Click here to load reader
Upload
danghanh
View
213
Download
0
Embed Size (px)
Citation preview
Securing Windows Operating Systems
1
Securing Windows operating systems and servers will be a critical task for
information technology (IT) professionals, management, security officers, and
system administrators in the next decade, which will be known for sophisticated
intrusions, denial of service attacks, man in the middle attacks, and a complex
array of security violations initiated both inside and outside the firewall. The
proper configuration and implementation of server user authentication,
hardening and management of firewall technologies, and the monitoring of
servers for security purposes will be required for protecting data and sustaining
corporate network operations. Additionally, management, security trainers, and
security professionals will need to work together to develop Web service
security plans—configurations and deployment to ensure that corporate data,
operating systems, and server functionality are secure.
Configuration of Server User Authentication
One of the first tasks required of IT professionals, management, security
officers, and system administrators is to successfully configure server user
authentication. For user authentication in the server environment, multiple
configurations can be implemented by the IT professional or the system
administrator. The possible configurations available for server user
authentication are Kerberos (KDC), certificates and SSL/TLS, IAS, LDAP, SSO, and Certificate Authentication.
Kerberos is a network authentication protocol that utilizes secret-key
cryptography that can easily be used by any client. The Kerberos protocol
implements strong cryptography in efforts to ensure that all clients are properly
secured across typically unsecure network connections. All clients and servers
can also encrypt any of their communications and interfaces to ensure that the
information passed is private and has a reasonable assurance of data integrity.
Kerberos as a computer network authentication protocol allows different nodes
on the network to interact across a secure interface. The security professionals
must understand how to handle server authentication being used by clients so
that the IT team can be sure that queries sent by any of the domain controllers
and message queuing servers are authenticated properly and completely (What is Kerberos, 2009).
Another method of server authentications is the secure sockets layer/transport
layer security protocol (SSL/TLS). One of the features of SSL/TLS is to use
encryption during the transmission of data. SSL/TLS protocols can perform
server authentication and, optionally, client authentication to provide
confirmation of the identity of both the sender and the receiver. In addition to
protecting against data disclosure through encryption, the SSL/TLS security
protocol is also used to protect corporate resources against man-in-the-middle
Securing Windows Operating Systems
2
(or bucket brigade) attacks, rollback attacks, masquerade attacks, and replay
attacks. Another solution is the authentication configuration using IAS. Servers
running the Internet Authentication Service (IAS) perform centralized
authentication, authorization, auditing, and accounting for many types of
network access, including dial-up, virtual private network (VPN), wireless, and 802.1X authenticating switch access.
Firewalls
The following are concepts that should be addressed for hardening firewalls and ensuring a secure firewall system:
Updating of network documentation
Implementation of a formal change control policy
Firewall documentation dictating firewall policies
Physical security
Patches
Backup procedures
Alert procedures
Monitoring Servers
Monitoring a server for security purposes involves using Windows server
monitoring software to understand the current CPU, memory and network
usage, server status, event logs, disk space, running services, and changed
files and directories. Monitoring software also looks at POP, IMAP, and SMTP
mail servers and Web page content and load times.
Planning and Implementation
Security professionals must understand the planning and implementation of
secure Web services and the operating system concepts related to basic server
security. Some of the key concepts related to secure Web services are secure
messaging, protecting resources, negotiation of contracts, and trust
relationships. Web service security functions involve service-to-service
authentication, identity management, establishing trust between services, Web
Services policy (WS policy), and distributed authorization and access
management.
Reference
What is Kerberos? (2009). Retrieved from the techFAQ Web site:
Securing Windows Operating Systems
3
http://www.tech-faq.com/kerberos.shtml