1 / 33

2851A_C01

2851A_C01. Microsoft Windows XP Service Pack 2 Security Technologies. Bruce Cowper IT Pro Advisor Microsoft Canada. Session Prerequisites. Experience managing Windows XP Professional desktops

moira
Download Presentation

2851A_C01

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 2851A_C01

  2. Microsoft Windows XP Service Pack 2 Security Technologies Bruce Cowper IT Pro Advisor Microsoft Canada

  3. Session Prerequisites • Experience managing Windows XP Professional desktops • An understanding of the deployment tools that are used to deploy Windows XP and updates to the desktop • Experience using Group Policy to manage desktops Level 200

  4. Session Prerequisites (cont.) OR The skills represented by taking: • Course 2285 (covering Windows XP) • Course 2297 (designing Active Directory ® and networking)

  5. Introduction to Windows XP Service Pack 2 • Introduction to Windows XP Service Pack 2 • Windows XP SP2 Network Protection Features • Reducing Applications Failures by Using Windows XP SP2 Memory Protection Features • Exploring SP2 E-Mail Handling Security Features • Browsing Securely by Using SP2

  6. The Need for SP2 Security attack trends include: • Increased uses of automation - tools for Scanning, Compromising and Propagation. • Asymmetric threats- distributed systems to attack single targets • Increased complexity -Tool signatures more complex and difficult to detect. • Infrastructure attacks- denial of service and worms • Faster detection of vulnerabilities and faster exploits. • Firewall intrusions-harnessing ‘firewall friendly’ and ‘mobile’ code

  7. What Is New in SP2? SP2 provides several built-in security technologies that reduce computer vulnerabilities. New and Improved Features: • Enhanced Network Protection • New Memory Protection • More Secure E-Mail Handling • Enhanced Browser Security • Improved Computer Maintenance

  8. How SP2 Minimizes the Attack Surface

  9. Demonstration 1: Resolving Remote Connectivity Issues by Using the Netsh Command-Line Tool You will see how to: • Allow access to MMC with the firewall enabled • Unblock a specific port via command line / script Your instructor will demonstrate how to resolve a remote connectivity issue with the netsh command-line tool.

  10. SP2 Security Management Using Windows Security Center Computer Running Security Center Automatic Update Configuration Windows FirewallConfiguration Antivirus Configuration Internet OptionsConfigurations

  11. Demonstration 2:Managing SP2 by Using Windows Security Center Your instructor will demonstrate how to manage SP2 by using Security Center. Specifically, you will learn to configure: • The Automatic Updates option • The Virus Protection option

  12. Windows XP SP2 Network Protection Features • Introduction to Windows XP Service Pack 2 • Windows XP SP2 Network Protection Features • Reducing Applications Failures by Using Windows XP SP2 Memory Protection Features • Exploring SP2 E-Mail Handling Security Features • Browsing Securely by Using SP2

  13. New Security Features in Windows Firewall On by default ü Global configuration and restore defaults ü Multiple profiles ü On with no exceptions ü Windows firewall exceptions list ü Local subnet restrictions ü Command-line support ü Boot-time security ü Unattended setup support ü RPC Support for system services ü

  14. Windows Firewall Advanced Security Features Advanced options include: • Ability to enable specific network interfaces • Basic configuration ICMP options • Connection and packet logging improvements

  15. Demonstration 3: Exploring Windows Firewall New Security Features You instructor will demonstrate: • The On by Default feature • The On with No Exceptions feature • The Windows Firewall Exceptions List • The Restore Defaults feature (advanced options)

  16. Enhanced DCOM Security DCOM Server Remote Client

  17. Processes claiming to be RPC Services e.g. Trojan Horses Other Open port Processes running on Local System, Network Service, Local Service security context Allowed Firewall Group Policy RPC Servers Remote, Anonymous Client Local Client and/or Authenticated client More Secure Remote Procedure Calls Open port Blocked accepted restricted

  18. Services Disabled by Default in Windows XP SP2 Alternative options: • Recommended resolution; rewrite application to use another method to communicate with the user • Start the Alerter or Messenger service programmatically

  19. Reducing Application Failures • Introduction to Windows XP Service Pack 2 • Windows XP SP2 Network Protection Features • Reducing Application Failures by Using Windows XP SP2 Memory Protection Features • Exploring SP2 E-Mail Handling Security Features • Browsing Securely by Using SP2

  20. Execution Protection (NX) and How It Works NX features: • CPU-aided memory protection • Memory locations tagged as nonexecutable unless location explicitly contains executable code • Buffer overrun attach protection • Currently available on some 64-bit CPUs

  21. Exploring SP2 E-Mail Handling Security Features • Introduction to Windows XP Service Pack 2 • Windows XP SP2 Network Protection Features • Reducing Applications Failures by Using Windows XP SP2 Memory Protection Features • Exploring SP2 E-Mail Handling Security Features • Browsing Securely by Using SP2

  22. Attachment Manager in Outlook Express and Windows Messenger New e-mail with attachment Different actions taken for: • Safe attachments • Unsafe attachments AES API • Suspicious attachments User Running Windows Messenger User Running Outlook Express

  23. HTML Content Blocking in Outlook Express Content Blocking Feature: • Blocks external images • New “Don’t Download External HTML Content” feature • Preserves the user's privacy and prevents future attacks Web Server Web Server Users Running Outlook Express Internet

  24. Demonstration 4: Demonstrating and configuring Attachment Handling in Outlook Express You instructor will demonstrate: • How Outlook Express Handles attachements • How to configure attachment handling in Outlook Express

  25. Browsing Securely by Using SP2 • Introduction to Windows XP Service Pack 2 • Windows XP SP2 Network Protection Features • Reducing Applications Failures by Using Windows XP SP2 Memory Protection Features • Exploring SP2 E-Mail Handling Security Features • Browsing Securely by Using SP2

  26. Managing Internet Explorer Browser Security

  27. Making the Local Computer More Secure • Internet Explorer information bar • Internet Explorer add-on installation prompt • Internet Explorer download prompt • New file handler icon • New security information area • Executable files are checked for publisher information • Outlook Express prompts

  28. Blocking Annoying Pop-Up Windows

  29. Managing Add-Ons Add­On Management and Crash Detection: • Better add-on detection • New add-on management features

  30. Demonstration 5:Popups, Scripts and Configuring Add-On Management You instructor will demonstrate: • The Information Bar with popups and scripts • How to view information about how often the add-ons have been used by Internet Explorer

  31. Session Summary • Introduction to Windows XP Service Pack 2 • Windows XP SP2 Network Protection Features • Reducing Application Failures by Using Windows XP SP2 Memory Protection Features • Exploring SP2 E-Mail Handling Security Features • Browsing Securely by Using SP2

  32. Next Steps • Microsoft Canada Technet http://www.microsoft.com/technet/canada/ • Find additional Technet events: http://www.microsoft.com/technet/canada/events/ • Share information and get community-based support for SP2 http://communities.microsoft.com/newsgroups/default.asp?icp=xpsp2&slcid=us • Get additional information about changes to functionality in SP2 http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/winxpsp2.mspx

  33. Questions and Answers

More Related