Operating System Hardening
Vulnerabilities • Unique vulnerabilities for: – Different operating systems – Different vendors – Client and server systems • Vendors try to correct • Attackers try to exploit • Security professionals must keep update
Typical Vulnerabilities • Default install • Auto login, FTP server, • Service exploits • Auto Play (C/DVD, USB) • Default protocols • FTP, HTTP, RDP, • Known accounts and passwords • Administrator, Root, admin : admin • Built-in applications • Remote administration • File access methods • FAT32, Everyone, 777 • Physical access • Anything could happen • Buffer overflows • Injection, Adware, Worm
Windows Hardening Security Assesment GUI Tools • Microsoft Config (msconfig) • Identify Asset • Services • Risk Assessment • Registry • Vulnerability & Threats • Security Policy (secpol.msc) • Security Hardening • User Rights • Audit • Group Policy (gpedit.msc) • Windows Settings • Windows Behaviour • Computer Management (compmgmt.msc) • Event Viewer
Windows Hardening • Windows Update • Update Type – Important update – Patch • Security update • Bug Fix • Driver / Bug – Hot Fix – Optional update • Fix Security Flaw • Enhancement – Roll up • Non-Essentials • Cumulative patches & hotfixes – Service pack • Added feature
Windows Hardening • Configuration Management • Security Baseline – A template of configuration that applies to a group of system • Antivirus (adware, malware, worm, virus) • Event Viewer (Windows Log) • Auditing (Action purpose)
Group Policy • Applying security baseline
Group Policy • Apply template to a system Predefined settings Templates based on role
Windows Hardening • File / Print server hardening (Tutorial) • Directory service hardening (Tutorial)
Virtualization Technology • Honey Pot • Testing • Patch Management
Directory Service • OpenLDAP LDAP client • Microsoft Active Directory • Novell eDirectory Directory query LDAP server LDAP client Stores directory data Directory query
Recommend
More recommend
