Security Features in Windows Vista. What Will We Cover? Security fundamentals Protecting your...
-
date post
18-Dec-2015 -
Category
Documents
-
view
215 -
download
0
Transcript of Security Features in Windows Vista. What Will We Cover? Security fundamentals Protecting your...
What Will We Cover?• Security fundamentals
• Protecting your company’s resources
• Anti-malware features
• Exploring Security Fundamentals
• Mitigating Threats and Vulnerabilities
• Controlling Identity and Access
• Protecting System Information
Agenda
DDDD DD
Windows Vista Service Hardening
DD DDDD
• Reduce size of
high-risk layers
• Segment the
services
• Increase number
of layers
Kernel driversD
D User-mode drivers
Service Service 11
Service Service 22
Service Service 33
ServiceService……
Service Service ……
Service A
Service B
• Exploring Security Fundamentals
• Mitigating Threats and Vulnerabilities
• Controlling Identity and Access
• Protecting System Information
Agenda
• Phishing filter and colored address
bar
• Dangerous Settings notification
• Secure defaults for IDN
• Unified URL parsing
• Code quality improvements (SDLC)
• ActiveX opt-in
• Protected Mode to prevent malicious
software
Internet Explorer 7.0
Social Engineering ProtectionsProtection from Exploits
ActiveX Opt-in
IE7
Disabled Controls by default
IE7 blocks ActiveX Control
User grants permission (opts-in)
IE7 confirms install
ActiveX Control enabled
Double-checks site with online Microsoft service of reported phishing sites
Scans the website for characteristics common to phishing sites
Phishing Filter
Compares website with local list of known legitimate sites
Windows Defender
• Improved detection
and removal
• Redesigned and
simplified user
interface
• Protection for all users
Network Access Protection
DHCP, VPNSwitch/Router MSFT
NetworkPolicy Server
WindowsVista Client
Corporate Network
Fix Up Servers
Policy Servers
• Exploring Security Fundamentals
• Mitigating Threats and Vulnerabilities
• Controlling Identity and Access
• Protecting System Information
Agenda
User Account Control
Allows system to run asstandard user
Allows select applications to run in elevated context
Fix or remove inappropriateadministrative checks
Registry and file virtualization provides compatibility
Improved Auditing
Main Category
Logon/ Logoff
File System Access
Registry Access
Use of Administrative
Privilege
New Logging Infrastructure
Restart Manager
Integrated Control
Control over removable device installation
Security Center enhancements
• Exploring Security Fundamentals
• Mitigating Threats and Vulnerabilities
• Controlling Identity and Access
• Protecting System Information
Agenda
Information Leakage
“After virus infections, businesses report unintended forwarding of e-mails and loss of mobile devices more frequently than they do any other security breach”
Jupiter Research Report, 2004
0% 10% 20% 30% 40% 50% 60% 70%
Loss of digital assets, restored
E-mail piracy
Password compromise
Loss of mobile devices
Unintended forwarding of e-mails
20%
22%
22%
35%
36%
63%Virus infection
Windows Vista Data ProtectionPolicy Definition and Enforcement
Rights Management Services
User-Based File System Encryption
Encrypted File System
Drive-Level Encryption
BitLocker Drive Encryption
Windows Vista Firewall
• Both inbound and outbound
• Authentication and
authorization aware
• Outbound application-aware
filtering is now possible
Includes IPSec management
Of course, policy-based
administration
Great for Peer-to-Peer control
Network Access Protection
11
RestrictedRestrictedNetworkNetworkMicrosoftMicrosoft
NetworkNetworkPolicy Server Policy Server
33
Policy ServersPolicy Serverse.g. Microsoft Security e.g. Microsoft Security Center, SMS, AntigenCenter, SMS, Antigen
or 3or 3rd rd party party
Policy Policy compliantcompliantDHCP, VPNDHCP, VPN
Switch/Router Switch/Router
22
WindowsWindowsVista ClientVista Client
Fix UpFix UpServersServers
e.g. WSUS, SMS e.g. WSUS, SMS & 3& 3rdrd party party
Corporate NetworkCorporate Network55
Not policy Not policy compliantcompliant 44
Control Over Device Installation
• Control over removable device installation via a policy
Mainly to disable USB-device installation, as many corporations worry about intellectual
property leak
You can control them by device class or driver
• Approved drivers can be pre-populated into trusted Driver Store
• Driver Store Policies (group policies) govern driver packages that
are not in the Driver Store:
Non-corporate standard drivers
Unsigned drivers
Client Security Scanner
• Finds out and reports Windows client’s security state:
Patch and update levels
Security state
Signature files
Anti-malware status
• Ability for Windows to self-report its state
• Information can be collected centrally, or just reviewed
in the Security Center by the users and admins
Code Integrity
• All DLLs and other OS executables have
been digitally signed
• Signatures verified when components
load into memory
BitLocker™
• BitLocker strongly encrypts and signs the entire hard drive (full volume encryption)
TPM chip provides key managementCan use additional protection factors such as a USB dongle, PIN or password
• Any unauthorised off-line modification to your data or OS is discovered and no access is granted
Prevents attacks which use utilities that access the hard drive while Windows is not running and enforces Windows boot process
• Protects data after laptop theft etc.• Data recovery strategy must be planned carefully!
