DOCSLIB.ORG

DPS7000/XTA User's Guide Security on the DIANE System

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
DPS7000/XTA User's Guide Security on the DIANE System A Security of the DIANE System ASCALE 7000 DPS7000/XT NOV Security REFERENCE 47 A2 02EL 01 DPS7000/XTA NOVASCALE 7000 Security of the DIANE System Security September 2004 BULL CEDOC 357 AVENUE PATTON B.P.20845 49008 ANGERS CEDEX 01 FRANCE REFERENCE 47 A2 02EL 01 The following copyright notice protects this book under Copyright laws which prohibit such actions as, but not limited to, copying, distributing, modifying, and making derivative works. Copyright Bull SAS 2004 Printed in France Suggestions and criticisms concerning the form, content, and presentation of this book are invited. A form is provided at the end of this book for this purpose. To order additional copies of this book or other Bull Technical Publications, you are invited to use the Ordering Form also provided at the end of this book. Trademarks and Acknowledgements We acknowledge the right of proprietors of trademarks mentioned in this book. Intel® and Itanium® are registered trademarks of Intel Corporation. Windows® and Microsoft® software are registered trademarks of Microsoft Corporation. UNIX® is a registered trademark in the United States of America and other countries licensed exclusively through the Open Group. Linux® is a registered trademark of Linus Torvalds. The information in this document is subject to change without notice. Bull will not be liable for errors contained herein, or for incidental or consequential damages in connection with the use of this material. Preface Preface Purpose This document targets customers requiring information about security issues on the Diane system (DPS7000/XTA). Several aspects of security are dealt with: NTFS permissions, essential services for the smooth running of the system and its maintenance, user groups and accounts, the NetBios share, the use of an antivirus software and the Windows updates. The responses to these different points have been validated in conditions of maximum security. The effect of stopping the various services is described in Windows 2000 Services in Appendix B. 47 A2 02EL iii Security on the DIANE System iv 47 A2 02EL Preface Table of Contents Security on the DIANE System 1 NTFS Permissions ......................................................................................... 1 1.1 Partition C............................................................................................... 1 1.2 Partition E............................................................................................... 1 1.3 Partition F............................................................................................... 2 2 Services Installed on DIANE......................................................................... 2 2.1 Services Used by ESMPRO ................................................................... 2 2.2 Services on the 180Rc4 System ............................................................. 3 2.3 Services for ECC (Emc Control Center). ............................................... 3 2.4 Service for the Emulex V2.20a12 driver................................................ 3 2.5 Service for PowerPath ............................................................................ 3 2.6 Services for Navisphere 6.X................................................................... 4 2.7 WEB Service .......................................................................................... 4 2.8 Microsoft FTP Service............................................................................ 4 2.9 Interop7Adm .......................................................................................... 5 2.10 Navisphere Agent ................................................................................... 5 2.11 NetOp Helper ver. 6.50 (2000271)......................................................... 5 2.12 Telnet...................................................................................................... 5 2.13 V7000 Administration ............................................................................ 5 2.14 V7000 System Control ........................................................................... 5 2.15 Other Services ........................................................................................ 5 47 A2 02EL v Security on the DIANE System 3 User Accounts................................................................................................ 6 3.1 GTS User Account.................................................................................. 6 3.2 IUSR-DIANE-013 User Account (IUSR-<<system name>>) ............... 6 3.3 TsinternetUser User Account.................................................................. 6 3.4 V7000Engine Account ........................................................................... 