Security

In this new, interconnected world, we are surrounded by security threats. Our network, our ever increasing complex computers and serves, our PDAs and even our cell phones are all vulnerable to hackers, crackers and virus writers. This page is presenting some old (and not so old) ideas and guidelines in hoping that you can benefit in it for securing your own network, computer.

Table of Content
1. 2. 3. 4. 5. 6. 7. 8.
Why you should worry? Types of security breaches? Cryptography and encryption technique? Locks, keys and security guard? Firewall and IPsec? Alright enough talk. How do I secure my Windows 98/Me machine? How do I secure my Windows NT Workstation machine? How do I secure my Windows 2000 Professional machine? 9. What's next in the future? 1. Why you should worry? Bad people do bad things. Hackers / Crackers are people who would like nothing more than to circumvent your security measures to obtain sensitive information. Although hackers are often associated as outside people, it is usually the disgruntle employee that does hacking. Information is valuable and sensitive. Needless to say, information store on the network or your personal machine is sensitive and valuable. As a student in medical-related field, you should take extra precaution in protect this kind information. Remember that a seemingly harmless such as user ID, names or network infrastructure can aid the hacker in his attempts to break into either your system or other systems. Network technologies is inherently insecure. Here are some of the short comings

1. WANs. When the network is small (such as a LAN), it is much easier to manage the
network since the location is confined to a single physical location. With the advent of WANs, and much recently VLANs, the network has spawned across the globe connecting many machines in many physical locations, running disparate network operating systems with different classes of hardware. Remote Access. The modems pool that you just installed to allow your users to dial into your cooperate network has just become a very useful tool for hackers to get in. Moreover, the hacker can do it leisurely from his comfort home (or from the public phone). In fact, RAS (remote Access Service) is one of the most favorite pass time activities for hackers. Mobile Computing. The only good thing about laptop is that it allows user computes wherever he is. Anything else is bad! The Web and TCP/IP. The internet, in adopting TCP/IP as its protocol, has opened a can of worms for security breaches. It is possible for hackers to examine packets of information as they move across the internet as long as he knows the route. More over, TCP/IP is in itself insecure. The most breaking news was that the ISN (initial sequence number), part of TCP/IP spec, can be guessed. Until the adoption of IPv6 (version 6) is wide-spreaded, it is imperative that you understand what risks you are taking when implement TCP/IP and Internet access.

2.

3. 4.

MD4. Secret key system: In this type of scheme. Diffie-Hellman: Diffie-Hellman is a method utilized to decide which keys will be used for subsequent messages. Some are standards and some are not. A message digest is a smaller. do you? The Imposter.. no one would be able to decrypt the message. However. The advantage for this scheme is that it is very. remember that there are more than just the web servers that need to be secured. 3. You don't want to have millions of customers suing you for credit card fraud. or 3DES: a variant of DES in which the message is encrypted three times successively. Needless to say. Here is a list of standard encryption. When you are sending an order to buy that new laptop for yourself. algorithm methods. very secret. but it is slower in performance. numeric representation of the original message. very fast. There are two types of key schemes. Yup. In fact.2. it is a hash of the original message. Otherwise. one could decrypt any message sent by any party using this key. There are many encryption technique. as web server operators tighten the security. Triple-DES.How about just corrupt the entire hard disk. This is how "key" is defined. hackers have turned their attention to the router as a more attractive target.. 4. Hash: A hash is a numeric representation of some data. having the same key is essential between the two parties. This key is used to encrypt as well as decrypt. Web servers are typical targets of DoS attack. Computer viruses are typical responsible of this kind of destruction. DES developed by IBM with help from the US government. Illegal Access. The important thing to remember is that the negotiation about the key is done over an insecure connection (i. They are either secret or public. A hash function works by using some data (such user name / password) to generate a fixed-length value. and how much stock option did he get? Obviously. Data Destruction and Corruption. SHA. Cryptography and encryption techniques Cryptography is the science of scrambling information into an unreadable form so that information can be kept private. Keys and security guards Encryption works by scrambling the original information into an unreadable form.Let exercise the "Delete" key here. If you are responsible for web operation. DES is a 56-bit key encryption algorithm. Wait.e. Type of Security Breaches? Denial of Service (DoS) nuisances. It sure sounds fun (not to you. Notes that just because you know the technique used to encrypt a message does not mean you can decrypt it. great control must be exercising here. What would happen when people browse to your website and immediately greeted by profanity with some porno pictures to enhanced the message? Hmmm. there is only one key.. for this to work. it disrupts the normal operation of your organization. MD5: These are message digest algorithms. The problem with this scheme is to maintain the secret of the . HackIt. Hmm. you just bought a billion dollar worth of TVs and VCRs to be send to someplace in Siberia. Thus it is easy to verify to see if the received message is the same as the one sent. let's see what the CEO salary is. Running an ecommerce web-site? Make sure that the right people get to the right database(s) and nothing else. MD2. SHA-1: SHA stands for Secure Hash Algorithm. the key is kept very. If one have access to this key. the internet) Message Digest. very. the intended receiving party must know how to decrypt the scramble information. the hacker that is). DES (Data Encryption Standard). Locks. Rather. you are sending your bank account / credit card number and other relevant information to Mr. Needless to say. SHAs are used to generate hashes. More recently. This kind of intrusion if generally comes from the inside where the intruder has some type of network access in the beginning. MD5 is harder to crack than MD4. A DoS attack does not directly damage your system or change/steal information from it. A key is a piece of information that describes how information is encrypted as well as decrypted..