Vista supports three modes: key escrow, recovery agent, backup
BitLocker Drive Encryption
•Improved at-rest data protection with full drive encryption
•Usability with scalable security protections
•Enterprise-ready deployment capabilities
•Offline system-tampering resistance
•Worry-free hardware repurposing and decommissioning
•Integrated disaster recovery features
Trusted Platform Module
Encrypted Data
Encrypted Volume Key
Encrypted Full Volume Encryption
Key
TPM Volume Master Key
Full Volume Encryption Key
Cleartext Data
• Windows Vista is the most secure Windows operating system to date
• Windows Vista protects users
• Numerous other security improvements help protect data and ease deployment
Session Summary
A BRIEF OVERVIEW• “Need to Know Basis”• Baseline
User Account AdministrationPassword AdministrationGroup or Role AdministrationFile Permissions on Critical FilesUMASKSUID & SGIDCronSyslogServicesPatches
• Conclusion
Need to Know Basis
• When setting up security on your Unix
systems, ensure that security is set up on
a need to know need to use basis.
Baseline• A Baseline ensures that security policies
are implemented consistently and completely across various platforms.
• Should be in a written form• Include specific instructions to achieve
security on a specific server.
User Account Administration• User Account Policies should address:Immediate deactivation of Users Accounts for terminated employees
Superuser account proceduresContractors AccountsNaming Conventions for User accounts
Password Administration
• 60 to 90 day expiration for ordinary users
• 30 day password expiration for superusers
• Do not allow password sharing
• Set minimum password lengths to at least 6
characters
File Permissions on Critical Files
• Unix controls access to files, programs, and all other resources via file permissions.
• Unix permission are controlled by three categories: Owner, Group, and World
• Each category has the ability to either READ, WRITE, and/or EXECUTE Unix files or resources
• Ex. –rwxr-x--x
UMASK• Ensure that your UMASK settings
automatically assigns each newly created
file with the most secure file permission.
SUID & SGID
• SUID and SGID files allow the World user
to temporarily assume the permissions of
the Owner or Group users while using the
program.
CRON• Cron is the Unix Job scheduler• Many system administrators use the Cron
to perform automatic full or incremental back-ups of the systems.
• The Cron can also be used to email log files, clean up file system etc.
Syslog
• The syslog utility allows systems
administrators to log various events
occurring on the Unix system.
• If Syslog is configured correctly, Unix can
log many security events without the use of
a third party plug-in.
Services• The inetd.conf file controls the services that are
allowed on the Unix system.
• Make sure that only necessary services are
activated
• Unix comes with all services activated by default,
and many of these services have severe security
vulnerabilities.
Patches
• Ensure that your Unix systems are
patched regularly. A policy should be
adopted to ensure that all patches are
tested and installed on a schedule.
Remote File Systemsref: Vahalia, ch 10
• GoalsMount file systems of a remote computer on a local system
Mount any FS, not only UNIXH/w independentTransport independentUNIX FS semantics must be maintainedPerformanceCrash recoverySecurity
setuid()Is there a way a programmer could use a setuid() program to penetrate the security of UNIX/Linux?
• Normally, no. Good intentions of this call in user mode are just set it’s effective UID to real. The superuser can set any UID to whatever s/he wants. However, on an unpatched UNIX/Linux by tracing a setuid program with ptrace and if the program invokes subsequent execs, one can modify its address space to exec a shell and gain unauthorized superuser’s access to the system (p. 154, Vahalia).
Conclusion• Although there are many other areas that
can be addressed in a security baseline, the aforementioned areas mentioned will give you a headstart in addressing security for your Unix system, and should prepare your servers for our upcoming IS audits.
Natural Security
• Controls and checks access to the Natural
Environment
• Four types of objects
Users
Libraries
DDMs/files
Utilities
RPC Service Requests
• Protect RPC Services as well as the requests are
handled.
• User authentication are possible in two modes
Validation with Impersonation
Validation without Impersonation
• Impersonation must be set in the security profile
of the Natural RPC Server.
Resource Access Control Facility (RACF)
• Access control software for IBM mainframe.
• Operates at the OS level.
• Can interface with Customer Information
Control System (CICS), IBM’s system for
end user account management.
RACF Functions
• identify and verify system users
• identify, classify, and protect system
resources
• authorize the users who need access
to the resources you've protected