70-270part1

NETWORK INFORMATION SECURITY VIETNAM

Phn 1 mn 70-270I. TNG QUAN V CC VN CI T V QUN L WINDOWS XP PROFESSIONA TRONG M HNH DOANH NGHIP 1. Ci t Windows XP Pro Ci t thng thng (c gim st sut qu trnh ci t) - Attended installation Windows XP Professional Bn bc c bn nhm tin hnh ci t windows XP professional t CD-ROM: - Chy chng trnh setup - Chy chng trnh h tr tng bc setup - setup wizard - Xc lp cc thnh phn Mng - networking components - Hon thnh tin trnh ci t

Ngoi cch ci t thng thng trn i hi phi gim st tng bc mt, ngi ci t cng c th tin hnh ci t qua Mng - Network installation thc hin network installation vi Windows XP Professional, Cc file ci t ca Windows XP Professional phi nm trn mt Folder thuc mt Server v phi chia s folder cha ngun setup ny cho cc Users c th tin hnh truy cp v setup. 70-270 WINDOWS XP PROFESSIONAL INSTALLATION AND Nis.com.vn ADMINISTRATION

NETWORK INFORMATION SECURITY VIETNAM X l cc tnh hung li trong qu trnh Setup Windows XP Pro Windows XP Professional ch h tr cc thit b - devices thuc danh sch phn cng tng thch do Microsoft ra (HCL - Hardware Compatibility List. Thng chng ta s gp nhng li sau: - a CD ci t b li - Dung lng a cng HDD thiu khin cho vic ci t l khng th Nht k ghi li cc s kin trong sut qu trnh Setup Windows XP Professional kch hot mt s cc file nht k trong sut qu trnh setup ghi li cc vn m bn c th xem xt li sau ny. - Action Log (SETUPACT.LOG) - logs ghi li cc vn theo trnh t thi gian v c lu li di tn: SETUPACT.LOG. - Error Log (SETUPERR.LOG) - logs ghi li cc li pht sinh trong sut tin trnh setup theo mc nghim trng ca li. Qun l a -Disk Management trong Windows XP Professional Cng c chnh: Disk Management, mt cng c thuc b cng c Microsoft Management Console (gi tt l MMC), dng thc hin tt c cc tc v qun l a trn Microsoft Windows XP Professional. Cc cng c khc: DiskPart cng c qun l a t dng lnh (command-line tool) DiskPart i km vi cc thng s sau: ADD a mt mirror thnh mt simple volume BREAK b gy xc lp mirror CONVERT Chuyn i gia cc nh dng a khc nhau -disk formats REMOVE - Remove mt k t a hoc cp pht/phn chia mount point CREATE to mt Volume hay mt partition EXTEND M rng dung lng mt Volume LIST Xut hin th ra ngoi mt danh sch cc i tng ACTIVE Kch hot mt basic partition REM Ch dng ch gii cc scripts, khng thc hin lnh 2. Nng cp XP Pro Di y l danh sch nhng h iu hnh bn c th nng cp trc tip ln Windows XP professional: Microsoft Windows 98 Microsoft Windows 98 Second Edition Microsoft Windows Millennium Edition Microsoft Windows NT 4.0 Workstation Microsoft Windows 2000 Professional Microsoft Windows XP Home Edition Microsoft Windows 3.x Microsoft Windows NT 3.51 Workstation 70-270 WINDOWS XP PROFESSIONAL INSTALLATION AND Nis.com.vn ADMINISTRATION

NETWORK INFORMATION SECURITY VIETNAM Microsoft Windows NT 3.51 Server Microsoft Windows NT 3.51 Server with Citrix Microsoft Windows 95 v, Microsoft BackOffice Small Business Server. Cng c kim tra tnh tng thch ca Windows XP Professional Cng c ny nhm kim tra tng thch hardware v software trong XP. Thc hin kh n gin thng qua command: :\i386\winnt32 /checkupgradeonly Ci t vng mt- Unattended installation, khng cn theo di trong sut qu trnh ci t Cng c chun b h thng -System Preparation Tool System Preparation Tool (sysprep.exe) c dng h tr tin hnh trin khai s lng ln Windows XP trn hng lot clients vi cu hnh phn cng trn cc Clients ny l ging nhau (iu ny thng gp khi trin khai ng lot Xp cho cc computer cu hnh phn cng nh nhau ti cc doanh nghip) Sysprep.exe phi c bung ra -extracted t file DEPLOY.CAB nm ti folder: Support\Tools trn CD ci t XP v h tr cc thng s sau: Pnp- bt buc lit k cc thit b Plug and Play ti ln restart Quiet- Ci t ch im lng -Silent mode, khng xut hin cc dialog boxes trong sut tin trnh ci. Nosidgen- khng phc hi security ID ti restart Reboot- t ng restart khi Sysprep.exe hon thnh Mini- Cu hnh Windows XP Professional s dng Mini-Setup thay cho Windows Welcome 3. Dch v trin khai ci t t xa -Remote Installation Services (RIS) y l dch v cn thit m Microsoft a ra p dng vo vic trin khai ci t XP vi s lng ln cc my tnh doanh nghip trin khai dch v RIS cung cp ci t t ng cn chun b nhng thnh phn sau: Yu cu v Network: Active Directory, DHCP, DNS & RIS RIS Server: Cn c NTFS Partition vi dung lng cn trng ti thiu 2 GB RIS Clients: Cn phi p ng mt trong s cc yu cu sau: 1. Card mng tng thch PXE PXE NIC 2. NetPC Computer 3. a mm khi ng Mng -RIS floppy -RBFG.exe (Remote Boot Floppy Generator) c s dng to RIS boot floppy. -RIS Server phi c mt im tp trung chia s bn ci t XP cha folder i386 . -Dng RIS ch c th trin khai cc h iu hnh t W2K clients, XP . -RIS ch lm vic vi cc my tnh bn Desktop computers (khng ci t c cho laptops). -RIPrep c dng gi nh ci t ca mt RIS client n RIS server v sau sao lp n cc my tnh khc. 70-270 WINDOWS XP PROFESSIONAL INSTALLATION AND Nis.com.vn ADMINISTRATION

