How to secure a server? and I don't mean a restaurant server.

Just when you think you've thought of everything you can possibly secure on a server, a hacker comes along who finds yet another way to hack into one of your servers. If you're unsure of whether you've secured everything on a server, or if you aren't sure of even where to start, check out the new Security Configuration Wizard. SCW is designed to minimize the "attack surface" on servers by disabling all unnecessary services, ports, and other components. NOTE:  The new Security Configuration Wizard isn't installed by default when you install Service Pack 1.  And by paring your servers down to the bare minimum of services and ports necessary to perform their roles on your network, you significantly reduce their exposure to an attack. 

Note: You must have administrator rights on the server you select in order to analyze its security. If you aren't logged on as a user with administrator rights, cancel out of the wizard and start it again using Run As. When prompted, log on as an administrative user.

To tighten the security of the server through registry settings:

1. On the Registry Settings page, click Next.

2. On the Require SMB Security Signatures page, by default, the SCW configures your server to require Server Message Block (SMB) signing. If your server has enough hardware resources, we recommend that you leave these check boxes selected. If it doesn't, clear the check boxes. Click Next.

3. On the Require LDAP Signing page, you can configure the server to require digital signatures on LDAP traffic. Before you do, make sure that all computers on your network are running Windows 2000 with Service Pack 3 or later. Make the appropriate selection for your network and click Next.

4. On the Outbound Authentication Methods page, select the check boxes for the methods by which the server attempts to authenticate when connecting to remote computers. By default, only the Domain Accounts check