1 / 26

Hardening Internal Systems and Services

Hardening Internal Systems and Services. Harden Operating Systems Harden Directory Services Harden DHCP Servers Harden File and Print Servers. System Vulnerabilities. Unique vulnerabilities for: Different operating systems Different vendors Client and server systems

zohar
Download Presentation

Hardening Internal Systems and Services

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Hardening Internal Systems and Services • Harden Operating Systems • Harden Directory Services • Harden DHCP Servers • Harden File and Print Servers

  2. System Vulnerabilities • Unique vulnerabilities for: • Different operating systems • Different vendors • Client and server systems • Vendors try to correct; attackers try to exploit • Security professionals must stay current

  3. System Vulnerability Categories • Buffer overflows • Service exploits • Default protocols • Known accounts and passwords • Built-in applications • Physical access • Remote administration • File access methods

  4. Hardening

  5. A Security Baseline

  6. System Updates • Patches • Supplemental code • Hotfixes • Patches to address specific flaws • Rollups • Cumulative group of patches & hotfixes • Service Packs • Comprehensive updates with new features

  7. Windows Security Policies Policies set centrally Configuration settings Security Settings node in policy object

  8. Windows Auditing • Configure audit policy • Set auditing on objects • Monitor security log 1 2 3

  9. Services, NLMs, and Daemons Service NLM Daemon

  10. Service, NLM, and Daemon Vulnerabilities • Points of entry for attackers • Target of exploits • Disable unneeded processes • Test before deploying

  11. Security Templates Apply template to a system Predefined settings Templates based on role

  12. Hardening Operating Systems • Balance protection with user access needs • Follow hardening guidelines • Requirements will vary

  13. A Directory Service Authentication Centralized administration

  14. Novell eDirectory

  15. Microsoft Active Directory Domain controller Active Directory Domain member

  16. LDAP LDAP client Directory query LDAP server LDAP client Stores directory data Directory query

  17. Directory Service Vulnerabilities • Active Directory vulnerabilities • Compatibility access • Default permissions • Null sessions • NTLM protocol • eDirectory and NDS vulnerabilities • Read access to tree • CGI security • NDS for NT

  18. Hardening Directory Services • Balance database security with accessibility • Follow hardening guidelines • Requirements will vary

  19. DHCP 192.168.100.151 192.168.100.150 192.168.100.152

  20. DHCP Vulnerabilities • Spoofing • Buffer overflows • Scope modification • Rogue servers • Remote clients

  21. DHCP Hardening • Prevent unauthorized access while providing services • Follow hardening guidelines • Requirements will vary

  22. File and Print Server Vulnerabilities • Administrative shares • Insecure file systems • Lack of redundancy • Man-in-the-middle • Default file security • Physical disk security • Physical printer security

  23. The SMB Process 1 SMB Connection request 2 SMB Data request or print commands 3 SMB Data Print results

  24. SMB Signing Session fails if signing not supported Client signs packets if signing supported

  25. Hardening File and Print Servers • Prevent unauthorized access and protect data; keep services available • Follow hardening guidelines • Requirements will vary

  26. Reflective Questions 1. Does your organization stay current with all the latest operating system patches? Why or why not? 2. Which operating system do you think is most secure: Windows Server 2003, NetWare, or Sun Solaris? Why?

More Related