DistributedNetworks DistributedNetworks


Securing Resources   «Prev  Next»
Lesson 4Protecting TCP/IP Services
Objective Effectively secure Internet services.

Protecting TCP/IP Services

Most implementation of Internet services access the underlying operating system through a specialized user account. Both NT and UNIX have specific system accounts that are used for each service or daemon. Change the default account to a custom account to enhance security.

Changing defaults

In the case of Windows NT and Internet services, all services are controlled through an account called "local system." This is not a normal account since one cannot log on directly to use it, but it does run with administrative privileges. Changing the accounts for each Internet service allows administrators to better control and audit each Internet service. The same concept holds true for UNIX daemons.

Internet servers

Critical to protecting the TCP/IP services is protecting the servers that run them. The most common Internet servers are:
  1. The HTTP (or Web) server
  2. The FTP server
  3. The SMTP server
  4. Other services, such as DNS, WINS, and SAMBA
  5. The Web server

Securing Web server

The key to securing the Web server is to segment the operating system, the Web server program, and the server's files on their own hard drive or partition. If a breach occurs, such segmentation will help limit a hacker's activity to specific hard drives, or even parts of hard drives, that are not essential to the rest of the system.

Securing FTP server

Securing the file transfer protocol (FTP) server is similar to securing the Web server. The FTP server should be separated from the files it downloads by using partitions. Whenever possible, FTP user accounts and access options must be separated from those used to access the Web.
The FTP server should not allow access to sensitive files. Otherwise, users could gain access to Web directories and overwrite Web files. This problem has happened quite often, including an episode where U.S. intelligence agencies' Web pages were altered by hackers.
Instead of keeping the operating system, program files, and HTML files and scripts for a Web page all on the same hard drive, partition the drive several times, then place only the operating system on the primary partition.

Protecting TCP/IP Services - Exercise


Click the Exercise link below to locate documentation for securing TCP/IP and network resources.
Protecting TCP/IP Services - Exercise