6 3.5 Administrator User Account................................................................... 7 3.6 IWAM<<system name>> User Account ................................................ 7 4 User Groups................................................................................................... 7 4.1 "Replicator" and "Backup Operator" User Groups ................................ 7 4.2 NetopActivity Groups ............................................................................ 7 5 The NETBIOS Share ..................................................................................... 7 6 Norton Antivirus............................................................................................ 8 6.1 Antivirus choice ..................................................................................... 8 6.2 Methods of use ....................................................................................... 8 6.3 Recommendations for Using Norton Antivirus...................................... 9 6.4 Performance............................................................................................ 9 7 Operational Security of Gcos Files:............................................................. 10 8 Windows Updates........................................................................................ 10 9 DCOM / RPC ports used by the V7000 remote administration : case of a firewall usage...................................................................................................... 11 A. Table of Services B. Windows 2000 Services B.1 Introduction............................................................................................ B-1 B.2 Windows 2000 Services......................................................................... B-2 vi 47 A2 02EL Security on the DIANE System 1 NTFS Permissions 1.1 Partition C • The ESM and DMI directories are used by ESMPRO. They are created using the standard product installation procedure. • For the DRIVERS directory, access rights can be granted only to the administrator group and the V7000BULLSERVICES group. They should have Full Control. • For the fix_manufacturing directory, access rights can be granted only to the administrator group and the V7000BULLSERVICES group. They should have Full Control. 1.2 Partition E • Protection of GCOS7 disks is validated from the GCOS_DISK directory that is placed after the mount point in order to allow the use of disk space not allocated to GCOS7 disks (customer request). • Partition E: can be protected. But with modify/write permission for the V7000BULLSERVICES group: − Administrator -> Full control − EveryOne -> List folder contents / Read − V7000BullServices -> Modify/Write In this case, you must use the Windows 2000 "Disk Manager" to set up the same permissions on the volumes (external disk mount points) because there is no permission inheritance at this level. 47 A2 02EL 1 Security on the DIANE System Note: Implementing this protection excludes the use of disk space not allocated to gcos 7 by other users and applications. 1.3 Partition F Scratch partition: Full control for everyone. 2 Services Installed on DIANE The following services are used by the Diane system. (The logons for these services must not be modified) 2.1 Services Used by ESMPRO The following services are used by ESMPRO (monitoring and event notification linked to hardware status - the equivalent of the remote alarm on Artemis systems). Do not remove these services. Alert Manager ALIVE(S) Service Alert Manager Main Service Alert Manager Socket(S) Service ESM Common Service ESM DMI Component Provider Service ESM Storage Service ESM System Management Service ESMFSService ESMLANService WIN32SL 2 47 A2 02EL Security on the DIANE System 2.2 Services on the 180Rc4 System The following services are present on a 180Rc4 system with Director Agent. Do not remove these services. Director Remote Control Service Director Support Program IBM Active PCI Alert Service IBM Advanced System Management Remote Mouse TME10RC 2.3 Services for ECC (Emc Control Center). Do not remove these services. EMC Control Center Master Agent EMC storapid EMC symapisrvEMC - Executes remote WideSky API functions over TCP/IP connectionsSymmetrix Integration Utilities Provides support for volume locking functionality 2.4 Service for the Emulex V2.20a12 driver Do not remove this service. Emulex HBAnyware Remote Management 2.5 Service for PowerPath Do not remove this service. EMC PowerPath Service 3.0.2 47 A2 02EL 3 Security on the DIANE System 2.6 Services for Navisphere 6.X Do not remove these services. NaviGovernor Navisphere Agent IIS Admin Service 2.7 WEB Service The interop7 installation places the interop client modules in the Diane Web pages in order to make it easier to download them
Load more

Recommended publications
  • Active@ UNDELETE Documentation
