Securing Network Servers and User Workstations

1
Chapter 2

• Securing Network Servers and User Workstations

2
The Need for Secure Network Servers

• Four Major Security Issues
• Maintaining confidentiality of information stored
  on the server
• Authorized users access the services and
  information
• Authorized users can access only the services for
  which they are authorized
• Information is disclosed only according to policy
• Maintaining the integrity of information stored
  on the servers so that information is not
  destroyed or corrupted and systems operate as
  intended.
• You are able to recognize and respond to breaches
  of integrity

3
The Need for Secure Network Servers (cont)

• Maintaining the availability of services and
  information
• Access to services and information is
  uninterrupted even when there are failures or
  maintenance
• Recognize and respond to security incidents in a
  timely manner
• Ensure that the user is who he claims to be and
  that the network server host is who it claims to
  be
• Mutual authentication

4
The Need for Secure User Workstations

• Three main security issues that need to be
  addressed when operating workstations
• Inappropriate disclosure of information stored on
  the workstation, violating confidentiality
• Unauthorized users gain access to the workstation
• Authorized users gain access to information that
  they are not supposed to see
• Authorized users inappropriately transmit
  information via the network
• A change in integrity of information stored on
  the workstation.

5
The Need for Secure User Workstations (cont)

• Inability of authorized users to use the
  workstation, the network, or the information and
  services stored on each to perform their jobs,
  precluding availability
• Information has been damaged, deleted, or
  rendered inaccessible
• The computational resources of the workstation
  have been damaged or overloaded to the point to
  preventing authorized users work
• Access to service has been denied.

6
An Approach to Security Servers and Workstation

• Planning and executing the deployment of
  computers
• Configuring computers to help make them less
  vulnerable to attack
• Maintaining the integrity of deployed computers
• Improving user awareness of security issues

7
An Approach to Security Servers and Workstation
(cont)

• Practices to improve security include
• Securing the configuration of each network server
  and workstation host
• Recognize security incidents sooner and be
  prepared to respond to security breaches
• Promote consistency

8
Identify the Purpose of Each Computer

• What categories of information will be stored on
  the computer
• What categories of information will be processed
  on the computer
• What are the security requirements for that
  information
• What network services will be provided by the
  computer
• What are the security requirements for those
  services
• What users and user groups will have access to
  the computer
• What trust relationships need to exist between
  the computer and other computers?

9
Identify Network Services That will be Provided

• Will these be configures as a client , a server
  or both
• E-Mail
• Access to the Web
• DNS
• FTP
• Access to corporate databases
• Read, Writewhat type of access

10
Identify Network Service Software to be Installed

• Bundled Network Service Software for client and
  server
• Third-Party vendors
• Application or utility software
• System-related software
• Security related software

11
Identify Users

• Workstations
• Who is the primary user
• Define categories of users
• Based on user roles that reflect authorized
  activity
• Roles based on work assignments
• System Administrators
• Software Developer
• Data Entry Personnel

12
Identify Users (Cont)

• Network Servers
• Categorize users allowed to access to provided
  services
• Public Servers
• Users would probably be everyone
• Internal Servers
• Users may bee categorized by department,
  location, job responsibility
• Categorize administrators
• Categorize backup operators

13
Determine User Privileges

• Document Privileges
• Create a matrix
• Show user categories
• Cross-reference privileges they posses
• Read
• Write
• Change
• Execute
• Create
• Delete
• Install
• Remove
• Turn on
• Turn off

14
Plan Authentication

• Network Servers
• Provided with the operating system
• Administrative and users
• Provided by Network service software
• Authenticating users of the service
• Authentication Mechanisms
• Procedural and Technological
• Passwords, Keys, Tokens, Biometric devices

15
Determine Access Enforcement Measures

• Programs and Data files
• Access Controls provided by the operating system
• Privileges
• Encryption
• Policies

16
Develop Intrusion Detection Strategies

• Will depend on the existence of various logs that
  your system produce and on the availability of
  auditing tools that analyze those logs

17
Document Backup and Recovery Procedures

• Allows you to restore the integrity and
  availability of assets quickly
• Backup procedures need to account for the
  possibility that backup files may have been
  compromised.
• Verify the integrity of all backup files prior to
  using them to recover systems

