Page 54 - StudyBook.pdf
P. 54

38     Chapter 1 • General Security Concepts: Access Control, Authentication, and Auditing

             Disabling Non-essential Services,

             Protocols, Systems and Processes


             This section of the Security+ exam covers a number of different areas that should be
             examined and controlled in your network and system environments.We hear often
             that we should disable unnecessary or unneeded services.While here, we will look
             not only at services, but also at protocols, systems, and processes that rob systems of
             resources and allow potential attacks to occur that could damage your systems.
                 The basic premise behind this discussion is very simple. If there is something
             enabled that is not being actively used, it is an unnecessary security risk.The solu-
             tion is simply to disable or inactivate the service, protocol, system, or process which
             is not needed. Keep in mind that some of these may not be actively used by indi-
             viduals, but may be dependencies for other services, protocols, systems, or processes.
             Consequently, you should be careful when you are disabling things and ensure that
             you have a good understanding of exactly what it is you are doing.
             Non-essential Services


             Let’s begin with a discussion about the concept of non-essential services. Non-
             essential services are the ones you do not use, or have not used in some time. For
             many, the journey from desktops to desktop support to servers to entire systems
             support involves a myriad of new issues to work on.And as we progressed, we
             wanted to see what things could be done with the new hardware and its capabili-
             ties. In addition, we were also often working on a system that we were not com-
             fortable with, had not studied, and had little information about.Along with having
             a superior press for using the latest and greatest information, we hurried and imple-
             mented new technologies without knowing the pitfalls and shortcomings.
                 Non-essential services may include network services, such as Domain Name
             System (DNS) or Dynamic Host Control Protocol (DHCP),Telnet,Web, or FTP
             services.They may include authentication services for the enterprise, if located on a
             non-enterprise device.They may also include anything that was installed by default
             that is not part of your needed services.
                 Systems without shared resources need not run file and print services. In a
             Linux environment, if the machine is not running as an e-mail server, then remove
             sendmail. If the system is not sharing files with a Windows-based network, then
             remove Samba. Likewise, if you are not using NIS for authentication, you should
             disable the service or remove it.





          www.syngress.com
   49   50   51   52   53   54   55   56   57   58   59