    Active @ UNDELETE Users Guide | Contents | 2 Contents Legal Statement.........................................................................................................5 Active@ UNDELETE Overview............................................................................. 6 Getting Started with Active@ UNDELETE.......................................................... 7 Active@ UNDELETE Views And Windows...................................................................................................... 7 Recovery Explorer View.......................................................................................................................... 8 Logical Drive Scan Result View..............................................................................................................9 Physical Device Scan View......................................................................................................................9 Search Results View...............................................................................................................................11 File Organizer view................................................................................................................................ 12 Application Log...................................................................................................................................... 13 Welcome View........................................................................................................................................14 Using
    [Show full text]
  • RAID, LVM, WSS, Verschlüsselung)
    Hochschule Wismar University of Applied Sciences Technology, Business and Design Fakultät für Ingenieurwissenschaften, Bereich EuI Projektarbeit Aufbereitung besonderer Speicherkonfigurationen als analysefähiges Material (RAID, LVM, WSS, Verschlüsselung) Eingereicht am: 6. Juli 2019 von: Melanie Wetzig Sven Lötgering Tom Gertenbach Stefan Depping Inhaltsverzeichnis Inhaltsverzeichnis 1 Vorüberlegungen4 1.1 Motivation und Zielstellung.......................4 1.2 Anforderung an den Ermittlungsprozess.................4 1.3 Einordnung in Ermittlungsprozess....................6 1.4 Write-Blocker...............................6 1.5 Software..................................7 1.5.1 Rohdatenformat (RAW).....................7 1.5.2 Expert Witness Format (EWF).................8 1.5.3 Advanced Forensic Format (AFF)................8 1.5.4 Xmount..............................8 2 Rechtliche Betrachtung9 2.1 Einleitung.................................9 2.2 Private Ermittlungen........................... 10 2.3 Behördliche Ermittlungen........................ 11 2.4 Zusammenfassung............................. 11 3 Speichermedien 13 3.1 Einleitung................................. 13 3.2 Magnetspeicher.............................. 13 3.2.1 Speicherung auf einer HDD................... 14 3.2.2 Löschen von Daten auf einer HDD............... 15 3.2.3 Forensische Relevanz....................... 15 3.3 Flash-Speicher............................... 15 3.3.1 Speicherung auf einer Solid-State-Drive (SSD)......... 16 3.3.2 Löschen von Daten auf einer SSD...............
    [Show full text]
  • SLDXA /T /L1 – SLX Component List
    SLDXA /T /L1 – SLX Component List SLDXA.exe ver 1.0 Copyright (c) 2004-2006 SJJ Embedded Micro Solutions, LLC All Rights Reserved SLXDiffC.exe ver 2.0 / SLXtoTXTC.exe ver 2.0 www.sjjmicro.com Processing... File1 to TXT file. Opening XSL File Reading RTF for final conversion F:\SLXTEST\LOCKDOWN_DEMO2.SLX has the following Components Total Count is: 577 -------------------------------------------------- .NET Framework 1.1 - Security Update KB887998 Accessibility Control Panel Accessibility Core ACPI Fixed Feature Button Active Directory Service Interface (ADSI) Core Active Directory Service Interface (ADSI) LDAP Provider Active Directory Service Interface (ADSI) Windows NT Provider Active Template Library (ATL) Add Hardware Control Panel Add/Remove Programs Control Panel Administration Support Tools Administrator Account Advanced Configuration and Power Interface (ACPI) PC Analog TV Application Compatibility Core Audio Codecs Audio Control Panel Base Component Base Performance Counters Base Support Binaries CD-ROM Drive Certificate Request Client &amp; Certificate Autoenrollment Certificate User Interface Services Class Install Library - Desk Class Install Library - Mdminst Class Install Library - Mmsys Class Install Library - Msports Class Install Library - Netcfgx Class Install Library - Storprop Class Install Library - System Devices Class Installer - Computer Class Installer - Disk drives Class Installer - Display adapters Class Installer - DVD/CD-ROM drives Class Installer - Floppy disk controllers Class Installer - Floppy disk drives
    [Show full text]
  • Active @ UNDELETE Users Guide | TOC | 2
    Active @ UNDELETE Users Guide | TOC | 2 Contents Legal Statement..................................................................................................4 Active@ UNDELETE Overview............................................................................. 5 Getting Started with Active@ UNDELETE........................................................... 6 Active@ UNDELETE Views And Windows......................................................................................6 Recovery Explorer View.................................................................................................... 7 Logical Drive Scan Result View.......................................................................................... 7 Physical Device Scan View................................................................................................ 8 Search Results View........................................................................................................10 Application Log...............................................................................................................11 Welcome View................................................................................................................11 Using Active@ UNDELETE Overview................................................................. 13 Recover deleted Files and Folders.............................................................................................. 14 Scan a Volume (Logical Drive) for deleted files..................................................................15
    [Show full text]
  • Snagit-Complete-Help-Guide-2020.Pdf
    Snagit Help Version 2020.1 December 2019 Copyright © 2019 TechSmith Corporation. All rights reserved All rights reserved This manual, as well as the software described in it, is furnished under license and may be used or copied only in accordance with the terms of such license. The content of this manual is furnished for informational use only, is subject to change without notice and should not be construed as a commitment by TechSmith Corporation. TechSmith Corporation assumes no responsibility or liab- ility for any errors or inaccuracies that may appear in this manual. Trademarks All-In-One Capture, Camtasia, Camtasia Relay, Camtasia Studio, Coach’s Eye, Coach’s Eye +, DubIt, EnSharpen, Enterprise Wide, Jing, Knowmia, Morae, Rich Recording Technology (RRT), Screencast, Screencast.com, ScreenChomp, Show The World, SmartFocus, Snagit, TechSmith, TechSmith AppShow, TechSmith Fuse, TechSmith Loop, TechSmith Relay, TechSmith Screencast, TechSmith Smart Player, and TSCC are either registered marks or marks of TechSmith Corporation in the U.S. and/or other countries. This list is not a comprehensive list of all TechSmith Corporation marks. The absence of a name/mark or logo in this notice does not constitute a waiver of any intellectual prop- erty rights that TechSmith Corporation has established in any of its product, feature or service names/marks or logos. All other marks are the property of their respective owners. Snagit Help | 1 Table of Contents Table of Contents 2 What's New in Snagit 2020 10 Introduction to Capture 13 Open the Capture
    [Show full text]
  • Run-Commands-Windows-10.Pdf
    Run Commands Windows 10 by Bettertechtips.com Command Action Command Action documents Open Documents Folder devicepairingwizard Device Pairing Wizard videos Open Videos Folder msdt Diagnostics Troubleshooting Wizard downloads Open Downloads Folder tabcal Digitizer Calibration Tool favorites Open Favorites Folder dxdiag DirectX Diagnostic Tool recent Open Recent Folder cleanmgr Disk Cleanup pictures Open Pictures Folder dfrgui Optimie Drive devicepairingwizard Add a new Device diskmgmt.msc Disk Management winver About Windows dialog dpiscaling Display Setting hdwwiz Add Hardware Wizard dccw Display Color Calibration netplwiz User Accounts verifier Driver Verifier Manager azman.msc Authorization Manager utilman Ease of Access Center sdclt Backup and Restore rekeywiz Encryption File System Wizard fsquirt fsquirt eventvwr.msc Event Viewer calc Calculator fxscover Fax Cover Page Editor certmgr.msc Certificates sigverif File Signature Verification systempropertiesperformance Performance Options joy.cpl Game Controllers printui Printer User Interface iexpress IExpress Wizard charmap Character Map iexplore Internet Explorer cttune ClearType text Tuner inetcpl.cpl Internet Properties colorcpl Color Management iscsicpl iSCSI Initiator Configuration Tool cmd Command Prompt lpksetup Language Pack Installer comexp.msc Component Services gpedit.msc Local Group Policy Editor compmgmt.msc Computer Management secpol.msc Local Security Policy: displayswitch Connect to a Projector lusrmgr.msc Local Users and Groups control Control Panel magnify Magnifier
    [Show full text]
  • Security Target
