Security Model Changes in Windows Server 2003

Security Model Changes in Windows Server 2003

Windows Server 2003 contains numerous enhancements and modifications compared to the older members of Windows server family. Built-in .NET Framework support, hot-add memory, updated kernel and UI APIs, improved heap management, vectored exception handling, and many other features make it a significant improvement over Windows 2000 servers; and each of these features merits a discussion beyond the scope of this chapter. In this section I focus on changes in the Windows Server 2003 security model.

Changes in Internet Information Server Security

The following list introduces some of the most important changes in the Windows security model.

• Windows Server 2003 comes with the new version of IIS: IIS version 6.0. Except with Web Server Edition of Windows Server 2003, IIS 6.0 is not installed by default.

• IIS 6.0 is installed in a " locked-down " mode. In the default configuration, IIS 6.0 will serve only static content. An attempt to serve a dynamic file (such as ASP, ASP.NET, or server-side includes (SSI)) results in a "file not found" error. All files with dynamic extensions must be added to the web service extensions list using IIS Manager.

• When IIS 6.0 is installed, its worker processes run under a Network Service user account. This account, new to Windows Server 2003, is associated with limited privileges and provides a more secure execution environment.

• The new implementation of SSL offers a 35% increase in performance over the previous one. The SSL session cache can now be shared by multiple processes, which reduces overall load on the authentication modules.

• IIS comes with a new mode of authorization, URL authorization, which works in conjunction with a new tool called Authorization Manager. Authorization Manager and URL authorization allow administrators to control access to URLs based on the user's role and provide a very powerful tool for enhancing server security.

• Advanced digest authentication is a new authentication mechanism introduced with IIS 6.0. The user's credentials are stored on a domain controller as an MD5 hash. This authentication mechanism requires IE 5 or later and provides enhanced security compared to the original digest authentication.

Changes to the Default Permission Settings

Windows Server 2003 demonstrates Microsoft's shift of focus from access as the top priority to security. This shift is most visible in the changes made to the default access rights. In the previous versions of Windows, members of the Everyone group had Full Control access to shares and NTFS permissions. The locked-down default settings of Server 2003 give Everyone group members only noninheritable read and execute permissions to the drive roots. When new files are created, the permissions are not inherited from the parent and must be set manually. New shares give by default only read permission to the Everyone group .

Another new access restriction in Windows Server 2003 applies to the anonymous users. They do not receive a membership in the Everyone group and instead belong to the new built-in Anonymous Logon group.

To find out more about these and other new Windows Server 2003 features, use the numerous resources available on the following Microsoft site: www.microsoft.com/windowsserver2003/default.mspx.