NETWORK INFORMATION SECURITY VIETNAM Kinh nghim: Trong thc t nhu cu trin khai H iu hnh cho s lng ln cc Computer cc cng ty l rt ln, v hu ht vic trin khai ny, v d nh trong mi trng cc cty VN, thng cc System, Network Admin dng mt chng trinh ph bin nht l Norton Ghost, v s tin dng, d trin khai v tng thch vi nhiu loi NIC card card mng, trong khi nu dng RIS s gp kh khn kh ln

4. In n v cc khi nim Printers Print Device Thit b in n cho ra cc bn in (documents) Printer Chng trnh phn mm iu khin, l trung gian gia H iu hnh v print device.. Print queue Cc cng vic in n (ti liu cn in) c lu gi ti y (theo trnh t) cho n khi chng c in ra Printer Pool Cho php users gi vic in n n mt printer , printer ny c th c kt ni n nhiu my in. V nh vy ti liu in c th n bt c my in no ang trong trng thi sn sng tip nhn. Print Server Mt My tnh qun l mt hoc nhiu printer chia s vic In n Print Priorities Quyn u tin trong in n , c cp t 1-99. User c cp cao nht lun c u tin in trc . V d m trong cty th cc Admin nn u tin cho nhm Managers cp cao hn, khi cc documents cng n hng ch in (print queue) th documents thnh vin nhm managers s c printer x l cho in trc

70-270 WINDOWS XP PROFESSIONAL INSTALLATION AND Nis.com.vn ADMINISTRATION

NETWORK INFORMATION SECURITY VIETNAM Print Scheduling Lp lch biu cho vic in n. V d, C th iu khin thi gian cho Users hoc Group no thng in s lng documents ln, ch c in vo gi ngh tra. Web Browser Printing Trong trnh duyt Internet Explorer, User c th in vo http://server_name/printer_share_name kt ni n printer v t ng setup printer ca server ln chnh XP Pro ca mnh nhm sn sng cho vic in n v sau. Dng giao thc in n Internet - Internet Printing Protocol (IPP) IPP cung cp kh nng in qua internet n cc Print server chy HH Windows Server 2003 tr i, khi User c th dng URL v web browser nh m t trn. 5. Vn qun l a Disk Management Cn phn bit loi a : Basic Disk v Dynamic Disk Basic Disk: Loi a lu tr truyn thng, nh cch thc chng ta t chc a cng lu tr trn my tnh nh hoc cc my trm lm vic ti cty. Vi Basic Disk chng ta t chc c ti a 4 partitions, trong bt buc 3 primary partitions v 1 extended partition (mc ch ca Primary Par l dng setup H iu hnh, trong khi mc ch ca Extended par dng t chc lu tr, to ra cc Logical Drives ) V d my tnh bn ci 3 HH : Windows 2000 Server, Windows 2003 Server v Windows XP Pro, bn c th dng Disk Management to ra 3 Primary partitions (C, D, E) cha 3 OS ny, v to thm Partition th 4 (Drive letter: F), chuyn t chc vic lu tr d liu Dynamic Disk: Vi loi a ny khi nim Partition khng cn dng na m thay vo l khi nin Volume ,chnh xc l dynamic Volumes (volume ng),. Khi trin khai dng Dynamic Disk bn khng cn b gii hn bi ti a 4 volume, m c th t chc ra hng trm, hng ngn volume ph thuc vo tng dung lng a cng m bn c. Dynamic disks khng h tr cho labtop, v trong nhu cu v mt h thng lu tr ln, c th kt hp nhiu a cng li, tng tc truy xut a cng, hoc to mt h thng lu tr d phng khi mt trong s cc a cng cha d liu hng (failed), v d nh cc loi volume: spanned volume (m rng lu tr) v striped volumes (tng tc) . Kinh nghim: Cc h thng a cng phc v trn cc Server cc doanh nghip thng dng l Dynamic disk, vi cc loi khc nhau p ng nhu cu cng vic nh: RAID 0: Cn gi l Striped volume, m rng kh nng lu tr bng cch ghp nhiu HDD ti thiu dng 2 HDDs v ti a c th ghp 32 HDD. D liu lu tr ri u ln nhiu HDD nh vy khi truy xut nhiu HDD phn hi thng tin, khin tc c d liu rt nhanh, nhng nhc im ca n l, nu 1 trong s cc HDD hng, ton b data cng mt. Nu ch trong vo vn tng tc khi truy cp data trn HDD c th chn loi Dynamic disk ny, cn ngc li nu quan tm n cc vn an ton cho data, bn cn xem xt li mt cch cn thn. RAID 1: Cn gi l Mirroed Volume (volume phn x ni dung ging nhau), y l loi Dynamic disk m bn c th an tm v bo ton d liu. V d bn c 2 HDD, HDD1 & HDD2, trn 2 HDD ny bn to ra volume M l Mirroed Volume, khi bn 70-270 WINDOWS XP PROFESSIONAL INSTALLATION AND Nis.com.vn ADMINISTRATION