    Acronis SCS Acronis Cyber Backup 12.5 SCS Hardened Edition Server v12.5 Security Target Document Version: 0.14 Prepared for: Prepared by: Acronis SCS Corsec Security, Inc. 6370 E. Thomas Road, Suite 250 13921 Park Center Road, Suite 460 Scottsdale, AZ 85251 Herndon, VA 20171 United States of America United States of America Phone: +1 781 782 9000 Phone: +1 703 267 6050 www.acronisscs.com www.corsec.com Security Target, Version 0.14 August 19, 2020 Table of Contents 1. Introduction .......................................................................................................................................................4 1.1 Purpose .....................................................................................................................................................4 1.2 Security Target and TOE References .........................................................................................................4 1.3 Product Overview ......................................................................................................................................5 1.3.1 Product Components........................................................................................................................5 1.4 TOE Overview ............................................................................................................................................6 1.4.1 TOE Environment..............................................................................................................................7 1.5
    [Show full text]
  • Windows NT® 4 for Dummies® File:///P|/VSCAN/TOSCAN/MT/NT4DUM/NT4.HTM
    Table of contents Windows NT® 4 For Dummies® file:///P|/VSCAN/TOSCAN/MT/NT4DUM/NT4.HTM Table of Contents Windows NT® 4 For Dummies® Introduction About This Book How to Use This Book And What about You? How This Book Is Organized Part I: Introducing Windows NT (Bare-Bones Stuff) Part II: Making Windows NT Do Something Part III: Using Windows NT Applications Part IV: Been There, Done That: Quick References for Moving to Windows NT Part V: Getting Help Part VI: The Part of Tens Icons Used in This Book Where to Go from Here Part I: Intro to Windows NT (Bare Bones Stuff) Chapter 1: What Is Windows NT? What Is This "Windows" Stuff, Anyway? What Does Windows NT 4 Do? Why Should I Bother Using Windows NT? Will I Like Windows NT 4 Better than Windows NT 3.51? What's the Difference between Windows NT Workstation and Windows NT Server? Bracing Yourself for Windows NT 4 Chapter 2: Boring Information, Bothersome Computer Parts The Computer Microprocessor Floppy Disks, Compact Discs (CDs), and Disk Drives Floppy disk flipping What disk drives does Windows NT like? What does "write-protected" mean? Driving with compact discs The Mouse and That Double-Click Stuff Cards and Monitors Keyboards Groups of keys More key principles Print Screen: the one fun, weird code key Modems Printers Networks Sound Cards (Disgusting Bioactive Noises) Parts Required by Windows NT Chapter 3: Windows NT Stuff Everybody Thinks You Already Know Backing Up Your Work Clicking 1 of 9 07/14/99 08:29:14 Table of contents Windows NT® 4 For Dummies® file:///P|/VSCAN/TOSCAN/MT/NT4DUM/NT4.HTM
    [Show full text]
  • Copyrighted Material
    2986IDX.qxd 9/6/01 12:12 AM Page 425 Index Note to the reader: Throughout this index boldfaced page numbers indicate pri- mary discussions of a topic. Italicized page numbers indicate illustrations. A for Local Users and Groups, 171 in Shared Folders, 333 abstracts, from Indexing Service, 140 Active Directory, 7–8 Accessibility, 2–6 for adding programs, 12 Internet Explorer options, 157 ActiveX controls, security settings for, 158 Magnifier, 176–177 Add Counters dialog, 257, 257–258 Narrator, 195–196 Add Excluded Files dialog On-Screen Keyboard, 234, 234–235 (Backup), 35 Options window, 2, 2–3 Add Hardware Wizard, 8–10, 350–351 Utility Manager, 385–386, 386 Add or Remove Programs, 10–13 Accessibility Options dialog, Keyboard address bar tab, 3, 3–4 in Explorer, 101–102, 102 Accessories, 6 in Internet Explorer, 149 Calculator, 37–38 Address Book, 13–25 Command Prompt, 46, 46–47 contact template, 20 Communications, 47 creating contacts, 16–17 Entertainment program group, 92 folders, 22–23 Program Compatibility Wizard, 288, 288–289 groups, 20–22 System Tools, 366. See also Backup identities for, 24–25 Character Map, 40 menus, 15–16 Disk Cleanup, 69–71, 71 retrieving e-mail addresses from, 241 Disk Defragmenter, 71–75 searching for people in, 325–326 File and Settings Transfer toolbar, 14, 15 Wizard, 112 window, 14 Scheduled Tasks, 316, 316–322 Address toolbar, 367 System Information, 361–363COPYRIGHTEDAdministrative Tools, MATERIAL 25–26. See also System Restore, 364, 364–365 Microsoft Management Console (MMC) snap-ins Windows Explorer, 97, 97–106 Active Directory, 7–8 Windows Movie Maker, 406–414, 407 for adding programs, 12 Action menu COM+ (Component Services), 45 for Device Manager, 59–63 Data Sources (ODBC), 51–55 425 2986IDX.qxd 9/6/01 12:12 AM Page 426 ADMINISTRATOR ACCOUNT Event Viewer, 93, 93–96, 94 attrib command, 291 Local Security Policy, 168, 168–170, AU files, 396 168–170 audio.
