Using Security Tools Tutorials

Host Security / Windows Host Lockdown Tools (SCAT) pt. 1

Loading the player ...

Subtitles of the Movie (Using Security Tools / Host Security / Windows Host Lockdown Tools (SCAT) pt. 1)

Now that we've talked about Linux-based host lockdown tools, let's go ahead and look at some Windows-based host lockdown tools. We'll look in particular at the SCAT or security configuration and analysis toolset. Now, this toolset is basically MMC, Microsoft Management Console-based tools that are pretty much already included in your Windows box. All you have to do is configure them and use them. Now, what they're used for is to apply various security configuration settings in order to securely lockdown a host and what they do is enable you to apply different presets security configuration settings called templates to computers. Now, these templates can be templates that you actually configure yourself or that you get from your Enterprise-level administration or security folks or even ones that you can download from Microsoft or other sites that are basically preconfigured for the role that your computer serves, such as a e-mail server and so forth. But you don't have to go with the recommended settings; you can also tweak these for your own environment. Now, Windows 2000 and up pretty much can use these templates although how you use them and how you install them and configure them differs a little bit between different editions of Windows. For example, it differs a little bit between Windows 2000 XP, 2003, Server 2008 and Vista and so forth but we're going to look at them on an XP box and so you'll know how they're used, the differences in how to administer them aren't that great. Now, all you really have to do is configure the security configuration and analysis toolset MMC and then you'll analyze the computer and compare it to a particular security template. You'll make changes to the database settings and then you'll configure the computer. There's different stages of this and you have the ability to look and see how it's going to look first before you actually configure it and you want to do this. In fact, you want to test this whole process out first on either computers in a lab or computers you hook up to the network so you can see how this is going to work. The reason why you want to do this is that it's difficult to reverse these settings once they're applied so test this out in the lab first. Now, there's more security tools out there available that just the SCAT. The SCAT comes basically with Windows so why not use it? But there are other third-party tools out there as well that you can use. You may have to pay for some of those tools, some of those are free. We're going to show you how to use the tools that are built into Windows first. So let's go ahead and take a look at the security configuration and analysis toolset. The security configuration and analysis toolset actually is already built into your computer but you have to configure it. What you have to do is actually create a Microsoft Management Console for it so you'd simply go to Start and Run and type in MMC and enter that and you're going to get a blank Microsoft Management Console and what you want to do from here is go to Action, rather File and click Add Remove Snap-In. You're going to add different snap-ins to this management console so click Add and then you can scroll down through the available snap-ins here and what we're looking for is two particular things. We're looking for security configuration analysis and we're going to add that and we're also looking for security templates. We're going to add that. Together these normally make up what's considered by most security professionals to be the security configuration analysis toolset. So we can click OK here. Let's make this a little bit bigger so we can see it better and what we've got is two different tools here in the MMC that we can use and we've got security configuration analysis and we've got security templates and let's look at the security templates first. Now, security templates are basically text-based files. They're templates that you can use to configure security on your computer. Now, there's different ones that come with your computer by default. Compatible workstation; this is a lesser security template that relaxes or loosens security settings so your computer can be compatible with older applications. You also have security templates which are geared toward specific computer roles, such as this one is high-security domain controller. If you're not running a domain controller and you're just running an XP box, you probably don't want to use this one. There's also high-security workstation, a root security workstation, a secure domain controller, secure workstation and even one that you can use to configure your setup security. You might want to use this one in fact to go ahead and compare what your computer is right out of the box and see what this one is make security configuration changes and then use this whenever you set up a workstation right out of the box. Now, each of these security templates has basically the same nodes listed in them. You have account policies, local policies, Event Log settings, stricter group settings, security services, registry settings and file system settings. I you expand one of these nodes, you'll see that account policies, for example, covers the password policy, account lockout policy and your Cerberus policy and you can further expand these down and see what's inside them. For example, your password policy is going to talk about password history, the password aging, password length and complexity requirement in storing the password using reversible encryption; so all of these different settings can go down to a very fine grain level. Now, what you want to do is review which security template you think you might want to use. In this case we're just going to go with the setup security one. We're just going to compare our computer the way it is to set up security to see if it matches the setup security template. So what we want to do, if you go up here and click on security configuration analysis, it's going to give you some instructions there. You can't really see anything in it right now. What you want to do is right click on the security configuration analysis portion and then click open database and what we can do, we have a database in here where we can go ahead and go with a new one. What happens when you create a database is you're creating a file, a placeholder for that security template and your security settings to both go into and merge and compare. So the security database doesn't really do anything to your computer yet. You just need a placeholder for them to compare settings. So let's go ahead and call this Test or we could use the existing VTC one; it doesn't matter. We're going to click Open. Now, once we decide on our database, then it wants to know which template we'd like to compare out computer's security settings to. I'm going to go ahead and compare it to setup security first because I kind of want to see how it compares with setup security level settings. Now that we got that done, we actually can right click on it now and we get some different options available to us. We can analyze the computer or configure the computer. Now, let me tell you the difference. Analyze the computer now basically allows you to simply compare the settings of your computer and the settings with the template you selected. If you select configure computer now, you're actually making those changes. So I would not recommend that you do that right off the bat. I would recommend that you analyze first to see what the settings are, to see what the differences are going to be. It's going to allow you to send error messages to a log and you can select whichever log file you like. Then it's going to start analyzing. Right now it's comparing the computer settings, security settings against the settings in the template. It's going to give me a comparison of user rights assigned, restricted groups, the registry settings, the file system settings, system services and security policy. And once it gets done with that, and this can take a couple of minutes actually, once it gets done with that it's going to present that information to me and I can actually go through and look and see what the differences are between these two settings; between my computer settings and the template settings. Now, I can tell you that setup security is not very secure. It's very basic, right out of the box type stuff so most of the information we're going to see is probably going to be similar computer settings and how you can tell that the settings are matched is that there's a little green checkmark there. If you see settings that have a little red X, then you know those settings don't match and those are the ones that you kind of want to look at to see what the differences are. Setup security may be more secure or your existing security settings may be more secure but either way, you can go and look at those and determine that.

