CHAPTER 9 HARDENING SERVERS. C REATING A BASELINE POLICY Security parameters used to create a baseline installation can be configured using a Group Policy.

Slides:

Advertisements

Similar presentations

Networking Essentials Lab 3 & 4 Review. If you have configured an event log retention setting to Do Not Overwrite Events (Clear Log Manually), what happens.

Advertisements

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 6 Managing and Administering DNS in Windows Server 2008.

Lesson 17: Configuring Security Policies

 Overview User Accounts Groups User Rights Permissions.

DESIGNING A PUBLIC KEY INFRASTRUCTURE

Chapter 7 HARDENING SERVERS.

Chapter 8 Chapter 8: Managing Accounts and Client Connectivity.

15.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

MIS Chapter 91 Ch. 9 – Implement and Use Group Policy MIS 431 – created Spring 2006.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 6 Managing Printers, Publishing, Auditing, and Desk Resources.

Chapter 8 Chapter 8: Managing the Server Through Accounts and Groups.

1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.

Module 8: Implementing Administrative Templates and Audit Policy.

Event Viewer Was of getting to event viewer Go to –Start –Control Panel, –Administrative Tools –Event Viewer Go to –Start.

Using RADIUS Within the Framework of the School Environment Ed Register Consultant April 6, 2011.

Network and Active Directory Performance Monitoring and Troubleshooting NETW4008 Lecture 8.

1 Chapter Overview Monitoring Server Performance Monitoring Shared Resources Microsoft Windows 2000 Auditing.

Implementing Dynamic Host Configuration Protocol

9.1 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam Microsoft® Windows® 2000 Directory Services Infrastructure.

70-270: MCSE Guide to Microsoft Windows XP Professional Chapter 5: Users, Groups, Profiles, and Policies.

Test Review. What is the main advantage to using shadow copies?

9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

Review. 2 Main Areas Client and Server / Active Directory.

Hands-On Microsoft Windows Server 2008 Chapter 5 Configuring, Managing, and Troubleshooting Resource Access.

Implementing Dynamic Host Configuration Protocol

Guide to Operating System Security Chapter 4 Account-based Security.

Hands-On Microsoft Windows Server Security Enhancements in Windows Server 2008 Windows Server 2008 was created to emphasize security –Reduced attack.

Module 6: Designing Active Directory Security in Windows Server 2008.

Troubleshooting Windows Vista Security Chapter 4.

Module 14: Configuring Server Security Compliance

11 MANAGING AND DISTRIBUTING SOFTWARE BY USING GROUP POLICY Chapter 5.

DCE (distributed computing environment) DCE (distributed computing environment)

Module 4: Planning, Optimizing, and Troubleshooting DHCP

Week 7 Objectives Installing a DHCP Server Role Configuring DHCP Scopes Managing a DHCP Database Securing and Monitoring DHCP.

DIT314 ~ Client Operating System & Administration CHAPTER 5 MANAGING USER ACCOUNTS AND GROUPS Prepared By : Suraya Alias.

Chapter 13 Users, Groups Profiles and Policies. Learning Objectives Understand Windows XP Professional user accounts Understand the different types of.

 An Internet Protocol address (IP address) is a numerical label assigned to each device (e.g., computer, printer) participating in a computer network.

Module 2: Installing and Maintaining ISA Server. Overview Installing ISA Server 2004 Choosing ISA Server Clients Installing and Configuring Firewall Clients.

Active Directory Administration Lesson 5. Skills Matrix Technology SkillObjective DomainObjective # Creating Users, Computers, and Groups Automate creation.

© Wiley Inc All Rights Reserved. MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition.

Week #3: Configuring and Troubleshooting DHCP

Planning a Microsoft Windows 2000 Administrative Structure Designing default administrative group membership Designing custom administrative groups local.

Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.

Module 4: Configuring and Troubleshooting DHCP

Module 2: Allocating IP Addressing by Using Dynamic Host Configuration Protocol (DHCP)

Managing Local Users & Groups. OVERVIEW Configure and manage user accounts Manage user account properties Manage user and group rights Configure user.