optional dialup server. Remember that hacking happens from the inside as well as outside. One of the keys is a public key and the other is the private key.key. the way it works is that the certificate you (or someone else) present must come from an entity that everyone trusts.e. you might trust any certificate issued by Verisign. using the same medium to pass the key is not a good idea. key and physically secure. There are only two ways for attackers to gain complete control over a Win 98 system: either trick the system's operator into executing code of their choice. 6.. a firewall allow certain data in or out. a key is generated by one of them.private. This entity is known as CA (Certificate Authority). i. Think of firewall as a security guard. there are two keys. install retina scanner.. the public key is made public. lock the door. some misconfiguration or poor judgment. and then it is passed to the other. You can not use a public key from one pair and a private key from another. their network is safe. deploy a KVM (keyboard. The private key however is. This is where the problem is. Thus they must resort to some other methods to maintain the same key and yet keep it very secret. Fortunately it was also not designed to be a true multiuser operating system.. Encryption key length should be determined based on the amount of time the data remains sensitive--shorter encryption key lengths are permissible for encrypting data streams that contain rapidly outdated data and will also boost performance. That is public keys are easily accessible to anyone who might need to exchange secure information. or the State of Texas but not from FAKEit. and remote Registry manipulation. Hire a security guard. Certificates and Digital Signature are implementation of PKI. but the door to the server room is always open? Let's make it clear: anyone who has physical access to your machine will be able to hack it regardless of what type of operating system it runs on. How to secure a Windows 98/ME machine? The most important thing to realize about Windows 98 is that it was not designed to be a secure operating system. That is only the owner of the key pair has it. monitor with cameras. Keep this in mind when you try to design your security solution. The long-term solution to network eavesdropping is encryption. the two parties agree on the type of key to be use. Public Key system (PKI): In a PKI (Public Key Infrastructure) scheme. It allows you to identified you as yourself as opposed to an imposter. There are three mechanisms Win 98 provides for direct access to the system: file and print sharing. Both keys are needed to encrypt as well as decrypt. Next. so it has extremely limited remote administration features. What good is to secure your server. ifs or maybes. deploy finger print verification. You need solid internal security to protect all the hardware where sensitive information is stored. Only if end-to end encryption is employed can near-complete confidence in the integrity of communication be achieved. Firewall and IPsec Firewall: A firewall is a combination of hardware / software that monitors traffic into and out of a corporate network. use a combination of common senses and good planning to make sure that machines are under lock. IPsec: The IP Security Protocol (IPSec) is a peer-reviewed proposed Internet standard that can authenticate and encrypt IP traffic. The important thing here is the both keys form a matched pair. There is no buts. This is definitely wrong. . monitor) switch and lock the servers room (behind a camera monitoring room) High tech or not. It is up to the end users whether or not to trust a CA. Since both parties are worried enough that they are encrypting their messages. or gain physical access to the system's console. A firewall is just one component of your solution.com Physical Barrier: Sometimes people tend to skip the most obvious things. mose. As their name implied. In a typical scenario. Based on rules set up by the security administrator. A false assumption that many people make is that by using a firewall. A good firewall will also record all of the comings and goings so that you can review who's been and out of your network. Win 98's architecture makes it nearly impossible to attack from a remote location unless the system owner makes key errors. 5.

