Post on 15-Jan-2016
description
Corso referenti S.I.R.A. – Modulo 2Corso referenti S.I.R.A. – Modulo 2
Windows Client & Server SecurityWindows Client & Server Security
20/11 – 20/11 – 27/1127/11 – 05/12 – 05/12
11/12 – 13/12 (gruppo 1)11/12 – 13/12 (gruppo 1)
12/12 – 15/12 (gruppo 2)12/12 – 15/12 (gruppo 2)
Cristiano Gentili, Massimiliano Viola (CSIA)Cristiano Gentili, Massimiliano Viola (CSIA)
Windows firewall: la difesa sul clientWindows firewall: la difesa sul client
L’elenco delle eccezioniL’elenco delle eccezioni
Modificare la visibilità del servizioModificare la visibilità del servizio
Definire le eccezioni (1)Definire le eccezioni (1)
Definire le eccezioni (2)Definire le eccezioni (2)
Eccezioni diversificate per connessioneEccezioni diversificate per connessione
Definire le eccezioni per connessione (1)Definire le eccezioni per connessione (1)
Definire le eccezioni per connessione (2)Definire le eccezioni per connessione (2)
Logging dell’attivitàLogging dell’attività
Deployment/ConfigurationDeployment/Configuration
Deploying Windows Firewall SettingsDeploying Windows Firewall Settings
Windows Firewall INF file %Windows Firewall INF file %windirwindir%\Inf\Netfw.inf%\Inf\Netfw.inf
Using NetshUsing NetshTo allow incoming traffic on TCP port 80To allow incoming traffic on TCP port 80
netsh firewall add portopening protocol=TCP port=80 name=”Web netsh firewall add portopening protocol=TCP port=80 name=”Web Server (TCP 80)” mode=ENABLE scope=SUBNET profile=DOMAINServer (TCP 80)” mode=ENABLE scope=SUBNET profile=DOMAIN
Using Group PolicyUsing Group Policy
Firewall via GPOFirewall via GPO
Il FuturoIl Futuro
Windows Firewall in Windows Vista and Windows Windows Firewall in Windows Vista and Windows Server "Longhorn" enhancements Server "Longhorn" enhancements
Supports filtering for both incoming and outgoing trafficSupports filtering for both incoming and outgoing traffic
Firewall filtering and Internet Protocol security (IPsec)Firewall filtering and Internet Protocol security (IPsec)
exceptions can be configured for Active Directory accounts exceptions can be configured for Active Directory accounts and groups, source and destination IP addresses, IP protocol and groups, source and destination IP addresses, IP protocol number, source and destination Transmission Control number, source and destination Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) ports, all Protocol (TCP) and User Datagram Protocol (UDP) ports, all or multiple TCP or UDP ports, specific types of interfaces, or multiple TCP or UDP ports, specific types of interfaces, Internet Control Message Protocol (ICMP) and ICMP for IPv6 Internet Control Message Protocol (ICMP) and ICMP for IPv6 (ICMPv6) traffic by Type and Code, and for services(ICMPv6) traffic by Type and Code, and for services
More infoMore info
Windows FirewallWindows Firewall
http://www.microsoft.com/technet/network/wf/default.mspxhttp://www.microsoft.com/technet/network/wf/default.mspx
Network Ports Used by Key Microsoft Server ProductsNetwork Ports Used by Key Microsoft Server Products
http://www.microsoft.com/technet/security/smallbusiness/topics/http://www.microsoft.com/technet/security/smallbusiness/topics/ServerSecurity/ref_net_ports_ms_prod.mspxServerSecurity/ref_net_ports_ms_prod.mspx