NETWORK INFORMATION SECURITY VIETNAM write file no vo M, file s c ghi ht vo HDD1 v sau cng chnh file ny c ghi vo HDD 2, nh vy 1 file c duplicate-sao lp ging nhau trn 2 a, nh vy nu HDD1 hng th cn d liu trn HDD2, v ngc li. Vi Dynamic disk ny th vn an ton data c ch trong, ngc li tc c hoc ghi vo a cn phi xem xt v tt nhin l khng nhanh bng RAID 0 RAID 5: Cn gi l Stripe set with parity, y l loi Dynamic disk c ng dng rt ph bin ti Doanh nghip, vi cch ghi data ca mnh loi Dyn disk ny khng nhng p n c yu cu v tc truy xut m cn gip chng ta an tm v d liu, v c ch Redundancy-dung li c thc thi. RAID 5 cn t nht 3 HDDs Khi lm vic vi cc a cng mt trong nhng iu quan trng nht l cn hiu r nhng thnh phn quan trng sau: H thng File -File Systems FAT: Thng ch s dng khi khi ng nhiu h iu hnh trn mt my dual boot, v d nh my va ci Windows 98 v Windows XP. Partition c format vi FAT dung lng quy nh ti a l 2GB. FAT32: c dng ph bin hn, cng dng khi ng nhiu HH trn mt my tnh nhng c nhiu u im hn FAT l, cc file lu tr c th t tn di hn long file names v kch c Partition c th ln n 32 GB. Ch FAT32 khng h tr NT 4.0. NTFS: Ch c dng vi cc HH sau: Windows NT, 2000, 2003 & XP. H tr long file names, partitions kch c ln, bo mt rt tt cho file, folder, c th nn d liu (nn file, folder v thm ch c Partition nu bn mun), km theo cc tnh nng cao cp nh:m ha d liu v khng ch dung lng lu tr vi cc i tng User khc nhau. Cc bn c th tham kho Bng tham kho ton din v tnh nng v thng s k thut ca tng loi File SystemCc tiu chun nh gi NTFS 5 NTFS thng Windows NT Windows 2000 Windows XP Windows 2003 Server FAT32 DOS v7 and higher Windows 98 Windows ME Windows 2000 Windows XP FAT16 FAT12

Operting System

Windows 2000 Windows XP Windows 2003 Server

DOS All versions of Microsoft Windows

DOS All versions of Microsoft Windows

Max Volume

2TB

Limitations 2TB

32GB for

2GB for all

16MB


NETWORK INFORMATION SECURITY VIETNAMSize all OS. 2TB for some OS Nearly Unlimited Nearly Unlimite d Limit Only by Volume Size Nearly Unlimite d Up to 255 4194304 OS. 4GB for some OS 65536 16MB (Limit Only by Volume Size) 4080

Max Files on Volume

Max File Size

Limit Only by Volume Size

4GB minus 2 Bytes

2GB (Limit Only by Volume Size)

Max Clusters Number

Nearly Unlimited

4177918

65520 Standard - 8.3 Extended - up to 255

Max File Name Length

Up to 255

Up to 255

Up to 254

Unicode File Names System Records Mirror

Boot Sector Location

File Attributes Alternate Streams Compression Encryption Object Permissions Disk Quotas Sparse Files Reparse Points Volume Mount Points

File System Features Unicode System Unicode Character Characte Characte Set r Set r Set MFT Second Mirror Copy of MFT Mirror File File FAT First Sector First and and Last First and Last Sectors Copy in Sectors Sector #6 Standard Standard and Standard and Custom Set Custom Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No Yes No No No No Overall Performance No No No No No No No No

System Character Set Second Copy of FAT

System Characte r Set Second Copy of FAT

First Sector

First Sector

Standard Set No No No No No No No No

Standard Set No No No No No No No No


NETWORK INFORMATION SECURITY VIETNAMBuilt-In Security Recoverability Yes Yes Low on small volumes High on Large Yes Yes Low on small volumes High on Large Max Max No No High on small volumes Low on large Average Minimal No No Highest on small volumes Low on large Minimal on large volumes Average No No

Performance

High

Disk Space Economy Fault Tolerance

Max Max

Max Average

Ngoi ra mt s cng c cn thit khc khi lm vic vi a cng convert.exe: Dng chuyn i FAT hoc FAT32 thnh NTFS. Qu trnh ny c th gi mt cch d hiu l nng cp. V d v command ny: Chuyn partition C t FAT32 thnh NTFS C/> CONVERT C: /FS:NTFS Cc khi nim lin quan v a -Drives Partition -Mt phn ca a cng vt l. Primary Partition (par chnh) Ti a l 4. v ti mt thi im ch duy nht mt Primary trng thi active (cn c gi l system partition, cha cc file cn thit cho qu trnh khi ng HH). Active partition l partition c th khi ng-boot trn HDD. Extended Partition(par m rng) Trn XP ch c duy nht mt par loi ny c to. Khng th format hay ghi trc tip vo par ny, m trc ht phi to ra cc a logic logical drives, sau tin hnh format, mi c th ghi data ln cc logical drive ny. Logical Drive c to thnh khi extended partition phn chia thnh cc a logic c th chia ra nhiu a logic theo nhu cu ca bn.



Volume Ging nh mt partition, nhng l thnh phn ca dynamic disks ch khng phi basic disks nh partition. Vi volume c th m rng lu tr ra nhiu a cng, iu m mt partition khng lm c.



Mounted Volume Cc Folders nm trn mt volume nhng d liu thc s khi truy cp n li c t ng chuyn n mt volume khc . Hiu qu ca vic dng mounted l khi bn mun m rng volume m khng cn dng thm k t a. thc hin Mounted volume, Volume ny phi c format dng NTFS file system. V d: Trong hnh minh ha trn folder Sales data nm trn C:, nhng thc cht khi User truy cp vo folder ny, c ch mounted s chuyn truy cp n E:, v thc s ton b data nm trn y



6. Cc giao thc Mng -Network Protocols Cc Protocols c h tr trong XP Pro: TCP/IP L giao thc mc nh c ci t cho Windows XP. Cng l giao thc chnh cho ton b giao tip ca h thng Mng Internet ton cu hin nay. L giao thc c kh nng nh tuyn (tm ng da trn Network ID v Host ID, c th l IP address) NetBeui D trin khai v s dng, sn phm ring ca Microsoft, c s dng cho Mng nh , khi dng giao thc ny cc my trn mng ch trao i thng tin cc b, khng th giao tip vi Mng khc v khng c kh nng nh tuyn. Appletalk Ch c s dng giao tip vi cc my MACs ca Apple NWLINK Microsoft a ra giao thc ny cc HH cua mnh lm vic c vi cc my Novell vn s dng giao thc IPX/SPX. Yu cu mt frame type phi c cu hnh c th hiu nhau v giao tip. T xc lp (Auto-detect) l cu hnh mc nh. C th tin hnh xc lp thng s frame type th cng nu gp phi cc vn v network ang tn ti. DLC c dng giao tip vi cc mainframes computer & v mt s thit b in n ca HP HP Jet Direct devices. 70-270 WINDOWS XP PROFESSIONAL INSTALLATION AND Nis.com.vn ADMINISTRATION

