I

Previous page
Table of content
Next page

IAS (Internet Authentication Service), 284

ICMP traffic, allowing or disallowing, 66

.ico files, 198

Icon graphic files, 198

icons, desktop, RunAs feature used with, 60

ICS (Internet Connection Sharing) service, 272, 281

identification phase, access control, 80

identities, IIS, 422–425

IE (Internet Explorer)

advisor ratings files, 201

attacks using

browser interface manipulation, 364

buffer overflow attacks, 357

cookie manipulation, 363–364

cross-site scripting, 357–358

directory transversal attacks, 362

file execution attacks, 361–362

malicious content, 363

MIME type mismatches, 363

plug-in exploits, 364–365

URL spoofing, 354–357

zone manipulation, 358–361

competitors of, 350

defending against attacks

browsing settings for, 378–379, 384

Enhanced Security Configuration for, 385–387

Java settings for, 379, 384

links in e-mails, not following, 366

security settings for, 379–385

third-party applications for, 387

untrusted web sites, not visiting, 366

updating patches for, 367

using latest browser, 366–367

zone settings for, 367–377

Dll files loaded by, 352

Favorites list files, 197

features of, 347–349

history of, 347

security features of, 348–349, 357

security statistics for, 351–352

security zones for, 358–361, 367–377, 385–387

startup process used by, 352–353

testing for vulnerabilities, 365

URL processing by, 353

version 7, 347, 348–349, 357

versions in use, 347

versions of, which to use, 366–367

Ieframe.dll file, 352

IERESET.INF file, 24

IETF (Internet Engineering Task Force), 296

IIS Admin MMC console, 427

IIS Admin Service, 284

IIS (Internet Information Server)

additional features, installing, 443–448

administration of, 427–428

application pools, 422–425, 453–455

authentication for, 182, 428–433, 449–450

configuration information, metabase file for, 427–428

configuring, 440, 443–451

definition of, 420

Http.sys driver, 421–422

identities, 422–425

IIS_WPG (IIS Worker Process Group), 424–425

installing, 421

IUSR_<computername> account, 101, 425–427

IWAM_<computername> account, 101, 425–427

permissions for, 433–436, 450, 452–453

resources for, 456

securing

application installation and tightening, 456

cleaning and testing, 455–456

deployment, 456

hardware drivers, updating, 438

host firewall configuration, 439

IIS configuration, 443–451

IIS installation, 440

log files, monitoring, 456

logging configuration, 455

network/perimeter configuration, 437–438

operating system hardening, 441–443

operating system installation, 438–439

patch installation, 440–441

penetration tests, 456

physical security, 438

Remote Admin configuration, 439–440

steps for, 437

web sites, securing, 452–455

URLScan tool for, 450–451

version 7 modules, 449–450

versions of, default operating systems for, 420

vulnerabilities of, 419

Web Server Edition, 420

web service extensions, 436, 448–449

worker processes, 422–425

IIS logons, 182

IIS permissions, 433–435

IIS 6 Resource Kit, 456

IIS 6 Technet Resources, Microsoft, 456

IIS_WPG (IIS Worker Process Group), 108, 424–425

IKE (Internet Key Exchange), 300–301

IM (Instant Messaging), attacks using, 8

IMAP CD-Burning COM Service, 284

IMAP4 service, Microsoft Exchange, 285

impersonation

bugs in, 90

of client after authentication, 90, 500

definition of, 90

delegation and, 92

enabling and disabling, 90

levels of, 90–91

policy settings for, 496–497

in security token, 118

viewing, 91

Incoming Forest group, 108

Incoming Forest Trust Builders group, 86

Indexing Service, 272

Inetcorp.adm template, 515

Inetesc.adm template, 515

Inetres.adm template, 515

Inetset.adm template, 515

.inf files, 198

Inf11.adm template, 516

Information Store service, Microsoft Exchange, 285

Information Technology-Information Sharing and Analysis Center, 51

Infrared Monitoring Service, 284

Infrastructure Master, FSMO role, 523

inheritance of permissions, 128–129

.ini files, 198, 227–228

injection attacks, 15

.ins files, 198

insider attacks, 17

Installer Files, Microsoft (MSI), 489

Installer package files, 199

Instalr11.adm template, 516

Instant Messaging (IM), attacks using, 8

Integrated Windows Authentication (IWA), IIS, 429–430, 431, 432

Interactive group

definition of, 108

SID for, 84

Windows trusts and, 117

Interactive Training files, 194

Interactive Training files, Microsoft, 194

Internet Authentication Service (IAS), 284

Internet Connection Sharing (ICS) service, 272, 281

Internet Data Connector, for IIS, 447, 449

Internet Engineering Task Force (IETF), 296

Internet Explorer. See IE

Internet Information Server. See IIS

Internet Information Services Manager, IIS, 445

Internet Key Exchange (IKE), 300–301

Internet Printing, for IIS, 445

Internet Protocol Security working group, IETF, 296

Internet Security Association and Key Management Protocol (ISAKMP), 300

Internet shortcut files, 202

Internet Site Authority, 86

Internet site zone, IE, 360

Internet worms, 391

Internet Zone exception rules, SRP, 223, 341

Intersite Messaging service, 272, 288

Io.sys file, 25

IP address, scanning for, 9

IP Version 6 Help (6to4) Service, 284

IPSec (IP Security) protocol

AH protocol used with, 298, 299

attacks on, defending against, 321–322

authentication method for, 308–309

configuring, 302–303, 306

definition of, 295–296

ESP protocol used with, 299

example scenario for, 320–321

exemptions for, 315–317

filters for, 309–314

firewall for, 318–319, 321

IKE modes for, 300–301

key management for, 300

logging events for, 305

mode types for, 297–298

monitoring, 303–305

NAT or NAT-T used with, 301

open standard for, 296

performance of, 301–302

PFS (Perfect Forward Secrecy) for, 314–315

planning for, 319

policies for

creating, 302–303, 306–315

default, 305–306

definition of, 299

resources for, 322

rules for

creating, 308–315

definition of, 299

security associations (SAs) for, 300

Security Parameters Index (SPI) for, 300

security policy database for, 299

when to use, 319

IPSec policies, group policy, 514

IPSEC Policy Agent, 273

IPSEC Services, 273

Ipseccmd.exe program, 303

Ipsecmon.exe program, 303

ISAKMP (Internet Security Association and Key Management Protocol), 300

island hopping, 183

.isp files, 198

.it files, 196, 248

IUSR_<computername> account, 101, 425–427

IWA (Integrated Windows Authentication), IIS, 429–430, 431, 432

IWAM_<computername> account, 101, 425–427


Previous page
Table of content
Next page
Professional Windows Desktop and Server Hardening
Professional Windows Desktop and Server Hardening (Programmer to Programmer)
ISBN: 0764599909
EAN: 2147483647
Year: 2004
Pages: 122
Authors: Roger A. Grimes
BUY ON AMAZON
The .NET Developers Guide to Directory Services Programming
A Practitioners Guide to Software Test Design
Java How to Program (6th Edition) (How to Program (Deitel))
Cisco Voice Gateways and Gatekeepers
Microsoft VBScript Professional Projects
GDI+ Programming with C#
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy