testuser1 - PowerPoint PPT Presentation

About This Presentation
Title:

testuser1

Description:

sdfsdfsdfsf – PowerPoint PPT presentation

Number of Views:1
Slides: 38
Provided by: testuser1
Tags:

less

Transcript and Presenter's Notes

Title: testuser1


1
?????????? ?????? ????????
2
??????????
  • ?????? ???????????? ????????
  • ???????????? Active Directory ? ??????
    ???????????? ??????
  • ?????? ???????? ? ??????? ???????? ???????????? ?
    ????????? ???????

3
???????? ???????????? ????????
  • ??????????????????
  • ?????? ?????????? ?? ???????????????????? ???????
  • ???????????
  • ???????? ? ????????????? ?????? ??????????????
    ????????
  • ???????????
  • ?????? ?????????? ?? ???????????????????
    ???????????

4
???????? ????????????
  • ????????????
  • ?????? ? ?????????
  • ??????????
  • ????????????
  • ????????????

???????? ? ??????????
???????? ? ?????????
????????????
?????? ??????????? ?????????????
5
????????????? ?????
  • ?????? ????????? ? ????????????
  • ??????? ??????? ? ??????????? ???????????
  • ????????? ??????? ?????? ? ?????????????? ??????
  • ?????????? ?????? ?? ??????? ? ???????????
    ????????????
  • ??????????? ?????????? ??????
  • ?????? ???????
  • ??????????? ????????? ? ??????????
  • ?????????? ?????????? ????? ? ??????????
  • ?????? ? ?????, ??????????? ??? ??????
  • ?????? ???????????? ????? ????????? ?
    ??????????????
  • ??????????
  • ?????? ????? ????????????? ??????? ? ?????????
    ?????? ? ???

6
??????????? ? ????????
  • Windows Server 2003 Security Guide
  • ??????????? ?? ?????? ????????
  • ?????????? ??????????????
  • ???????? ??????? ???????? ??????
  • ???????????? ?? ?????? ????????? ????? ????????
  • ?????????????? ??? ?????????? ?????? ? ???????
    ????????? ??????? Active Directory
  • ????? ???????? ???????????? ? ?????????
  • www.microsoft.com/security/guidance/prodtech/Win
    dowsServer2003.mspx

7
?????? ???????? ?? ?????? ????????
???????????? ????????????? ??? ?????????? ?
???????????
?????????? ??????? ?? ????? ? ????????????
????????? ???????? ??? ???????????????? ?????????
??????
????????? ???????? ??????, ?????????????
?????????? ??????? ?????? ? ?????????? ??
??????????
?????????? ?????????? ? ??????? ?????? ? ????????
8
??????? ????????????
  • ????????????? ?????????? ??????? ??????
    Administrator ? Guest
  • ???????? ?? ?????? ? ????????
  • ?????????? ????? ??????? ? ??????? ??? ?????????
    ??????? ???????
  • Administrator, Support_388945a0, Guest
  • ?? ???????????? ??? ?????? ???????? ????????
    ??????? ??????
  • ???????????? ???????? ???????? ??????? NTFS ???
    ?????? ?????? ? ?????

9
??????????
  • ?????? ???????????? ????????
  • ???????????? Active Directory ? ??????
    ???????????? ??????
  • ?????? ???????? ? ??????? ???????? ???????????? ?
    ????????? ???????

10
?????????? Active Directory
  • ???
  • ????????????? ??? ???????? ???????????? Active
    Directory
  • ?????
  • ??????????????? ?????????????
  • ????????? ????????
  • ???????? ?????????? ??? ????????? ???????
    ????????????

11
?????????? ? ???????????? ????????? ???????
???????? ??????
???????? ???????????? ??
???????? ?????? ??
???????? ?????
12
?????????????????????? ?????????? ??????????
13
?????? Active Directory
  • ?????? ??????????????
  • ???????????????? ????????-?????????
  • ????????? ????
  • ?????????????? ?????????-?????????
  • ?????? ?????
  • ??????????? ?????
  • ??????????? ????? ?????
  • ??????????? ?????????? ?????
  • ????????? ??? ?????? ?? ?????
  • ???????? ?????????? ????? ???????? ?? ??????
    ?????????/?????

14
?????? ?????? ?????????
  • ???? ??????????
  • ???????? ????????? ???????/???????????
  • ????????? ??????????? ????????
  • ??????????? ???? ?????? ????????
  • ??????????? ????????? ? ???????? LSA
  • ??? ?????????? ???? ?????
  • ???????? ?????????? ?????? ? ??????????? ??????
  • ???????? ????? ?????????????? ?????
  • ? ?????? ???????????? ??????? ???? ?????????????

