Windows Server Hardeing

Hi all,


I was wondering why do we need to harden Windows server 2003 by
applying rules like:
1.Remove any unneeded Services
2.Close unneeded ports
3.Rename Administrator account
4.Prevent users from installing printer drivers
5.Restrict CD-ROM and floppy access to locally logged-on user only


.... and many many more

why are we doing so ?????
and what is the main problem with the default installations.

i tried searching the net but all what i found is that what to do, but
not why do we do each step and what is the effect of not applying it.

thanks for ur help and time

Re: Windows Server Hardeing

Eng
See my reply to your identical posting to
microsoft.public.security
I did not see anything specific about IIS in your post,
but branching out from
www.microsoft.com/technet/security
you can find most all hardening and securing guides
by particular product.
Roger
wrote in message
news:1150706031.104338.135990@y41g2000cwy.googlegroups.com.. .
> Hi all,
>
>
> I was wondering why do we need to harden Windows server 2003 by
> applying rules like:
> 1.Remove any unneeded Services
> 2.Close unneeded ports
> 3.Rename Administrator account
> 4.Prevent users from installing printer drivers
> 5.Restrict CD-ROM and floppy access to locally logged-on user only
>
>
> ... and many many more
>
> why are we doing so ?????
> and what is the main problem with the default installations.
>
> i tried searching the net but all what i found is that what to do, but
> not why do we do each step and what is the effect of not applying it.
>
> thanks for ur help and time
>