(Page 9 of 10)
Hardening NNTP Servers
NNTP, the Network News Transfer Protocol, handles the distribution of Usenet News, over port 119. As with email messages, News article headers can be forged, and news server clients can consume lots of bandwidth, so if possible, run a News server that requires authentication and takes steps to disallow the posting of forged articles.
The next area you looked into was hardening file and print servers. In addition to making sure your OS software is up to date, and important action to take is to pay attention to configuration details, as one slip can place a random user into, for example, the Windows Local Administrators group, allowing them access to many sensitive files. When determining whether to grant a remote request for access to a file, the file server will typically start with the OS-level file permissions set on that object, and then further restrict those permissions if the share permissions are set to deny certain types of access like write, or access to certain individuals or groups.
You then explored hardening DHCP servers, which are used to assign and distribute host configuration information to clients who request it; information assigned may include IP address, gateway and other configuration details. DHCP-related risks include denial of service to legitimate network hosts if rogue clients unnecessarily request IP addresses, and use up the pool of available addresses, and the risk of a rogue DNS server on the network being run to hand out an illegitimate DNS server address which contains invalid data an attacker could use to redirect legitimate traffic to illegitimate sites. Because of this DNS vulnerability, it is suggested that DHCP be configured to NOT hand out DNS server addresses, and that that be hand-configured at each client machine. Normally, DHCP communicates via broadcast and is thus restricted to communication within a subnet only; if you wish DHCP requests to cross subnet boundaries, you must enable DHCP forwarding on your routers and allow UDP port 67 traffic.
Home - Table Of Contents - Contact Us
CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004
Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.