Securing Windows Operating Systems

1

Securing Windows operating systems and servers will be a critical task for

information technology (IT) professionals, management, security officers, and

system administrators in the next decade, which will be known for sophisticated

intrusions, denial of service attacks, man in the middle attacks, and a complex

array of security violations initiated both inside and outside the firewall. The

proper configuration and implementation of server user authentication,

hardening and management of firewall technologies, and the monitoring of

servers for security purposes will be required for protecting data and sustaining

corporate network operations. Additionally, management, security trainers, and

security professionals will need to work together to develop Web service

security plans—configurations and deployment to ensure that corporate data,

operating systems, and server functionality are secure.

Configuration of Server User Authentication

One of the first tasks required of IT professionals, management, security

officers, and system administrators is to successfully configure server user

authentication. For user authentication in the server environment, multiple

configurations can be implemented by the IT professional or the system

administrator. The possible configurations available for server user

authentication are Kerberos (KDC), certificates and SSL/TLS, IAS, LDAP, SSO, and Certificate Authentication.

Kerberos is a network authentication protocol that utilizes secret-key

cryptography that can easily be used by any client. The Kerberos protocol

implements strong cryptography in efforts to ensure that all clients are properly

secured across typically unsecure network connections. All clients and servers

can also encrypt any of their communications and interfaces to ensure that the

information passed is private and has a reasonable assurance of data integrity.

Kerberos as a computer network authentication protocol allows different nodes

on the network to interact across a secure interface. The security professionals

must understand how to handle server authentication being used by clients so

that the IT team can be sure that queries sent by any of the domain controllers

and message queuing servers are authenticated properly and completely (What is Kerberos, 2009).

Another method of server authentications is the secure sockets layer/transport

layer security protocol (SSL/TLS). One of the features of SSL/TLS is to use

encryption during the transmission of data. SSL/TLS protocols can perform

server authentication and, optionally, client authentication to provide

confirmation of the identity of both the sender and the receiver. In addition to

protecting against data disclosure through encryption, the SSL/TLS security

protocol is also used to protect corporate resources against man-in-the-middle

Securing Windows Operating Systems

2

(or bucket brigade) attacks, rollback attacks, masquerade attacks, and replay

attacks. Another solution is the authentication configuration using IAS. Servers

running the Internet Authentication Service (IAS) perform centralized

authentication, authorization, auditing, and accounting for many types of

network access, including dial-up, virtual private network (VPN), wireless, and 802.1X authenticating switch access.

Firewalls

The following are concepts that should be addressed for hardening firewalls and ensuring a secure firewall system:

Updating of network documentation

Implementation of a formal change control policy

Firewall documentation dictating firewall policies

Physical security

Patches

Backup procedures

Alert procedures

Monitoring Servers

Monitoring a server for security purposes involves using Windows server

monitoring software to understand the current CPU, memory and network

usage, server status, event logs, disk space, running services, and changed

files and directories. Monitoring software also looks at POP, IMAP, and SMTP

mail servers and Web page content and load times.

Planning and Implementation

Security professionals must understand the planning and implementation of

secure Web services and the operating system concepts related to basic server

security. Some of the key concepts related to secure Web services are secure

messaging, protecting resources, negotiation of contracts, and trust

relationships. Web service security functions involve service-to-service

authentication, identity management, establishing trust between services, Web

Services policy (WS policy), and distributed authorization and access

management.

Reference

What is Kerberos? (2009). Retrieved from the techFAQ Web site:

Securing Windows Operating Systems

3

http://www.tech-faq.com/kerberos.shtml