Page 55 - StudyBook.pdf
P. 55

General Security Concepts: Access Control, Authentication, and Auditing • Chapter 1  39

                    This is applicable for any type of operating system.The Security+ exam is
                 operating system agnostic, meaning that the same general principles apply regardless
                 of the operating system that you use. Being familiar with the services that are
                 unnecessary for the specific operating system that you are working with is an
                 important part of ensuring that the system is well secured.The basic premise is to
                 disable the services that you do not need.The list of services that this covers varies
                 by operating system or even the specific version or release of the operating system.

                 Non-essential Protocols

                 Non-essential protocols can provide the opportunity for an attacker to reach or
                 compromise your system.These include network protocols such as Internetwork
                 Packet Exchange/Sequenced Packet Exchange (IPX/SPX or in Windows Operating
                 Systems, NWLink) and NetBIOS Extended User Interface (NetBEUI). It also
                 includes the removal of unnecessary protocols such as Internet Control Messaging
                 Protocol (ICMP), Internet Group Management Protocol (IGMP), and specific
                 vendor supplied protocols such as Cisco’s Cisco Discovery Protocol (CDP), which is
                 used for communication between Cisco devices, but may open a level of vulnera-
                 bility in your system. Evaluation of protocols used for communication between net-
                 work devices, applications, or systems that are proprietary or used by system device
                 manufacturers, such as the protocols used by Cisco to indicate private interior gate-
                 ways to their interoperating devices, should also be closely examined.
                    Evaluation of the protocols suggested for removal may show that they are
                 needed in some parts of the system, but not others. Many OS platforms allow the
                 flexibility of binding protocols to certain adaptors and leaving them unbound on
                 others, thus reducing the potential vulnerability level.
                 Disabling Non-essential Systems


                 While working with the development and growth of networks and environments,
                 we often retain older systems and leave them active within the overall system.This
                 can be a serious breach, as we may not pay attention to these older systems and
                 keep them up to date with the latest security patches and tools. It is important to
                 realize that older systems, particularly those whose use is extremely low, should
                 have a planned decommissioning policy in place. Systems not necessary for your
                 particular operation should be disabled, removed, and sterilized with good informa-
                 tion removal practices before being recycled, donated, or destroyed.







                                                                              www.syngress.com
   50   51   52   53   54   55   56   57   58   59   60