Dirty-Dozen: Top 12 Issues in Windows 2000 Security Roberta Bragg Security Evangelist Have Computer...
Transcript of Dirty-Dozen: Top 12 Issues in Windows 2000 Security Roberta Bragg Security Evangelist Have Computer...
Dirty-Dozen: Top 12 Issues in Windows 2000 Security
Roberta BraggSecurity EvangelistHave Computer Will Travel, Inc.
Agenda
1. Was the FBI Right?
2. Too Trusting?
3. EFS/ XP/W2K Issues
4. Anonymous Access Exposes Data
5. Preventing
Unauthorized Access
6. NTFS Inheritance
7. Don’t Give Permissions to User Accounts
8. So many security settings to configure!
9. So many boxes to secure
10.Too Many Administrators
11. Patching Mania
12. Weak Passwords
1. Was the FBI Right?
Universal Plug-and-Play standard
Feature of XP – unfortunately flawed
Security Bulletin MS01-59
Q article - Q315056
What’s the Fuss?
Buffer overrun – attacker controls system
Endless download cycle (DoS) possible if
maliciously configured device host
Flooding of third party server (DoS) with
bogus requests
Configuration to Limit Exposure – Q315056
Regulate device download based on
scope
Regulate device description download
based on Router Hops
Port restrictions
Delay Mechanisms
2. Too Trusting
Security Bulletin MS02-001 - Using SID
Filtering to Prevent Elevation of Privilege
Attacks
An Administrator of one domain could
obtain administrative rights in another
To exploit you’d have to:
Be Domain Administrator in the trusted
domain
NT: develop and install custom operating
system components
W2K: binary edit of data structures that
hold SIDHistory mechanism
Protecting Security Boundaries
No trust
NT style trust between domains in
separate forest – SID Filtering
Kerberos style trust between domains in
forest NO!!!!!! Do not apply Sid Filtering
Vet, Hire and Audit Trustworthy admins
Excellent Encryption Product
Symmetric and Asymmetric Encryption
W2K – File recovery
.NET – File or key recovery
Storage Issues
Network Storage• W2K Not encrypted during transport – use IPSec
• XP use Web Folders – files remain encrypted
Copy to FAT – decrypted
W2K/XP backup preserves encryption
XP Specific Issues
Sharing encrypted files may be
dangerous
Administrative password reset uncouples
certificate from user account
4. Anonymous Access Exposes Data
Anonymous access is accomplished via
null domain name, account password
Necessary for some applications/services
5. Preventing Unauthorized Access
Windows 2000/XP in domain – Kerberos
Compatibility dilemma
• NT – NTLM
• Win9x – LM
NTLMv2 advantage
• Prevents sending of LM password hash
• Available NT, Win9x with AD client installed
Registry entry to prevent storage LM password
hash
6. NTFS Permissions Inheritance
Windows NT - can be cascaded to any
level!
Windows 2000 - can be blocked at
subfolder level.
Windows XP unlike W2K – can apply
defaults to upgrade.
7. Don’t Give Permissions to User Accounts
Add user accounts to Global Groups
Add Global Groups to local Groups
Assign permissions to local groups
W2K native mode use Universal Groups
Promotes ease of administration, assurance
of access removal, clear audit path
Best Practice
9. So Many Boxes to Secure
Develop baselines for classes of boxes
Create baseline security templates
Apply• Security Configuration and Analysis
• Group Policy
Use to audit system compliance with
policy
Key Feature
10. Too Many Administrators
Use Default Groups• Server/account/print operator
• Power User
Create groups and assign rights and permissions
Question and evaluate any request for administrative status
Window 2000 – Use delegation of authority
11. Patching Mania
Everyone says to patch your
system ?????
Windows Update – single systems
Windows Corporate Update Site• http://corporate.windowsupdate.microsoft.com
Qchain
12. Weak Passwords
Many attacks require authenticated
access
Default Password policy is weak
Users need training in creating strong
passwords
Consider alternatives – Biometrics; Smart
cards
What is Microsoft Doing? Trustworthy Computing?
Bill Gates speech on trustworthy
computing.
Month long no-new-code sabbatical.
Can perfect code be produced?
What will it cost?
What’s the track record, really?
Stats (www.securityfocus.com)
Most vulnerabilities: Mandrake Soft
Linux with 34
2nd, 3rd, 4th place - three other versions
of Linux
5th Windows 2000, 2 versions of Solaris
tied with 24 each
www.securityfocus stats
0
20
40
60
80
100
2001 2000
NT & W2K
Red Hat Linux
Call to Action!
Patch and/or Disable UPnP
Understand the Meaning of Trust
Disable EFS until PKI
Restrict Anonymous Access
Force NTMv2 where
Kerberos won’t prevail
Protect Key NTFS
Permissions
AGLP
Create Security Baselines
Use Group Policy
Delegate Authority
Patch
Use strong
authentication
Checklist
(hold Bill’s feet to the fire)