NETWORK INFORMATION SECURITY VIETNAM Cc cng c/lnh thng c dng trn Mng TCP/IP: PING Kim tra kt ni vi cc my tnh khc. Ping dng giao thc ICMP protocol. IPCONFIG Xem thng tin v cu hnh IP ca my tnh cc b- local. Mun xem y thng tin hn dng lnh IPCONFIG /all ARP (Address Resolution Protocol) Giao thc phn gii a ch , c dng phn gii a ch vt l - computers physical (MAC) address t mt a ch logicIP address. Automatic Private IP Addressing (APIPA) Tnh nng t ng kch hot a ch trn hnh my local. T cp pht cho chnh mnh mt a ch IP trong vng 169.254.x.x/16 khi DHCP server khng sn sng (v d DHCP server hng). Cc Port vi s nhm xc nh cc giao thc kt ni: HTTP dng port 80 HTTPS - 443 SMTP - 25 Telnet - 23 FTP 21 Kinh nghim: Hiu r v cc giao thc, n dng truy cp qua mi port l bt buc i vi cc Admin Socket Khi nim socket l s gn lin gia mt a ch IP address & mt port number nhm xc nh loi dch v -service, c s dng trn h thng. V d cty bn c WebServer vi thng s socket sau: 200.200.200.1:80 (Web server trn c IP l 200.200.200.1, p ng cc yu cu truy cp Web qua port 80) Router Thit b kt ni 2 hay nhiu Mng li vi nhau Hub Mt thit b trung tm kt ni, khng c kh nng thng minh x l nh tuyn nh router, thun ty nh dy dn kt ni cc my trong mng cc b li vi nhau. Khi my A gi thng tin n my C, thng tin t A c th truyn n tt c cc port ca Hub nh vy nhng my khng d nh s nhn vn tip nhn thng tin ny, khng ch l port m C kt ni



M hnh Mng in hnh dng witch v Hub kt ni cc Computers thuc 2 vng Mng (Physical Domain) khc nhau. Switch Tng t Hub. Nhng thng minh hn ch y lung lu thng ca thng tin n cng (port trn switch) cn thit iu ny c tc dung lm gim lu lng thng tin chuyn qua cc port.



Hot ng ca Switch Default Gateway Chnh l IP address ca mt router. Default gateway l ca ng chuyn thng tin t Mng ny sang mng khc. Khng c default gateway, cc my tnh khng th giao tip vi bt k my tnh no bn ngoi mng ca mnh ngoi tr Mng cc b local subnet. Khi nim v TCP/IP Vit tt: Transmission Control Protocol/Internet Protocol. TCP/IP l giao thc truyn thng Mng ph bin nht hin nay, Internet l mt minh chng v sc thuyt phc ca n. -bt c HH no ci TCP/IP c th trc tip truy cp Internet -c s dng ph bin lm giao thc chnh cho mng ni b. -Giao thc chnh ca h thng Internet. Cc cng c/lnh chn on s c trn mng TCP/IP: PING: Kim tra kt ni c bn, kim tra s tn ti live ca mt Host trn Mng. ARP: Trnh by v phn gii a ch logic ra a ch vt l (IP-to-Physical address translation) IPCONFIG: Trnh by cc thng s cu hnh v IP ca my cc b- local machine cc thng s nhn c l: subnet mask (mt n mng v a ch IP ca default Gateway). 70-270 WINDOWS XP PROFESSIONAL INSTALLATION AND Nis.com.vn ADMINISTRATION

NETWORK INFORMATION SECURITY VIETNAM NBTSTAT: Cc thng k v thng s Netbios ca mt my - NetBT Statistics (lnh: Nbtstat.exe) c dng chn on cc vn gii quyt NetBIOS names qua TCP/IP. V d: bn khng th truy xut cc d liu c chia s t Server c tn: Filesrv, khi dng \\ Filesrv khi c th dng NBTSTAT.exe tm hiu nguyn nhn Trnh by cc thng tin v giao thc hin ang dng v cc kt ni TCP/IP hin ti ang s dng NetBT (Netbios over TCP/IP) NETSTAT - Netstat (Netstat.exe) cung cp thng tin v cc kt ni hin ti gia my ca bn v cc my kt ni n bn. ROUTE: Trnh by bng s nh tuyn HOSTNAME: Xem tn ca my bn ang dng - local machine host name TRACERT: Xem ng i t my bn n my tnh xa FTP - File Transfer Protocol c dng truyn file t my ny n my khc (download hoc upload) TFTP - Trivial File Transfer Protocol (giao thc truyn file n gin) to kt ni (c an ton khng cao , connectionless) nhm thc hin truyn files n v t cc my tnh/h thng dng User Datagram Protocol (UDP). TELNET - Telnet l mt chng trnh gi lp u cui (mc d bn khng ngi ti Server t xa, nhng sau khi thc hin telnet vo server t xa, xem nh bn ang ngi ti server v tin hnh cc tc v theo nhu cu ca bn) - terminal emulation program. Vic x l lnh v iu khin Server sau khi telnet c thc hin t dng lnh Windows command RCP - RCP copy cc files n v t computer ang chy dch v RCP service. RCP dng giao thc chuyn vn l: Transmission Control Protocol (TCP), RCP l mt trong nhng r-commands phc v trn cc h thng UNIX systems. RSH - RSH mt tin ch TCP/IP cho php Clients thc hin commands trc tip trn my tnh xa ang chy RSH service m khng cn phi log-on vo my xa ny. REXEC - REXEC chy cc commands trn my xa ang chy REXEC service nhng cn phi xc thc user name trn my xa ny trc khi c th thc hin c cc command FINGER - FINGER l mt tin ch TCP/IP c dng bit thng tin v mt User no trn cc my xa, v d nhin remote host phi ang chy dch v finger service. 7. V vn Bo mt Security Local Group Policy Chnh sch nhm cc b 70-270 WINDOWS XP PROFESSIONAL INSTALLATION AND Nis.com.vn ADMINISTRATION