Tutorial Information

Course:	Using Security Tools
Author:	Bobby Rogers
SKU:	34068
ISBN:	1-935320-88-2
Release Date:	2009-12-04
Duration:	9 hrs / 91 lessons
Captions:	No
Compatibility:	Vista/XP/2000, OS X, Linux QuickTime 7, Flash 8

VTC Sign up & Benefits

Unlimited Access
81,350 Video Tutorials (14,200 free)
Video Available as Flash or QuickTime
Over 715 Courses
$30 for One Month Access
Multi-User Discounts Available

Adobe

Apple

AutoCAD

Autodesk

CS4

CS5

Elements

Filemaker

Macromedia

Photoshop

Premiere

Pro

Studio

Visual

cs3

dreamweaver

flash

microsoft

server

windows

VTC Terms and Conditions

TERMS & CONDITIONS OF USE

BY SUBSCRIBING TO THIS SERVICE, YOU ARE CONSENTING TO BE BOUND BY AND ARE BECOMING A PARTY TO THIS AGREEMENT, THE TERMS AND CONDITIONS OF WHICH SHALL PREVAIL IN GOVERNING YOUR RIGHTS OF USE. BY CLICKING THE "BECOME A MEMBER" BUTTON, THE INDIVIDUAL OR ENTITY LICENSING THE PRODUCT ("YOU") IS CONSENTING TO BE BOUND BY AND IS BECOMING A PARTY TO THIS AGREEMENT. IF LICENSEE DOES NOT AGREE TO ALL OF THE TERMS OF THIS AGREEMENT, THE BUTTON INDICATING "BECOME A MEMBER" MUST NOT BE SELECTED, AND LICENSEE MUST NOT INSTALL OR USE THE SOFTWARE.

