Submit Search
Upload
Networking Concepts Lesson 10 part 1 - Network Admin & Support - Eric Vanderburg
•
Download as PPT, PDF
•
3 likes
•
1,255 views
Eric Vanderburg
Follow
Networking Concepts Lesson 10 part 1 - Network Admin & Support - Eric Vanderburg
Read less
Read more
Technology
Report
Share
Report
Share
1 of 60
Download now
Recommended
CRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITY
Kathirvel Ayyaswamy
Digital certificates & its importance
Digital certificates & its importance
svm
Digital certificates
Digital certificates
Sheetal Verma
SSL Secure socket layer
SSL Secure socket layer
Ahmed Elnaggar
Firma Digital - Presentación 22/06/2020
Firma Digital - Presentación 22/06/2020
Florencia Garcia Rambeaud
digital signature ppt
digital signature ppt
Nitesh Dubey
Information Security
Information Security
Dr. Himanshu Gupta
La gestión documental basada en datos: la experiencia del Consorcio de Educac...
La gestión documental basada en datos: la experiencia del Consorcio de Educac...
Jordi Serra Serra
Recommended
CRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITY
Kathirvel Ayyaswamy
Digital certificates & its importance
Digital certificates & its importance
svm
Digital certificates
Digital certificates
Sheetal Verma
SSL Secure socket layer
SSL Secure socket layer
Ahmed Elnaggar
Firma Digital - Presentación 22/06/2020
Firma Digital - Presentación 22/06/2020
Florencia Garcia Rambeaud
digital signature ppt
digital signature ppt
Nitesh Dubey
Information Security
Information Security
Dr. Himanshu Gupta
La gestión documental basada en datos: la experiencia del Consorcio de Educac...
La gestión documental basada en datos: la experiencia del Consorcio de Educac...
Jordi Serra Serra
Networking Concepts Lesson 10 part 2 - Security Appendix - Eric Vanderburg
Networking Concepts Lesson 10 part 2 - Security Appendix - Eric Vanderburg
Eric Vanderburg
Networking Concepts Lesson 01 - Intro - Eric Vanderburg
Networking Concepts Lesson 01 - Intro - Eric Vanderburg
Eric Vanderburg
Information Security Lesson 4 - Baselines - Eric Vanderburg
Information Security Lesson 4 - Baselines - Eric Vanderburg
Eric Vanderburg
Networking Concepts Lesson 09 part 1 - Complex Networks - Eric Vanderburg
Networking Concepts Lesson 09 part 1 - Complex Networks - Eric Vanderburg
Eric Vanderburg
System Center Operations Manager (SCOM) 2007 R2 & Non Microsoft Monitoring
System Center Operations Manager (SCOM) 2007 R2 & Non Microsoft Monitoring
Amit Gatenyo
Anil Info
Anil Info
Anil Kumar Mullapudi
Scoping for BMC Discovery (ADDM) Deployment by Traversys Limited
Scoping for BMC Discovery (ADDM) Deployment by Traversys Limited
Wes Moskal-Fitzpatrick
Earthlink introduction and its overview eb 01-16-04
Earthlink introduction and its overview eb 01-16-04
E B
Windows 2008 R2 Security
Windows 2008 R2 Security
Amit Gatenyo
Vishnu Vardhan
Vishnu Vardhan
Vishnu Vardhan Reddy
VMware vCloud Air: Networking
VMware vCloud Air: Networking
VMware
Operations: Security Crash Course — Best Practices for Securing your Company
Operations: Security Crash Course — Best Practices for Securing your Company
Amazon Web Services
Operations: Security
Operations: Security
Amazon Web Services
Enter The Matrix Securing Azure’s Assets
Enter The Matrix Securing Azure’s Assets
BizTalk360
Vishnu Vardhan Reddy -1
Vishnu Vardhan Reddy -1
Vishnu Vardhan Reddy
Enabling embedded security for the Internet of Things
Enabling embedded security for the Internet of Things
team-WIBU
Chapter08
Chapter08
Muhammad Ahad
Avaya Network Management Overview
Avaya Network Management Overview
Motty Ben Atia
Government Webinar: Low-Cost Log, Network Configuration, and IT Monitoring So...
