Datasheet
Vista offers support for nonbroadcasting networks and even allows you to
connect to a nonbroadcast network in your preferred list. However, don’t be
fooled into thinking that a nonbroadcasting network is more secure; some-
times, it is actually less secure. Even when you run the Vista OS and a non-
broadcasting network does not advertise its name (that is, the
service set
identifier (SSID)
is set to a null value), some risk exists if other systems on the
network are running Windows XP Service Pack (SP) 2. The problem is that
systems running Windows XP SP2 will send a broadcast, even if your wireless
network is configured as a nonbroadcasting network. Therefore, it is gener-
ally a bad idea to implement a nonbroadcasting wireless network as part of
your security plan — security by obscurity is never a good idea.
Service hardening
Windows services are applications that provide OS functionality, are low-level
application tasks, run in the background, and usually require no user interac-
tion. Although services are essential to the operation of your system, they
have historically presented a significant attack surface for malicious code
writers. Service hardening is not necessarily a new security concept but has
largely been the responsibility of the user — until now.
The Vista service hardening features are just one part of a multilayered secu-
rity strategy that embeds security within the OS to reduce the risks associ-
ated with exploits that might target your systems. The real focus of service
hardening isn’t to prevent such attacks as much as it is to reduce the damage
such an exploit can cause to your system if a service is compromised.
Figure 1-3:
The
Parental
Controls
interface.
14
Part I: Vista Security Essentials
05_118054 ch01.qxp 10/11/07 9:38 AM Page 14