Đang chuẩn bị nút TẢI XUỐNG, xin hãy chờ
Tải xuống
Nếu bạn phải cho phép truy cập từ xa tới máy chủ X của bạn, xác định mỗi máy chủ theo địa chỉ IP. Hãy nhớ rằng bất kỳ người sử dụng trên máy chủ đó có thể kết nối đến máy chủ X của bạn và snoop đi. Các biện pháp an ninh khác bao gồm sử dụng các cơ chế xác thực | 555 Chapter 14 Advanced Techniques right-clicking the desired folder or file in the Windows Explorer selecting Properties Security tab Auditing button and making the appropriate entries. NOTE On NT4 prolific auditing was known to incur a performance penalty so many people did not enable it. However testing indicates that Windows 2000 appears to have significantly reduced the overhead of auditing and may not suffer any noticeable slowdown even with all settings enabled. Of course even the most robust logging is worthless if the logs aren t reviewed regularly or if they are deleted or overwritten due to lack of disk space or poor management. We once visited a site that was warned of an attack two months before anyone investigated the deed and if it weren t for diligent log maintenance on the part of systems administrators the intrusion would never have been verified. Develop a policy of regular log archival to avoid loss of such evidence many companies regularly import logs into databases to facilitate searching and automated alerting . Also periodically keep an eye out for mysterious account changes. Use third-party tools to take snapshots to assist with these tasks. For example Somarsoft s DumpSec formerly DumpACL DumpReg and DumpEvt http www.somarsoft.com can pretty much capture all relevant information about an NT 2000 system using simple command-line syntax. Additional information on NT 4 tools can be found at http resourcelink.mspress.microsoft.com reslink nt40 toolbox default.asp. TROJANS Popularity 10 Simplicity 8 Impact 10 Risk Rating 9.5 As noted in the introduction to this chapter a Trojan horse is a program that purports to be a useful software tool but it actually performs unintended and often unauthorized actions or installs malicious or damaging software behind the scenes when launched. Many of the remote control back doors we ve discussed previously can be packaged innocuously so that unsuspecting end users have no idea that they ve installed such a .
