لطفا منتظر باشید ...
Hardening
When you install a new operating system, your security settings are all set to their default values. The same goes for installing a new web server or a browser. These settings need to be changed to harden the system against attacks or unauthorized access.
File Systems
When you install Windows, all versions have one thing in common: weak security. The obvious example is that after logging in, all users have full control (all permissions) at the root of every drive and at most of the drives' subdirectories and files. NT4 was the first Windows operating system to introduce a distinction between rights and permissions. A right allows the user to access the resources of the operating system itself, such as shutting down the system. A permission allows the user to access the file system's resources, such as reading and writing files. NT4 was also the first Windows product with DAC, which is discussed in more detail later in this chapter.The Windows default for permissions is for the Everyone group to have full control from the root of each drive down. For a single user station, this is okay, but for a web server or file server, this is not acceptable. If you do not change the permissions, any user who logs in, no matter how, has full control. The easiest way to adjust these permissions is by using Windows Explorer as follows:
| Step 1. | Right-click the folder for which you want to change the permission. The pull-down choices are displayed in Figure 7-1.Figure 7-1. Windows Explorer[View full size image]  |
| Step 2. | Select Properties from the pull-down choices. The screen shown in Figure 7-2 displays this option.Figure 7-2. Properties Page |
| Step 3. | Click the Security tab. The screen shown in Figure 7-3 displays this tab.Figure 7-3. Security Tab |
In Figure 7-3, you can see the default for Windows security. Every user logged in to the system has Full Control. This leaves the system wide open to any kind of unauthorized access. Therefore, you need to change those permissions. The case study in this chapter gives you an example of how to change these permissions.There is much more to securing a web server than hardening the file system. Other things you need to do are
- Set account policies
- Edit group rights
- Rename critical accounts
- Turn on auditing
- Remove or disable unnecessary services
On the Microsoft website, you can find sample information on security. Here is a good starting point if you need additional information: http://www.microsoft.com/technet/Security/tools/default.mspx.The first four items in the list of tasks for securing the web server will not be discussed in detail in this book.NOTEFor more information about policies and group rights, you can look at Web Security Field Guide by Steve Kalman from Cisco Press.The last item in the list of tasks for securing the web server is removing or disabling unnecessary services. When you start your PC, many services run in the background. Disable all services that you do not need. Table 7-1 lists the services that you can disable. This is not a complete list, so be careful when disabling these services. Some services might be needed for operation.
| Service Name | Description |
|---|---|
| ClipBook Viewer[1] | Enables the ClipBook Viewer to create and share pages of data to be viewed by remote computers |
| Computer Browser | Maintains an up-to-date list of computers on your network and supplies the list to programs that request it |
| DHCP Client | Manages network configuration by registering and updating IP addresses and Domain Name Server (DNS) names for this computer |
| DHCP Server | Allocates IP addresses and allows the advanced configuration of network settings |
| DNS Server | Enables DNS name resolution |
| Fax Service | Enables you to send and receive faxes |
| File Server for Macintosh | Enables Macintosh users to store and access files on this Windows server machine |
| Gateway Service for Netware | Provides access to file and print resources on NetWare networks |
| Internet Connection Sharing | Provides NAT, addressing, and name resolution services for all computers on your home network |
| NetMeeting Remote Desktop Sharing | Allows authorized users to remotely access your Windows desktop |
| Print Server for Macintosh | Enables Macintosh clients to route printing to a print spooler located on a computer running Windows 2000 server |
| Print Spooler | Queues and manages print jobs |
| Remote Access Auto Connection Manager | Brings up a dialog box that offers to make a dialup connection to a remote computer when no network access exists |
| RPC Locator | Provides the name service for RPC clients |
| Remote Registry Service | Allows remote Registry manipulation |
| Routing and Remote Access | Offers routing services in local area and WAN environments |
| RunAs Service | Allows you to run specific tools and programs with different permissions than your current logon provides |
| SAP Agent | Advertises network services on an IPX network |
| SMTP | Transports e-mail across the network |
| Simple TCP/IP Services | Implements support for Echo, Discard, Character Generator (CharGen), Daytime, and Quote of the day (QOTD) |
| Smart Card | Manages and controls access to a smart card |
| TCP/IP Print Server | Enables TCP/IP-based printing |
| Telephony | Provides Telephone API (TAPI) support for programs that control telephony devices |
| Telnet | Allows a remote user to log on to the system and run console programs using the command line |
| Windows Time Service | Sets the computer clock |
[1] Using ClipBook Viewer, you can cut or copy information from another program and store it in a page that you can name, save, use again, and share with others.