18
Determine How Network Services will be Maintained
or Restored after a fault

• Redundancy is key
• Hot backup
• Switch workload from primary to standby system
  automatically and immediately
• Warm backup
• Some reconfiguration before workload can be
  switched from primary system
• Cold backup
• Started from a shutdown state and need extensive
  configuration upgrades before using

19
Develop and Follow a Documented Procedure for
Installing an Operating System

• Install the minimum essential operating system
  configurations
• Only packages containing files and directories
  needed to operate server or workstation
• Install patches
• Install most secure up-to-date version of systems
  application
• Remove all privilege and access and then grant
  (add back in) privilege and access only as needed
• Deny first, then allow
• Enable as much system logging as possible to have
  access to detailed information

20
Determine How the Computer Will Be Connected to
Your Network

• Ethernet LAN
• Modem

21
Identify Security Concerns for Day-to-Day
Administration

• Administrate workstation and network servers from
  consoles
• Day-to-Day administration takes place at the
  administrators workstation via the network, using
  automated tools and procedures.
• Provide the means for securing remote
  administration
• Configuring the operating system and installing
  various software tools

22
Protect Information Contained on Hardware That is
No Longer in Use

• Updates
• Replacements
• Removed from service
• Disposed
• Erase and reformat disks
• Rewrite tapes
• Clear firmware passwords

23
Keep Your Computer Deployment Plan Current

• Update Computer Deployment Plan when changes
  occur
• New technologies
• New security threats
• Updates to network architecture
• New class of users
• New organizational unit

24
Policy Considerations

• Detailed computer deployment plan will be
  developed, implemented and maintained whenever
  computers are being deployed (or re-deployed)
• Access to your deployment plan will be given only
  to those who require the information to perform
  their jobs
• All new and updated computers will be installed,
  configured, and tested in a stand-alone mode or
  within test networks
• All Computers will present a warning banner to
  all users indicating that they are legally
  accountable for their actions and that by using
  the computer they are consenting to having their
  actions logged
• All computers are to be configured security prior
  to deployment

25
Configure Computers for User Authentication

• Networked systems
• Specify only authorized users
• Configure computers to ensure all users are
  authorized
• May need to configure parts of the operating
  system, firmware, and applications

26
Configure Hardware-Based Access Controls

• BIOS Password
• EEPROM Password

27
Handle Accounts and Groups

• Remove or disable unnecessary accounts
• Default accounts
• Change the name
• Change the password
• Disable accounts that need to exist but do not
  require interactive login.
• Assign users to appropriate groups
• Assign rights to groups
• Create only necessary accounts
• Do not share accounts

28
Check Your Password Policy and Ensure That Users
Follow It

• Length
• Minimum 8 characters long
• Complexity
• Mix characters, numbers, special symbols
• Aging
• Change password every 30 120 days
• Reuse
• Authority
• Who is allowed to change passwords

29
Require Re-authentication After Idle Periods

• Inactivity indicates a unattended workstation
  User is still logged in
• Re-authentication reduces risk of unauthorized
  personnel using an active session
• Remote of Terminal sessions should start a lock
  screen saver after a specified idle period
• Two to Ten minutes
• Users should shut down or lock computers when
  they leave them unattended

30
Configure to Deny Login After a Small Number of
Failed Attempts

• Three failed attempts
• Lock out for 30 minutes or until user with
  appropriate authority reactivates it
• Security and Convenience
• Failed Login attempts should be logged

31
Install and Configure Other Authentication
Mechanisms

• Passwords
• Passed over networks in clear text
• Encryption
• Kerberos
• SSH
• SSL

32
Policy Considerations

• Policy should describe conditions an account is
  created and deleted.
• Disabled, Deleted or Transferred
• Require appropriate authentication of all users
  on all computers that access information assets
• Password Policy
• Prohibit recording and storing passwords in
  places that could be discovered by intruders

33
Configure Operating Systems with Appropriate
Object, Device and File Access Controls

• Operating systems enable you to specify access
  privileges
• Files, directories, data or code objects
• Setting access controls can intentionally and
  unintentionally breach security
• Denying read access helps protect
  confidentiality.
• Denying write access can help maintain integrity
• Limiting execution privilege of most
  system-related tools
• Implement access control during initial
  installation and configuration of the operating
  system
• Monitor and maintain

