1 / 17

Windows XP SP2 & Windows Server 2003 SP1

Windows XP SP2 & Windows Server 2003 SP1. Sandeep Modhvadia | Security Technical Specialist. Agenda. Windows XP Service Pack 2 Windows Server 2003 Service Pack 1 2 years on!. Client Attacks. Malicious Web content. Malicious e-mail attachments. Buffer overrun attacks. Port-based attacks.

crumk
Download Presentation

Windows XP SP2 & Windows Server 2003 SP1

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Windows XP SP2 & Windows Server 2003 SP1 Sandeep Modhvadia | Security Technical Specialist

  2. Agenda • Windows XP Service Pack 2 • Windows Server 2003 Service Pack 1 • 2 years on!

  3. Client Attacks Malicious Web content Malicious e-mail attachments Buffer overrun attacks Port-based attacks

  4. To help protect all computers connected to the Internet or an internal network To enable a safer Internet experience for the most common Internet tasks To provide system-level protection for the base operating system To ensure that updates are easier and quicker to deploy Protection Technologies NetworkProtection Safer Weband Email MemoryProtection ImprovedMaintenance

  5. Protection Technologies • Windows Firewall • Reduction of attack surface of a Windows XP computer • More secure infrastructure for DCOM • Windows Messenger Service is off by default NetworkProtection Safer Weband Email MemoryProtection ImprovedMaintenance

  6. Protection Technologies • Windows Firewall • Reduction of attack surface of a Windows XP computer • The RPC service runs with reduced privileges • no longer accepts unauthenticated connections by default • More secure infrastructure for DCOM • Windows Messenger Service is off by default NetworkProtection Safer Weband Email MemoryProtection ImprovedMaintenance

  7. Protection Technologies • Blocking of un-requested pop-ups • More control over Active-X controls • More control over downloads • More control over attachments NetworkProtection Safer Weband Email MemoryProtection ImprovedMaintenance

  8. Protection Technologies • What is a buffer overrun? • Technologies to reduce exploitation of buffer overruns NetworkProtection Safer Weband Email MemoryProtection ImprovedMaintenance

  9. Protection Technologies • Windows Security Center • Automatic Update enhancements • Group Policy management of security features • New Wireless LAN client • Bluetooth update • SmartKey Wireless Setup NetworkProtection Safer Weband Email MemoryProtection ImprovedMaintenance

  10. What are the Goals of SP1? Enhanced Security • reduced attack surface • new security enhancements Stronger Defaults and privilege reduction on services • RPC • DCOM Support for no execute hardware • Intel • AMD Windows Firewall • Enabled for new install scenarios Provide a Security Configuration Wizard to assist IT Admins • Role-based configuration and lockdown VPN Quarantine • Client inspection • Fix-up • Isolation IIS 6.0 metabase auditing Enhanced Reliability Enhanced Performance • 10%+ improvement in TPC, TPC-H, SAP, SSL, etc.

  11. SP1 Security Features and Enhancements • Relevant XP SP2 enhancements • RPC, DCOM lockdown • Windows Firewall • Post-Setup Security Updates • Boot-time network protection for clean installs • Security Configuration Wizard • Base 64-bit extension system

  12. Windows Firewall/RPC • Goals and customer benefit • Provide by default better protection from network attacks • Focus on role-based server configuration • What we’re doing • Windows Firewall (formerly ICF) will be on by default in almost all configurations utilizing the Security Configuration Wizard • More configuration options • Group policy, command line, unattended setup • Better user interface • Boot time protection • Restrict anonymous connections to DCOM/RPC interfaces • Application impact • In-bound network connections will not be permitted by default • Listening ports only open as long as the application is running

  13. Post-Setup Security Updates • A new feature designed to protect servers between first boot and application of most recent security updates • Opens on first admin login if Windows Firewall was not explicitly enabled using unattend script or GP • Blocks inbound connections until customer clicks “Finish” on PSSU dialog box

  14. Security Configuration Wizard • Guided Attack Surface Reduction for Windows Servers • Security Coverage • Roles-Based Metaphor • Disables Unnecessary Services • Disables Unnecessary IIS Web Extensions • Blocks unused Ports, inlcuding multi-homed scenarios • Helps Secure Ports that are left open using IPSEC • Reduces protocol exposure (LDAP, NTLM, SMB) • Configures Audit Setting with high Signal to Noise • Security for mere mortals • Roles-based makes answering questions easy • Automated versus Paper-Based Guidance • Fully tested and supported by Microsoft

  15. Welcome to this TechNet Event • FREE bi-weekly technical newsletter • FREE regular technical events hosted across the UK • FREE weekly UK & US led technical webcasts • FREE comprehensive technical web site • Monthly CD / DVD subscription with the latest technical tools & resources • FREE quarterly technical magazine We would like to bring your attention to the key elements of the TechNet programme; the central information and community resource for IT professionals in the UK: To subscribe to the newsletter or just to find out more, please visit www.microsoft.com/uk/technet or speak to a Microsoft representative during the break

  16. http://www.microsoft.com/uk/technet

More Related