Government Webinar: Low-Cost Log, Network Configuration, and IT Monitoring So...
SolarWinds
Enterprise Cloud Security
Enterprise Cloud Security
MongoDB
GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT Symposium
Eric Vanderburg
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should Have
Eric Vanderburg
More Related Content
Similar to Networking Concepts Lesson 10 part 1 - Network Admin & Support - Eric Vanderburg
Networking Concepts Lesson 10 part 2 - Security Appendix - Eric Vanderburg
Networking Concepts Lesson 10 part 2 - Security Appendix - Eric Vanderburg
Eric Vanderburg
Networking Concepts Lesson 01 - Intro - Eric Vanderburg
Networking Concepts Lesson 01 - Intro - Eric Vanderburg
Eric Vanderburg
Information Security Lesson 4 - Baselines - Eric Vanderburg
Information Security Lesson 4 - Baselines - Eric Vanderburg
Eric Vanderburg
Networking Concepts Lesson 09 part 1 - Complex Networks - Eric Vanderburg
Networking Concepts Lesson 09 part 1 - Complex Networks - Eric Vanderburg
Eric Vanderburg
System Center Operations Manager (SCOM) 2007 R2 & Non Microsoft Monitoring
System Center Operations Manager (SCOM) 2007 R2 & Non Microsoft Monitoring
Amit Gatenyo
Anil Info
Anil Info
Anil Kumar Mullapudi
Scoping for BMC Discovery (ADDM) Deployment by Traversys Limited
Scoping for BMC Discovery (ADDM) Deployment by Traversys Limited
Wes Moskal-Fitzpatrick
Earthlink introduction and its overview eb 01-16-04
Earthlink introduction and its overview eb 01-16-04
E B
Windows 2008 R2 Security
Windows 2008 R2 Security
Amit Gatenyo
Vishnu Vardhan
Vishnu Vardhan
Vishnu Vardhan Reddy
VMware vCloud Air: Networking
VMware vCloud Air: Networking
VMware
Operations: Security Crash Course — Best Practices for Securing your Company
Operations: Security Crash Course — Best Practices for Securing your Company
Amazon Web Services
Operations: Security
Operations: Security
Amazon Web Services
Enter The Matrix Securing Azure’s Assets
Enter The Matrix Securing Azure’s Assets
BizTalk360
Vishnu Vardhan Reddy -1
Vishnu Vardhan Reddy -1
Vishnu Vardhan Reddy
Enabling embedded security for the Internet of Things
Enabling embedded security for the Internet of Things
team-WIBU
Chapter08
Chapter08
Muhammad Ahad
Avaya Network Management Overview
Avaya Network Management Overview
Motty Ben Atia
Government Webinar: Low-Cost Log, Network Configuration, and IT Monitoring So...
Government Webinar: Low-Cost Log, Network Configuration, and IT Monitoring So...
SolarWinds
Enterprise Cloud Security
Enterprise Cloud Security
MongoDB
Similar to Networking Concepts Lesson 10 part 1 - Network Admin & Support - Eric Vanderburg
(20)
Networking Concepts Lesson 10 part 2 - Security Appendix - Eric Vanderburg
Networking Concepts Lesson 10 part 2 - Security Appendix - Eric Vanderburg
Networking Concepts Lesson 01 - Intro - Eric Vanderburg
Networking Concepts Lesson 01 - Intro - Eric Vanderburg
Information Security Lesson 4 - Baselines - Eric Vanderburg
Information Security Lesson 4 - Baselines - Eric Vanderburg
Networking Concepts Lesson 09 part 1 - Complex Networks - Eric Vanderburg
Networking Concepts Lesson 09 part 1 - Complex Networks - Eric Vanderburg
System Center Operations Manager (SCOM) 2007 R2 & Non Microsoft Monitoring
System Center Operations Manager (SCOM) 2007 R2 & Non Microsoft Monitoring
Anil Info
Anil Info
Scoping for BMC Discovery (ADDM) Deployment by Traversys Limited
Scoping for BMC Discovery (ADDM) Deployment by Traversys Limited
Earthlink introduction and its overview eb 01-16-04
Earthlink introduction and its overview eb 01-16-04
Windows 2008 R2 Security
Windows 2008 R2 Security
Vishnu Vardhan
Vishnu Vardhan
VMware vCloud Air: Networking
VMware vCloud Air: Networking
Operations: Security Crash Course — Best Practices for Securing your Company
Operations: Security Crash Course — Best Practices for Securing your Company
Operations: Security
Operations: Security
Enter The Matrix Securing Azure’s Assets
Enter The Matrix Securing Azure’s Assets
Vishnu Vardhan Reddy -1
Vishnu Vardhan Reddy -1
Enabling embedded security for the Internet of Things
Enabling embedded security for the Internet of Things
Chapter08
Chapter08
Avaya Network Management Overview
Avaya Network Management Overview
Government Webinar: Low-Cost Log, Network Configuration, and IT Monitoring So...
