Download presentation
Presentation is loading. Please wait.
Published byEarl Chandler Modified over 9 years ago
1
Guide to Operating System Security Chapter 9 Web, Remote Access, and VPN Security
2
2 Guide to Operating System Security Objectives Understand Internet security using protocols and services Configure Web browsers for security Configure remote access services for security Configure virtual private network services for security
3
3 Guide to Operating System Security Internet Security Protocols and services must be kept secure To ensure privacy of information To discourage the spread of malicious software
4
4 Guide to Operating System Security Internet Protocols and Services Hypertext Transfer Protocol (HTTP) Secure HTTP (S-HTTP) and Hypertext Transfer Protocol Secure (HTTPS) File Transfer Protocol (FTP) Network File System (NFS) Samba and Server Message Block (SMB)
5
5 Guide to Operating System Security HTTP TCP/IP-compatible application protocol- transports information over the Web Most recent version: HTTP/1.1 Increases reliability of communications Enables caching Can send message responses before full control information from a request is received Permits multiple communications over a single connection
6
6 Guide to Operating System Security S-HTTP and HTTPS Forms of HTTP used for more secure communications S-HTTP Standards-based protocol that enables use of a variety of security measures (including CMS and MOSS) HTTPS Essentially proprietary, but more compatible with encryption for IP-level communications Uses SSL as a subprotocol
7
7 Guide to Operating System Security File Transfer Protocol (FTP) TCP/IP protocol that transfers files in bulk data streams Uses two TCP ports (20 and 21) Supports transmission of binary or ASCII formatted files Commonly used on the Internet Downloading files can be risky
8
8 Guide to Operating System Security File Transfer Protocol (FTP)
9
9 Guide to Operating System Security Network File System (NFS) Designed for UNIX/Linux systems for file sharing Connection-oriented protocol that runs within TCP Uses remote procedure calls via TCP port 111 Sends data in record streams For security, let only authorized computers use NFS on host computer
10
10 Guide to Operating System Security Samba and Server Message Block Samba Available for UNIX and Linux computers Enables exchange of files and printer sharing with Windows-based computers through SMB protocol Server Message Block Used by Windows-based systems Enables sharing files and printers Employed by Samba
11
11 Guide to Operating System Security Using Samba
12
12 Guide to Operating System Security Configuring Web Browsers for Security Applying security measures to popular Web browsers Internet Explorer Mozilla Netscape Navigator
13
13 Guide to Operating System Security Configuring Internet Explorer Security Used with Windows and Mac OS X Configure version of HTTP, use of HTTPS, FTP, and download access Configure security by zones Internet Local intranet Trusted sites Restricted sites
14
14 Guide to Operating System Security Internet Explorer Security Settings
15
15 Guide to Operating System Security Configuring Internet Explorer Security Internet Explorer Enhanced Security Configuration (Windows Server 2003) Applies default security to protect server Uses security zones and security parameters preconfigured for each zone
16
16 Guide to Operating System Security Installing IE Enhanced Security Configuration
17
17 Guide to Operating System Security Configuring Mozilla Security Open-source Web browser Can run on Linux (by default with GNOME desktop) UNIX Mac OS X OS/2 Windows-based systems Security configuration is combined with privacy configuration options
18
18 Guide to Operating System Security Mozilla Security Categories
19
19 Guide to Operating System Security Privacy & Security Option in Mozilla
20
20 Guide to Operating System Security Configuring Netscape Navigator Security Nearly identical to Mozilla; GUI offers: A buddy list Link to Netscape channels Different sidebar presentation
21
21 Guide to Operating System Security Netscape Navigator in Windows 2000 Server
22
22 Guide to Operating System Security Privacy & Security Options in Netscape
23
23 Guide to Operating System Security Configuring Remote Access Services for Security Remote access Ability to access a workstation or server through a remote connection (eg, dial-up telephone line and modem) Commonly used by telecommuters
24
24 Guide to Operating System Security Microsoft Remote Access Services Enables off-site workstations to access a server through telecommunications lines, the Internet, or intranets
25
25 Guide to Operating System Security Microsoft RAS
26
26 Guide to Operating System Security Microsoft RAS - Supported Clients MS-DOS Windows 3.1 and 3.11 Windows NT/95/98 Windows Millennium Windows 2000 Windows Server 2003 and XP Professional
27
27 Guide to Operating System Security Microsoft RAS Supports different types of modems and communications equipment Compatible with many network transport and remote communications protocols
28
28 Guide to Operating System Security Microsoft RAS – Supported Connections (Continued) Asynchronous modems Synchronous modems Null modem communications Regular dial-up telephone lines Leased telecommunication lines (eg, T-carrier)
29
29 Guide to Operating System Security Microsoft RAS – Supported Connections (Continued) ISDN lines (and “digital modems”) X.25 lines DSL lines Cable modem lines Frame relay lines
30
30 Guide to Operating System Security Microsoft RAS – Supported Protocols NetBEUI TCP/IP NWLink PPP PPTP L2TP
31
31 Guide to Operating System Security Understanding Remote Access Protocols Transport protocols TCP/IP IPX NetBEUI Remote access protocols Serial Line Internet Protocol (SLIP) CSLIP Point-to-Point Protocol (PPP) PPTP L2TP
32
32 Guide to Operating System Security Configuring a RAS Policy Employ callback security options (No Callback, Set by Caller, Always Callback to) Install Internet Authentication Service (IAS) Can be employed with Remote Authentication Dial-In User Service (RADIUS) and RADIUS server Add participating RAS and VPN servers
33
33 Guide to Operating System Security Remote Access Policies Objects in the IAS Tree
34
34 Guide to Operating System Security Granting Remote Access Permission to RAS
35
35 Guide to Operating System Security Enabling Access for a User’s Account via Remote Access Policy
36
36 Guide to Operating System Security Configuring a RAS Policy Use Remote Access Policies to configure security types Authentication Encryption Dial-in constraints
37
37 Guide to Operating System Security RAS Authentication Types (Continued) Challenge Handshake Authentication Protocol (CHAP) Extensible Authentication Protocol (EAP) MS-CHAP v1 (aka CHAP with Microsoft extensions) MS-CHAP v2 (aka CHAP with Microsoft extensions version 2)
38
38 Guide to Operating System Security RAS Authentication Types (Continued) Password Authentication Protocol (PAP) Shiva Password Authentication Protocol (SPAP) Unauthenticated
39
39 Guide to Operating System Security RAS Encryption Options
40
40 Guide to Operating System Security RAS Dial-in Constraints Options Idle and session timeouts Day and time restrictions Whether access is restricted to a single number Whether access is restricted based on media used
41
41 Guide to Operating System Security Security on a Virtual Private Network VPN An intranet designed for restricted access by specific clients based on subnets, IP addresses, user accounts, or a combination Apply same remote access policies as to RAS servers
42
42 Guide to Operating System Security Summary Protocols and services that enable Internet security Configuring Web browsers for security Internet Explorer Mozilla Netscape Navigator How to configure a server’s remote access services to enforce security Applying security options to a VPN
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.