Operating System Hardening Vulnerabilities Unique vulnerabilities for Different
Operating System Hardening
Vulnerabilities • Unique vulnerabilities for: – Different operating systems – Different vendors – Client and server systems • Vendors try to correct • Attackers try to exploit • Security professionals must keep update
Typical Vulnerabilities • Default install • Auto login, FTP server, • Service exploits • Auto Play (C/DVD, USB) • Default protocols • FTP, HTTP, RDP, • Known accounts and passwords • Administrator, Root, admin : admin • Built-in applications • Remote administration • File access methods • FAT 32, Everyone, 777 • Physical access • Anything could happen • Buffer overflows • Injection, Adware, Worm
Windows Hardening Security Assesment • • Identify Asset Risk Assessment Vulnerability & Threats Security Hardening GUI Tools • Microsoft Config (msconfig) • Services • Registry • Security Policy (secpol. msc) • User Rights • Audit • Group Policy (gpedit. msc) • Windows Settings • Windows Behaviour • Computer Management (compmgmt. msc) • Event Viewer
Windows Hardening • Windows Update – Important update • Security update • Driver / Bug – Optional update • Enhancement • Non-Essentials • Update Type – Patch • Bug Fix – Hot Fix • Fix Security Flaw – Roll up • Cumulative patches & hotfixes – Service pack • Added feature
Windows Hardening • Configuration Management • Security Baseline – A template of configuration that applies to a group of system • Antivirus (adware, malware, worm, virus) • Event Viewer (Windows Log) • Auditing (Action purpose)
Group Policy • Applying security baseline
Group Policy • Apply template to a system Predefined settings Templates based on role
Windows Hardening • File / Print server hardening (Tutorial) • Directory service hardening (Tutorial)
Virtualization Technology • Honey Pot • Testing • Patch Management
Directory Service • Open. LDAP • Microsoft Active Directory • Novell e. Directory LDAP client Directory query LDAP server Stores directory data LDAP client Directory query
- Slides: 11