Windows_ 2000_ Windows XP 网络安全.pptVIP

SEC400: Windows? 2000/ Windows XP 网络安全张执玉系统工程师微软（中国）有限公司 大纲 企业网络客户端 威胁和防范 Internet connection firewall IP security 企业网络客户端 Large groups of trusted users and computers Typically… Insecure systems Used by trusted users Users are local administrators Little central control over security Users install untrusted, possibly infected software Mobile – connect to many public networks, then back to business network 企业网络客户端 “Our firewall will protect us” Wrong! No protection from internal systems Where’s the defense in depth? Infected e-mail spreads easily within Back-door Trojans leap from machine to machine Often connected to public networks directly Trojans And Virii Delivered through e-mail or infected programs Run as logged on user Very bad if it’s a corp-trusted user! Deadly if user is local admin Send personal data to attackers Identity theft of user ID and password Sensitive data theft Send malicious data to attack others Open holes for access from Internet Enable attacker to control your PC Enable your machine to store and serve “bad” data 系统安全危机 Attacker access from Internet Port scan isn’t an attack, but probing for weaknesses, once in: Run scripts scanning for known weaknesses Steal your data, passwords Infect your computer with trojans to spread infection Backups won’t help if not “clean” Network traffic is visible Network addresses, e-mail, Web page URLs, Web page content, data files, password forms Passive collection leads to database tracking Port Scan 防范 Defense in depth Network Platform Application Users Define policies Without these, everything else is useless Test enforcement Monitor adherence 防范 Principle of least privilege (POLP) Users aren’t local administrators Trust those who are admins, though Configure trust relationships only where there is a business need Appropriate access lists and rights, again following business needs 防范 Trusted platform for trusted users Anti-virus programs Up-to-date patches and services packs Administrator-managed