NETWORK INFORMATION SECURITY VIETNAM Hot ng ca bt k mt computer no phi nm trong khun kh ca cc chnh sch (policies) m computer t ra. m bo vn bo mt ca my tnh khi s dng, vic hiu v bit cch cu hnh Security Policy l cn thit. Vi cc chnh sch Group Policies c th gip Admin iu khin c tch bch cc quyn trn mt computer Nhng policy v security ny bao gm: Local Account and Lockout Policies Cho php administrators qun l passwords ca user v kha ( lockout) account khi cn thit. V d: Nu mt User chnh thc sau 3 ln log-on vo h thng vi Username/password khng ng c th b kha 30 trc khi c log-on li. n gin v Admin cho rng y l hacker ang c tnh on/d password ca user. Security Configuration and Analysis tool cc cng c phn tch v cu hnh Security. Mc ch ca cc cng c ny l so snh cc thng s bo mt hin ti vi cc thng s bo mt nm trong cc cu hnh mu m Microsoft cung cp cc security template. (ch lm vic trn cc NTFS partitions) Cc Security Templates trn Windows XP Professional: Cc file Security templates nm ti: %systemroot%\security\templates Trn Win2k %systemroot% l th mc WINNT, trn XP l Windows *Basic (tn file: basicwk.inf) Chnh l cu hnh bo mt mc nh t ban u. Nu bn xc lp Windows vi cc thng s bo mt kht khe (highly security), c th uay tr li cc thng s bo mt c bn nh lc ban u bng cch thay th v p t tr li basic security template *Compatible (tn file: compatws.inf) Mt s Application c nh Office 97 khi chy trn XP/2000, ngi s dng phi thuc cc nhm nh power users group tr ln mi s dng c office 97, iu ny gy phin toi, v nu bn mun cho User A no dng Office 97 trn my bn, chng l phi cho user ny vo cc nhm c quyn lc h thng nh (Power group hoc Administrators?). p dng Compatible template trong trng hp ny c th gii quyt c vn trn. *Highly Secure (tn file: hisecws.inf) Gii hn vic giao tip gia Windows XP vi cc HH i c (ngoi tr Win2k ) v vn an ton (bn bit rng cc xc lp v Security trn l cao so vi cc HH i c nh Win9x..) Event Viewer XP s dng Event Viewer gim st cc s kin v security, system v application. Security log trong Event Viewer ghi li cc s kin v Security khi dng audit policy. Dng v khng dng Firewall c nhn trn Windows Xp - Firewalls c th c enabled hoc disabled khi cu hnh cc thng s network connection 70-270 WINDOWS XP PROFESSIONAL INSTALLATION AND Nis.com.vn ADMINISTRATION

NETWORK INFORMATION SECURITY VIETNAM - Windows XP Service Pack 2 cung cp Windows Firewall, mt personal firewall mnh v c m mc nh. Users Ti khon User cc b -Local user accounts, trn Windows XP Pro, s dng cng c: Local Users and Groups tool qun l. Local user accounts l cc ti khon cc b v ch cho php dng ti khon truy cp cc ti nguyn cc b V d c bn: Trn my A, c Folder c chia s c tn Data. truy cp vo Folder Data trn, bt buc Admin my A phi to ra cc User, Admin dng Local Users and Groups tool to. Sau cc User c to c th t my khc (B, C, D..) truy cp t xa vo A, hoc log-on trc tip vo A (local access) truy cp Data. C 2 loi ti khon local user accounts c to mc nh trong sut qu trnh ci t WinXP l: Administrator v ti khon Guest account(ti khon ny b disabled theo mc nh). Cc nhm cc b c xy dng sn : Built-In Local Groups Administrators: Thnh vin thuc nhm ny c quyn hn ln nht i vi mt H thng cc b, c th qun l tt c cc chc nng trn local system. Users: Nhm mc nh cha tt c User c to, khi to ra mt new users, h ng nhin l thnh vin nhm ny. Nhm ny c th chy hu ht cc applications c ci t trn h thng nhng nhng tc v can thip c tnh cht h thng li khng thc hn c. Power Users: Thnh vin nhm ny c th ci t v remove hu ht cc applications cng nh cc ti nguyn c chia s- share resources. H cng c th to v qun l user accounts v cc groups. Tuy nhin h ch c th qun l nhng users m h to, cc bn ch k iu ny, trong mi trng thc t phn cp qun l h thng cho chnh xc, khng tha quyn hn m cng khng thiu. Backup Operators: Thnh vin nhm ny c th tin hnh backup v restore d liu, cho d h khng c quyn trn file v folder m h d nh s backup. V h cng c th cho quyn n cc users khc tin hnh backup. Replicator: c dng sao lp- replicate, gia cc domain controllers trong mt domain. Guests: Cung cp quyn truy cp hn ch n cc ti nguyn . 8. Active Directory Active Directory l khi nim rt quan trng m cc Admin khi qun l mi trng lm vic Domain t h thng Windows Server 2000 tr i lun nm r Cc khi nim chnh: 70-270 WINDOWS XP PROFESSIONAL INSTALLATION AND Nis.com.vn ADMINISTRATION

