기술문서 windows_2008_security_guide.pdf
2017.08.25 18:12
윈도우 서버의 기초적은 보안설정과 기본적인 설정등등 많이 다루고 있습니다.
Windows 2008 Security Guide Line : windows_2008_security_guide.pdf
1. 계정 관리 ···································································································· 1
1.1 Administrator 계정 관리 ······································································ 1
1.2 Guest 계정 관리 ···················································································· 3
1.3 불필요한 계정 삭제 ··············································································· 5
1.4 계정 잠금 임계값 설정 ·········································································· 7
1.5 계정 잠금 기간 설정 ············································································· 9
1.6 패스워드 최소 길이 설정 ···································································· 11
1.7 패스워드 최대 사용 기간 설정 ·························································· 13
1.8 패스워드 최소 사용 기간 설정 ·························································· 15
1.9 패스워드 복잡도 설정 ········································································· 17
1.10 해독 불가 암호화 설정 ····································································· 19
1.11 마지막 사용자 이름 표시 숨김 설정 ··············································· 21
2. 서비스 및 보안 관리 ············································································ 23
2.1 불필요한 서비스 제거 ········································································· 23
2.2 하드디스크 기본 공유 제거 설정 ······················································· 25
2.3 공유 권한 및 사용자 그룹 설정 ························································· 27
2.4 이동식 미디어 포맷 및 꺼내기 설정 ················································· 28
2.5 CMD 파일 권한 설정 ·········································································· 29
2.6 사용자 디렉터리 접근제한 설정 ························································· 30
2.7 화면보호기 설정 ·················································································· 31
2.8 비 로그온 시 시스템 종료 불가 설정 ··············································· 32
2.9 로그온 메시지 출력 설정 ···································································· 33
2.10 원격 터미널 접속 타임아웃 설정 ····················································· 34
2.11 Autologon 기능 제어 설정 ······························································ 35
2.12 SAM 파일 접근통제 설정 ································································· 36
2.13 SAM 보안감사 설정 ·········································································· 37
3. 네트워크 서비스 보안 설정 ······························································· 40
3.1 터미널 서비스 환경설정 ······································································ 40
3.2 FTP 접근제어 설정 ············································································· 41
3.3 FTP 디렉터리 접근제어 설정 ···························································· 42
3.4 FTP 서비스 구동 점검 설정 ······························································ 43
3.5 익명 FTP 제거 설정 ··········································································· 44
3.6 Telnet 보안 설정 ················································································ 45
3.7 SNMP 서비스 설정 ············································································· 46
3.8 DNS 보안 설정 ···················································································· 47
3.9 SMTP 서버 릴레이 제한 설정 ··························································· 48
4. IIS 서비스 보안 설정 ··········································································· 49
4.1 IIS 서비스 구동 점검 ·········································································· 49
4.2 디렉터리 리스팅 제거 설정 ································································ 51
4.3 CGI 실행제한 설정 ·············································································· 52
4.4 상위 디렉터리 접근금지 설정 ···························································· 53
4.5 불필요한 파일 제거 ··········································································· 54
4.6 웹 프로세스 권한 제거설정 ································································ 55
4.7 DB연결 취약점 점검 ··········································································· 56
4.8 WebDAV 비활성화 설정 ···································································· 57
4.9 오류메시지 설정 ·················································································· 58
4.10 웹 파티션과 시스템 파티션 분리 설정 ··········································· 59
4.11 로그 디렉터리/파일권한 관리 ··························································· 60
5. 로그 관리 ·································································································· 62
5.1 정책에 따른 시스템 로깅 설정 ·························································· 62
5.2 로그의 정기적 검토 및 보고 ······························································ 64
5.3 이벤트 뷰어 설정 ················································································· 66
5.4 원격 로그파일 접속 설정 ···································································· 67
6. 백신 관리 ·································································································· 69
6.1 백신프로그램 설치 ··············································································· 69
6.2 백신엔진 최신 업데이트 설정 ···························································· 70
6.3 바이러스 실시간 감시 설정 ································································ 72
6.4 주기적인 바이러스 점검 설정 ···························································· 74
7. 패치 관리 ·································································································· 75
7.1 최신 서비스 팩 적용 ··········································································· 75
7.1 최신 HOT FIX 설치 ··········································································· 76
댓글 0
번호 | 제목 | 날짜 | 조회 수 |
---|---|---|---|
50 | UDP 플러드 공격 - NTP, DNS, SSDP Amplification DDoS Attack | 2017.10.18 | 1136 |
49 | Smurf Attack / Land Attack / Ping of Death | 2017.10.17 | 1292 |
48 | Tear Drop / Tiny Fragment / Fragment Overlap(고전적인방법) | 2017.10.17 | 8986 |
47 | tcpdump - dump traffic on a network [1] | 2017.10.13 | 4028 |
46 | 윈도우용 wget | 2017.09.28 | 4017 |
45 | 룰 기반의 IDS(침입탐지시스템) - snort | 2017.09.27 | 7678 |
44 | 리눅스 기본 방화벽 iptable 요약정리 | 2017.09.26 | 1206 |
43 | 서버 공격에 대한 기법을 소개합니다.(고전적인 방법) | 2017.09.26 | 2014 |
42 | 서버의 취약점 분석 할수 있는 도구들 | 2017.09.26 | 1719 |
41 | 웹로직 forceshutdown 시키는 스크립트 | 2017.09.13 | 166 |
40 | win-sshfs for windows | 2017.09.13 | 7770 |
39 | uptime 갑인가? | 2017.09.13 | 510 |
38 | winscp for windows | 2017.09.13 | 118 |
37 | 한글 putty | 2017.09.13 | 12000 |
36 | Process Explorer - 윈도우용 프로세서, 메모리, TCP 모니터링용 | 2017.09.09 | 548 |