15
?????? ?????? ?????????
?????????????????????
?????????????
a
???????????????????????????????
??????? ???????
???????????????????
??????????????????
????????????????
b.a
?????????? ??????
16
?????? ?? ?????? ??????
  • ????????? ???????? ??? ??????
  • ??????????? Default Domain Policy GPO ???
    ???????? ????? ???????? ??? ??????
  • ???????? ???????, ??????? ???????, ?????????
    ????????? Kerberos
  • ????? ????????? ???????? Active Directory
  • ?????????? ??????????????? ?? ??????????
  • ?????????????? ?????
  • ?????????????? ??????
  • ??????? ????????????? ? ???????? ????????????????
    ??????????

17
??????????? ????????
Domain Policy
  • ???????? ??????????????? ?????????????
  • ????????? ????????? ??? ?????? ????
  • ??????????? ????????? ???????? ??? ?????? ????
  • ?????????? ????????? ??? ???????????? ??????
  • ????????? ???????? Default Domain Controllers
    Policy

Domain
Member Servers
Domain Controllers Policy
Member Server Baseline Policy
Domain Controllers
Print Server Policy
Operations Admin
Print Servers
File Server Policy
Operations Admin
File Servers
Web Service Admin
IIS Server Policy
Web Servers
18
?????? ????????? ?????? ???????????? ??????
????????? ?? ????????? ??????? ????????????
?????? ? ?????????? ?? ???? Administrators, Authenticated Users, ENTERPRISE DOMAIN CONTROLLERS, Everyone, Pre-Windows 2000 Compatible Access Administrators, Authenticated Users, ENTERPRISE DOMAIN CONTROLLERS
????????? ??????????? ???????? Administrators, Account Operators, Backup Operators, Print Operators, Server Operators Administrators
?????????????? ?????? ? ????????? Administrators, Backup Operators, Server Operators Administrators
SYSKEY ???? ????????? ???????? ? ???????? ???????? ?? ?????? ????? 1. ????????????? ?????? ?????? ? ?????? ??? ??? ?????? ????? 2. ???? ????????? ???????? ? ???????? ?? ???????
19
?????????????????? ??????????? ? ??????? SYSKEY
20
?????? ???????? ?? ?????? ????????????
????????? ? ??????????? ??????????? ?????? ??????
? ?????????? ?????????
?????????? ? ????????? ??????? ??????? ?????????
? ?????????????? ????????????
?????????? ????????? ????????? ?????? ? ?????????
???????? ??? ???????????? ??????
?????????? ?????????? ?????? ????????????
21
??????????
  • ?????? ???????????? ????????
  • ???????????? Active Directory ? ??????
    ???????????? ??????
  • ?????? ???????? ? ??????? ???????? ???????????? ?
    ????????? ???????

22
???????? ????????????? ???????? ????????????
????????? ? (???? ?????) ?????????????? ??????
????????????
????? ??????????? ??????? ???????????????? ???
????????? ? ??????? ??????? Security
configuration and analysis
?????????????? ???????? ????? ??????? ? ???
??????? ????????????
??????? ??????? ? ?????????? ?????
23
??????? ?????? ????????
24
Member Server Baseline Security
Domain Policy
  • ??????? ?????? ??? ???? ????????, ?????????? ?
    ????? ??????????
  • ???????? ??????
  • ????? ?????????????
  • ????????? ????????????
  • ????????? ????????
  • ????????? ????????? ?????

Domain
Member Servers
Domain Controllers Policy
Member Server Baseline Policy
Domain Controllers
Print Server Policy
Operations Admin
Print Servers
File Server Policy
Operations Admin
File Servers
Web Service Admin
IIS Server Policy
Web Servers
25
??????? ????????? ??????
  • ????????? ?????????
  • ??????? ???? ???????? ??? ?????????? ???????
  • ???????? ??????? ???????????? ????? ????????? ?
    ?????????
  • ??? ????????????? ???????? ????????? ? ??????
    ???????????? ?????????? ????????? ??????
  • ?????? ?? ????????? ???????????
  • ????????? ?????????????? LM ? NTLM v1
  • ???????? ?????? NTLM v2
  • ????????? ??????????? ??????????? ?????????????

26
??????? ????????? ??????
  • ??????????? ??? ????????
  • 10 ??
  • ?? ???????????? ???????
  • ????? ???????? ? ?????????? ???????
  • ??????????? ????????????, ?????????? ????????
    ????????, ?????? ? ????????, ????????? ???????,
    ????????? ???????
  • ????? ?????????? ???????
  • ?????? ? ?????? ????????? ? ?????????????
    ??????????

