System Security Configuration
Glossary Item Box
In addition to applying the Decentralized Software Services (DSS) security mechanisms provided by the DSS Node Security Model, it is strongly recommended that the following additional security measures be considered when running a DSS node. Used together with the DSS node security settings they can significantly improve the overall security of a node.
It is strongly recommended that a DSS node is run using a non-administrative account. Running as a non-administrative account lowers the attack surface of the system. This can prevent an attacker from reaching a variety of resources requiring administrative rights.
Before running a DSS node using a non-administrative account, the programmer must first reserve an HTTP namespace with the kernel level HTTP listener, http.sys, in order to receive incoming HTTP requests. See HTTP Namespace Reservation (HttpReserve.exe) for details on how to register an HTTP namespace and associate it with a particular account.
|On Windows 7, HTTP namespaces can also be reserved using the netsh utility.|
For more information enter the following command in a DSS Command Prompt window:
netsh http help
On Windows 7 the effect of the User Account Control (UAC) mechanism is similar to that of running as a non-administrative account. By default the Microsoft Robotics Developer Studio installer reserves the HTTP namespace on port 50000 and 50002 which are recommended HTTP ports used by DSS Host Tool (DssHost.exe) and Microsoft Visual Programming Language (see VPL Introduction).
Host-based firewalls such as the Windows Firewall can increase protection of a host. This is accomplished by dropping incoming traffic that does not correspond to either traffic sent in response to a request of the computer, solicited traffic, or unsolicited traffic that has been specified as allowed, excepted traffic. Such measures can provide a level of protection from malicious users and programs that rely on unsolicited incoming traffic to attack computers.
While more involved than the previous mechanisms, IPsec can provide effective protection through tampering and spoofing protection, payload encryption, and peer authentication. IPsec was designed to address the lack of built-in security for IP-based traffic in the TCP/IP protocol suite. As a result IPsec can address transport layer security, not only for DSS but, for any IP-based communication. To set up IPsec in your environment, see the references below for overview and how-to information.
DSS Tools and Utilities: HTTP Namespace Reservation (HttpReserve.exe)
© 2012 Microsoft Corporation. All Rights Reserved.