...Harden Windows XP with Group Policy Brian Blanchette Strayer University Abstract Hardening client computers is essential when you are using a multi platform based network. Hardening is simply creating security lockdown protocols that will deter any intrusion from the outside and inside of a network. There are several ways to deploy those hardening settings the Security Configuration Wizard Graphic User Interface (SCW GUI), the Scwcmd command line deployment tool, and the Group Policy object (GPO). We will be discussing the GPO deployment method. This hardening procedure is required to maintain a secure operating system and network environment as a network firewall cannot prevent all intrusion that need to be stopped. When using the GPO to deploy security setting to another client computer there are some things that need to be done in order for the set up to be successful. There will be the need for a security risk assessment to be conducted to determine what will need to be protected against and what type of protection levels will need to be implemented. How the hardening (security) policies will be created and deployed to client computers. What type of operating systems is on the network in order to test the policy before it is deployed? With these question answered the hardening process can begin. First the servers and client computers must have the latest updates from their respective software company then the policies...
Words: 673 - Pages: 3
...I chose hardening Windows Server 2008. Building a hardened server should begin from the start of its implementation. If at all possible the new Windows Servers should be installed on an isolated network. This will keep it from being attacked before the operating system is hardened. Increasing the security of your servers will effectively minimize many vulnerabilities and threats. The chances of your system being compromised after the implementation of your hardening methods will be greatly decreased. There are things that you can use to ascertain what your security posture is and then go from there to see what you need to do to harden your system. The Microsoft Baseline Security Analyzer (MBSA) is a tool that will provide an assessment of your Windows Server 2008 security configuration....
Words: 510 - Pages: 3
...Securing Internet Client and Server Applications on Windows Systems Assessment Worksheet Note: This tab is for reference only. Please see your instructor to determine the assessment they wish you to use. Overview Both IIS and Internet Explorer can be hardened to improve confidentiality, integrity, and availability (CIA). In this lab, you identified security hardening opportunities for the IIS application, then made those changes on a Windows Server 2012 machine. Next, you will identified and modified the Internet Options for the Internet Explorer browser. Finally, you documented the changes you made and provided an explanation for how each change helps achieve CIA. Lab Assessment Questions & Answers 1. What are the steps you took to harden IIS? Disabled services not used by functional roles and blocked ports that were not in use. These steps are necessary because servers proved one or more specific services on the network. 2. What are the steps you took to harden the Internet Explorer browser? Opened only minimum required ports at the firewall; use encrypted connections for all communications; disabled any unneeded server features on the Web server. These are important because they heighten security. 3. As a result of this lab, which changes will you implement on your own Internet browser? Why? Disable any features that are not being used. Also turn on pop-up blocker. 4. Why should you change the directory where the log is stored? You should change...
Words: 398 - Pages: 2
...Hardening Windows Server 2008 is important because it improves the security of computer systems. The process of enhancing server security will effectively minimize various vulnerabilities and threats. Implementing hardening methods prior to using the server in normal operations will minimize malicious attacks and the chance of compromise. The Microsoft Baseline Security Analyzer (MBSA) is a tool that will provide an assessment of the Windows Server 2008 security configuration. It will scan for Windows administrative vulnerabilities, weak passwords, Internet Information Server (IIS) administrative vulnerabilities, and Structured Query Language (SQL) administrative vulnerabilities. A detailed report of the findings will be generated in the order...
Words: 481 - Pages: 2
...Lab #2: Executive Summary Windows Hardening Defense, starts with the basics, Log in with least amount of privileges. Always use Firewall and AV. Monitor channels for security advisories and alerts. Know your system(s). Patch early and patch often, Unpatched Systems are the lowest of low hanging fruit. Have a patch policy documented and stick with it. Review patches as they are released and determine criticality based on the exploit, threat footprint for your system(s), and whether or not there is a POC or fully weapon exploit in the wild. When possible, test patches before rolling out in production on servers. Most clients should have automatic updates enabled for the OS and any application listening on a socket or used with untrusted data (java, adobe, browsers, etc...) Servers should be updated during maintenance windows if possible and depending on criticality (of threat and server). Security Technical Implementation Guide is a Compendium of DOD Policies, Security Regulations and Best Practices for Securing an IA or IA-Enabled Device (Operating System, Network, Application Software, etc.) A Guide for Information Security. Mandated in DODD 8500.1, DODI 8500.2 and endorsed by CJCSI 6510.01, AR 25-2, and AFI 33-202. The goals of STIG are to provide Intrusion Avoidance, Intrusion Detection, Security Implementation Guidance, Response and Recovery. DISA STIGs offers configuration guides and checklists for: Databases, Operating Systems, Web Servers, Etc... Also provides standard “findings”...
Words: 651 - Pages: 3
... Part #1 Apply Hardened Security for Linux Services & Applications Learning Objectives and Outcomes Upon completing this lab, students will learn about the following tasks: * Harden Linux server services when enabling and installing them, and keep a security perspective during configuration * Create an Apache Web Server installation and perform basic security configurations to assure that the system has been hardened before hosting a web site * Configure and perform basic security for a MySQL database, understanding the ramifications of a default installation and recommending hardening steps for the database instance * Install, setup and perform basic security configuration for Sendmail to be able to leverage the built-in messaging capabilities of the Linux System * Enable and implement secure SSH for encrypted remote access over the network or across the Internet of a Linux server system Overview This lab is an extension of the previous hands-on labs, and it incorporates security hardening for Linux services and applications loaded in the physical server. This demonstration will configure security and hardened services and applications to ensure C-I-A of these services. It will take the steps to configure and secure an Apache web server and MySQL database and the components necessary to security harden the implementation of both. The students will also see how to use and configure the Sendmail application for secure local messaging and will...
Words: 2020 - Pages: 9
...04/16/14 NT2670, Email and Web Unit 4 Assignment: SMTP Security 1. List and describe three SMTP server security threats? a. Viruses can erase files, cause computer crashes and destroy information or get information. b. Spam email is a term used to describe messages sent in bulk or incoming emails that are received without consent. c. Directory harvest attacks (DHAs) is an attempt to determine the valid e-mail addresses associated with an e-mail server so that they can be added to a spam database. 2. List three suggestions to harden SMTP server security? a. “Disable open relaying on all SMTP virtual servers: Open relay on your Exchange Server allows other Email servers to use your server as a gateway to others. This allows others to send spam Email which appears to be originated from your address, therefore you will be identified as a spam source.” (Ehamouda, 2009) b. “Prevent anonymous access on internal SMTP virtual servers and dedicated SMTP virtual servers for IMAP and POP clients: Because all Exchange servers within your organization authenticate with each other to send mail, you do not need to enable anonymous access on your internal Simple Mail Transfer Protocol (SMTP) virtual servers. Additionally, all Post Office Protocol (POP) and Internet Message Access Protocol (IMAP) clients authenticate with your SMTP virtual server, so anonymous access is not required on a server that is used exclusively by POP and IMAP clients.” (Ehamouda, 2009) c. “Restricting Submissions...
Words: 337 - Pages: 2
...Dec 8 ISA Server Installation step by step Insert the ISA Server 2004 Enterprise CD and follow the installation instructions. You must choose to Install Configuration Storage Server. This will install an ADAM-Instance on this computer which will be used to store the configuration of ISA Server Arrays. ISA Server Array Members will connect to the Configuration Storage Server to receive the configuration. Figure 1: Installation of a Configuration Storage Server If you choose Install Configuration Storage Server you can see in Figure 2 that only the ISA Management Option and the Configuration Storage Server will be installed. Figure 2: Component Selection On the next page we must select create a new ISA Server enterprise (Figure 3). This configuration option creates a new ISA Server Enterprise during the installation. Figure 3: Create a new ISA Server Enterprise Figure 4 shows a warning message that Microsoft recommends only deploying a single Enterprise in your Organization. Multiple Enterprises could be hard to manage. You can deploy multiple Arrays within one ISA Server Enterprise. Figure 4: Warning message when you install a new ISA Enterprise The next step (Figure 5) is to name the new ISA Server Enterprise and enter a description for the new Enterprise. Figure 5: Enter a name and description for the new Enterprise If you are using ISA Server 2004 Enterprise in a single domain or in domains with trust relationships, you must choose the Setup Option I am...