    [Show full text]
  • Idex USB Manual Idex Manual
    iDex USB Manual iDex Manual Contact details Producer: FOCI BV. The Netherlands www.foci.nl [email protected] 2 iDex Manual Index Index ............................................................................... 3 1. General ....................................................................... 4 2. Get started! ................................................................. 5 3. First use ...................................................................... 7 4. FOCI iDex Software .................................................. 14 5. Operating the camera ............................................... 20 6. Picture modes and picture settings .......................... 21 7 Combination with Magnification Software .................. 24 8 Keyboard shortcuts .................................................... 25 9 List of shortcuts FOCI iDex Software ......................... 27 10 General hotkeys ....................................................... 30 11 Technical Data ......................................................... 31 12 Safety & maintenance .............................................. 32 3 iDex Manual 1. General Congratulations with the purchase the iDex, the FOCI portable Computer Connected Video Magnifier. Our aim was to develop a highly qualitative and user- friendly product. We think we have succeeded, and we hope you have the same opinion. Serial Number: The serial number of the device can be found on the first page and also under the help menu in the software program 4 iDex Manual 2. Get started! To use the
    [Show full text]
  • Microsoft Windows Common Criteria Evaluation Security Target
    Microsoft Common Criteria Security Target Microsoft Windows Common Criteria Evaluation Microsoft Windows 10 version 1809 (October 2018 Update) Microsoft Windows Server 2019 (October 2018 Update) Security Target Document Information Version Number 0.05 Updated On June 18, 2019 Microsoft © 2019 Page 1 of 126 Microsoft Common Criteria Security Target Version History Version Date Summary of changes 0.01 June 27, 2018 Initial draft 0.02 December 21, 2018 Updates from security target evaluation 0.03 February 21, 2019 Updates from evaluation 0.04 May 6, 2019 Updates from GPOS PP v4.2.1 0.05 June 18, 2019 Public version Microsoft © 2019 Page 2 of 126 Microsoft Common Criteria Security Target This is a preliminary document and may be changed substantially prior to final commercial release of the software described herein. The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the date of publication. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the date of publication. This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, AS TO THE INFORMATION IN THIS DOCUMENT. Complying with all applicable copyright laws is the responsibility of the user. This work is licensed under the Creative Commons Attribution-NoDerivs- NonCommercial License (which allows redistribution of the work). To view a copy of this license, visit http://creativecommons.org/licenses/by-nd-nc/1.0/ or send a letter to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA.
    [Show full text]
  • Microsoft Windows Vista and Windows Server 2008 EAL1 Security Target
    Microsoft Windows Vista and Windows Server 2008 EAL1 Security Target Version 1.0 August 14, 2008 Prepared For: Microsoft Corporation Corporate Headquarters One Microsoft Way Redmond, WA 98052-6399 Prepared By: Science Applications International Corporation Common Criteria Testing Laboratory 7125 Gateway Drive Columbia, MD 21046-2554 Version 1.0, 8/14/2008 This is a preliminary document and may be changed substantially prior to final commercial release of the software described herein. The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the date of publication. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the date of publication. This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, AS TO THE INFORMATION IN THIS DOCUMENT. Complying with all applicable copyright laws is the responsibility of the user. This work is licensed under the Creative Commons Attribution-NoDerivs-NonCommercial License (which allows redistribution of the work). To view a copy of this license, visit http://creativecommons.org/licenses/by-nd- nc/1.0/ or send a letter to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property.
    [Show full text]