Presentation is loading. Please wait.

Presentation is loading. Please wait.

Overview: Identify the Internet protocols and standards Identify common vulnerabilities and countermeasures Identify specific IIS/WWW/FTP concerns Identify.

Published byJessica Parker Modified over 8 years ago

Similar presentations

Presentation on theme: "Overview: Identify the Internet protocols and standards Identify common vulnerabilities and countermeasures Identify specific IIS/WWW/FTP concerns Identify."— Presentation transcript:

1 Overview: Identify the Internet protocols and standards Identify common vulnerabilities and countermeasures Identify specific IIS/WWW/FTP concerns Identify specific Exchange/SMTP/POP service concerns Identify specific RAS/dial-in/dial-out concerns Module 9

2 TCP/IP Architecture

3 l FTP l Telnet (Add-on) l NFS (Add-on) l SMTP (Exchange, Lotus MTA, NTMail…) l SNMP l Increasingly more TCP/IP services are becoming available in the NT environment l Result: substantial increased in the threat of unauthorized remote access TCP/IP Services

4 l RFC 768 783 791 792 793 826 854 894 919,922 950 959 1009 1034,1035 SUBJECT User Datagram Protocal (UDP) Trivial File Transfer Protocol (TFTP) Internet Protocol (IP) Internet Control Message Protocol (ICMP) Transmission Control Protocol (TCP) Address Resolution Protocol (ARP) Telnet Protocol (TELNET) IP over Ethernet IP Broadcast Datagrams Internet Standard Subnetting Procedure File Transfer Protocol Requirements for Internet Gateways Domain Name Service (DNS) RFCs & Open Standards

5 l Service Echo Chargen FTP Telnet SMTP HTTP nbname nbdatagram nbsession Port 7 19 20,21 23 25 80 137 138 139 TCP/IP Services Deserving Special Focus

6 l Built on TCP/IPv4 suite (Basic Clear Text) l Data storage locations are left on vulnerable drives l Data files that grow are left on system drive l Services that use weak authentication l Services are run on PDC –Reward from compromise is infinitely great –SAM database is used for authentication l Source IP filtering is not used when appropriate Common Application- Vulnerabilities

7 l Use TCP/IPv6 when available (full encryption) l Move data and logs to non- system disk and delete default share l Chose the strongest authentication possible l Run Internet Services on servers with no trust, not DCs l Disable inappropriate services on Servers providing Internet Services. l Use source IP filtering for all, local only, services Common Application- Counter Measures

8 l Internet Information Server (IIS) WWW Server l IIS FTP Server l IIS Gopher Server l Exchange SMTP, POP, LDAP, l Remote Access Server (RAS) PPP & PPTP l Certificate Server Applications for Internet Services

9 l IIS V2, V3, V4 l Provides Internet Service Daemons; www, ftp, gopher –V4 does not provide gopher l Can be managed from a central location –V2 & V3 Use Internet Service Manager –V4 Uses Microsoft Management Console(MMC) as snap-in l Uses NT Security Model l WWW Security features include: –NT Challenge Authentication –SSL (https://) Internet Information Server (IIS)

10 l Provides for Strong Authentication l Provides for HTTPS (Secure) Pages l Allows IP source filtering IIS

11 With Property Sheets You Can Establish Logon Requirements Configure Access Permissions Specify Home Directories Create Multiple Virtual Servers On One Computer Setting Encryption Options Configure Event Logging Options View Current Sessions Enable or Disable Server Access By IP Address

12 FTP makes all objects in the file structure accessible! Access permission = permissions assigned to account used to gain FTP access and file/directory permission (conjunctive rule) A Special Concern: FTP

13 l Account to be used for FTP access can be misused similarly to the Guest account FTP users are members of Everyone group Inbound FTP authentication can be performed by the source host if not configured otherwise Passwords for outbound FTP are transmitted in clear text A Special Concern: FTP

14 l HTTP input overflow can allow unauthorized users to execute commands CGI scripts can allow commands to be written to.BAT files, resulting in execution of commands not intended for execution on web servers Some types of HTTP access are to a user ID (as in FTP ) Problems with NT-Based Web Servers

15 l Serious concern: NT web servers or firewalls running within an NT domain (and, thus, effectively within NT’s security perimeter) Recommendations: - Run each firewall as a standalone NT platform - Run Web servers as standalone NT platforms or as part of a Web server domain - Do not mix internal and external Web servers in the same domain TCP/IP Services and NT Domains

16 l Recommendations for Controlling TCP/IP Services IIS

17 l Security Approach

18 IIS

19 NT Security for System Administrators

20 IIS

Download ppt "Overview: Identify the Internet protocols and standards Identify common vulnerabilities and countermeasures Identify specific IIS/WWW/FTP concerns Identify."

Similar presentations

1.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.

1.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
How Clients and Servers Work Together

How Clients and Servers Work Together
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.

1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
Linux+ Guide to Linux Certification, Second Edition Chapter 14 Network Configuration.

Linux+ Guide to Linux Certification, Second Edition Chapter 14 Network Configuration.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 1 v3.0 Module 11 TCP/IP Transport and Application Layers.

1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 1 v3.0 Module 11 TCP/IP Transport and Application Layers.
Chapter 13 Chapter 13: Managing Internet and Network Interoperability.

Chapter 13 Chapter 13: Managing Internet and Network Interoperability.
Chapter 8: Configuring Network Connectivity. Installing Network Adapters Network adapter cards connect a computer to a network. Installation –Plug and.

Chapter 8: Configuring Network Connectivity. Installing Network Adapters Network adapter cards connect a computer to a network. Installation –Plug and.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
IIS and PWS. What is IIS and PWS? Microsoft Internet Information Server (IIS) and Peer Web Services (PWS) enable Windows NT servers with the ability to.

IIS and PWS. What is IIS and PWS? Microsoft Internet Information Server (IIS) and Peer Web Services (PWS) enable Windows NT servers with the ability to.
Chapter Overview TCP/IP Protocols IP Addressing.

Chapter Overview TCP/IP Protocols IP Addressing.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 10: Remote Access.

70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 10: Remote Access.
1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.

1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.
CS 350 Chapter-6. A brief history of TCP/IP 1983 TCP/IP came to ARPAnet ARPAnet and MILNET dissolved in 1990 BSD UNIX.

CS 350 Chapter-6. A brief history of TCP/IP 1983 TCP/IP came to ARPAnet ARPAnet and MILNET dissolved in 1990 BSD UNIX.
Chapter Eleven An Introduction to TCP/IP. Objectives To compare TCP/IP’s layered structure to OSI To review the structure of an IP address To look at.

Chapter Eleven An Introduction to TCP/IP. Objectives To compare TCP/IP’s layered structure to OSI To review the structure of an IP address To look at.
Workshop 1: Introduction to TCP/IP

Workshop 1: Introduction to TCP/IP
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
Configuring a Web Server. Overview Overview of IIS Preparing for an IIS Installation Installing IIS Configuring a Web Site Administering IIS Troubleshooting.

Configuring a Web Server. Overview Overview of IIS Preparing for an IIS Installation Installing IIS Configuring a Web Site Administering IIS Troubleshooting.
Chapter 7: Using Windows Servers to Share Information.

Chapter 7: Using Windows Servers to Share Information.

Similar presentations

Ads by Google