NETWORK INFORMATION SECURITY VIETNAM Workgroup L mt nhm cc computers chia s ngun ti nguyn trong mt mi trng Mng ngang hng - peer to peer network. Khi nim ngang hng y l tt c cc Computers u bnh ng, ngang nhau v cp v va ng vai tr Client va ng vai tr l server. Domain - Trong Microsoft networking, mt domain l mt tp hp cc computers v Users cng nhau chia s chung mt security database. Mt User account c to trong Domain do domain controller qun l th account ny nu c php c th truy cp vo nhiu my thnh vin domain khc nhau. iu ny trong m hnh lm vic Mng Workgroup l khng th c , v nu User truy cp vo ti nguyn ca my no cn c ti khon trn my , nu anh truy cp 10 server khc nhau, anh i hi phi c 10 account trn 10 Server ny, qu trnh truy cp tng server li phi log-on vo mi ln, v nh vy anh phi log-on vo 10 my, 10 ln.y l s bt tin, khng tp trung trong qun l ca m hnh Wowrkgroup. i vi mi trng Mng tng i ln tr ln, vic set-up Domain v sau a tt c cc Computer (Workstation v Server) gia nh vo domain kim sot tp trung l iu nn thc hin, gip cho Domain Admin c quyn ch ng trong vic qun l mi trng Mng ca mnh Active Directory L mt dch v th mc, mt dch v rt c cc Admin Mng yu thch, v nh n gi y Admin c th kim sot cng vic ca Mng mt cch d dng v cht ch. Active directory c trong Windows 2000 & Server 2003 server. AD l tr thng tin v cc i tng trong Network (User, group, printer, share resource..) v m bo cc Domain User c th lm vic vi cc i tng ny. Domain Controller My ch qun l domain, Mt Windows 2000/2003 server computer vi vai tr ch o l xc thc authenticates, vic logon ca User vo domain v cha ton b c s d liu ca Active Directory (c s d lu cn thit duy tr hot ng ton domain). Group Policy Chnh sch nhm, nh cp y chnh l phng tin c dng qun l v cu hnh systems, security, v mi trng lm vic ca user cng nh cc applications trong Active Directory. V d, Admin c th a ra chnh sch A l chnh sch bo mt cho ton b Server/workstation thuc domain. Hoc a ra chnh sch B, l chnh sch trin khai application Microsoft Office 2003 cho ng lot 100 Workstations ca phng Ti chnh GPO (Group Policy Object) Chnh l i tng chnh scah1 nhm c th, cha cc thng tin v chnh sch cn p t cho cc thnh phn trong Domain nh (domains, sites, hoc Ous). MSI file Dng file ci t c Group Policy s dng khi tin hnh trin khai application n cc users hoc computers. Nh cc bn thy th hin nay cc ng dng thng mi bn ra, trong set-up lun c h tr dng file set-up .msi, ngoi dng thng thng l settup.exe ZAP file Nu Application khng c file settup dng .msi, s dng Group Policy trong vic trin khai Applications bn c th gi file setup ny li di dng .Zap file v tin hnh ci t 70-270 WINDOWS XP PROFESSIONAL INSTALLATION AND Nis.com.vn ADMINISTRATION

NETWORK INFORMATION SECURITY VIETNAM 9. Cc vn v phn cng -hardware Plug and play T ng nhn dng cc thit b Hardware c h tr trn XP Pro Device Manager c dng chn on li v cp nht Drivers cho cc Devices update drivers. Add/Remove Hardware Wizard c s dng ci t th cng hoc remove hardware khng tng thch chun Plug & Play. MPS (Multiple Processor Specification- Chun h t nhiu CPU) XP Pro C th h tr cng lc 2 CPU. ACPI (Advanced Configuration & Power Interface) - Cho php thay nng cc Cards trn Labtop/PC ngay c khi ang chy. APM (Advanced Power management) H tr ch hibernation (ng ng), khi shutdown comuter chn ch ny, th tt c chng trnh lm vic hin ti s c save vo file Hyberfil.sys trc khi tt my, sau nu restart li my, cc chng trnh ang chy s li tip tc nh trc khia bn shutdown, ngoi ra chun ny cn cung cp nhiu la chn cho vic tit kei65m nng lng, c bit l cc my labtop. Xc nhn Driver-Driver Signing Drivers ca cc thit b, cn c xc nhn ca Microsoft nhm m bo lm vic thch hp trn Windows 2000/XP/2003. Vi nhng Driver cha c Windows 2000 xc nhn, bn c th cu hnh computer c cch phn hi thch hp. C ba la chn: Ignore Bt c thit b mi vi Drivers cha c Windows xc nhn vn c php ci. Warn S cnh bo cc Drivers cha xc nhn, nhng vn cho php ci. (y chnh l xc lp mc nh -Default Setting) Block Ngn chn cc drivers cha c xc nhn, khng th ci. Sigverif.exe (Tin ch xc nhn cc Drivers, File Signature Verification Utility) Cho php bn xem ton b Drivers ca h thng c Windows xc nhn s hay cha.


NETWORK INFORMATION SECURITY VIETNAM II. M HNH THC HNH LAB CI T, CU HNH V QUN L WINDOWS XP PROFESSIONAL 1. Chun b m hnh Lab: Hc vin c th trin khai m hnh Lab theo Lab chun sau cho bi thc hnh v Windows XP Professional Cn phi phn bit s khc nhau gia Windows XP Home (version dng cho gia nh, cc tnh nng p ng mc c bn) vi Windows XP Professional (version dng cho cc Workstation trong mi trng chuyn nghip vi nhiu tnh nng) M hnh Lab c trin khai nha sau: - Yu cu cu hnh cc my tham gia Lab


NETWORK INFORMATION SECURITY VIETNAM M hnh cn 3 Computer ni Mng vi Computer Name v thng s a ch IP

-

Khi nim v Mng ngang hng Peer-to-peer Workgroup nh cp (trong mi trng ngang hng, cc my va ng vai tr Client va ng vai tr Server)



-

Trong mi trng Mng cc cty hin nay c t chc theo m hnh Domain phn cp Client v Server r rt. Mi trng ny tch hp v qun l cht ch, to nhiu thun li cho Admin trong qun l Mng



Thc hnh: Hc vin tin hnh donwload demo lab hng dn chun b m hnh Lab thc hnh cho Windows XP Professional sau phc v cho qu trnh hc. http://www.nis.com.vn/securitytraining/mcse/baigiangchinhthuc/70270/lab/chuanbimohinhlab.rar ch : Dng chng trnh Winrar gii nn v dng chng trnh Camplayer download ti y xem cc Video Labs. Download media: http://www.nis.com.vn/securitytraining/softsupport/media.rar Quan trng: Hc vin nn download mt ln v t chc lu tr vo PC ca mnh (v d: to folder lu tr ti D:\MCSE\70-270\Lab) mi ln xem li demo khng phi download li do bandwith truyn ca h tng Mng ca cc ISP vn cn kh chm. Trong qu trnh theo di lab demo, hc vin nn tp trung c th nm bi k cng nhm p dng vo nhu cu cng vic thc t mt cch chnh xc 2. Cc tnh nng mi trn Windows XP Professional Cu hnh v s dng d dng vi cc menu c sp xp khoa hc thun tin cho End-User (ngi dng cui) Cc tc v thc hin da trn Control Panel Mt h iu hnh Mng thc s