Government Webinar: Low-Cost Log, Network Configuration, and IT Monitoring So...
Enterprise Cloud Security
Enterprise Cloud Security
More from Eric Vanderburg
GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT Symposium
Eric Vanderburg
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should Have
Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Eric Vanderburg
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Eric Vanderburg
Mobile Forensics and Cybersecurity
Mobile Forensics and Cybersecurity
Eric Vanderburg
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
Eric Vanderburg
Ransomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware Threat
Eric Vanderburg
Emerging Technologies: Japan’s Position
Emerging Technologies: Japan’s Position
Eric Vanderburg
Principles of technology management
Principles of technology management
Eric Vanderburg
Japanese railway technology
Japanese railway technology
Eric Vanderburg
Evaluating japanese technological competitiveness
Evaluating japanese technological competitiveness
Eric Vanderburg
Japanese current and future technology management challenges
Japanese current and future technology management challenges
Eric Vanderburg
Technology management in Japan: Robotics
Technology management in Japan: Robotics
Eric Vanderburg
Incident response table top exercises
Incident response table top exercises
Eric Vanderburg
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
Eric Vanderburg
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance Challenges
Eric Vanderburg
Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and Threats
Eric Vanderburg
Correct the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric Vanderburg
Eric Vanderburg
Deconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric Vanderburg
Eric Vanderburg
Countering malware threats - Eric Vanderburg
Countering malware threats - Eric Vanderburg
Eric Vanderburg
More from Eric Vanderburg
(20)
GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT Symposium
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should Have
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Mobile Forensics and Cybersecurity
Mobile Forensics and Cybersecurity
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
Ransomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware Threat
Emerging Technologies: Japan’s Position
Emerging Technologies: Japan’s Position
Principles of technology management
Principles of technology management
Japanese railway technology
Japanese railway technology
Evaluating japanese technological competitiveness
Evaluating japanese technological competitiveness
Japanese current and future technology management challenges
Japanese current and future technology management challenges
Technology management in Japan: Robotics
Technology management in Japan: Robotics
Incident response table top exercises
Incident response table top exercises
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance Challenges
Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and Threats
Correct the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric Vanderburg
Deconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric Vanderburg
Countering malware threats - Eric Vanderburg
Countering malware threats - Eric Vanderburg
Recently uploaded
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
naman860154
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
BookNet Canada
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
Results
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Alan Dix
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
Allon Mureinik
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
Maria Levchenko
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
Radu Cotescu
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
Pixlogix Infotech
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
ThousandEyes
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
Paola De la Torre
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Malak Abu Hammad
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
Gabriella Davis
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
HampshireHUG
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
Anna Loughnan Colquhoun
Recently uploaded
(20)
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
Networking Concepts Lesson 10 part 1 - Network Admin & Support - Eric Vanderburg
1.
Chapter 10 Network Administration
& Support Networking Concepts – Eric Vanderburg ©2005
2.
Managing Users &
Groups Active Directory Users & Computers Edit a text file in Linux Computer Management for local clients Networking Concepts – Eric Vanderburg ©2005
3.
Best Practices Administrators should
have 2 accounts Rename the administrator account (cannot be deleted or disabled) Disable the guest account (also add restrictions) Have an account for normal use Use the administrator level account only when it is needed “Run As” SU (Super User) Only access from this computer No permissions No access times Audit use of administrative rights In Linux, a user account can be disabled by editing the password file and deleted by using the userdel command Networking Concepts – Eric Vanderburg ©2005
4.
