[ Pobierz całość w formacie PDF ]
.Security templatescan be created or modified using the Security Templatessecurity templatesnap-in.In Microsoft Windows 2000 and later, a collection ofSee Also: Security Configuration and Analysissettings defining security policy for a computer.Overviewsecurity zoneSecurity templates are *.inf files used for defining pol-A security feature implemented by Microsoft Interneticy settings for securing different aspects of a computerExplorer for safer browsing.running on the Windows platform.Security templatesinclude settings for the following: OverviewSTo make browsing the World Wide Web a safer experiÏ% Account policies concerning passwords, lockouts,ence, Internet Explorer divides URLspace (the abstractand Kerberos settingsspace of all possible URLs in the world) into differentÏ% Local policies concerning user rights and logging of zones, with each zone having its own security template.security events The purpose of this approach is to allow users to assigna site to a zone to control which actions can be per-Ï% Membership restrictions for local groups on theformed on the browser for sites in that zone.Each zonesystemhas its own default security template defining its secuÏ% Security for registry keys on the system rity policy settings, but each zone s settings also can be308SendIP SendIPcustomized if required to prohibit or allow different There is also a fifth implied zone called the Localforms of content.Examples of policy areas in zone Machine or My Computer zone that applies to any filessecurity templates include the following: stored on your local computer.This zone cannot be con-figured using the Web browser interface and can beÏ% Whether ActiveX controls and browser plug-insmodified only using the Microsoft Internet Explorermay be downloaded, installed, or usedAdministration Kit (IEAK).Ï% Whether persistent or per-session cookies canThe default level of security associated with each zonebe savedis as follows:Ï% Whether files and fonts can be downloadedÏ% Local Intranet: Medium for Internet Explorer 4Ï% The safety level in which the Java Virtual and medium-low for Internet Explorer 5 and 6Machine runsÏ% Trusted Sites: Low for all versions of InternetÏ% Miscellaneous security settings involving certifi Explorercates, software channels, drag and drop, frames,Ï% Restricted Sites: High for all versions of Internetand so onExplorerÏ% Settings for active scripting and scripting of JavaÏ% Internet: Medium for Internet Explorer 4, 5, and 6appletsbut high for Internet Explorer 6 on Microsoft WinÏ% What forms of authentication are allowed dows Server 2003There are four different security zones to which you can Notesadd sites or domains: An easy way to tell which zone your current Web pagebelongs to is by looking at the icon at the right side ofÏ% Local Intranet: Contains all network connectionsthe Internet Explorer status bar.established using a Universal Naming Convention(UNC) path.It also includes Web sites that bypass aSendIPproxy server or have names without periods (suchA tool for sending arbitrary Internet Protocol (IP) packets.as http://servername), provided these sites are notassigned to another zone.OverviewSendIP is a command-line program developed by MikeÏ% Trusted Sites: Contains sites you explicitly trust asRicketts, a software engineer working at Hursley Labosafe.Examples of trusted sites might be Web sitesratories for IBM UK.Using SendIP, you can create aon your company intranet or the site of a businesspacket from scratch and assign it any header optionspartner you have confidence in.There are initiallyyou desire.SendIP allows you to create a wide range ofno sites in this zone until you add them.different kinds of packets, including the following:Ï% Restricted Sites: Contains sites you explicitlySÏ% Internet Protocol version 4 (IPv4) or Internet Protochoose not to trust.Examples of restricted sitescol version 6 (IPv6) raw packetsmight be sites with malicious scripts or those fromwhich viruses can be downloaded.There are iniÏ% Transmission Control Protocol (TCP) packetstially no sites in this zone until you add them.Ï% User Datagram Protocol (UDP) packetsÏ% Internet: Contains all Web sites not included in anyÏ% Internet Control Message Protocol (ICMP) packetsother zones, which by default is any site on theInternet.Ï% Routing Information Protocol (RIP) packets309sensitive data server certificateÏ% Border Gateway Protocol (BGP) packets to minimize the impact of the different ways PII is handled by different economies around the globe.Ï% Network Time Protocol (NTP) packetsSee Also: personally identifiable information (PII),SendIP also allows you to add an arbitrary data payloadprivacy, Safe Harbor Agreementto the packet and to calculate or forge a checksum toattach to the packet.SendIP is popular with the hackingSERPENTcommunity, both white and black hat, for its simplicityA block cipher developed by Ross Anderson, Eliand power in probing the inner workings of TransmisBiham, and Lars Knudsen.sion Control Protocol/Internet Protocol (TCP/IP) stackson different platforms and systems
[ Pobierz całość w formacie PDF ]