NETWORK INFORMATION SECURITY VIETNAM o C c ch t ng cp pht a ch IP cho chnh mnh, nu nh DHCP trn Nework b failed, iu ny l cn thit v m bo cho cc my vn giao tip trog LAN vi nhau . C ch ny c gi l APIPA, vng a ch t cp pht s l 169.254.x.y o Vi Plug and Play t pht hin v ci drver tg thch nhn dng cc thit b kt ni vo Computer o C th kt ni XP computer ra Internet dng Broadband (nh ADSL..) v Dial-up thng thng V cn nhng g c bit hn ? Wizard tr gip vic cc xc lp v File v Truyn File Wizard h tr tng thch chng trnh - Program Compatibility Wizard iu khin Computer t xa thng qua Remote Desktop Tr gip h tr x l s c t xa- Remote Assistance, gip cho cc technical support c mt knh x l s c my tnh ca cc End-User trong doanh nghip thun li hn l phi n tng Computer troubleshoot Firewall c nhn mnh c trang b vi cu hnh bo mt mc nh cht ch Internet Connection Firewall (ICF) Copy files v folders trc tip vo CD, thun li rt ln cho vic ghi a CD Nn Fle v Folder cht lng cao, tit kim khng gian a cng Chuyn nhanh ngi s dng my, nu my tnh c nhiu ngi dng chung, thng qua tnh nng -Fast Switching for multiple users. Thc hnh: Hc vin tin hnh donwload demo lab v nhng tnh nng mi v c bit ca Windows XP Professional sau phc v cho qu trnh hc. http://www.nis.com.vn/securitytraining/mcse/baigiangchinhthuc/70270/lab/tinhnangmoi.rar 3. Quy trnh khi ng ca Windows XP Professional - Boot Sequence Cc files sau tham gia vo qua trnh Boot ca Windows XP Professional 1...NTLDR ..................................Chng trnh gim st v bin dch dng lnh 2... BOOT.INI ..............................mt HH s c chn trong menu Boot 3...NTDETECT.COM.................D tm hardware v ti cc Driver tng ng 4...NTOSKRNL.EXE ..............Nhn Windows XP Kernel- chy cc file khi ng HH 5...NTBOOTDD.SYS .................Ti drivers ph hp cho cc cng dng SCSI 6...BOOTSECT.DOS..................Cn thit khi ng nhiu HH nh Windows 95/98 v XP Kinh nghim: Trong thc t khi s dng Windows 2000/XP/2003, my tnh d ri vo trng thi khng th Boot (do thiu mt trong s 3 File sau: NTLDR, BOOT.INI, NTDETECT.COM),nn cn nhc nh cc bn l sau khi setup HH xong cc bn nn vo C:, sau chn Tools\ Folder Options\ Chn View\ check vo Show hidden Files and Folders v khng check vo Hide Protected Operating System Files


NETWORK INFORMATION SECURITY VIETNAM Sau quay li C: v copy c 3 file ny vo da mm FDD 1.44. Sau ny khi b s c khng khi ng c do thiu cc file trn, vo BIOS setup v chn khi ng t Floppy disk sau chp li 3 file ny vo C:

Phn tch File Boot.ini ti C:\boot.ini (hidden file)



Phn tch (ARC- Advanced RISC Computing) nguyn tc khi ng da trn tn v ng dn trong boot.ini c s dng khi ng HH multi ( ) Th hin chng loi DISK CONTROLLER ? multi( ) Disk controller l IDE cn nu l SCSI() Disk Controller l loi SCSI disk ( ) Loi HDD-HARD DISK DRIVE ? i km vi Multi, thong thng lu c xc lp Multi(0) Disk(0) rdisk ( ) a cng HDD s my, HDD th nht l rdisk(0) partition ( ) } PARTITION no? Parttition 1,2 hay 3 (C, D hay E..) Tham kho ton din thm v ARC Boot.ini ti: http://www.windowsnetworking.com/kbase/WindowsTips/WindowsNT/AdminTip s/Booting/PurposeoftheBOOT.INIFile.html Thc hnh: Hc vin tin hnh donwload demo lab hng dn cc files bao gm cn thit cho Windows XP Professional trong qu trnh khi ng. http://www.nis.com.vn/securitytraining/mcse/baigiangchinhthuc/70270/lab/khoidongxp.rar 4. Qun l User v group 70-270 WINDOWS XP PROFESSIONAL INSTALLATION AND Nis.com.vn ADMINISTRATION

