Presentation is loading. Please wait.

Presentation is loading. Please wait.

Guide to Operating System Security Chapter 9 Web, Remote Access, and VPN Security.

Similar presentations


Presentation on theme: "Guide to Operating System Security Chapter 9 Web, Remote Access, and VPN Security."— Presentation transcript:

1 Guide to Operating System Security Chapter 9 Web, Remote Access, and VPN Security

2 2 Guide to Operating System Security Objectives Understand Internet security using protocols and services Configure Web browsers for security Configure remote access services for security Configure virtual private network services for security

3 3 Guide to Operating System Security Internet Security Protocols and services must be kept secure  To ensure privacy of information  To discourage the spread of malicious software

4 4 Guide to Operating System Security Internet Protocols and Services Hypertext Transfer Protocol (HTTP) Secure HTTP (S-HTTP) and Hypertext Transfer Protocol Secure (HTTPS) File Transfer Protocol (FTP) Network File System (NFS) Samba and Server Message Block (SMB)

5 5 Guide to Operating System Security HTTP TCP/IP-compatible application protocol- transports information over the Web Most recent version: HTTP/1.1  Increases reliability of communications  Enables caching  Can send message responses before full control information from a request is received  Permits multiple communications over a single connection

6 6 Guide to Operating System Security S-HTTP and HTTPS Forms of HTTP used for more secure communications S-HTTP  Standards-based protocol that enables use of a variety of security measures (including CMS and MOSS) HTTPS  Essentially proprietary, but more compatible with encryption for IP-level communications  Uses SSL as a subprotocol

7 7 Guide to Operating System Security File Transfer Protocol (FTP) TCP/IP protocol that transfers files in bulk data streams Uses two TCP ports (20 and 21) Supports transmission of binary or ASCII formatted files Commonly used on the Internet Downloading files can be risky

8 8 Guide to Operating System Security File Transfer Protocol (FTP)

9 9 Guide to Operating System Security Network File System (NFS) Designed for UNIX/Linux systems for file sharing Connection-oriented protocol that runs within TCP Uses remote procedure calls via TCP port 111 Sends data in record streams For security, let only authorized computers use NFS on host computer

10 10 Guide to Operating System Security Samba and Server Message Block Samba  Available for UNIX and Linux computers  Enables exchange of files and printer sharing with Windows-based computers through SMB protocol Server Message Block  Used by Windows-based systems  Enables sharing files and printers  Employed by Samba

11 11 Guide to Operating System Security Using Samba

12 12 Guide to Operating System Security Configuring Web Browsers for Security Applying security measures to popular Web browsers  Internet Explorer  Mozilla  Netscape Navigator

13 13 Guide to Operating System Security Configuring Internet Explorer Security Used with Windows and Mac OS X Configure version of HTTP, use of HTTPS, FTP, and download access Configure security by zones  Internet  Local intranet  Trusted sites  Restricted sites

14 14 Guide to Operating System Security Internet Explorer Security Settings

15 15 Guide to Operating System Security Configuring Internet Explorer Security Internet Explorer Enhanced Security Configuration (Windows Server 2003)  Applies default security to protect server  Uses security zones and security parameters preconfigured for each zone

16 16 Guide to Operating System Security Installing IE Enhanced Security Configuration

17 17 Guide to Operating System Security Configuring Mozilla Security Open-source Web browser Can run on  Linux (by default with GNOME desktop)  UNIX  Mac OS X  OS/2  Windows-based systems Security configuration is combined with privacy configuration options

18 18 Guide to Operating System Security Mozilla Security Categories

19 19 Guide to Operating System Security Privacy & Security Option in Mozilla

20 20 Guide to Operating System Security Configuring Netscape Navigator Security Nearly identical to Mozilla; GUI offers:  A buddy list  Link to Netscape channels  Different sidebar presentation

21 21 Guide to Operating System Security Netscape Navigator in Windows 2000 Server

22 22 Guide to Operating System Security Privacy & Security Options in Netscape

23 23 Guide to Operating System Security Configuring Remote Access Services for Security Remote access  Ability to access a workstation or server through a remote connection (eg, dial-up telephone line and modem)  Commonly used by telecommuters

24 24 Guide to Operating System Security Microsoft Remote Access Services Enables off-site workstations to access a server through telecommunications lines, the Internet, or intranets

25 25 Guide to Operating System Security Microsoft RAS

26 26 Guide to Operating System Security Microsoft RAS - Supported Clients MS-DOS Windows 3.1 and 3.11 Windows NT/95/98 Windows Millennium Windows 2000 Windows Server 2003 and XP Professional

27 27 Guide to Operating System Security Microsoft RAS Supports different types of modems and communications equipment Compatible with many network transport and remote communications protocols

28 28 Guide to Operating System Security Microsoft RAS – Supported Connections (Continued) Asynchronous modems Synchronous modems Null modem communications Regular dial-up telephone lines Leased telecommunication lines (eg, T-carrier)

29 29 Guide to Operating System Security Microsoft RAS – Supported Connections (Continued) ISDN lines (and “digital modems”) X.25 lines DSL lines Cable modem lines Frame relay lines

30 30 Guide to Operating System Security Microsoft RAS – Supported Protocols NetBEUI TCP/IP NWLink PPP PPTP L2TP

31 31 Guide to Operating System Security Understanding Remote Access Protocols Transport protocols  TCP/IP  IPX  NetBEUI Remote access protocols  Serial Line Internet Protocol (SLIP) CSLIP  Point-to-Point Protocol (PPP) PPTP L2TP

32 32 Guide to Operating System Security Configuring a RAS Policy Employ callback security options (No Callback, Set by Caller, Always Callback to) Install Internet Authentication Service (IAS)  Can be employed with Remote Authentication Dial-In User Service (RADIUS) and RADIUS server Add participating RAS and VPN servers

33 33 Guide to Operating System Security Remote Access Policies Objects in the IAS Tree

34 34 Guide to Operating System Security Granting Remote Access Permission to RAS

35 35 Guide to Operating System Security Enabling Access for a User’s Account via Remote Access Policy

36 36 Guide to Operating System Security Configuring a RAS Policy Use Remote Access Policies to configure security types  Authentication  Encryption  Dial-in constraints

37 37 Guide to Operating System Security RAS Authentication Types (Continued) Challenge Handshake Authentication Protocol (CHAP) Extensible Authentication Protocol (EAP) MS-CHAP v1 (aka CHAP with Microsoft extensions) MS-CHAP v2 (aka CHAP with Microsoft extensions version 2)

38 38 Guide to Operating System Security RAS Authentication Types (Continued) Password Authentication Protocol (PAP) Shiva Password Authentication Protocol (SPAP) Unauthenticated

39 39 Guide to Operating System Security RAS Encryption Options

40 40 Guide to Operating System Security RAS Dial-in Constraints Options Idle and session timeouts Day and time restrictions Whether access is restricted to a single number Whether access is restricted based on media used

41 41 Guide to Operating System Security Security on a Virtual Private Network VPN  An intranet designed for restricted access by specific clients based on subnets, IP addresses, user accounts, or a combination Apply same remote access policies as to RAS servers

42 42 Guide to Operating System Security Summary Protocols and services that enable Internet security Configuring Web browsers for security  Internet Explorer  Mozilla  Netscape Navigator How to configure a server’s remote access services to enforce security Applying security options to a VPN


Download ppt "Guide to Operating System Security Chapter 9 Web, Remote Access, and VPN Security."

Similar presentations


Ads by Google