Presentation is loading. Please wait.

Presentation is loading. Please wait.

PRACTICAL STEPS IN SECURING WINDOWS NT Copyright, 1996 © Dale Carnegie & Associates, Inc. TIP For additional advice see Dale Carnegie Training® Presentation.

Published byKimberly Fitzgerald Modified over 9 years ago

Similar presentations

Presentation on theme: "PRACTICAL STEPS IN SECURING WINDOWS NT Copyright, 1996 © Dale Carnegie & Associates, Inc. TIP For additional advice see Dale Carnegie Training® Presentation."— Presentation transcript:

1 PRACTICAL STEPS IN SECURING WINDOWS NT Copyright, 1996 © Dale Carnegie & Associates, Inc. TIP For additional advice see Dale Carnegie Training® Presentation Guidelines As recommended by corporate officials, programmers and hackers. By William White

2 Introduction Windows NT is easy to secure, compared to some other systems.Windows NT is easy to secure, compared to some other systems. As long as you take some necessary steps, your system will be reasonably secure.As long as you take some necessary steps, your system will be reasonably secure.

3 Securing Windows NT consists of two main areas: Putting filters between your network and the Internet.Putting filters between your network and the Internet. Configuring workstations and servers against unauthorized access.Configuring workstations and servers against unauthorized access.

4 Filters for your Network Firewalls.Firewalls. Packet Filtering.Packet Filtering.

5 Firewalls Set your firewall to disable everything, then enable only the access you need.Set your firewall to disable everything, then enable only the access you need. Firewalls are effective, but they have two major problems:Firewalls are effective, but they have two major problems: 1) High cost.1) High cost. 2) It is hard for users on your network to access the Internet.2) It is hard for users on your network to access the Internet.

6 Packet Filtering Because much traffic goes through two ports, you can:Because much traffic goes through two ports, you can: 1) Enable packet filtering.1) Enable packet filtering. 2) Disable port 138, which handles UDP packets.2) Disable port 138, which handles UDP packets. 3) Disable port 139, which handles TCP packets.3) Disable port 139, which handles TCP packets.

7 Other Ports to Block with Packet Filtering Service Name Port Type Port Name DirectionService Name Port Type Port Name Direction FTP 20 tcp ftp-data incoming FTP 20 tcp ftp-data incoming FTP 21 tcp ftp incoming FTP 21 tcp ftp incoming Telnet 23 tcp telnet incoming Telnet 23 tcp telnet incoming Mail 25 tcp smtp incoming Mail 25 tcp smtp incoming NFS 111 tcp portmapper both NFS 111 tcp portmapper both NFS 111 udp portmapper both NFS 111 udp portmapper both Administration 161 udp snmp both Administration 161 udp snmp both Administration 162 udp snmp both Administration 162 udp snmp both

8 Disable Netbeui over TCP/IP. In control panel->network->bindings disable these:In control panel->network->bindings disable these: 1) NetBIOS Interface -> WINS Client(TCP/IP) -> ethernet.1) NetBIOS Interface -> WINS Client(TCP/IP) -> ethernet. 2) Server -> WINS Client(TCP/IP) -> ethernet.2) Server -> WINS Client(TCP/IP) -> ethernet. 3) Workstation -> WINS Client(TCP/IP) -> ethernet.3) Workstation -> WINS Client(TCP/IP) -> ethernet.

9 Configuring Workstations and Servers against Unauthorized Access: 1) Disable the Guest account.1) Disable the Guest account. 2) Rename Administrator account to something non-obvious.2) Rename Administrator account to something non-obvious. 3) Enable password lock-out user policy.3) Enable password lock-out user policy.

10 Configuration of Workstations and Servers -- continued: 4) Set up accounts with passwords for all local workstations.4) Set up accounts with passwords for all local workstations. 5) Use long, difficult to guess passwords.5) Use long, difficult to guess passwords. 6) Keep you administrative passwords known to a very minimal group of people.6) Keep you administrative passwords known to a very minimal group of people.

11 Configuration of Workstations and Servers -- continued: 7) Change your passwords regularly.7) Change your passwords regularly. 8) Create a backup administrative account, with some complicated password written somewhere outside of the computer system.8) Create a backup administrative account, with some complicated password written somewhere outside of the computer system. 9) Never keep passwords on the disk.9) Never keep passwords on the disk.

12 Configuration of Workstations and Servers -- continued: 10) Don't install FTP Server except for a very restricted area.10) Don't install FTP Server except for a very restricted area. Check if FTP User has permissions to other areas of the server. Check if FTP User has permissions to other areas of the server. 11) Don't use Telnet daemon at all.11) Don't use Telnet daemon at all. 12) Don't use your administrative passwords in any other place, neither in the computer, nor in real life.12) Don't use your administrative passwords in any other place, neither in the computer, nor in real life.

