2. Tech
  3. Some improvements in the security of Windows Server 2003 (SOWHAT)

Some improvements in the security of Windows Server 2003 (SOWHAT)

xiaoxiao2021-03-06  69

Abstract to Mikhow's article below, specific views MsDndevelopment Impacts of Security Changes in Windows Server 2003, SECURITY CHANGES IN WINDOWS Server 2003

Http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dncode/html/secure09112003.asp

Michael HowardSecure Windows InitiativeJune 16, 20031.IIS 6.0 No longer runs any user code with system permissions, and use low permissions NetWork Service account 2. Only Adminson is impersonation. Is the naming pipe hijacked on 2003 and was thoroughly killed? 3. DLL file search is changed. No longer searching for the current directory. Instead, search all system catalogs, search for the current directory, and finally the path specified by various users is mainly used to deal with some Trojan attacks, but will also bring some negative effects, huh, huh. There is also this setdllDirectory function. After reading the MSDN, after calling this function, the search order of the DLL file should be: Current path -> setdirectory specified path -> getSystemDRectory-> 16 is the system path -> getWindowsDirectory-> Path environment variable The specified path 4. The security is greatly improved by 5. ACL enhancements of the root directory. Previous system root catalog is everyone: F, hazard. This is: admin, sys, creator - ful controlvery - read / executeusers - Read / Execute Create Folders / Append Data (this and sub folders) 6. Shared ACL is also changed from Everyone: F For Everyone: Read7. The ACL of the event log is stricter. And you can modify these ACLHKEY_LOCAL_MACHINE / System / CurrentControlSet / Services / Eventlog If you want to modify the ACL system log, you modify the HKEY_LOCAL_MACHINE / System / CurrentControlSet / Services / Eventlog / System / CustomSD item corresponding should SDDL syntax below this key Description: o: BAG: SYD: (D ;; 0xF0007 ;; AN) (D ;; 0xF0007 ;; BG) (a ;; 0xF0007 ;; SY) (A ;; 0x7 ;; BA) ( A ;; 0x7 ;; SO) (a ;; 0x3 ;;; iU) (a ;; 0x3 ;; ad) (a ;; 0x3 ;; S-1-5-3) more about SDDL Introduction:

http://msdn.microsoft.com/library/en-us/security/security/security_descriptor_string_format.asp

转载请注明原文地址:https://www.9cbs.com/read-88016.html

9cbs

New Post(0)