Remember that security - is not a purely technical solution, but rather a combination of technical measures and processes that are uniquely associated with specific situations. Create an account for each user
The fact remains: many qualified professionals to ensure safety, do not keep track of all actions performed on the system. Create user accounts for all running processes in the organization.
Prohibit or prevent what is not allowed to explicitly
There is no way to attack a system in which there is no running services, with very, very rare exception. Thus, if we deny access to services or completely ban their work, the attack will fail.
For authorized services, of course, there is some relief (for example, such applications services, such as Web-server IIS). If you do not want to allow access to services, make sure you protect the best way (for example, in Chapter 10, "Hacking the server IIS", you can read about techniques for working IIS).
Due to the uniqueness of individual applications, they must be secure, using good old development methods and best practices implementation.
Always set the password, make it difficult and often change
Password - this is the misfortune of the world security. They are the main form of identification for almost every program, including Windows Server 2003. Simple, unstable to cracking passwords are a major cause of penetration in the network are running Windows Server 2003. Always set the password (never leave it blank!), Make it a choice as complicated as possible. If possible, use multiple authentication methods (for example, in Windows Server 2003, simply can be used for this purpose smart cards).
Stay tuned for the used software
None of the software developers do not know what randomness could pro ¬ radiate. When found another bug in the software from Microsoft, the pursuit of fame and popularity of the program leads to an attack within 48 hours (exploit - a program that detected the error is used to break into the system). This means that you have about two days to install the patch from Microsoft before someone knocks on the door. These issues are described in detail in this book, as the price for an irregular update of the system can become full and absolute discredit of the remote system.
For all types of access provides a necessary minimum privileges
This principle of our customers understand immediately, but its abandonment leads to the most successful hackers in other people's networks. To protect critical resources from user access with insufficient privileges after authentication, the authorization.
It is bad when it is possible to hack a password unreliable. But even worse, if the account is a humble user, access to which we have just received, gives access to corporate financial information. Yes, it will have to work hard to describe all the resources of a particular information environment and assign each of them needed Prima access, but if you do not, then the level of protection for the entire system will be determined by the level of protection of the weak link of authentication, the same user with weak passwords .
Limit the amount of trust
No system is not isolated, including Windows Server 2003. One of the most effective attacks on the network running Windows is to use a small computer in a domain that uses an easy to crack the administrator password. Then, using the methods described in Chapter 8, "Extending the scope of influence," we bake from this computer, the mandates of valid domain user, which makes it possible to obtain information about the infrastructure of the entire domain, and possibly a domain with which a trust relationship. Remember that each establishes a trust relationship, whether it be the "official" domain trust Windows Server 2003 or simply a password that is stored in the batch file on a remote computer, expanding the perimeter of the necessary protection and increases the degree of risk.
The conclusion of this rule: reuse of passwords should be strictly prohibited. You can lose count trying to remember how many times, made their way into one of Windows and cracking passwords for multiple accounts, we found that the same password provide access to almost all other systems on the network (switches, phone systems, servers, databases, UNIX, gateway S "NA, for anything).
Keep an extreme suspicion of all external interfaces
The total number of potential flaws in the network can seem overwhelming, but they must learn to focus on vulnerable areas of greatest risk. Most often, the greatest risk are systems that interact with the public networks, such Wcb-ssrvery etc. Therefore, for such "external" systems need to set more stringent standards for identification than for internal systems. Remember that the publicly switched telephone network - the same external interface interaction.
Multilevel security
The total security system should not depend on only one security mechanism. If a hacker can penetrate the outer perimeter of the protected area, an attack must be stopped at the next line of defense. Of this method is determined by the principle of exclusion - if one of the programs or services would be compromised, the hacker's task to expand their privileges and compromise the other data should not be easier.
Worthless Attack
If you compromise security, integrity or availability of the system should go in the off state (in other words, should failure occur).
Simplicity - the pledge of protection
Since simplicity reduces the likelihood of errors, then secure a simple system is much easier than to do the same with respect to a complex system. From this we can conclude the following: computers need to perform specialized functions (the principle of modularity). This eliminates potential conflicts come unnecessary redundancy, which can lead to vulnerabilities in security. The system administrator must defend this principle isolated computers, despite the cost of installing and maintaining multiple systems. One classic example is our long-standing debate about whether to install the IIS server and SQL Server on one machine (we leave resolution of this issue to the discretion of readers).
Identify the real level of acceptable risk
Do not allow too much discretion to interfere with doing business (vice versa). Many of the recommendations contained in this book is quite limited freedom of action. However, they are only recommendations. We are fully aware of the TC technical and personal challenges that face certain security professionals wishing to implement these recommendations.
The technology does not protect you from social attacks
This book is mostly devoted to technical attacks - hacking with a program and for which you need a computer, and for implementation - technical expertise. But in some of the most dangerous attacks that we have seen, the technique is not used. In the so-called social engineering is used deception to get people not authorized access to information. This book can help protect you on the level of bits and bytes, but does not protect against social attacks, in which the technical side of the issue is irrelevant. Learn the general principles of social engineering on their own and explain the need for security policies in their organizations.
Examine your system and programs are better enemy
This book is written in such a way as to give a complete picture of security in Windows Server 2003. However, it does not provide a simple list of options that will make your system bulletproof. We hope that by the end of the book you will gain a deep pony ¬ attention security architecture of Windows Server 2003, will learn its weaknesses and the best methods of eliminating the shortcomings, as well as hope that this knowledge will be relevant and always prepare you for any eventuality on the part of developers follow versions of Windows, and from the intruders.
|