13 Configuration of Workstations and Servers -- continued: 13) Remove Share Permissions to the Everyone group.13) Remove Share Permissions to the Everyone group. 14) Remove Network Access for the Everyone group.14) Remove Network Access for the Everyone group. 15) If you use PERL for CGI programs, DO NOT put perl.exe into the web server's cgi bin directory.15) If you use PERL for CGI programs, DO NOT put perl.exe into the web server's cgi bin directory.

14 Configuration of Workstations and Servers -- continued: 16) Restrict FTP.16) Restrict FTP. 17) Implement APOP, if you use POP3.17) Implement APOP, if you use POP3. 18) Adjust RAS parameters.18) Adjust RAS parameters.

15 Configuration of Workstations and Servers -- continued: 19) Keep track of logons and security failures.19) Keep track of logons and security failures. 20) Check the security log regularly.20) Check the security log regularly. 21) Run the C2 Configuration Manager.21) Run the C2 Configuration Manager.

16 Configuration of Workstations and Servers -- continued: 22) Remove the Bypass Traverse Checking right from all user accounts.22) Remove the Bypass Traverse Checking right from all user accounts. 23) Install all NT Service Packs.23) Install all NT Service Packs.

17 Examples of Past Attacks on Windows NT: L0phtcrack 1.5 and the "PW Crack" attack -- 1997.L0phtcrack 1.5 and the "PW Crack" attack -- 1997. The "GetAdmin” program -- 1997.The "GetAdmin” program -- 1997. The "Red Button" attack -- 1997.The "Red Button" attack -- 1997.

18 Examples of Recent Attacks on Windows NT: IE5 Allows File Creation and Modification -- 8/24/1999.IE5 Allows File Creation and Modification -- 8/24/1999. The “Java VM Sandbox” attack -- 8/26/1999.The “Java VM Sandbox” attack -- 8/26/1999.

19 Close Microsoft releases many fixes for known problems in the form of Hotfixes, Service Packs and new Releases.Microsoft releases many fixes for known problems in the form of Hotfixes, Service Packs and new Releases. There is a tradeoff between Security and Usefulness.There is a tradeoff between Security and Usefulness. Vigilance is the price of Liberty.Vigilance is the price of Liberty.

Download ppt "PRACTICAL STEPS IN SECURING WINDOWS NT Copyright, 1996 © Dale Carnegie & Associates, Inc. TIP For additional advice see Dale Carnegie Training® Presentation."

Similar presentations

Firewall Simulation Teaching Information Security Using: Visualization Tools, Case Studies, and Hands-on Exercises May 23, 2012.

Firewall Simulation Teaching Information Security Using: Visualization Tools, Case Studies, and Hands-on Exercises May 23, 2012.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
Web Server Administration TEC 236 Securing the Web Environment.

Web Server Administration TEC 236 Securing the Web Environment.
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
Windows 2003 SP1 Member Server in ASU Active Directory WNUG/CCC February 2, 2006 Sharon Bushart CLAS Information Technology.

Windows 2003 SP1 Member Server in ASU Active Directory WNUG/CCC February 2, 2006 Sharon Bushart CLAS Information Technology.
Beth Johnson April 27, 1998. What is a Firewall Firewall mechanisms are used to control internet access An organization places a firewall at each external.

Beth Johnson April 27, What is a Firewall Firewall mechanisms are used to control internet access An organization places a firewall at each external.
Lesson 19: Configuring Windows Firewall

Lesson 19: Configuring Windows Firewall
Enumeration. Local IP addresses Local IP addresses (review)  Some special IP addresses  localhost 127.0.0.1 (loopback address)  Internal networks 

Enumeration. Local IP addresses Local IP addresses (review)  Some special IP addresses  localhost (loopback address)  Internal networks 
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
Installing and Configuring a Secure Web Server COEN 351 David Papay.

Installing and Configuring a Secure Web Server COEN 351 David Papay.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Hacking Windows 2K, XP. Windows 2K, XP Review: NetBIOS name resolution. SMB - Shared Message Block - uses TCP port 139, and NBT - NetBIOS over TCP/IP.

Hacking Windows 2K, XP. Windows 2K, XP Review: NetBIOS name resolution. SMB - Shared Message Block - uses TCP port 139, and NBT - NetBIOS over TCP/IP.
Workshop 1: Introduction to TCP/IP

Workshop 1: Introduction to TCP/IP
Module 7: Configuring TCP/IP Addressing and Name Resolution.

Module 7: Configuring TCP/IP Addressing and Name Resolution.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
Chapter 4: Security Baselines Security+ Guide to Network Security Fundamentals Second Edition.

Chapter 4: Security Baselines Security+ Guide to Network Security Fundamentals Second Edition.
Copyright © 2002 ProsoftTraining. All rights reserved. Operating System Security.

Copyright © 2002 ProsoftTraining. All rights reserved. Operating System Security.
CHAPTER Protocols and IEEE Standards. Chapter Objectives Discuss different protocols pertaining to communications and networking.

CHAPTER Protocols and IEEE Standards. Chapter Objectives Discuss different protocols pertaining to communications and networking.

Similar presentations

Ads by Google