27
?????? ???????? ??????????????
  • ??????? ?????? ???????????? ??? ??
    Infrastructure Servers
  • ????????????? ?????????????? ????????? (???
    ?????????)
  • ?????? ??????? DHCP
  • ?????? ?? DoS-???? ?? ?????? DHCP
  • ????????? ?????? ??? DNS
  • Active Directory-integrated
  • ??????? ?????? ??? ????????
  • ?????????? ???????? ?????? ? ??????? ????????
    IPSec

28
?????? ???????? ????????
  • ??????? ?????? ???????????? ??? ?? File
    Servers
  • ????????????? ?????????????? ?????????
  • ????????? ?????? DFS ? FRS, ???? ??? ??
    ????????????
  • ????????? ??????? ????? ??????? ? ???????
    ?????????
  • ????? ??????? ? ????????? ??????
  • ?????????????? ??? ????????, ??? ? ??????????
    ??????? ???????

29
?????? ???????? ??????
  • ??????? ?????? ???????????? ??? ?? Print
    Servers
  • ????????????? ?????????????? ?????????
  • ?????? Print Spooler ?????? ???? ??????? ?
    ???????????????
  • ?? ?????? ??????? ??????
  • ??? ?????????? ?????? ????????????? ? ????????
    ?????? ????? ????????? ????? ???????? ???????
    ???????????? ? ?????????? ????????? SMB

30
?????? ???????? IIS 5.0
  • ??????? ?????? ???????????? ??? ?? IIS Servers
  • ????????????? ?????????????? ?????????
  • ?????????? IIS Lockdown ? ????????? URLScan
  • ???????? ?????? ??????????? ?????????? IIS
  • ?????????? ????? ??????? (NTFS) ??? ?????,
    ?????????? ????? ???-??????? ? ??????????
  • ?????????? ??? ????? ?? ????????? ????
  • ???? ????????, ?? ????????? ??????????????
    ?????????? ?? ?????? ? ?????????? ??? ???-?????
  • ?????????? ??? ?????????? ??????? ??? ???????
    ??????? ??????
  • ????????????? ??? ?????, ????? 80 and 443 ?
    ??????? ???????? IPSec

31
???????????? IIS 6.0
  • ?????????? ??????????? ?? ?????????
  • ? Windows Server 2003 IIS 6.0 ?? ????????? ??
    ??????????
  • ?? ????????? ???????? ????????? ??????
  • IIS Lockdown ? URL Scan
  • ?? ????????? ????????????? ?????? ???????????
    ???????
  • Web Service Extensions
  • ?????????? ??? ?????? ??????????
  • ????? ? ??????????
  • ????? ??, ??? ? IIS 5.0

32
?????? ????????, ?? ?????????? ? ?????
  • ?????????, ??????? ?? ???????? ??????? ??????,
    ?????????? ????????? ? ??????? ????????? ???????
  • ??? ????????? ????? ?????? ? ??????,
    ??????????????? ?? ????????
  • ???????? ??????????? ??????? ??????????? ???????
    ???????????? ??? ??????? ???????
  • ??? ?????????? ???????? ????? ????????????
    ??????? Security Configuration and Analysis ???
    ??????? Secedit
  • Security Configuration And Analysis
  • ??????????? ?????????? ??? ??????? ????????
    ??????? ? ?????????? ????????
  • Secedit
  • ?????????? ????????? ?????? ??? ???????????????
    ?????????? ????????

33
??????????????????, ?????? ? ?????????? ???????
???????? ????????????
34
?????? ???????? ?????? ??????? ????????
?????? ????????? ?????????? ??????? ???????
???????? ?????? ???? ?????? ?? ???????, ???????
?????????? ??? ?????????? ????
???????? ?????? ?????? ????????
?????????? ???????? ?????? ? ??????? ????????
IPSec
???????????? ??????????? ???????? ??? ????????,
??????????? ???????????? ????????? ?????
35
??????????
  • ?????????????? ?????? Microsoft ?? ????????????
  • www.microsoft.com/security
  • ??? ?????????????? ITwww.microsoft.com/technet/s
    ecurity
  • ?? ??????? ????? http//www.microsoft.com/rus/sec
    urity
  • ??????????? Microsoft ?? ?????? ????????
  • http//www.microsoft.com/technet/treeview/default.
    asp?url/technet/security/prodtech/win2003/w2003hg
    /sgch00.asp

36
2004 Microsoft Corporation. All rights
reserved. This session is for informational
purposes only. Microsoft makes no warranties,
express or implied, in this summary.
37
(No Transcript)
Write a Comment
User Comments (0)
About PowerShow.com