed in this directory)
administrators all
Service All
system All
d:\ (If the user's website content is placed in this partition)
administrators All permissions
d:\FreeHost (If this directory is used to place user website content)
administrators All permissions
SERVICE Read and Run
From a security perspective, we recommend that WebEasyMail (WinWebMail) be installed in a separate disk, such as E:
E:\(If weweasystemmail is installed in this disk)
administrators All permissions
system all permissions
IUSR_*, the default Internet guest account (or dedicated running user)
Read and run
E:\WebEasyMail (if weweasystemmail is installed in this directory)
administrators all
system all permissions
SERVICE All
IUSR_*, the default Internet guest account (or dedicated running user)
All permissions
C:\php\uploadtemp
C:\php\sessiondata
everyone
all
C:\php\
administrators all
system all permissions
SERVICE All
Users read-only and run
c:\windows\
administrators all
system all permissions
SERVICE All
Users read-only and run
Prevent marine *s from listing users and processes on WIN servers
Disabling the penultimate workstation service among the services can prevent users and services from being listed.