Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Windows 2003 Server Hardening

from [Aleksander P. Czarnowski] Network Security [Permanent Link]
Subject: RE: Windows 2003 Server Hardening
Date: Fri, 19 Aug 2005 21:11:45 +0200 
Would anyone happen to have a document or recommendations for hardening a
Windows 2003 Server public facing Web/FTP/Mail server?


Many publications does not look at this issues at architecture level but rather 
focus on base system and particular server application hardening.

First of all I wouldn't put all those services on one host. Secondly I would 
reconsider using FTP - while IIS FTP has a very good record in terms of 
security, other popular Windows and Unix FTP servers has been vulnerable to 
many buffer overflow / format string attacks in the past. 

Secondly I would advise to implement strong network traffic filtering both 
inbound and outbound (which can limit risk of penetrating system by script 
kiddies who are not able to rewrite shellcode to do something else than reverse 
shell).

Also snort - in proper configuration, even installed on the server itself - can 
be very good add-on.

Keep in mind that there are few interesting HIDS solutions available for Win32 
systems that extend VS /GS cookie based stack protection and DEP mechanism. 
Coming down to code security it is important to review (web)applications that 
are installed and available to users. Such approach in case of MS IIS 
technology has been demonstrated here:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/THCMCh21.asp

It demonstrates for example use of ILDASM for binary code auditing created with 
.NET.

Just few thoughts
Best Regards,
Aleksander Czarnowski
AVET INS
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Entrust - Identity Guard - Any experience?, Rishi Pande
Next by Date:  Re: anti-phishing implementation, Rob Skedgell
Previous by Thread:  RE: Windows 2003 Server Hardening, Sarbjit Singh Gill
Next by Thread:  Re: MD5 Password encoding (was: Defeating Citi-Bank Virtual Keyboard Protection), mike
Indexes:  [Date] [Thread] [Top] [All Lists]