Essay about Server Security Policy

Submitted By crikett1980
Words: 4291
Pages: 18
Open Document
Operating Systems
Security Policy
Many security "experts" are running around these days mumbling about rainbow tables and telling us how they can crack any Windows password in 2 seconds. "Windows security sucks!" they say. Well, I'm here to tell you that if you take 10 steps to increase password security, would-be intruders can crack all day, but they won't get your Windows logon passwords.
Before you take any action, however, it's a good idea to become familiar with password authentication mechanics and to learn what types of password attacks are in use today. That way, you'll know not only how to protect yourself but also what you're protecting yourself from.
Password Authentication
Although Windows uses many types of authentication credentials (e.g., the Credential Manager cache, trusts, Local Security Authority—LSA—secrets), the 10 tips I provide are specifically for Windows logon passwords. Nevertheless, the lessons learned here often apply to other forms of authentication (e.g., smart cards, biometrics) and other types of authentication credentials.
For users to be authenticated for logon, they must supply their unique network logon identity (i.e., logon name) and password. By supplying a password that only he or she supposedly knows, the user proves ownership of the identity and can request access to protected resources. When a user first sets a password, it's stored in a password credential database. In Windows, there are only two authentication databases: the SAM and Active Directory (AD). The SAM database is used for local logons and for logons to Windows NT domains. The AD database is used for logons to Windows 2000 and later domains.
When the user inputs his or her password, the Windows logon processes (e.g., winlogon.exe, msgina.dll) convert the plaintext password to its password hash equivalent. A good password hash outputs a unique, consistent value for a given password. No two passwords should result in the same output hash. A good password hash also makes converting from the hash back to the original plaintext non-trivial for someone who doesn't know the original password.
Some password hashes, but not Windows', add a random seed value, called a salt, to the hash to ensure that no two passwords produce the same hash. Salting strengthens any password hash and requires additional computations to crack the password, so it's unfortunate that Windows doesn't use a salt.
Windows Password Hashes
The SAM and AD store passwords in their hashed form under the assumption that if the database is compromised, the passwords won't be immediately compromised as well. Fully patched versions of Windows 98 and later OSs are capable of two types of password hashes: LAN Manager (LM) and NT. The LM password hash was invented by IBM and first used by Microsoft more than a decade ago. The LM hash turned out to be a very weak hash algorithm and is easy to compromise. Any skillful password hacker can convert an LM password hash to its plaintext original in seconds.
Microsoft subsequently created the NT hash for NT. Although not uncrackable, the NT hash is significantly more difficult to crack than the LM hash. If a password is sufficiently long and complex (more on that later), a hacker can require days or months to convert the NT hash to its plaintext original. Unfortunately, NT and later versions of Windows by default store both hash values for every password. The simple step of disabling the storage of LM hashes significantly increases your network's password security.
Authentication Protocols
Win2K and later can use four authentication protocols: LAN Manager, NTLM, NTLMv2, and Kerberos. LAN Manager was the original protocol, and if LAN Manager authentication traffic is sniffed off the network, compromising the password is trivial. Microsoft released the NTLM protocol with NT, but that protocol was later found to contain flaws. Microsoft then developed NTLMv2 for Win2K. That version has withstood the test of time and
Show More

Related Documents: Essay about Server Security Policy

Essay about Kudler System

review the current security setup for Kudler Fine foods. Throughout the course of the paper, we will look at the current security setup in detail, analyze it, and decide a course of action to correct any possible issues. Scope of Work We will begin by devising a table that will list the top security threats found. These threats will then be summarized. Once the top threats have been identified and summarized, we will then focus on how to solve these issues. These security considerations will…

Words 2153 - Pages 9

Nt1330 Unit 3 Case Analysis Paper

specific security policy that covers the use of VPN? With the increase in number of individuals required to work remotely for both private and government agencies have brought about the need to connect to work servers from remote locations. Connecting remotely to a server has become a security issue over the past years due to an increase in cybercrime, where cyber criminals and malicious individuals have successful exploited the vulnerabilities in remotely connecting to servers. A security solution…