and hide them by appending the $ symbol to the share name. Its also wise to append a $ symbol. Thus. If Dial-Up capability is absolutely necessary.asp. but perhaps the following explanation of some of the inherent weaknesses in NT's password obfuscation algorithms will light some fires under the toes of your user community. The SAM contains the usernames and encrypted passwords of all users on the local system. Password cracking countermeasures Choosing Strong NT Passwords The best defense against password cracking is decidedly nontechnical. NT relies on two separate encrypted versions of a user's password . 7. Set further passwords on any shares (using good password complexity rules).both of which are stored in the SAM (Security Accounts Manager). an 8-character password will be interpreted as one 7 character password and one 1 character password. However.0 Service Pack 4. use a complex password of eight alphanumeric characters ( that is the maximum allowed by Win 98) and include metacharacters( such as [!@#$%&).com/support/kb/articles/Q135/3/15. Win 98 Dial-Up hacking countermeasures Not surprisingly the same defenses hold true: don't use the Win 98 Dial-Up Server.To ensure password composition that does not fall prey to attack using LOphtrack. POLEDIT. The first is advisable if the system in question is an Internet host and should not be answering requests for shared Windows resources: block access to TCP and UDP ports at the perimeter firewall or router. or at http:// support. or authenticate using user-level security (that is. Countermeasures against password guessing There are several defensive postures that can eliminate or at least deter such password guessing. require that it be encrypted using the Server Type dialog box in the Dial-Up Server Properties. Add the "LMCompatabilityLevel" Value with a Value Type "REG_DWORD = 4" to the following Registry Key: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA The Value Type 4 will prevent a domain controller from accepting LANMan authentication requests.turn off file and print sharing. choose passwords that .the LANMan version (LM hash) and the NT version (NT hash) . pass through authentication to a security provider such as a Windows NT domain controller or Netware server). Picking dictionary words or writing passwords under keyboards on a sticky note will forever be the bane of network administrators. Microsoft has added a Registry key and value that will prohibit an NT host from accepting LANMan authentication.EXE can be found in the \tools\ reskit\ netadmin\directory on most Win 98 CD-ROMS. Intruders who successfully crack a Dial-Up Server and associated share passwords are free to pillage whatever they can find. You can use the System Policy Editor (POLEDIT. The most critical weakness of the LM hash is its separation of passwords imto two 7-character halves. Tools such as LOphtrack take advantage of this weak design to simultaneously crack both halves of the password as if they were separate passwords. and enforce this across multiple systems with the System Policy Editor. How to secure a Windows NT Workstation machine? There are three primary mechanisms for guessing NT passwords over a network: manual. and even in the results of a Legion scan.Countermeasures against remote hacking Fixing this problem is easy -. set a password for Dial-In access. disable bindings to WINS Client (TCP/IP) for any adapter connected public networks. to the name of the share to prevent it from appearing in the Network Neighborhood. they will be unable to progress further into the network because Win 98 cannot route network traffic.EXE) utility to disable file and print sharing across all systems.microsft. in the output of net view commands. but nevertheless is probably the most difficult to implement: picking good passwords. Preventing password eavesdropping Disabling LANMan Authentication In NT 4. and eavesdropping on NT login exchanges to gather passwords directly off the wire. If you must enable file sharing. automated. or the domain if the machine in question is a domain controller.

_ from the repair folder. of course. Physically locking servers is the only way to prevent someone from walking up with a floppy and booting to DOS to grab SAM. It can be configured by selecting Start Menu-Run-and typing SYSKEY Updating Security Apply the most recent Service Packs and hotfixes. or copying the backup SAM. Protecting the SAM Restricting access to the SAM file is also critical. as opposed to the 40-bit mechanism that ships by default. Implementing SYSKEY The SYSKEY SAM encryption enhancement was introduced after the release of Service Pack 2. NT hotfixes can be found at ftp://ftp. 8.are exactly 7 or 14 characters in length. SYSKEY establishes a 128-bit cryptographic password encryption key.com/bussys/winnt/winnt-public/fixes/.microsoft. and there is often no other recourse for some kernellevel vulnerabilities such as getadmin. How to secure a Windows 2000 professional machine? . The major motivation behind many of the patches released by Microsoft is security.

Sign up to vote on this title
UsefulNot useful