Words: 1049 - Pages: 5
...Cost Analysis Windstream communications bases the cost of the proposed the virtualized infrastructure upon the comparable cost of the server virtualization implemented by Landmark Healthcare in 2009. PROPOSED Virtualized Infrastructure Phase I (2015) Existing physical Infrastructure 2015 Server Hardware $24,539 35 installed servers $76,000 125 installed servers Storage Hardware $- $- Direct attached storage only Network Switches $12,979 Two new switches purchased $38,937 6 installed switches Virtualization Software $3,600 VMware infrastructure 3 foundation and vCenter Foundation NA System Management Software $2,466 Costs for server based backup $12,694 Costs for server based backup Operating System Licensing $13,394 23 Windows Standard...
Words: 499 - Pages: 2
...(AUP). An AUP defines what the users are allowed to access within the office. The Workstation domain is the physical computer that any employee has access to and how this can be protected from certain threats is by placing in effect the following; configure the hardware, hardening the system, and verifying antivirus files. Configuring the workstation would include not allowing the CD/DVD drive to work and any USB that is connected to the computer is automatically encrypting the data that is transferred to it so it cannot be used outside of the office. Verifying the antivirus files is just making sure that the antivirus software is up to date and is stopping most of the viruses that are coming into the network. And hardening the system is just ensuring that all the workstations have the latest software revisions, security patches, and system configurations. LAN domain is what connects all the workstations in the building. How this can be more secure is by implementing access control by setting up user LAN accounts with logins and passwords. Design of directory and file services which user will have to access. Configure workstations and servers to use TCP/IP software and communication protocol. Design of server disk storage space, backup, and recovery of the user data. And design of virtual LANs. All of this will help improve security of this institution from most of the threats that are out...
Words: 295 - Pages: 2
...wireless devices; this network is where devices are directed to if the computers do not meet the companies’ established security requirements. Such an example is if the computer’s antivirus definitions are not up to date, if they have a virus detected on the system, or if the computer is not up to date on security updates. The node security set up on the ASA will prevent users from re-entering the secure network until the computer meets the required security settings. The second network from the ASA encompasses the forward facing webservers. The forward facing webservers could be used to run the public website for the company, but not the intranet. The servers housed in this network do not have access to the internal or secure networks. The third and final connection from the ASA leads to an encrypting switch that services the secure server farm, internal workstations, and secure Wi-Fi network. This switch provides hardware encryption to the devices behind...
Words: 669 - Pages: 3
...1. When configuring services, what Linux directory typically contains server configuration files? cn=config is the is the subtree location where the default configuration is stored as a series of LDAP entries. 2. What command disables remote access to the MySQL Database? Is this a security hardening best practice? Remote access is disabled by default. Hardening security is recommended by installing the whole security package: Antivirus and Antispam, Firewall, and all of the security packages recommended by your operating system. 3. What is a Linux runlevel for a specific service or application? What command allows you to define the runlevel for a service or application? Runlevel 0 = halt Runlevel 1 = Single user mode Runlevel 2 = Basic multi-user mode (without networking)/User defineable Runlevel 3 = Full (text based) multi-user mode/Mulit-user mode Runlevel 4 = Not used Runlevel 5 = Full (GUI based) multi-user mode/Full multi-user mode Runlevel 6 = reboot /etc/rc.d 4. What is the Apache Web Server? Review the /etc/httpd/conf/httpd.conf configuration file, and point out a setting that could enhance security. The worlds most popular Web server. mod_reqtimeout.c = Set timeout and minimum data rate for receiving requests/set this to RequestReadTimeout header=10 body=30 (Allow 10 seconds to receive the request including the headers and 30 seconds for receiving the request body) 5. OpenSSH is the de facto method to remotely access Linux systems. Explain...