34
Identify the Protection Needed

• Construct a matrix
• Record the kinds of access privileges allowed
• Privileges are based on security requirements

35
Configure Access Controls

• Disable wrote/modify access permissions for all
  executable and binary files
• Restrict access of operating system source files,
  configuration files, and their directories to
  authorized administrators
• For UNIX systems, there should be no
  world-writable files unless necessary application
  programs specifically require these. Windows
  the Everyone group should have NO permissions to
  modify
• Aim to preclude users from installing, removing,
  or editing scripts without administrative review

36
Install and Configure File Encryption
Capabilities for Sensitive Data

• Some operating systems provide file encryption
• Encryption adds complexity
• When you use encryption you must still dispose of
  unencrypted versions of the data that existed
  prior to encryption being performed

37
Policy Considerations

• Access privileges and controls for the
  information that will be stored on computers
• How to access files that have been encrypted with
  a user key
• Access privileges and controls for administrative
  users

38
Configure Computers for File Backup

• Before deploying a computer develop a file backup
  and restoration plan
• All system and user files should be backed up on
  a regular basis
• Workstations
• Files are backed up locally
• Backups are centrally administered
• Which medium will you use?
• Test backups

39
Use a Tested Model Configuration and a Secure
Replication Procedure

• Test configuration and satisfy security
  requirements
• Create and test the model configuration
• Test can be done in the isolated test environment
• Final test may need to be done in a production
  environment

40
Replicate the Configuration on Other Workstations

• Record the steps performed to create the model
  configuration and then repeat those steps
  manually on each workstation.
• Save the configuration on a storage device that
  can be write-protected, moved to the other
  workstations, and used as a master copy
• Use the network to transfer the model
  configuration to the other workstations
• Make configuration changes on a Case-by-Case
  basis
• Create and record cryptographic checksums

41
Protect Computers from Viruses and Similar
Programmed Threats

• Viruses
• Worms
• Trojan Horses
• Develop a programmed threats protection plan
• Install and execute anti-virus tools
• Train users
• Update detection tools

42
Policy Considerations

• Define users authority to download and/or
  install software on the computer
• Specify who has the responsibility to scan for
  and eradicate viruses
• Users
• System Administrators
• Prohibit users from running executable files that
  they have received as e-mail attachments or
  downloaded from untrusted sites

43
Configure Computers for Secure Remote
Administration

• Updating user account information, examine logs,
  installing new or updated software, maintaining
  an appropriate configuration
• Ensure that administration commands originate
  from only authenticated administrators and hosts
• Ensure that all administration tasks operate at
  the minimum necessary privilege level
• Ensure that confidential information cannot be
  intercepted, read, or changed by intruders
• Use a movable storage medium to transfer
  information
• Use a secure method for inspecting all log files
• Create and record cryptographic checksums

44
Policy Considerations

• Require the use of secure procedures for
  administration of network servers and
  workstations
• Specify the circumstances in which third parties
  are permitted to remotely administer your systems
  and how such administration is to be conducted

45
Allow Only Appropriate Physical Access to
Computers

• Prevent installation of unauthorized hardware
• Deploy the computer in a secure facility
• Pay attention to controlling access by vendors,
  contractors and other visitors
• Do not deploy network servers in an individuals
  office
• Locate the computer in such a way that no
  unauthorized viewing of the monitor and keyboard
  can occur
• Secure the network wiring and network connection
  components

46
Policy Considerations

• Who is or is not allowed to install new hardware
  or modify existing hardware in a computer
• The circumstances in which users may or may not
  use storage devices with removable media
• The circumstances in which users may take storage
  media or printed information away form your site
• The need for network servers to be deployed in
  physically secure locations ad for the access
  list to these location to be kept short
• The circumstances in which third parties are
  permitted to physically access your systems and
  how such access is to occur

47
Deploy and Roll Out an Acceptable Use Policy for
Workstations

• Elements of an acceptable use policy
• Workstations a user may or may not use
• Hardware changes the user may make
• Software the user may install or remove
• Network services the user may or may not use
• Information that may or may not be transmitted
  across the network
• A ban on sharing accounts
• Compliance with the password policy
• Train users
• Provide explicit reminders at each login