Core 3: Communication Systems. Network software includes the Network Operating Software (NOS) and also network based applications such as those running.

INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used? Tripwire.

Module 10: Implementing Administrative Templates and Audit Policy.

Chapter 4- Part3. 2 Implementing User Profiles A local user profile is automatically created at the local computer when you log on with an account for.

Implementing Server Security on Windows 2000 and Windows Server 2003 Fabrizio Grossi.

CHAPTER 5 MANAGING USER ACCOUNTS & GROUPS. User Accounts Windows 95, 98 & Me do not need a user account like Windows XP Professional to access computer.

Windows Server 2003 群組原則設定與管理林寶森

Chapter 7 Server Management Policies –User accounts –Groups Rights and permissions Examples.

(ITI310) By Eng. BASSEM ALSAID SESSIONS 9: Dynamic Host Configuration Protocol (DHCP)

Planning File and Print Services Lesson 5. File Services Role The File Services role and the other storage- related features included with Windows Server.

Windows Active Directory – What is it? Definition - Active Directory is a centralized and standardized system that automates network management of user.

Configuring the User and Computer Environment Using Group Policy Lesson 8.

Exam In The First Attempt?

Configuring and Troubleshooting DHCP

Configuring Windows Firewall with Advanced Security

Active Directory Administration

Lesson 16-Windows NT Security Issues

Allocating IP Addressing by Using Dynamic Host Configuration Protocol

MAINTAINING SERVER AVAILIBILITY

Windows Active Directory Environment

PLANNING A SECURE BASELINE INSTALLATION

Access Control and Site Security

Presentation transcript:

CHAPTER 9 HARDENING SERVERS

C REATING A BASELINE POLICY Security parameters used to create a baseline installation can be configured using a Group Policy Object (GPO) Contains setting for a myriad of different configuration parameters associated with OS & the applications running on it.

S ETTING AUDIT POLICIES Auditing is important because it enables you to gather information about the computers activities as it happens. When security disaster happens, you need as much as information as possible & audit policies allows the data collection. If you configure the system to audit too many events, you might end up with big log files consuming large disk space. Possible values to determine conditions; Success only Failure only Success & failure No auditing

S ETTING EVENT LOG ON POLICIES Controls various aspects of the log performance including; Maximum size of logs Who has access to them How the log behave when they reach their maximum size There are 3 policies one for each of the logs: application, security & system Maximum log size Prevent local guest group from accessing log Retain log Retention method for log Overwrite events by days, overwrite events as needed, do not overwrite events.

C ONFIGURING SERVICES A lot of services is installed in a server along with OS which starts running when the server starts. Many of these services are not needed in a typical member server configuration & its good idea to disable the ones the computer don’t need. Services are programs that runs continuously in the background waiting for another application to call them. For this reason, its potential for attacks from intruders.

S ECURING DOMAIN CONTROLLERS For network that uses active directory, no servers are more important than the domain controllers. Domain controllers provide authentication services for most network operations, store & distribute group policies. Due to the importance of domain controllers, it should always be in secured location such as server closet or data center accessible to only administrative personnel.

S ECURING DOMAIN CONTROLLERS Assigning user rights The use of policies to give administrator the access they need to manage domain controller. Add workstations to domain Adding a new computer in the active directory only to be done by the administrator else vunerable to attack from intruders. Shut down the system Shutting down a domain controller can affect systems all over the network.

S ECURING INFRASTRUCTURE SERVERS Infrastructure servers are computers that run network support services such as DNS, DHCP & WINS. An infrastructure server can also run other roles such as application, file & print server. DNS Security Advantage of storing zones in active directory, is the directory service takes over securing & replicating the DNS data. Protection against unauthorized access. DHCP security Interruption of DHCP might not have immediate effect on your network but eventually your clients leases will expire & they wont be able to obtain a new one.