[ Pobierz całość w formacie PDF ]
.Security templatescan be created or modified using the Security Templatessecurity templatesnap-in.In Microsoft Windows 2000 and later, a collection ofSee Also: Security Configuration and Analysissettings defining security policy for a computer.Overviewsecurity zoneSecurity templates are *.inf files used for defining pol-A security feature implemented by Microsoft Interneticy settings for securing different aspects of a computerExplorer for safer browsing.running on the Windows platform.Security templatesinclude settings for the following: OverviewSTo make browsing the World Wide Web a safer experi��% Account policies concerning passwords, lockouts,ence, Internet Explorer divides URLspace (the abstractand Kerberos settingsspace of all possible URLs in the world) into different�% Local policies concerning user rights and logging of zones, with each zone having its own security template.security events The purpose of this approach is to allow users to assigna site to a zone to control which actions can be per-�% Membership restrictions for local groups on theformed on the browser for sites in that zone.Each zonesystemhas its own default security template defining its secu��% Security for registry keys on the system rity policy settings, but each zone s settings also can be308SendIP SendIPcustomized if required to prohibit or allow different There is also a fifth implied zone called the Localforms of content.Examples of policy areas in zone Machine or My Computer zone that applies to any filessecurity templates include the following: stored on your local computer.This zone cannot be con-figured using the Web browser interface and can be�% Whether ActiveX controls and browser plug-insmodified only using the Microsoft Internet Explorermay be downloaded, installed, or usedAdministration Kit (IEAK).�% Whether persistent or per-session cookies canThe default level of security associated with each zonebe savedis as follows:�% Whether files and fonts can be downloaded�% Local Intranet: Medium for Internet Explorer 4�% The safety level in which the Java Virtual and medium-low for Internet Explorer 5 and 6Machine runs�% Trusted Sites: Low for all versions of Internet�% Miscellaneous security settings involving certifi� Explorercates, software channels, drag and drop, frames,�% Restricted Sites: High for all versions of Internetand so onExplorer�% Settings for active scripting and scripting of Java�% Internet: Medium for Internet Explorer 4, 5, and 6appletsbut high for Internet Explorer 6 on Microsoft Win��% What forms of authentication are allowed dows Server 2003There are four different security zones to which you can Notesadd sites or domains: An easy way to tell which zone your current Web pagebelongs to is by looking at the icon at the right side of�% Local Intranet: Contains all network connectionsthe Internet Explorer status bar.established using a Universal Naming Convention(UNC) path.It also includes Web sites that bypass aSendIPproxy server or have names without periods (suchA tool for sending arbitrary Internet Protocol (IP) packets.as http://servername), provided these sites are notassigned to another zone.OverviewSendIP is a command-line program developed by Mike�% Trusted Sites: Contains sites you explicitly trust asRicketts, a software engineer working at Hursley Labo�safe.Examples of trusted sites might be Web sitesratories for IBM UK.Using SendIP, you can create aon your company intranet or the site of a businesspacket from scratch and assign it any header optionspartner you have confidence in.There are initiallyyou desire.SendIP allows you to create a wide range ofno sites in this zone until you add them.different kinds of packets, including the following:�% Restricted Sites: Contains sites you explicitlyS�% Internet Protocol version 4 (IPv4) or Internet Proto�choose not to trust.Examples of restricted sitescol version 6 (IPv6) raw packetsmight be sites with malicious scripts or those fromwhich viruses can be downloaded.There are ini��% Transmission Control Protocol (TCP) packetstially no sites in this zone until you add them.�% User Datagram Protocol (UDP) packets�% Internet: Contains all Web sites not included in any�% Internet Control Message Protocol (ICMP) packetsother zones, which by default is any site on theInternet.�% Routing Information Protocol (RIP) packets309sensitive data server certificate�% Border Gateway Protocol (BGP) packets to minimize the impact of the different ways PII is han�dled by different economies around the globe.�% Network Time Protocol (NTP) packetsSee Also: personally identifiable information (PII),SendIP also allows you to add an arbitrary data payloadprivacy, Safe Harbor Agreementto the packet and to calculate or forge a checksum toattach to the packet.SendIP is popular with the hackingSERPENTcommunity, both white and black hat, for its simplicityA block cipher developed by Ross Anderson, Eliand power in probing the inner workings of Transmis�Biham, and Lars Knudsen.sion Control Protocol/Internet Protocol (TCP/IP) stackson different platforms and systems [ Pobierz całość w formacie PDF ]