WINDOWS SECURITY

By: Jonathan Hassell	Search For More Articles! Disclaimer Author Terms
Rating: / 4
2004-07-12

Table of Contents:

Hardening: Theory and General Practice

What Is Security?

The Security Dilemma

Enemies of Security

Some General Hardening Suggestions: Software Considerations

Checkpoints

	ADD THIS ARTICLE TO:
	Del.ici.ous	Digg
	Blink	Simpy
	Google	Spurl
	Y! MyWeb	Furl

Email Me Similar Content When Posted

Add Developer Shed Article Feed To Your Site

Email Article To Friend

Print Version Of Article

PDF Version Of Article

Hardening: Theory and General Practice - Enemies of Security

(Page 4 of 6 )

To achieve truer security, system administrators need to examine a method for analyzing systems to probe their weaknesses and detail their own assumptions about those systems’ security, rather than blindly placing trust in them. If security is to be discussed in a more serious way, there needs to be the following:

Identification of what one is trying to protect
Evaluation of the main sources of risk and where trust is placed
Assumption of possible countermeasures to potential attacks

You can define a secure system as one in which all of the threats have been analyzed and one in which countermeasures are in place for all of the threats. There are a few stumbling blocks that hinder your ability to create secure systems. The first is complexity: Users will become impatient and work around security if it becomes too cumbersome for their work style and flow. Next is the need for backward compatibility in software. Often security is tightened in later revisions of software, but to remain operable with the previous version of a package, security restrictions might be loosened. Additionally, backups create a somewhat obscure but very real hole. The fact that backups are usually conducted with redundancy in mind might translate to more opportunity for data to be stolen. Security must be applied to backups as well as normal operations.

The problem, however, is how to know what all of the possible threats against a system are. That’s where this book comes in. You can’t always know all of your threats; it’s impossible to have that sort of knowledge. But you can batten down the hatches and take precautions to forestall and thwart any future attempted intrusions.

Some General Hardening Suggestions

In the rest of this chapter, I’ll discuss some points that you can consider to harden your network overall. I’ve broken them down into three encompassing categories: software, hardware, and network considerations. Again, the following aren’t meant to be specific suggestions; they’re meant more as broad launching points for the specific checkpoints presented later in this book, and for future improvements to the integrity of your network that you can make on your own.

This chapter is from Hardening Windows, by Jonathan Hassell (Apress, 2004, ISBN: 1-59059-266-2). Check it out at your favorite bookstore today.
Buy this book now.

Next: Some General Hardening Suggestions: Software Considerations >>

More Windows Security Articles
More By Jonathan Hassell

Comments On: Hardening: Theory and General Practice

>>> Be the FIRST to comment on this article!

WINDOWS SECURITY ARTICLES

- Advanced Data Protection in Windows
- Basic Data Protection in Windows
- Windows XP Security
- Lucky You, Microsoft has Sent You an Email! ...
- Implementing a PKI, Part III: Managing Micro...
- Windows 2000 Security
- A Security Roadmap
- Implementing a Public Key Infrastructure (PK...
- Hardening Communications
- Windows Host Security: Network Security Hacks
- Hardening Wireless LAN Connections, Part 2
- Hardening Wireless LAN Connections Part 1
- Windows Reverse Engineering
- Microsoft's Latest Security Updates -- The G...
- Cross Site Scripting (XSS): An Overview
Find More Windows Security Articles