Marc Liddell - 040001950<br />AC41006<br />E-commerce website and server report<br />Date: 19 December 2008<br />Contents TOC o "
I have used a PC running on Windows Vista, with SP1 installed.
When doing this, the md5 hash given on the website should be compared to the md5 of the file downloaded, md5 file hashes can be generated using lots of free programs available on the web, or in command prompt.
Now these steps are implemented the following can be implemented in any order, to secure the server, and its affiliations.<br />3. Setting up SSL<br />3.1 Certificate and binding settings<br />I found the following web page useful for reference.<br />http://weblogs.asp.net/scottgu/archive/2007/04/06/tip-trick-enabling-ssl-on-iis7-using-self-signed-certificates.aspx<br />If you already have a signed certificate miss out steps 1-3.<br />
From the root computer in connections, open Server Certificates
Depending on preference click “Create Self-Signed Certificate” or “Create Domain Certificate (for this project I creates a certificate using filegate.computing.dundee.ac.uk)
Tick the appropriate options, for my server I used “Require SSL”, “Require 128-bit SSL” and Client certificates: Ignore.
3.3 Ensuring appropriate encryption is used<br />Many encryption algorithms and ciphers which are still active on Windows Vista are now insecure, these must be disabled, to ensure encryption security.<br />
Open up the registry (Run-> “regedit”)
Back-up the registry (File-> Export) (this can be used if it is corrupted during this process)
Go to the following location: Computer/HKEY_LOCAL_MACHINE/System/CurrentControlSet/Control/SecurityProviders/Schannel/Protocols
Create a folder named “PCT 1.0”, next create a new key named “Server”, finally in this Key, create a DWORD (32-bit) Value, with the name “Enabled” value 00 00 00 00
If SSL 2.0 is already present, go into the server key and change the Enabled DWORD to 00 00 00 00. If this does not exist create it as above.
Create a key named SSL 3.0, next create another key, named Server, in this key create a DWORD (32 bit) Value named “Enable” to the value ff ff ff ff
In the directory Computer/HKEY_LOCAL_MACHINE/System/CurrentControlSet/Control/SecurityProviders/Schannel/Ciphers, create the following Keys, and create a DWORD (32-bit) Value with the name Enabled and value 00 00 00 00 in the key;
And finally, in the same directory, create a key named “TripleDES 168/168”, with a DWORD(32-bit) value, with the name Enabled and value ff ff ff ff.
These settings are appropriate for the time of printing, over time encryptions have potential to become vulnerable, so these may need to be changed.<br />4. Configuring the Windows firewall<br />The windows firewall can be very useful to block ports an programs, it should be used, and configured as below.<br />
5. Closing the net bios ports (135 and 137)<br />These ports have to be closed down in another directory, as they are not in the firewall settings. These ports are potentially vulnerable to attackers, at minimum they can obtain computer information from these.<br />
Go to Control Panel -> Network and security
On the left panel, go to “Manage network connections”
7. MySQL durability<br />7.1 MySQL Security<br />To make MySQL secure to outside attacks, the remote access must be shut down. This means closing port 3302. This can be closed on the windows firewall (section 4). Closing this maintains access for the local host, but removes access from the web.<br />7.2 MySQL logging<br />This is necessary for database durability, should it fall over.<br />
Open the MySQL Administrator in MYSQL GUI tools
Create a stored connection with the appropriate log-in information
Go to Start-up Variables -> Log Files and enable the following:
7.3 MySQL Backups <br />Backups are necessary for restoring the data base due to corruption or physical damage. These should be stored on a separate PC, preferably in a separate, secret location, however for this project I deemed this unnecessary due to cost and timescale.<br />
Set as required (for this project I set to daily log files, with no maximum size and using the default directory.)
8.2 Server back-up<br />Although there are no actual menu settings for this I regularly backed up web files on a pen drive, which is normally kept offsite. This is essential if another server needs to be set up and the files be placed on it. Ideally a second server would be set up in parallel, so if the main server fell over, the secondary server could take its place.<br />9 Error Redirection<br />Error pages can expose critical information about a web server to attackers, these should be avoided as much as possible. One step I took to ensuring this information was not leaked was to implement a error redirection for errors 401, 403, 404, 405, 406, 412, 500, 501 and 502. <br />This was implemented by linking the appropriate pages as following:<br />
Open IIS manager, go to the appropriate website in the connections panel
Then edit the path of each error page as appropriate. (For this project I simply named the pages 401.php, 403.php etc.)
http(80/tcp) – This port is required to be open, to run the website. However, one of the vulnerabilities on this port is that some directories can be enumerated (discovered by dictionary attack). The /_vti_bin is used for ASP to deposit code on the server and /styles, which I assume will have the style sheets in it. This provide no risk, however, it maybe possible to guess script names in here, to run, and this could be hazardous.
Another discovery on this port is that the server is likely to be IIS 6.0 –SP1 Although this itself is not a risk, if an exploit is found, and is not patched instantly, the exploit could be applied to the server, with more confidence it will affect it.
Netbios-ns(137/udp) allows capture of system information, no risks, however should have been removed. It can be removed by following the procedure in section 5.
Netbios-ssn(139/tcp) SMB server runs here. It can be removed by following the procedure in section 5.
https ( 443/tcp) most vulnerabilities are unpreventable, for example public key data. There is one vulnerability which has a risk factor, of low (not none) which is that the IIS NTLM web server is running, and it may be possible to exploit authentication schemes, which are used for confidential web pages. These is however no fix available for this as of yet, this should be kept an eye on however, for a patch, when it is release.
MySQL(3306/tcp)There are no vulnerabilities on this port, however this should not be open at all. This can be disabled in the MySQL GUI administrator, as described in section 7.1.
Ms-wbt-server(3389/tcp) No vulnerabilities, however is a unused port, so should be shut down.
13.3 General vulnerabilities & website<br />
In general/tcp vulnerabilities, it is shown that tcp timestamps are being implemented, and can potentially lead to host corruption. To attempt to ensuring upheld security and reliability, this should be shut down.
SSL- switching between SSL and HTTP is seamless, very smooth. However I feel some directories could be taken out of SSL, to reduce the load on the server, for example browse artists.
13.4 Security conclusion<br />Overall the security of the system is good, however, several ports should be closed, to pre-empt any problems/bugs on these ports.<br />