CompTIA Security_ Deluxe Study Guide_ SY0-201 - Emmett Dulaney [123]
FIGURE 5.1 NetBIOS binding to the TCP/IP network protocol
Make sure your network protocols and adapters have the proper binding configurations. Don’t bind NetBIOS to a protocol unless necessary. Figure 5.2 shows the network binding of a typical Windows XP system. When two computers, such as a server and a client, attempt to communicate with each other, they must first find a common language. They do so by trying different protocols based on the binding order. (Internet Protocol [TCP/IP] is the only default in the latest operating systems from Microsoft.) For that reason, the protocols most commonly used on the server/client should be at the top of the binding list.
FIGURE 5.2 Network binding in a Windows XP system
NetBEUI
NetBEUI is a proprietary protocol developed by Microsoft for Windows networks. If your entire network is configured for NetBEUI, the network will be almost invulnerable to outside attack. This is the case because NetBEUI isn’t routable, so you can’t connect it to an outside network using a router.
NetBEUI is not available by default on Windows XP Professional or Microsoft Windows Vista.
Tools such as Network Neighborhood, Explorer, and file sharing use NetBIOS for communications. Virtually all internal networking functions operate properly if NetBEUI is used for internal networking. NetBEUI wasn’t designed to provide any security capabilities, and its packets disclose a great deal about system configuration, services running, and other information that can be used to identify weaknesses in a system. NetBEUI, isn’t however, intended for large networks and is less efficient than Internetwork Packet Exchange/Sequenced Packet Exchange (IPX/SPX) or TCP/IP in such an environment.
TCP/IP
TCP/IP is vulnerable to all the threats discussed in Chapter 2, “Identifying Potential Risks.” If your system is connected to the Internet or other large-scale networks, the security of the system is tied to the vulnerability of the TCP/IP network protocol.
The current implementations of TCP/IP are relatively secure. Earlier versions of TCP/IP, as implemented by Microsoft, Novell, Apple, and other vendors, had a huge number of technical problems and security vulnerabilities. The security of the network, regardless of the manufacturer, is only as good as the implementation the manufacturer accomplishes.
Don’t jump to the conclusion that all Internet vulnerabilities are weaknesses within TCP/IP. After so many years of development and implementation, the stack is now relatively secure. Many of the newer vulnerabilities are in the operating systems and applications that use TCP/IP as the transport.
IPX/SPX
IPX/SPX is an efficient, routable protocol that was originally designed for use with Novell NetWare systems. The routers in use today don’t generally route IPX/SPX unless they’re specifically configured to do so. NetBIOS can be bound to IPX/SPX, and it won’t be vulnerable to external attack unless this protocol is routed.
Hardening Microsoft Windows Vista
Security is such a driving component of computing today that it was one of the catalysts behind the development of the most recent version of Microsoft’s workstation product. A new feature in this operating system is the ability to apply parental controls to accounts. To do so, choose the Set Up Parental Controls for Any User applet from the Control Panel, choose the user you want to apply them to, and click the On, Enforce Current Settings radio button.
From this same applet, you can also choose the Windows Vista web filter and set a web restriction level or the Time limits settings and restrict hours that the computer can be used. The former also allows you to block file