Ch04 Security - Secur ity Baselines Security Guide to Network Security Fundamentals Chapter 4 2 Objectives Disable nonessential systems Harden

Info iconThis preview shows pages 1–10. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: Secur ity Baselines Security+ Guide to Network Security Fundamentals Chapter 4: 2 Objectives Disable nonessential systems Harden operating systems Harden applications Harden networks 3 Disabling Nonessential Systems First step in establishing a defense against computer attacks is to turn off all nonessential systems The background program waits in the computer’s random access memory (RAM) until the user presses a specific combination of keys (a hot key), such as Ctrl+Shift+P Then, the idling program springs to life Early terminate-and-stay-resident (TSR) programs performed functions such as displaying an instant calculator, small notepad, or address book I n Microsoft Windows, a background program, such as Svchostexe, is called a process 4 Disabling Nonessential Systems (cont) The process provides a service to the operating system indicated by the service name, such as AppMgmt Users can view the display name of a service, which gives a detailed description, such as Application Management A single process can provide multiple services A service can be set to one of the following modes: Automatic Manual Disabled Besides preventing attackers from attaching 5 Disabling Nonessential Systems (cont) 6 Disabling Nonessential Systems (cont) 7 Disabling Nonessential Systems (cont) The User Datagram Protocol (UDP) provides for a connectionless TCP/I P transfer TCP and UDP are based on port numbers Socket: combination of an I P address and a port number The I P address is separated from the port number by a colon, as in 19814611820:80 The User Datagram Protocol (UDP) provides for a connectionless TCP/I P transfer TCP and UDP are based on port numbers Socket: combination of an I P address and a port number 8 Disabling Nonessential Systems (cont) 9 Hardening Operating Systems Hardening: process of reducing vulnerabilities A hardened system is configured and updated to protect against attacks Three broad categories of items should be hardened: Operating systems Applications that the operating system runs Networks You can harden the operating system that runs on the local client or the network operating system (NOS) that manages and controls the network, such as Windows Server 2003 or Novell NetWare 10...
View Full Document

This note was uploaded on 03/28/2010 for the course NETWORK SE Security + taught by Professor None during the Three '10 term at University of Sydney.

Page1 / 30

Ch04 Security - Secur ity Baselines Security Guide to Network Security Fundamentals Chapter 4 2 Objectives Disable nonessential systems Harden

This preview shows document pages 1 - 10. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online