DAC is a means of restricting access to information based on the identity of users and membership in certain groups. Access decisions are typically based on the authorizations granted to a user based on the credentials presented at the time of authentication (username, password, hardware/software token, and so on). In most typical DAC models, owners of information or resources can change permissions at their discretion (thus the name). DAC's drawback is that administrators cannot centrally manage these permissions on files and information stored on the web server. A DAC access control model often exhibits one or more of the following attributes:
- Data owners can transfer ownership of information to other users.
- Data owners can determine the type of access given to other users (read, write, copy, and so on).
- Repetitive authorization fails to access the same resource, or an object generates an alarm and restricts the user's access if auditing is turned on.
- Special add-on or plug-in software must be applied to an HTTP client to prevent indiscriminant copying by users (cutting and pasting of information).
- Users who do not have access to information should not be able to determine its characteristics (file size, filename, directory path, and so on).
Web Servers
A freshly installed web server is a completely defenseless platform. Before you can start using it as a web server, you need to secure it. This section shows you how. After the web server is installed, you can take several steps to secure it: You can prevent access to the server, and you can enable logging to monitor events on your web server.
Logging
Logging is an essential part of maintaining a secure web environment. To enable logging, open Internet Information Services in the Administrative tools menu, expand the tree, right-click Default Web Site, and choose Properties . Then click the Web Site tab to see the screen shown in Figure 7-4.
Figure 7-4. Default Web Site Properties
Figure 7-5. Extended Logging Properties
Restricting Access
You can restrict access to a website or to a specific folder of a website on a user-by-user basis or based on IP addresses. To configure access for user authentication, start the Internet Service Manager. Right-click the folder you want to use for basic authentication, which brings up a screen similar to Figure 7-6.
Figure 7-6. Folder Properties
Figure 7-7. Directory Security
Figure 7-8. Authentication Methods
Figure 7-9. Authentication Methods
Figure 7-10. Deny IP Addresses
Browsers
We all use browsers these days, and most of us run third-party plug-ins. This is not necessarily dangerous, but it is always better to keep in mind that malicious people can write plug-ins, too. The most popular scripting languages used for writing plug-ins today are the following:
- Java
- JavaScript
- VBScript
- ActiveX
Be very careful when installing plug-ins, just as you should be when downloading any software program from the Internet.
Security Zones
Because most people using the Internet today use Microsoft Internet Explorer to browse web pages, this chapter covers only that program. Internet Explorer has four zones of security. When you access a resource on another machine, the other machine's zone relative to yours is determined, and the restrictions placed on that zone control the interaction with that resource. Users can set the security policy on their computer. The four zones are as follows:
- Internet
Contains all websites that are not placed in another zone. - Local Internet
Contains all the websites that are on your company's intranet. Here, you find all sites that have the same domain name as the one your PC is using. - Trusted sites
Contains websites that you trust not to damage your data. If you want to have trusted sites, you need to add them manually. - Restricted
This zone contains websites that you do not trust because they could potentially damage your data. This is also a list created manually.
NOTEFor understanding and maintaining security with Internet Explorer, visit the following URL: http://www.microsoft.com/windows/ie/security/default.asp.To change the settings for these four zones in Internet Explorer, choose Tools > Internet Options . On the page that appears, select the Security tab, and you see a page as shown in Figure 7-11.
Figure 7-11. Security Setting Page
Figure 7-12. Scripting Options
- ActiveX controls and plug-ins
- Cookies
- Downloads
- Microsoft VM
- Miscellaneous
- Scripting
- User authentication
Figure 7-12 shows Scripting . On this screen, you first change the custom settings on the bottom of the screen from Medium to High. At this point, you receive a warning asking if you are sure that you want to make this change. After you click Yes , you can take another look at the scripting options, as shown in Figure 7-13.
Figure 7-13. High Security Settings
Figure 7-14. Security Setting Page
Figure 7-15. Trusted Sites
Cookies
As you might already know, HTTP is a stateless protocol. Every time you visit a website, it looks as if that visit to the website is your first because HTTP does not keep track of your web history. To simulate a stateful environment, the HTTP protocol includes features such as cookies. There are two types of cookies:
- Session cookie
This cookie is created to keep track of what you buy when, for example, you visit an e-commerce website where you use a shopping cart. After you check out from that website, the session cookie is deleted from your browser memory. - Persistent cookie
When you go to a website and see a personalized welcome message, you know that a persistent cookie is on your PC. These cookies contain information about you and your account. Often, that information is a key that is related only to a database with your profile.
You can manage cookies in several ways. You can delete all your cookies, or you can configure your browser to not accept cookies at any time. This would make browsing the Internet rather difficult because many sites need cookies to function properly. A better solution would be to force all your cookies to be session cookies. You can do this by making the folder where the cookies are stored read-only. Your browser will accept them but will be unable to save them to disk.
![[View full size image]](/image/library/english/13756_07fig01_alt.jpg;380136){kind=link}