Considerations • • • • • User name naming conventions Password
complexity Logon Hours Auditing Security Networking Concepts – Eric Vanderburg ©2005
5.
Passwords Change passwords often
Too often: written down Not often enough: insecure network Dictionary attacks NOS Passwords lengths Windows 2000/2003 limit is 128 characters Windows NT limit is 14 characters Linux limit is 256 characters Networking Concepts – Eric Vanderburg ©2005
6.
Computer Accounts Used to
restrict access to the domain to certain computers Must be Domain/Enterprise admin to add computers Networking Concepts – Eric Vanderburg ©2005
7.
User Rights Permissions -
access to resources Rights - permitted actions Log on locally Shut down the computer Share resources Manage printers Add computers to the domain Adjust quotas Backup & Restore Take ownership …… Networking Concepts – Eric Vanderburg ©2005
8.
Groups Security Group Local Group Global
Group Universal Group Distribution Group Users should be placed in groups Permissions should be given to groups, not individual user accounts Users can belong to many groups Effective permissions – End result of all group memberships. All permissions from all groups are added together but deny overrides allow (use deny sparingly) Networking Concepts – Eric Vanderburg ©2005
9.
Built in Groups Administrators
(Also Domain & Enterprise) Account Operators - Create and manage user accounts Backup Operators - backup & restore Incoming Forest Trust Builders make one way trusts to the root forest domain Network Configuration Operators Change TCP/IP settings for DCs Performance Log Users - configure performance counters, logs, & alerts Performance Monitor Users remotely view performance monitor Print Operators Remote Desktop Users Replicator - Can change the way AD data is sent between DCs and can start the replicator Server Operators - log onto DCs, start & stop services, backup & restore, format… Cert Publishers - Publish CRL, CTL, & Templates Enrollment Agent - Issue Certs DHCP Administrators DNS Admins Group Policy Creator Owner Schema Admins Help Services Group - Manage Help & Support center (remote assistance) Guests Networking Concepts – Eric Vanderburg ©2005
10.
Automatic Groups User Groups Everyone Authenticated
Users – non guest users Interactive – local user Network – logged onto domain Creator / Owner Anonymous Logon Terminal Services User Dialup Program/Service Groups Service Batch System Networking Concepts – Eric Vanderburg ©2005
11.
Automatic Groups Networking Concepts
– Eric Vanderburg ©2005
12.
Domain & Forest
Groups Local Group For permissions to local resources Other groups should be inside Global User Group accounts should go here Universal Groups Contains accounts from entire forest Native mode only Networking Concepts – Eric Vanderburg ©2005
13.
Functional Levels Functional Level Supported
DC OS Windows 2000 Mixed Windows NT 4.0 Windows 2000 Windows Server 2003 Windows 2000 Native Windows 2000 Windows Server 2003 Windows Server 2003 Interim Windows NT 4.0 Windows Server 2003 Windows Server 2003 Windows Server 2003 • Domain or forest functional level Networking Concepts – Eric Vanderburg ©2005
14.
Functional Levels Functional Level Options Windows
2000 Mixed No Universal Groups & Nesting Windows 2000 Native Universal Groups Allowed, Group Nesting Allowed, Group Conversion Allowed, SID History Win Server 2003 Interim No Universal Groups & Nesting Windows Server 2003 Universal Groups Allowed, Group Nesting Allowed, Group Conversion Allowed, SID History, Rename DC’s Networking Concepts – Eric Vanderburg ©2005
15.
Trusts Types 1-way 2-way
Transitive Universal – all domains in a tree trust each other NT uses 1-way explicit trusts 2000 & 2003 use 2-way transitive implicit trusts Allows sharing between domains (permissions are still needed) Networking Concepts – Eric Vanderburg ©2005
16.
Accounts SID (Security Identifier)
- Unique number for AD objects We see names, Windows sees SIDs Recreated accounts will have new SIDs NT stores user rights in SAM (Security Accounts Manager) 2000 & 2003 stores rights in AD Networking Concepts – Eric Vanderburg ©2005
17.
Event Viewer System Log
– records information about operating system services and hardware Security Log – records security events based on audit filters or policy settings Application Log – maintains information about applications Directory Service DNS Server File Replication Service Networking Concepts – Eric Vanderburg ©2005
18.
