Dirty-Dozen: Top 12 Issues in Windows 2000 Security

1
Dirty-Dozen Top 12 Issues in Windows 2000
Security

• Roberta Bragg
• Security Evangelist
• Have Computer Will Travel, Inc.

2
Agenda

• Was the FBI Right?
• Too Trusting?
• EFS/ XP/W2K Issues
• Anonymous Access Exposes Data
• Preventing Unauthorized Access
• NTFS Inheritance

• Dont Give Permissions to User Accounts
• So many security settings to configure!
• So many boxes to secure
• Too Many Administrators
• Patching Mania
• Weak Passwords

3
1. Was the FBI Right?

• Universal Plug-and-Play standard
• Feature of XP unfortunately flawed
• Security Bulletin MS01-59
• Q article - Q315056

4
Whats the Fuss?

• Buffer overrun attacker controls system
• Endless download cycle (DoS) possible if
  maliciously configured device host
• Flooding of third party server (DoS) with bogus
  requests

5
Patch Available

• Windows XP and Windows 98
• Or Disable SSDP Discovery Service

6
Configuration to Limit Exposure Q315056

• Regulate device download based on scope
• Regulate device description download based on
  Router Hops
• Port restrictions
• Delay Mechanisms

7
2. Too Trusting

• Security Bulletin MS02-001 - Using SID Filtering
  to Prevent Elevation of Privilege Attacks
• An Administrator of one domain could obtain
  administrative rights in another

8
Domain Trust Relationships
W2K
NT
trusted
NT
trusting
9
To exploit youd have to

• Be Domain Administrator in the trusted domain
• NT develop and install custom operating system
  components
• W2K binary edit of data structures that hold
  SIDHistory mechanism

10
Protecting Security Boundaries

• No trust
• NT style trust between domains in separate forest
  SID Filtering
• Kerberos style trust between domains in forest
  NO!!!!!! Do not apply Sid Filtering
• Vet, Hire and Audit Trustworthy admins

11
3. EFS/XP/W2K

• EFS algorithms
• Is Data Loss Possible?
• Storage Issues
• XP specific issues

12
Excellent Encryption Product

• Symmetric and Asymmetric Encryption
• W2K File recovery
• .NET File or key recovery

13
Is Data Loss Possible?

• Very possible to lose data
• Disable EFS
• Implement PKI
• Deploy EFS

14
Storage Issues

• Network Storage
• W2K Not encrypted during transport use IPSec
• XP use Web Folders files remain encrypted
• Copy to FAT decrypted
• W2K/XP backup preserves encryption

15
XP Specific Issues

• Sharing encrypted files may be dangerous
• Administrative password reset uncouples
  certificate from user account

16
4. Anonymous Access Exposes Data

• Anonymous access is accomplished via null domain
  name, account password
• Necessary for some applications/services

17
5. Preventing Unauthorized Access

• Windows 2000/XP in domain Kerberos
• Compatibility dilemma
• NT NTLM
• Win9x LM
• NTLMv2 advantage
• Prevents sending of LM password hash
• Available NT, Win9x with AD client installed
• Registry entry to prevent storage LM password hash

18
(No Transcript)
19
6. NTFS Permissions Inheritance

• Windows NT - can be cascaded to any level!
• Windows 2000 - can be blocked at subfolder level.
• Windows XP unlike W2K can apply defaults to
  upgrade.

20
(No Transcript)
21
7. Dont Give Permissions to User Accounts

• Add user accounts to Global Groups
• Add Global Groups to local Groups
• Assign permissions to local groups
• W2K native mode use Universal Groups
• Promotes ease of administration, assurance of
  access removal, clear audit path

22
8. So Many Security Settings to Configure
23
9. So Many Boxes to Secure

• Develop baselines for classes of boxes
• Create baseline security templates
• Apply
• Security Configuration and Analysis
• Group Policy
• Use to audit system compliance with policy

24
10. Too Many Administrators

• Use Default Groups
• Server/account/print operator
• Power User
• Create groups and assign rights and permissions
• Question and evaluate any request for
  administrative status
• Window 2000 Use delegation of authority

25
11. Patching Mania

• Everyone says to patch your system ?????
• Windows Update single systems
• Windows Corporate Update Site
• http//corporate.windowsupdate.microsoft.com
• Qchain

26
12. Weak Passwords

• Many attacks require authenticated access
• Default Password policy is weak
• Users need training in creating strong passwords
• Consider alternatives Biometrics Smart cards

27
What is Microsoft Doing? Trustworthy Computing?

• Bill Gates speech on trustworthy computing.
• Month long no-new-code sabbatical.
• Can perfect code be produced?
• What will it cost?
• Whats the track record, really?

28
Stats (www.securityfocus.com)

• Most vulnerabilities Mandrake Soft Linux with 34
  
• 2nd, 3rd, 4th place - three other versions of
  Linux
• 5th Windows 2000, 2 versions of Solaris tied
  with 24 each

29
www.securityfocus stats
30
Call to Action!

• Patch and/or Disable UPnP
• Understand the Meaning of Trust
• Disable EFS until PKI
• Restrict Anonymous Access
• Force NTMv2 where Kerberos wont prevail
• Protect Key NTFS Permissions

• AGLP
• Create Security Baselines
• Use Group Policy
• Delegate Authority
• Patch
• Use strong authentication

(hold Bills feet to the fire)
31
Questions?

• Roberta Bragg
• Security Evangelist
• Have Computer Will Travel, Inc.