Вы находитесь на странице: 1из 33

"".

, 2013
"".
, "".

25.02.2014
v1.6

19.06.2009
11.09.2011

1.0
1.1

04.04.2013

1.2

23.05.2013

1.3

13.09.2013

1.4

20.12.2013

1.5

24.12.2013

1.6

2013


:
4.8
4.9
.
:
3.7
3.9
3.14
:
3.3 Windows
3.9
3.12
3.13
:
3.4

:
2.1
2.2

:
1.
2.
Windows XP
:
5.

. 2/33

1.
2.

25.02.2014
v1.6

........................................................................................................................4
Windows XP .........4
2.1.
...........................................................4
2.2.
........................................................4
2.3.
..............................................................................5
2.4.
.......................................................................................................5
2.5.
Windows .......................................................5
2.6.
..............................................................................................6
2.7.
.....................................................9
2.8.
..................11
2.9.
................................................................12
2.10. ..........................................13
2.11. ...........................................................................................................14
2.12. ...................................................................15
2.13. ..........................................................16
2.14. ..........................................................................18
2.15. ........................................................21
2.16. ......................................................................................23
2.16.1.
.............................................................................................23
2.16.2.
.................................................24
2.17. ..........................................................................................25
2.18. .......................25
2.19. ...............................................................................................27
2.20. ...........................................................................29
3. BIOS SETUP .......................................................................31
4. - .....................................32
5. .......................................................32

2013

. 3/33

1.

25.02.2014
v1.6


(, Sofit ATM WIN Sofit
CASH-IN) , , Windows XP
BIOS SETUP
.
, ,
( , ).
:
;
;
;
.
:
,
;
.
:
BIOS SETUP;
,
- ;
Sofit ATM WIN Sofit CASH-IN,
;
.

2.


WINDOWS XP

,
Windows XP BIOS SETUP.

( , ).
2.1.

:
1. - ,
P4 2.4 CPU; 512 M RAM; 40 GB HDD.
www.rucard.net
/ / ().
2.
.
2.2.

MS
Windows XP.
,
NTFS. NTFS
, ,
2013

. 4/33

25.02.2014
v1.6

Windows XP (
).
:
2 MS Windows XP (Service Pack 2);
Sofit ATM Win, Sofit CASH-IN OpenVPN client
( );
(
).
,
. :
, , Internet Information Server, Personal Web Server,
Personal Transaction Server ..;
(Microsoft Office .);
( );
, Norton Commander.
Windows Firewall
, .
2.3.

:
SETUP (
.);
( )
;
;
.

(*.PRJ, *.ERL) 180 .
2.4.

TCP/IP.
2.5.

Windows

Windows XP BIOS
.
, Administrator!
, .
!
12 .

Start => Settings => Control Panel => Security Center ( =>
=> => ). Windows Security Center
( Windows) : Firewall ON,
Automatic Updates OFF, Virus Protection NOT FOUND (. . ).

2013

. 5/33

25.02.2014
v1.6

1 - Windows Security Center ( Windows)


Windows Security Center ( Windows)
Resources () Change the way Security Center alerts me (
) Alert Settings
( ).

2 - Alert Settings ( )
2.6.

Start => Settings => Control Panel,


Windows Firewall. , General
On (recommended).

2013

. 6/33

25.02.2014
v1.6

3 -
Windows Firewall
RCOMM (SofitCom Lite) SofitCom .
OpenVPN
:
7777 TCP, 4;
,
OpenVPN ( 2, TAP-Win32 Adapter V9).

.

2013

. 7/33

25.02.2014
v1.6

4
.
. .

5 -
Advanced Security Logging
Settings.

2013

. 8/33

25.02.2014
v1.6

6 -
Log dropped packets (
) Log successful connections ( ).
O.
Windows Firewall ICMP Settings.
ICMP Settings , Allow incoming echo
request.

7 - ICMP Settings
2.7.


(TCP/IP).

2013

. 9/33

25.02.2014
v1.6

8
, ,
TCP- UDP- .

9 TCP/IP
NetBIOS TCP/IP.

2013

. 10/33

25.02.2014
v1.6

10 TCP/IP
2.8.

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA
RestrictAnonymous = 2 ( REG_DWORD)

11
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\lanmanserver
2013

. 11/33

25.02.2014
v1.6

RestrictNullSessAccess = 1 ( REG_DWORD)

12
2.9.


Windows XP. Start => Settings
=> Control Panel, Automatic Updates.

13 -

2013

. 12/33

25.02.2014
v1.6

, Automatic Updates
Turn off Automatic Updates Ok.
2.10.
Start => Settings => Control
Panel, Administrative Tools Event
Viewer.

14 -
:
Application ;
System ;
Security .
, .
Properties.

2013

. 13/33

25.02.2014
v1.6

15 -
Overwrite events older then days
31, Maximum log size 100032 Kb.
.
.
2.11.
.
. Security Settings
=> Local Policies => Audit Policy.

Audit account logon events
( )
Audit account management
( )
Audit directory service access
( )
Audit logon events
( )
Audit objects access
( )
Audit policy change
( )
Audit privilege use
( )
Audit process tracking
( )
Audit system events
( )

2013

. 14/33

Success

Failure

25.02.2014
v1.6

16 -
2.12.
HKEY_LOCAL_MACHINE .

HKEY_LOCAL_MACHINE,
Permissions.
Permissions for HKEY_LOCAL_MACHINE Advanced.
Advanced Security Settings for HKEY_LOCAL_MACHINE Auditing
Add.

17 -
Advanced, Find Now.

, Everyone O, O.

2013

. 15/33

25.02.2014
v1.6

18 -
Auditing for HKEY_LOCAL_MACHINE
Successful Failed Full Control O.

19 -
2.13.
Start => Settings => Control Panel,
Administrative Tools Computer Management.

2013

. 16/33

25.02.2014
v1.6

, (,
Sofit ATM WIN Sofit CASH-IN ,
),
( Backup Operators, Network Configuration Operators, Power
Users, Remote Desktop Users Replicator), ,
Administrator Administrators Users.
Full Name Description .
Administrator (
Ivanov).
Guest ,
. Account is
disabled.

20 -
Users,
. System Tools => Local Users and Groups => Users
, New User.
User Name ( )
ATM Password (), .

2013

. 17/33

25.02.2014
v1.6

21 -
!
12 .
!

.

2.14.

(Permissions) .
()

Administrators:
Full
Control
:\ ,
CREATOR OWNER: Special Permissions

,
: 22
Administrators: Full Control
:\
CREATOR OWNER: Special Permissions
,
: 23
Administrators: Full Control
%SYSTEMROOT%
CREATOR OWNER: Special Permissions
,
: Read & Execute
\Document and Settings\Username
Administrators: Full Control
Username: Full Control

\Boot.ini
\Ntdetect.com
\Ntldr

2013

Administrators: Full Control

. 18/33

25.02.2014
v1.6

22 - Permission Entry for WINOS (C:)

23 - Permission Entry for WINOS (C:)


!
, 22 23.
.

, ,
(Permissions) ,
( ATM).
NCR:

C:\Program Files\NCR APTRA


2013

. 19/33

C:\Program Files\Common Files\NCR



C:\ssds\
C:\40COLFIL

DIEBOLD:

C:\Diebold
C:\Program Files\Diebold\

C:\Program Files\Lanit\

25.02.2014
v1.6

: Read & Execute + Write


,
: Read & Execute + Write
,
: Full Control
,
: Read

,
: Read & Execute + Write
,
: Read & Execute + Write
,
: Read & Execute + Write

WINCOR NIXDORF:

,
C:\CSCW32
: Read & Execute + Write
,
C:\FITPCI
: Read & Execute + Write
,
C:\INSTALL
: Read & Execute + Write
,
C:\PACKAGE
: Read & Execute + Write
,
C:\PARAC
: Read & Execute + Write
,
C:\PROEINFO
: Read & Execute + Write
,
C:\PROPXD
: Read & Execute + Write
,
C:\PROSOP
: Read & Execute + Write
,
C:\PROTOPAS
: Read & Execute + Write
,
C:\PROVIEW
: Read & Execute + Write
,
C:\WOSASSP
: Read & Execute + Write
Windows Explorer ().
(, SSDS) .
Properties.
Security.

2013

. 20/33

25.02.2014
v1.6

24 -
!
Replace permissions entries on all child objects with entries shown
here that apply to child objects. .

2.15.
,
(
ATM),
, :
DIEBOLD:

HKEY_LOCAL_MACHINE\Software\Lanit
HKEY_LOCAL_MACHINE\Software\Diebold
HKEY_LOCAL_MACHINE\Software\Gemplus
HKEY_LOCAL_MACHINE\Software\MayFair Software
HKEY_LOCAL_MACHINE\Software\MayFairSoftware
HKEY_LOCAL_MACHINE\Software\Nexus
HKEY_LOCAL_MACHINE\Software\Sygate Technologies, Inc
HKEY_LOCAL_MACHINE\Software\XFS

Full Control
Full Control
Full Control
Full Control
Full Control
Full Control
Full Control
Full Control

Wincor Nixdorf:

\HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wosa/XFS_ROOT
\HKEY_CLASSES_ROOT\WOSA/XFS_ROOT
HKEY_CLASSES_ROOT \Interface\{00000134-0000-0000-C000000000000046}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Control Panel\International
HKEY_CLASSES_ROOT\WOSA/XFS_ROOT
HKEY_LOCAL_MACHINE \Software\Microsoft\Windows
NT\CurrentVersion\DRIVERS32
HKEY_LOCAL_MACHINE \Software\Microsoft\Windows NT\CurrentVersion\MCI32
HKEY_LOCAL_MACHINE\Software\Microsoft\windows\CurrentVersion\Uninstall (plus
2013

. 21/33

Full Control
Full Control
Read Access
Read Access
Full Control
Read Access
Read Access
Read Access

25.02.2014
v1.6

sub-keys)
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Image File
Execute Options

Read Access

NCR:

\HKEY_LOCAL_MACHINE\SOFTWARE\NCR\SSDS
\HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wosa/XFS_ROOT
\HKEY_CLASSES_ROOT\WOSA/XFS_ROOT
HKEY_CLASSES_ROOT \Interface\{00000134-0000-0000-C000000000000046}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Control Panel\International
HKEY_CLASSES_ROOT\WOSA/XFS_ROOT

HKEY_LOCAL_MACHINE \Software\Microsoft\Windows NT\CurrentVersion\DRIVERS32


HKEY_LOCAL_MACHINE \Software\Microsoft\Windows NT\CurrentVersion\MCI32
HKEY_LOCAL_MACHINE\Software\Microsoft\windows\CurrentVersion\Uninstall (plus subkeys)
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Image File Execute
Options
HKEY_LOCAL_MACHINE\Software\NCR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\ComputerName\ActiveComputer
Name (plus all sub keys)
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TimeZoneInformation
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\Aggrea
gte Installer
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\Aggrea
gte Installer Wizard
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\NCR
Arbitration
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\NCR
Platform
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\NCR
Platform API
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\NCR
Platform Localisation
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\NCR
PRS
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\NCR
UEH
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\WosaC
trl

2013

. 22/33

Full
Control
Full
Control
Full
Control
Read
Access
Read
Access
Full
Control
Read
Access
Read
Access
Read
Access
Read
Access
Full
Control
Read
Access
Read
Access
Full
Control
Full
Control
Full
Control
Full
Control
Full
Control
Full
Control
Full
Control
Full
Control
Full
Control

25.02.2014
v1.6

.
, : HKEY_LOCAL_MACHINE\SOFTWARE\SSDS.
, Permissions.

25 -
,
( ATM).
Add, Advanced,
Find Now. ,
OK. OK.
Group or user name.
Allow Full Control .
!
Nautilus .
!
Replace permissions entries on all child objects with entries shown
here that apply to child objects. .
,
.

2.16.
Start => Settings => Control Panel,
Administrative Tools Local Security Policy.
2.16.1.

.
Security Settings => Account Policies = > Password Policy.

2013

. 23/33

25.02.2014
v1.6


Enforce password history
( )
Maximum password age
( )
Minimum password age
( )
Minimum password length
( )
Password must meet complexity requirements
( )
Store Password using Reversible encryption (
)

24 passwords remembered
( 24 )
0 (Password will not expire)
( )
0 days (Password can't be changed
immediately)
( 1 )
12 characters (Password must be at least)
( 12 )
Enable ()
Disabled ()

26 -
2.16.2.

.
Security Settings => Account Policies => Account Lockout
Policy.

Account lockout duration
( )
Account lockout threshold
( )
Reset account lockout counter after
( )

30 minutes
(30 )
5 invalid logon attempts
(5 )
30 minutes
(30 )

27 -

2013

. 24/33

25.02.2014
v1.6

2.17.

. Security Settings => Local Policies
=> Security Options.

Accounts: Administrator account status
( : )
Accounts: Guest account status
( : )
Accounts: Limit local account use of blank passwords to console logon only
( :
)
Audit: Shut down system immediately if unable to log security audits
(: ,
)
Interactive logon: Do not display last user name
( : )
Interactive logon: Number of previous logons to cache
( : )
Network access: Sharing and security model for local accounts
( :
)

Shutdown: Allow system to be shut down without having to log on


( :
)

Enabled
()
Disabled
()
Enabled
()
Disabled
()
Enabled
()
1 logons
(1 )
Classic
local
users
authenticate as themselves
( -


)
Disabled ()

!
, ,
.

2.18.

, Start, Run ,
regedit.exe K.

28 -
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/WindowsNT/CurrentVersion/Winlogon.

2013

. 25/33

25.02.2014
v1.6

29 -
:
1)
AutoAdminLogon:
(String):
1

30 - AutoAdminLogon
AutoAdminLogon
. Modify.
Value data 1.
, .
2)

DefaultUserName:

(String):

< >

31 - DefaultUserName
DefaultUserName
. Modify.
2013

. 26/33

25.02.2014
v1.6

Value data , (
).
, .
3)

DefaultPassword: (String):

< >

29 - DefaultPassword
DefaultPassword
. Modify.
Value data , .
!
12 .

, .
!
,
.

2.19.
:
Name
Alerter
Application Layer Gateway Service
Application Management
Automatic Updates
Background Intelligent Transfer Service
ClipBook
COM+ Event System
COM+ System Application
Computer Browser
Cryptographic Services
DCOM Server Process Launcher
DHCP Client
Distributed Link Tracking Client
Distributed Transaction Coordinator
DNS Client
Error Reporting Service
Event Log
Fast User Switching Compatibility
Help and Support
2013

. 27/33

Startup
Type
Disabled
Disabled
Manual
Disabled
Disabled
Disabled
Manual
Manual
Disabled
Disabled
Automatic
Disabled
Disabled
Disabled
Disabled
Disabled
Automatic
Disabled
Disabled

25.02.2014
v1.6

HTTP SSL
Human Interface Device Access
IMAPI CD-Burning COM Service
Indexing Service
IPSEC Services
Logical Disk Manager
Logical Disk Manager Administrative Service
Messenger
MS Software Shadow Copy Provider
Net Logon
NetMeeting Remote Desktop Sharing
Network Connections
Network DDE
Network DDE DSDM
Network Location Awareness (NLA)
Network Provisioning Service
NT LM Security Support Provider
Performance Logs and Alerts
Plug and Play
Portable Media Serial Number Service
Print Spooler
Protected Storage
QoS RSVP
RouterConnect
Remote Access Auto Connection Manager
Remote Access Connection Manager
Remote Desktop Help Session Manager
Remote Procedure Call (RPC)
Remote Procedure Call (RPC) Locator
Remote Registry
Removable Storage
Routing and Remote Access
Secondary Logon
Security Accounts Manager
Security Center
Server
Shell Hardware Detection
Smart Card
SNMP Service
SNMP Trap Service
SSDP Discovery Service
System Event Notification
System Restore Service
Task Scheduler
TCP/IP NetBIOS Helper
Telephony
Telnet
Terminal Services
Themes
Uninterruptible Power Supply
Universal Plug and Play Device Host
Volume Shadow Copy
WebClient
2013

. 28/33

Manual
Disabled
Disabled
Manual
Manual
Automatic
Manual
Disabled
Manual
Manual
Disabled
Manual
Disabled
Disabled
Disabled
Manual
Manual
Manual
Automatic
Manual
Automatic
Automatic
Manual
Automatic
Manual
Manual
Manual
Automatic
Manual
Disabled
Manual
Disabled
Disabled
Automatic
Automatic
Disabled
Disabled
Manual
Disabled
Disabled
Manual
Automatic
Automatic
Disabled
Automatic
Manual
Disabled
Disabled
Disabled
Manual
Manual
Manual
Disabled

25.02.2014
v1.6

Windows Audio
Windows Firewall/Internet Connection Sharing (ICS)
Windows Image Acquisition (WIA)
Windows Installer
Windows Management Instrumentation
Windows Management Instrumentation Driver
Extensions
Windows Time
Wireless Zero Configuration
WMI Performance Adapter
Workstation

Automatic
Automatic
Manual
Manual
Automatic
Manual
Disabled
Disabled
Manual
Automatic

!
.
, .
Remote Access Service (RAS)
, GPRS ..
!
,
.

2.20.

. Security Settings => Local Policies
=> User Rights Assignments.

Access this computer from the network
( )
Adjust memory quotas for a process
( )
Allow logon through Terminal Services
( )
Back up files and directories
( )
Change system time
( )
Create a pagefile
( )
Create a token object
( )
Create global objects
( )
Create permanent shared objects
(
)
Debug programs
( )
Deny access to this computer from the network

2013




Administrators, ,

Administrators, ,

Administrators

Administrators


Everyone

. 29/33

25.02.2014
v1.6

( )
Deny logon as batch job
( )
Deny logon as service
( )
Deny logon locally
( )
Deny logon through Terminal Services
( )
Force shutdown from a remote system
(
)
Increase scheduling priority
( )
Load and unload device drivers
( )
Log on as a batch job
( )
Log on as a service
( )
Log on locally
( )
Manage auditing and security log
( )
Modify firmware environment values
( )
Perform volume maintenance tasks
( )
Profile single process
( )
Profile system performance
( )
Remove computer from docking station
( )
Replace a process level token
( )
Restore files and directories
( )
Shut down the system
( )

Everyone
Everyone
Guest
Everyone
Administrators

Administrators


Administrators, ,

Administrators
Administrators
Administrators
Administrators
Administrators
Administrators, ,


Administrators
Administrators, ,

Take ownership of files or other objects


( )

Administrators

!
, , .
!
,
.

2013

. 30/33

3.

25.02.2014
v1.6

BIOS SETUP


BIOS SETUP .
BIOS SETUP
, , .
:
(Floppy A: Enabled);
( ) (Floppy B: Not Installed);
HDD (Slave Disk: Not Installed);
(Secondary IDE Ctrl Drivers: Disabled);
(Power Management: Disabled);
(IDE Drivers Standby Timer:
Disable);
Secondary IDE (Disabled);
Num Lock (ON);
(System Boot Up Sequence) ,
, Only , ,
, ;
SETUP (Password Checking);
(Passwords Supervisor) 6 .
BIOS SETUP.
1) BIOS SETUP ,
PC AT . Hit SPACE if you
want to run SETUP, .
2) Setup Standard Enter. ,
:
Setup/Standard/Floppy B: Not Installed
Setup/Standard/Slave Disk: Not Installed
3) Setup Advanced Enter. ,
:
Setup/Advanced/System Boot Up Num Lock: On
Setup/Advanced/System Boot Up Sequence: C, A
Setup/Advanced/Password Checking: Setup
Setup/Advanced/Sec. IDE Ctrl Drives Installed: Disabled
4) Setup PowerMgmt Enter. ,
:
PowerMgmt/Power Management Mode Select: Disabled
PowerMgmt/IDE Drives Standby Timer: Disabled
5) Setup Peripheral Enter. ,
:
Peripheral/Programming Mode: Manual
Peripheral/Secondary IDE: Disabled
Peripheral/Parallel Port: Enabled

2013

. 31/33

25.02.2014
v1.6

6) Passwords Supervisor Enter.


, :
Supervisor/Password: 6
7) Escape. Save changes and exit.
8) ,
.

4.

-
.
, -
: rcomm /install.
- rcomm.ini :
TerminalAddress = 127.0.0.1
ListenPort = 8008
HOSTAddress = xxx.xxx.xxx.xxx
HOSTPort = xxxx
RunAsService= Y

IP-
IP-,

IP-
IP- ,
-

RouterConnect - , -
:
rcomm /remove
!
-
.

5.

1 ()
.
(, , ..)
.
, ,
.
, .
, .
,
. , ,
.

( ).
:

4.1A 240 ;

2013

. 32/33

25.02.2014
v1.6

150 A
( ) 257 ;
198
257 50/60 .


.
,
.
,
.

.
,
.


.
.

,
.

2013

. 33/33

Оценить