Performance Monitor Records individual events
to show trends in a graph Object – the item you want to track (ex: processor) Counter – the aspect of the item that you want to track (ex: interrupts/sec) Networking Concepts – Eric Vanderburg ©2005
19.
Monitoring Network Monitor Install from
Add/Remove Windows Components (must be server OS) Data read from and written to server each second Queued commands Number of collisions per second Security errors Connections currently maintained to other servers (server sessions) Linux users can choose from many open source add on products Networking Concepts – Eric Vanderburg ©2005
20.
Long-term monitoring Develop a
baseline Update the baseline when the network changes Bandwidth changes New servers Software change Compare performance to the baseline Networking Concepts – Eric Vanderburg ©2005
21.
Security Know the costs
Costs due to loss of data Costs of downtime Cost of implementing security measures Physical must be protected first Share oriented security (Win9x) User oriented security (Win2k, 2k3, XP) Networking Concepts – Eric Vanderburg ©2005
22.
Security Securing data Make it
safe from intruders Make sure damaged data can be replaced Plan for network security Identify threats Communicate with other managers in office to make sure security system meets needs (it is not only about IT & think of the users) Networking Concepts – Eric Vanderburg ©2005
23.
Windows Security Features
Kerberos PKI (Public Key Infrastructure) Group Policy VPN (Virtual Private Network) IPSec (IP Security) Networking Concepts – Eric Vanderburg ©2005
24.
Windows 2003 CLR (Command
Language Runtime) – reduces bugs that leave Windows vulnerable by reducing the power of individual programs, placing them under the control of the OS. IIS 6.0 – configured for maximum security by default & disabled by default Unsecured clients cannot login – Windows 95, and NT prior to SP4 cannot login to Windows 2003 domain by default; certificates and encryption required by all clients Networking Concepts – Eric Vanderburg ©2005
25.
Kerberos Authentication Method (Win2k
&2k3 default) Based on RFC 1510 Uses Kerberos version 5 Replaces NTLM (NT LAN Manager) & NTLMv2 – still used with pre 2k clients Networking Concepts – Eric Vanderburg ©2005
26.
Kerberos Components KDC (Key
Distribution Center) AS (Authentication Service) Verifies identity through AD Gives TGT (Ticket Granting Ticket) which gives access to certain resources TGS (Ticket-Granting Service) Verifies TGT Creates a service ticket & session key for a resource based on TGT. Client can present the service ticket to another server to access it’s content. NOTE: Servers have tickets too. Only services it’s own domain. Must refer to another TGS for interdomain resource access (gives referral ticket) Server with the desired resource Client Networking Concepts – Eric Vanderburg ©2005
27.
Items of Note
Delegation with Forwarding and Proxy For a server such as a database server to access resources on your behalf. (given proxy or forwarding ticket) NTP (Network Time Protocol) is used to synchronize time between machines. Keys are based on system time so all must be the same. Networking Concepts – Eric Vanderburg ©2005
28.
PKI Deploying a PKI
allows you to perform tasks such as: Digitally signing files (documents and applications) Securing e-mail Enabling secure connections between computers, Better user authentication (smart cards) Networking Concepts – Eric Vanderburg ©2005
29.
Certificates Digital certificates -
Electronic credentials, consisting of public keys, which are used to sign and encrypt data. CA (Certification Authority) Issues digital certificates. Form a hierarchy Root CA Subordinate CA Intermediate CA Issuing CA Rudimentary CA restricted to issuing certain certs Networking Concepts – Eric Vanderburg ©2005 Select CA Role
30.
Certificates View issued certs
from Certificates MMC Certificate policy and practice statements The two documents that outline how the CA and its certificates are to be used, the degree of trust that can be placed in these certificates, legal liabilities if the trust is broken, and so on. Certificate repositories - Where certificates are stored and published. (AD) CRL (Certificate Revocation List) - List of certificates that have been revoked before reaching the scheduled expiration date CTL (Certificate Trust List) - The list of the certificates you trust. If you trust a root, you trust all certs from that root. Networking Concepts – Eric Vanderburg ©2005 Double click to see cert
31.
