Page 56 - StudyBook.pdf
P. 56

40     Chapter 1 • General Security Concepts: Access Control, Authentication, and Auditing

             Disabling Non-essential Processes


             Processes running on your systems should be evaluated regarding their necessity to
             operations. Many processes are installed by default, but are rarely or never used by
             the OS. In addition to disabling or removing these processes, you should regularly
             evaluate the running processes on the machine to make sure they are necessary.As
             with disabling unnecessary protocols and services and systems, you must be aware
             of the need for the processes and their potential for abuse that could lead to system
             downtime, crashes, or breach. UNIX, Linux,Windows server and workstation sys-
             tems, and Netware systems all have mechanisms for monitoring and tracking pro-
             cesses, which will give you a good idea of their level of priority and whether they
             are needed in the environments you are running.

             Disabling Non-Essential Programs

             Like the other areas we have discussed, it is appropriate to visit the process of dis-
             abling or removing unnecessary programs.Applications that run in the background
             are often undetected in normal machine checks, and can be compromised or oth-
             erwise affect your systems negatively.An evaluation of installed programs is always
             appropriate.Aside from the benefit of more resources being available, it also elimi-
             nates the potential that a breach will occur.


              EXERCISE 1.04


              DISABLING WINDOWS 2003 OR WINDOWS XP SERVICES
                  As discussed in this section, it is important to eliminate unused services,
                  protocols, processes, and applications to eliminate potential security vul-
                  nerabilities. It is also important to eliminate these extra functions and
                  capabilities to maximize the performance of the systems. Items not in
                  use require no resources, so there is an added benefit to disabling
                  unused portions of the systems. In this exercise, we will disable the
                  Telnet service to eliminate the potential for attack.



              NOTE

                  Be cautious when accessing or modifying controls that may disable or
                  remove system services or processes. Incorrect settings or use of the con-
                  trols may disable your machine and require a complete reinstallation.




          www.syngress.com
   51   52   53   54   55   56   57   58   59   60   61