Eicon Networks S92 Manuel d'utilisateur télécharger pdf (Page 43)

YuChakTinMichael‘sGIACGCFWProjectAssignment

Page 43

Step4Removeunusedandpotential lydangerouscomponents.

The“dangerous”componentsaslistedinthearticle“TechnicalReference:NTServer

4.0HardeningGuide”are:

“xcopy.exe,wscript.exe,cscript.exe,net.exe,ftp.exe,telnet.exe,arp.exe,edlin.exe,

ping.exe,route.exe,at.exe,finger.exe,posix.exe,rsh.exe,atsvc.exe,qbasic.exe,

runonce.exe,syskey.exe,cacls.exe,ipconfig.exe,rcp.exe,secfixup.exe,nbtstat.exe,

rdisk.exe,debug.exe,regedt32.exe,regedit.exe,edit.com,netstat.exe,tracert.exe,

NSLOOKUP.exe,rexec.exe, cmd.exe,NSLOOKUP.exe,tftp.exe, command. com”

7

Infact,wedonotneedtohavethemdisappeared.However,itisagoodideatohide

them.Wemaydothisbytakingthemawayfromtheiroriginallocationsandplace

theminaspecialdirectoryprotectedbyfinetunedNTFSACLsettings.

Step5Encryptthesystemaccountsdatabas e.

Withthehelpofthesyskey.exeutility,theSAMcanbeprotectedagainstpassword

crackingattacks.BelowisanextractoftheMicrosoftKBarticleQ143475onsyskey:

“TheWindowsNTServer4.0SystemKeyhotfixprovidesthecapabilitytousestrong

encryptiontechniquestoincreaseprotection ofaccountpasswordinformationstored

intheregistrybytheSecurityAccountM anager(SAM).WindowsNTServerstores

useraccountinformation,includingaderivativeoftheuseraccountpassword,ina

secureportionoftheRegistryprotectedbyaccesscontrolandanobfuscationfunction.

Theaccountinformation intheRegistryisonlyaccessibletomembersofthe

7

http://screamer.mobrien.com/Manuals/MPRM_group/security.htm

1 2 ... 38 39 40 41 42 43 44 45 46 47 48 ... 208 209

Pas de commentaire

Eicon Networks S92 Manuel d'utilisateur Page 43