Words 393 - Pages 2

Is3220 Project Part 1 Essay

IS 3220 IT Infrastructure Security Project Part 1: Network Survey Project Part 2: Network Design Project Part 3: Network Security Plan ITT Technical Institute 8/4/15 Project Part 1: Network Survey Network Design and Plan Executive Summary: We have been engaged in business for some time, and have been very successful, however we need to re-examine our network configuration and infrastructure and identify that our network defenses are still reliable, before we make any changes. We need to…

Words 3349 - Pages 14

Nt1330 Unit 3 Assignment 1

An Identity Management server is hosted on a Red Hat Enterprise Linux 7 server which provides cross realm user authentication. The same server also hosts the network storage locations using the Samba service. The Domain Controllers and Identity Management server are configured to engage in a Forest level transitive trust. Three client machines join the servers with a Windows 7 client in each…

Words 661 - Pages 3

Nt1330 Unit 3 Assignment 1

Cracked software III. Email attachments IV. Internet V. Booting from CD Answer 1(b). The questions are like that which anti-virus is used by ISP to protect our organization data, they use single antivirus or number of antivirus to give defense-in-depth security, they need to read our TCP traffic so that they allow only those packets which are useful in organization and deny the other packets or other questions related to bandwidth, type of modem and speed. Answer 1(c). Anti-malware program helps in finding…

Words 1591 - Pages 7

ITM455 Interactive Case Activity 1 Essay

Task 1: Operational Issues & Security Policy Review Team Members: Richmond Ignacio, Veronica Perez Task: Using the COBE Problem Solving approach, review the meeting notes about the organization’s current list of 24 problems/symptoms. A). Consolidate these problems/symptoms into the top 5 categories that reflect actionable security topics the company should address in its policy. B). Then review the security policy draft and see if that topic is addressed in the new policy. C). If the topic area is…

Words 801 - Pages 4

Linux Security Task 1

James Hollenquest 8/8/14 IS 3440 – Linux Security task 1 First World Savings and Loan is a financial institution that has card transactions and loan applications online. They are currently implementing an open source for infrastructure. That could save the company over $ 4,000,000 per year in fees due to licensing for software that is currently used. They will still comply with the SOX, PCI-DSS, and GLBA acts. They are processing an online credit card transactions and all regulations must be…

Words 358 - Pages 2

Nt1330 Unit 6 Assignment 1

Task 6 FTP server is an application that run the FTP. File Transfer Protocol (FTP) is a protocol that use TCP/IP connection to transmit files between computers (client and server) on the internet. Briefly FTP is an internet services that helps to establish the connection to a server or computer. In order to access the FTP server the client need to be connected to the internet via LAN, modem or any other transmission media. Most commonly FTP vulnerability such as Bounce Attack, Spoof Attack, Packet…

Words 560 - Pages 3

Aircraft Solutions Project Essay

Company Overview 3 Vulnerabilities 3 Hardware Vulnerabilities 3 Policy Vulnerabilities 6 Recommended Solution - Hardware 7 Impact on Business Processes 10 Recommended Solution – Policy 10 Impact on Business Processes 11 Budget 11 Summary 11 References 13 Executive Summary The purpose of the report is to assist Aircraft Solutions (AS) in indentifying the most significant Information Technology (IT) security vulnerabilities. AS products and services are at the forefront…

Words 2434 - Pages 10

Nt1330 Unit 3 Data Protection Paper

This paper identifies primary security issues and prerequisites of data protection related to distributed data storage systems. I classify the security services and techniques in existing or proposed storage systems. Storage centric Data Protection: Network Attached Storage Devices: Network attached storage device is a distributed file system that attempts to expand security by attaching the storage device straightaway to the network and eliminating the file server…

Words 1585 - Pages 7