Words: 393 - Pages: 2
...Study Guide for Windows Security Final IS3340 1. Many current operating systems actually implement microkernel architecture. Microkernel only implements the minimal required. Processes generally run in either user mode or supervisor mode. 2. The process of providing and denying access is called access control. Access control is multi step process starting with Identification and authentication. Three authentication types are type I, II, and III 3. User rights define the tasks that user is permitted to carry out, such as take ownership of objects or shutdown the computer. Permissions define what a user can do to a specific object such as read or delete the object. 4. This functionality has matured into a core Windows feature called, Active Directory this allows users and groups to be defined once and shared among multiple computers. 5. The main feature of Microsoft Active Directory is the ability to define identity and Authorization permission that can be shared among multiple computers within one or more domains. 6. The principal of providing the just the necessary access required to carry out a task is called the principal of least privilege or LUAs. 7. Access Models: Identification, Authentication, Authorization, ACL’s and Security Access Token (SAT). 8. Access Control List (ACL), Discretionary Access Control List (DACL), and Access Control Entry (ACE). 9. Access Models: Identification, Authentication, Authorization, ACL’s and Security Access Token (SAT). 10. cacls...
Words: 1195 - Pages: 5
...Riordan’s Windows Server and Linux Critique Learning Team A POS/420 Date: Instructor: Riordan’s Windows Server and Linux Critique At the request of Riordan Manufacturing, Inc., the project team conducted a thorough review to compare the advantages and disadvantages of Windows Server and Linux. The recommendation of an operating system will ensure Riordan’s business operations continue with compatibility between all locations with the highest level of security, administration, networking, performance, and programmabilityimplemented. Security Although there are proponents everywhere for each type of operating system available on the market today, the focus of this project team, at the request of Riordan management, is to compare the security advantages and disadvantages of Windows Server and Linux. Windows Server Advantages. Windows Server has improved over the years in providing basic security provisions for administrators. Access to any system is extremely important to security professionals, such as domain name system (DNS), active directory domain services (AD), and access to web servers using Internet Information Services (IIS). DNS security extensions (DNSSEC) provide added security when a consumer is gaining access to a company’s website as well as how the company interacts...
Words: 1859 - Pages: 8
...WATERWORLD WATERPARKS Information Security Policy Version 1.0 Revision 191 Approved by John Smothson Published DATE March 23, 2011 CONFIDENTIAL/SENSITIVE INFORMATION This document is the property of WATERWORLD WATERPARKS. It contains information that is proprietary, confidential, sensitive or otherwise restricted from disclosure. If you are not an authorized recipient, please return this document to WATERWORLD WATERPARKS, Attention: IT Director. Dissemination, distribution, copying or use of this document in whole or in part by anyone other than the intended recipient is strictly prohibited without prior written permission of WATERWORLD WATERPARKS Executive Management. Revision History Changes | Approved By | Date | Initial Publication | John Smothson | 3-23-2011 | | | | | | | | | | | | | | | | | | | | | | | | | | | | Table of Contents 1 Introduction and Scope 8 1.1 Introduction 8 1.2 Payment Card Industry (PCI) Compliance 8 1.3 Scope of Compliance 8 2 Policy Roles and Responsibilities 10 2.1 Policy Applicability 10 2.2 Information Technology Manager 10 2.3 Information Technology Department 11 2.4 System Administrators 12 2.5 Users – Employees, Contractors, and Vendors 12 2.6 Human Resource Responsibilities 12 2.6.1 Information Security Policy Distribution 13 2.6.2 Information Security Awareness Training 13 2.6.3 Background Checks 13 3 IT Change Control Policy 15 3.1 Policy Applicability and Overview 15 3.2 Change Request Submittal...
Words: 28277 - Pages: 114