NETWORK INFORMATION SECURITY VIETNAM Cha bao gi vic qun l Userv v Group li d dng vi End-User nh hin nay trn Windows XP Professional Cc bi tp thc hnh s trin khai l: So snh Mn hnh cho n khi log-in kiu C in (Classic) v XP Welcome logon screen Cc cng c qun tr trn XP -Administrative Tools Giao din qun tr m XP cung cp Admin c th tm v s dng cc cng c qun tr m mnh mun -Microsoft Management Console (vit tt mmc) Thay i thuc tnh ca User -User Properties Gi nhc Password nu ngi dng s sut qun -Password Hints Chuyn nhanh t mt User lg-on sang mt User mi m khng cn Log-off ri log-on tr li tnh nng Fast User Switching Thc hnh: Hc vin tin hnh donwload demo lab hng dn cch thc to v qun l User v Group trn Windows XP Professional. http://www.nis.com.vn/securitytraining/mcse/baigiangchinhthuc/70270/lab/taousergroup.rar 5. Cc cng c qun l t xa Remote management tools i vi tt c cc Admin H thng th vic s dng cng c qun l t xa l chuyn thng ngy, phi s dng nhun nhuyn, nu khng cc Admin s mt nhiu sc cho vic di chuyn ht Server ny n Server khc. C th dng nhng cch thc no remote management 1. Dng b cng c c sn trong MMC -Microsoft Management Console (mmc). Khi cn qun l t xa mt hay nhiu chc nng, c th dng mmc Add cng c cn thit. 2. iu khin t xa -Remote Desktop Management, vi cng c ny Admin ngi ti my Workstation trong phng lm vic c th iu khin ton b cc Server ti phng my ch (Server room), xem nh Admin ang ngi trc mn hnh iu khin Server 3. Hoc s dng b cng c ca bn th 3 cung cp third party nh PsTools ca hng Sysinternals PSTOOLS Free download ti: http://www.sysinternals.com/Utilities/PsTools.html B PsTools bao gm cc tools sau: PsExec thc thi cc quy trnh t xa PsFile Ch ra cc file ang c open t xa PsGetSid trnh by Session IS- SID ca mt computer hoc mt user PsInfo - list thng tin y v mt h thng PsKill - kill cc quy trnh da vo tn hay s nhn dng quy trnh -process ID PsList - list thng tin chi tit v cc quy trnh PsLoggedOn Ai ang log-on cc b v ai ang log-on qua ti nguyn chia s PsLogList xut ra xem cc bn nht k s kin- event log records PsService xem v control dch v-services 70-270 WINDOWS XP PROFESSIONAL INSTALLATION AND Nis.com.vn ADMINISTRATION

NETWORK INFORMATION SECURITY VIETNAM PsShutdown - shuts down v la chn reboots computer PsSuspend treo v phc hi li cc processes Thc hnh: Hc vin tin hnh donwload demo lab hng dn vic qun l Server t xa thng qua cc cng c remote Desktop. http://www.nis.com.vn/securitytraining/mcse/baigiangchinhthuc/70270/lab/quanlytuxa.rar 6. Cc tnh nng bo mt mi trn WINDOWS XP PROFESSIONAL ng nhp h thng c c nhn ha Users c th ty bin desktop ca h vi cc backgrounds, screen savers v th mc My Documents ca ring h Trnh duyt Internet Explorer c th xc lp khc nhau cho mi user Chuyn ng nhp sang User khc nhanh chng- tnh nng Fast User Switching Khng cn phi log off ra khi mun ng nhp bi user khc. Nh vy s to ra mi phin lm vic tch bit v an ton cho mi user Nu XP l thnh vin ca domain th khong s dng c tnh nng ny. Cc chnh sch bo mt chnh trn WINDOWS XP PROFESSIONAL I. Cc chnh sch v ti khon ACCOUNTS POLICIES

Tp hp cc chnh sch v ti khon bao gm : A. Chnh sch mt khu- Password Policy B. Chnh sch kha ti khon- Account Lockout Policy, nhm m bo an ton h thng trnh trng hp Hacker on c Password Tham kho thm v chnh sch an ton ti khon http://www.nis.com.vn/nis/index.php?option=content&task=view&id =33&Itemid=27 II. Cc chnh sch cc bLOCAL POLICIES

A. Chnh sch ghi nhn s kin -Audit Policy B. Cp pht cc quyn h thng -User Rights Assignment C. Cc la chn v bo mt -Security Options Cc xc lp thng c s dng l : Chiu di password ti thiu bt buc phi t -Minimum Password Length Thi gian ti a password tn ti -Maximum Password Age S ln ng nhp sai c cho php (incorrect login) Cm ng nhp cc b -Deny logon locally Thay i thi gian h thng -Change system time Shutdown Computer nu nht k ghi nhn cc s kin bo mt t nhin khng hot ng 70-270 WINDOWS XP PROFESSIONAL INSTALLATION AND Nis.com.vn ADMINISTRATION

NETWORK INFORMATION SECURITY VIETNAM Khng trnh by ti hp thoi logon, username logon ln cui cng vo h thng. Thng ip cnh bo cho bt c user no logon vo h thng (V d: WARNING!!! Ch c nhng user hp php mi c logon vo computer ny. Mi hnh dng ca bn s c ghi nhn) Thc hnh: Hc vin tin hnh donwload demo lab hng dn ci t cc chnh sch bo mt trn Windows XP Professional. http://www.nis.com.vn/securitytraining/mcse/baigiangchinhthuc/70270/lab/chinhsachbaomat.rar 7. Qun l a trn XP Khi nim v partition Ti sao cn to partitions? - T chc a - Khi ng nhiu h iu hnh - Backup - Hiu sut thi hnh Cc loi partitions - FAT - FAT32 - NTFS Cch thc chuyn i FAT/FAT32 thnh NTFS Command: convert : /fs:ntfs V d ti Run nh lnh chuyn Partition E: thnh: convert E: /fs:ntfs S khc nhau gia Basic v Dynamic Disks Tin ch a cng ca hng th 3 rt thng dng l Partition Magic Cu trc a - Simple volume - Spanned volume - Striped volume Gn 1 a -Mounting a Drive Dn a -Disk Defragmentation Qun l ch tiu a Thc hnh: Hc vin tin hnh donwload demo lab hng dn cch qun l a trn Windows XP Professional. http://www.nis.com.vn/securitytraining/mcse/baigiangchinhthuc/70270/lab/quanlydia.rar Ti liu h tr Phn mt ca 70-270: 1. Ti liu tham kho tng quan v my tnh v Windows XP www.nis.com.vn/securitytraining/mcse/kienthuccanthamkhao/winxpgeneral.pdf 70-270 WINDOWS XP PROFESSIONAL INSTALLATION AND Nis.com.vn ADMINISTRATION


Kt thc Phn 1 ca mn 70-270, Hc vin xem bi ging, Lab bi tp, ti liu h tr y . Hc vin tham kho thm tt c cc bi hc trong gio trnh hc chnh thc 70-270, trc khi tin hnh download bi ging v ti liu Phn 2 vo ngy 30.5.2006