1. DEFINITIONS

"VTC" refers to Virtual Training Company, Inc.
"You" refers to the user or subscriber.
"Software" refers to the VTC training content and software.

2. LICENSE: VTC hereby grants to You a worldwide, non-royalty bearing, non-exclusive license to use the Software according to the provisions contained herein and subject to payment of the applicable subscription fees.

3. RESTRICTIONS: You may not do any of the following:

Save the Software to Your hard disk or other storage medium; permit others to use the Software except as specified by addendum; modify, reverse engineer, decompile, or disassemble the Software; make derivative works based on the Software; publish or otherwise disseminate the Software. VTC, Inc., VTC Online University, and the Virtual Training Company site is owned and operated by VTC, Inc. as a corporation of record.
All materials on this site are the property of VTC unless otherwise specified. No material from these pages may be copied, reproduced, republished, downloaded, uploaded, posted, transmitted, or distributed in any way. Modification of the materials or use of the materials for any other purpose is a violation of U.S. copyright law and other proprietary rights. For purposes of this Agreement, the use of any such material on any other web site or networked computer environment is prohibited.

4. FEES: The rights granted under this Agreement are effective only upon payment of the subscription fees, which are strictly non-refundable other than as expressly provided herein. The term "monthly subscription" is defined as any 30 day period. The term "yearly subscription" is defined as one 365 day period. A yearly subscription ends on the same numerical date as it began (example July 28, 2004 to July 28, 2005).

The VTC Online University is access to every VTC training tutorial in our library. You pay a flat fee for access to these titles. You are billed according to your renewal selection below, and can renew monthly, yearly, or in any other increment offered. If you choose to be billed monthly, you will be billed every 30 days for the subscription until you request the subscription be cancelled. Our terms of service state that you must cancel a monthly subscription at least two business days before your renewal date. These two days give us enough time to ensure that you will not be charged again.

5. LIMITED WARRANTY: VTC warrants that the Software, if operated as directed, will substantially achieve the functionality described. VTC does not warrant, however, that Your use of the Software will be uninterrupted or that the operation of the Software will be error-free or secure. In addition, the security mechanisms implemented by the Software have inherent limitations, and You must determine that the Software sufficiently meets Your requirements. VTC also warrants that the media containing the Software, if provided by VTC, is free from defects in material from the date You acquired the Software. VTC's sole liability for any breach of this warranty shall be, in VTC's sole discretion: (i) to replace Your defective media or Software; or (ii) to advise You how to achieve substantially the same functionality with the Software as described; or (iii) if the above remedies are impracticable, to refund the subscription fee You paid for the Software. Only if You inform VTC of Your problem with the Software during the applicable subscription period will VTC be obligated to honor this warranty. VTC will use reasonable commercial efforts to repair, replace, advise, or refund pursuant to the foregoing warranty within thirty (30) days of being so notified. If any modifications are made to the Software by You during the warranty period; if the medium is subjected to accident, abuse, or improper use; or if You violate the terms of this Agreement, then this warranty shall immediately terminate. This warranty shall not apply if the Software is used on or in conjunction with hardware or software other than the unmodified version of hardware and software with which the Software was designed to be used as described.

THIS IS A LIMITED WARRANTY, AND IT IS THE ONLY WARRANTY MADE BY VTC OR ITS SUPPLIERS. VTC MAKES NO OTHER WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT OF THIRD PARTIES' RIGHTS. YOU MAY HAVE OTHER STATUTORY RIGHTS. HOWEVER, TO THE FULL EXTENT PERMITTED BY LAW, THE DURATION OF STATUTORILY REQUIRED WARRANTIES, IF ANY, SHALL BE LIMITED TO THE ABOVE LIMITED WARRANTY PERIOD. MOREOVER, IN NO EVENT WILL WARRANTIES PROVIDED BY LAW, IF ANY, APPLY UNLESS THEY ARE REQUIRED TO APPLY BY STATUTE NOTWITHSTANDING THEIR EXCLUSION BY CONTRACT. NO DEALER, AGENT, OR EMPLOYEE OF VTC IS AUTHORIZED TO MAKE ANY MODIFICATIONS, EXTENSIONS, OR ADDITIONS TO THIS LIMITED WARRANTY.

6. PROPRIETARY RIGHTS: VTC reserves all proprietary rights in and to the Software, is protected by copyright and other intellectual property laws and by international treaties. VTC, Inc.

Trademark Notice: VTC, Virtual Training Company, Inc., The VTC Logo, and VTC Online University, are trademarks of VTC, Inc. All other company and product names may be trademarks of their respective owners.
The information contained herein is subject to change without notice. Copyright © 1995 - 2005 VTC, Inc. All rights reserved.

7. TERMINATION: This Agreement shall automatically terminate if You fail to comply with the restrictions described herein. Your obligations to pay outstanding subscription fees shall survive any termination of this Agreement.

8. LIMITATION OF LIABILITY: UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, TORT, CONTRACT, OR OTHERWISE, SHALL VTC OR ITS SUPPLIERS OR RESELLERS BE LIABLE TO YOU OR ANY OTHER PERSON FOR ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER, INCLUDING WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER COMMERCIAL DAMAGES OR LOSSES. IN NO EVENT WILL VTC BE LIABLE FOR ANY DAMAGES IN EXCESS OF THE AMOUNT VTC RECEIVED FROM YOU FOR A LICENSE TO THE SOFTWARE, EVEN IF VTC SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH
DAMAGES, OR FOR ANY CLAIM BY ANY OTHER PARTY. THIS LIMITATION OF LIABILITY SHALL NOT APPLY TO LIABILITY FOR DEATH OR PERSONAL INJURY RESULTING FROM VTC'S NEGLIGENCE TO THE EXTENT APPLICABLE LAW PROHIBITS SUCH LIMITATION. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THIS EXCLUSION AND LIMITATION MAY NOT APPLY TO YOU.

9. Links To Other Materials: Linked sites found at the VTC site are not under the control of VTC, and we are not responsible for the content of any linked site or any link contained in a linked site. VTC may change links based solely on our discretion, and we reserve the right to terminate any link or linking program at any time. VTC does not, by linking to sites, endorse companies or products to which it links and reserves the right to note as such on its web pages. If you decide to access any of the third party sites linked to this site, you do this entirely at your own risk.

Forums, and Chat are not always screened by VTC, and we are not responsible for the content of any public or open forum content at the site. VTC may change these public forums based solely on our discretion, and we reserve the right to terminate any forum at any time. VTC does not, by allowing these forums, endorse companies or products which may be mentioned in these forums, and reserves the right to note as such on its web pages. If you decide to access any of the public forums in this site, or linked to this site, you do this entirely at your own risk.

9. GOVERNING LAW & DISPUTE RESOLUTION: This Agreement is governed by Virginia law. All disputes between You and VTC shall be finally resolved through arbitration in Winchester, Virginia. This site is controlled by VTC from its offices within the United States of America. VTC makes no representation that materials in the site are appropriate or available for use in other locations, and access to them from territories where their content is illegal is prohibited. Those who choose to access this site from other locations do so on their own initiative and are responsible for compliance with applicable local laws. You may not use or export the Materials in violation of U.S. export laws and regulations. Any claim relating to the Materials shall be governed by the internal substantive laws of the Commonwealth of Virginia, USA.

VTC may revise these Terms at any time by updating this posting. You should visit this page from time to time to review the then-current Terms because they are binding on you. Certain provisions of these Terms may be superseded by expressly designated legal notices or terms located on particular pages at this Site.

If you have any questions regarding this policy, or your information specifically,
you may email us at:admin@vtc.com.

Using Security Tools Tutorials