《SecuringMicrosoftWindowsNTforSecureEnvironme……幻灯片》由会员分享,可在线阅读,更多相关《SecuringMicrosoftWindowsNTforSecureEnvironme……幻灯片(104页珍藏版)》请在金锄头文库上搜索。
1、Securing Microsoft Windows NT for Secure Environments,GGS 31-May-19,2,Who Am I?,Christopher Cantrell Total Network Security Systems Engineer Email Address: chris_ Professional Experience includes Regions Financial Corporation MindSpring Enterprises Virtual Resources United States Government Contract
2、or Network Associates 10 Plus Years Industry Experience with Microsoft and Network Security,GGS 31-May-19,3,Overview,Purpose High Level Outline Understanding the Enemy Security Policies Installing Windows NT Windows NT File Systems Windows NT Registry Windows NT Accounts Windows NT Networking Miscel
3、laneous,GGS 31-May-19,4,Understanding the Enemy,Who are todays hackers?,Students Teachers Professors Employees Professionals Almost anyone No Single Profile,GGS 31-May-19,5,Facts or Fiction?,Todays hackers are not just kids. Hacking today is organized and fueled by the Internet. Hacking is increasin
4、g dramatically. Security efforts cannot just focus on external hackers or threats. Security must be a priority within an organization.,GGS 31-May-19,6,Categorizing Hackers,Hackers can be described and categorized in three areas. Amateurs Skilled Elite,GGS 31-May-19,7,Amateur Hackers,Amateur hackers
5、are not experts by most measurements. They use many of the freely available tools found on the Internet. Do things such as: Perform Denial of Service attacks (DoS) Port Scans against public servers Mail Spoofing Spreading viruses,GGS 31-May-19,8,Continued,Almost everyone at some time has tried some
6、form of hacking.,Have you ever . Installed or used a pirated copy of software? Illegally registered a product? Tried guessing a password to a file or system? Ran a scanning tool like CyberCop Scanner? If you said “YES” to any of the above, you have participated in a form of hacking.,GGS 31-May-19,9,
7、Skilled Hackers,Skilled Hackers are those individuals who contain a strong knowledge of systems. Use their skills for both pleasure and reward. Cause more damage and are harder to catch. Do things such as:,Write Viruses Spoof Email Modify WEB Sites and their content Change or delete data,GGS 31-May-
8、19,10,Advanced / Elite Hackers,Highly skilled and trained in their area of expertise. Very small in numbers. Less than 2000 Word Wide. Do not communicate with others outside their “inner circle”. Driven by money, greed, challenge, and excitement. Are the hardest to catch. Do things such as:,Set up b
9、ack doors for future hacking Hack with the intent to destroy or cause damage Work with organized crime Sell information Write programs,GGS 31-May-19,11,Hacking Events,Todays hackers hold organized events to share experiences and ideas. Some of the events include: DEFCON - Las Vegas Beyond - New York
10、 HoHo Con - New York,GGS 31-May-19,12,Hacking Sites,The best way to stay current is to keep current with the hacking community via the WEB. ,GGS 31-May-19,13,Common Security Holes,Hackers look for obvious security holes or mis-configurations. These include: Default username and passwords Older v
11、ersions of software or operating systems,GGS 31-May-19,14,How do they find the holes?,Hackers use many methods to find security holes. These include Social Engineering Applications and Tools Traceroute Ping DNS Hacking Applications,GGS 31-May-19,15,1.0 General Security Guidelines,After this section,
12、 you should have a solid understanding of what basic security guidelines should be followed when securing any system. This includes: Service Packs & hotfixes Domain Trusts User Accounts and Groups Services and Applications Physical Security Security Policies,GGS 31-May-19,16,1.1 Service Packs,Micros
13、oft releases security fixes and updates to Windows NT with Service Packs and hotfixes. Staying current with Service Packs and hotfixes, the system is less vulnerable to security threats. Service Pack 5 - Current SP Always test Service Packs and hotfixes on non-production systems before deploying on
14、production systems. Alternative Download Site to Microsoft http:/www-nt.stanford.edu/Files/Hotfixes.html,GGS 31-May-19,17,1.2 Domain Trusts,Trusts are probably one of the easiest methods to utilize to bypass security. Trusts by nature add complexity to any NT environment. If trusts are used, establi
15、sh a procedure to monitor and audit them on a regular basis.,GGS 31-May-19,18,1.3 User Accounts and Groups,Use the “Least Privilege” methodology. Only allow users access to what they require for their job. Maintain two accounts for System Administrators One for their Administrative duties. One for n
16、ormal, daily activities. Develop and maintain easy to understand “Groups”. Review all Group Memberships on a regular basis.,GGS 31-May-19,19,1.3 Continued ,Do not assign or use the default Administrator Account Assign unique usernames for each system administrator. Monitor access to the default Administrator account.,GGS 31-May-19,20,1.5 Physical Security,Physical security is one of
