494    Chapter 8 • Infrastructure Security: System Hardening

             Windows XP/.NET/Vista environment. It may also be possible to check or
             modify configurations at the network adaptor properties and configuration pages.
             In either case, it is important to restrict access and thus limit vulnerability due to
             unused or unnecessary services or protocols.


                Eliminate External NetBIOS Traffic
           Notes From the Underground…
                One of the most common methods of obtaining access to a Windows-
                based system and then gaining control of that system is through Network
                Basic Input/Output System (NetBIOS) traffic. Windows-based systems use
                NetBIOS in conjunction with server message block (SMB) to exchange ser-
                vice information and establish secure channel communications between
                machines for session maintenance. If file and print sharing is enabled on
                a Windows computer, NetBIOS traffic can be viewed on the external net-
                work unless it has been disabled on the external interface. With the pro-
                liferation of Digital Subscriber Line (DSL), Broadband, and other “always
                on” connections to the Internet, it is vital that this functionality be dis-
                abled on all interfaces exposed to the Internet.
                     While discussing the concepts of enabling and disabling protocols
                and services, we need to take a moment to work with a tool that is used
                to check the status of a network and its potential vulnerabilities. Exercise
                8.2 uses Nmap to look at the configuration of a network, specifically to
                generate a discussion and overview of the services and protocols that
                might be considered when thinking about restricting access at various
                levels. Nmap is used to scan ports; it is not a security scanner. Security
                scanners that can be used to detail OS, NOS, and hardware or protocol
                vulnerabilities include products like Big Brother and LANGuard Network
                Security Scanner, mentioned earlier. If using a UNIX-based platform, a
                number of evaluation tools have been developed, such as Amap, P0f, and
                Nessus, which can perform a variety of port and security scans. Although
                Exercise 8.2 discusses potential vulnerabilities and the tightening of var-
                ious OS and NOS platforms, the discussion can also be applied to the net-
                work devices being used.




              EXERCISE 8.2


              SCANNING FOR VULNERABILITIES
                  In this exercise, you are going to examine a network to identify open
                  ports and what could be potential problems or holes in specific systems.
                  In this exercise, you are going to use Nmap, which you can download



          www.syngress.com