Certificate Server Role Publish
certificates - The PKI administrator makes certificate templates available to clients (users, services, applications, and computers) and enables additional CAs to issue certificates. Enroll clients - Users, services, or computers request and receive certificates from an issuing CA or a Registration Authority (RA). The CARA administrator or enrollment agent uses the information provided to authenticate the identity of the requester before issuing a certificate. Publish CRL & CTL - Users need to know which certificates are revokes and which servers are trusted by their CA. Renew or revoke certificates Networking Concepts – Eric Vanderburg ©2005
32.
Group Policy AD Users
& Computers MMC Select your group policy Group Policy MMC Edit as needed Networking Concepts – Eric Vanderburg ©2005
33.
Group Policy Properties Double click an
item to edit the properties for it Networking Concepts – Eric Vanderburg ©2005
34.
VPN Encapsulates & encrypt
one packet inside another Server to Server - Connecting LANs Client to Server - Remote users & Extranet Networking Concepts – Eric Vanderburg ©2005
35.
VPN Protocols L2TP (Layer
2 Tunneling Protocol) Encrypts with IPSec Works on many protocols (X.25, ATM, IP, Frame Relay) PPTP (Point to Point Tunneling Protocol) Encrypts with MPPE (Microsoft Point to Point Encryption) - 40, 56, or 128bit Authenticates with PAP (Password Authentication Protocol), CHAP (Challenge Handshake Authentication Protocol), MSCHAP, or EAP Works only over IP Networking Concepts – Eric Vanderburg ©2005
36.
VPN Advantages Distance is
not a concern More scalable - can adjust bandwidth to use Less reliant on expensive modem pools Networking Concepts – Eric Vanderburg ©2005
37.
IPSec Tunnel - encrypts
the header and the payload of each packet Transport - encrypts the payload only. All systems must be IPSec compliant Encryption Authentication Encryption Data Encryption SHA (Secure Hash Algorithm) - 160bit, high overhead. MD5 (Message Digest 5) - 128bit DES (Data Encryption Standard) 56bit 3DES (Triple DES) - high processor overhead AES IPv6 has IPSec built-in Networking Concepts – Eric Vanderburg ©2005
38.
Security Firewalls IDS
Honeypot Malicious Code Wireless A “hardened” OS is one that has been made as secure as possible Networking Concepts – Eric Vanderburg ©2005
39.
Hardware Firewalls Screening Router
- filters packets & closes ports Screened host - hardware firewall filters packets & ports. Bastion host does application filtering. NAT or proxy Multiple DMZ – each section has its own set of firewalls and DMZ separating it from the others Screened Subnet/DMZ (Demilitarized Zone) – put external access machines in between 2 firewalls Networking Concepts – Eric Vanderburg ©2005
40.
Hardware requirements Storage –
large amounts of log files will be present on this computer so there must be a large amount of storage Processor – this computer will be analyzing many packets 2 NICs – must be able to connect the outside with the inside Networking Concepts – Eric Vanderburg ©2005
41.
Software Firewalls Most are
cumbersome to configure and control Inexpensive extra layer of protection Firewall places itself in between the NIC and the TCP/IP stack Vendors Windows Firewall (built-in) Novell Border Manager (built-in) Macintosh Firewall (built-in) Norton Internet Security BlackIce ZoneAlarm Networking Concepts – Eric Vanderburg ©2005
42.
Firewalls (cont) Multiple firewalls
can be used for load balancing Networking Concepts – Eric Vanderburg ©2005
43.
Firewalls ZoneAlarm Windows Firewall Networking Concepts
– Eric Vanderburg ©2005
44.
IDS (Intrusion Detection
System) NIDS (Network IDS) – analyzes network traffic HIDS (Host IDS) – analyzes traffic sent only to its host LIDS (Linux IDS) – Open source IDS for linux clients or servers (http://www.lids.org/) Looks at network or host traffic based on rules to determine whether an attack is in progress The IDS can be configured to respond accordingly ex: close ports, ban IP addresses, alert admins, close shares, disable accounts, ect.. Examples: snort Networking Concepts – Eric Vanderburg ©2005
45.
Rules Rule base –
set of rules that tell the firewall or IDS what action to take when types of traffic flow through it. Should be based on security policy Networking Concepts – Eric Vanderburg ©2005
46.
Honeypot A lure for a
hacker Wastes the hackers time Fake computer or network behind security barriers Can be analyzed to view attack methods and improve security. Identify what they are after, what is their skill level, and what tools they use. Networking Concepts – Eric Vanderburg ©2005
47.
Malicious Code Virus -
self-replicating code segment which is be attached to an executable. When the program is started, the virus code may also run. If possible, the virus will replicate by attaching a copy of itself to another file. A virus may also have an additional ``payload'' that runs when specific conditions are met. Trojan horse - malicious code pretending to be a legitimate application. The user believes they are running an innocent application when the program is actually initiating its ulterior activities. Trojan horses do not replicate. Worm - self-replicating program, does not require a host program, creates a copy and causes it to execute; no user intervention is required. Worms commonly utilize network services to propagate to other computer systems Spyware - a program that secretly monitors your actions. Could be a remote control program used by a hacker, or it could be used to gather data about users for advertising, aggregation/research, or preliminary information for an attack. Some spyware is configured to download other programs on the computer. Networking Concepts – Eric Vanderburg ©2005
48.
Viruses Implement virus protection
at these locations: Workstation – protects a single computer by scanning files from server or e-mail messages Server – scans data read from or written to server; prevents virus from server spreading throughout network Internet gateway – scans all Web browser, FTP, and e-mail traffic; stops viruses before they enter network. Do not infect those checking your website Networking Concepts – Eric Vanderburg ©2005
49.
Wireless Security Site Survey
- adjust location and range so that wireless access extends only to business borders Passwords should be changed and so should WEP keys. WEP should be enabled. Filter MACs Disable SSID broadcasting Networking Concepts – Eric Vanderburg ©2005
50.
Hardening Remove unneeded services
Close unused ports Remove unused user accounts Networking Concepts – Eric Vanderburg ©2005
51.
Preventing Data Loss
Backup, Backup, Backup Normal - copy with a reset of the archive bit Incremental Copies files changed since last full or incremental backup Differential Copies files changed since last full backup Copy - copy with no reset of the archive bit Daily - copies all files modified today Create a backup schedule Test backups (verify & do a test restore) Use a UPS (Uninterruptible Power Supply) Networking Concepts – Eric Vanderburg ©2005
52.
Alternate Boot Methods Recovery
Console Fixmbr: Replace the master boot record Fixboot: Write a new boot sector Format: format the disk Diskpart: Manage disk partitions Last known good configuration Safe mode Safe mode with networking VGA mode Networking Concepts – Eric Vanderburg ©2005
53.
Other Recovery Programs
System Restore - takes snapshots (restore points) of the system state Driver Rollback Shadow Copy Networking Concepts – Eric Vanderburg ©2005
54.
Shadow Copy Enabling shadow
copies Click Settings Networking Concepts – Eric Vanderburg ©2005
55.
Shadow Copy Viewing shadow
copies – WinXP Viewing shadow copies – Win2k Select a copy and click restore to go back to that version Networking Concepts – Eric Vanderburg ©2005
56.
Redundancy RAID (Redundant Array
of Inexpensive Disks) 0 - Striping 1 - Mirroring 5 - Striping with Parity 10 - 2 RAID 5 configurations Mirrored 0+1 - Striped volumes mirrored Duplexing provides redundancy for the controller also Networking Concepts – Eric Vanderburg ©2005
57.
Intellimirror Push software to
users or computers Assigning Publishing (only for users, not computers) Protect system files from damage Mandatory & Roaming profiles Not present in NT Networking Concepts – Eric Vanderburg ©2005
58.
Published Applications Networking Concepts
– Eric Vanderburg ©2005
59.
UPS (Uninterruptible Power
Supply) Capabilities: Power conditioning - cleans power, removing noise Surge protection - protects computer from sags and spikes Categories Stand-by – must switch from wall to battery power Online – continually supplies power through battery; no switching. Wall power recharges battery continually Networking Concepts – Eric Vanderburg ©2005
60.
Auditing Records certain actions
for security and troubleshooting Failed access Granted access Should use auditing sparingly – uses resources & more is harder to utilize effectively Networking Concepts – Eric Vanderburg ©2005
Download now