Posted on 30 Ott, 2015 in IT Pro, Sicurezza Informatica, Varie |
E’ importante prestare attenzione alla configurazione delle esclusione del proprio antivirus, soprattutto in un ambiente client\server, andando a popolare le regole e le trusted zone in modo da non intaccare le prestazioni dei software in uso e delle funzionalità.
Vogliamo proporre in questo articolo un elenco delle esclusioni consigliate, elencando i servizi e le cartelle da escludere per i servizi Server Core che solitamente troviamo installati presso i nostri server aziendali.
Le esclusioni elencate andranno inserite manualmente nei criteri applicati ai server.
Lista delle esclusioni raccomandate :
| Esclusione RUOLO |
Percorso |
| Domain controller or generic server |
- %systemroot%\SYSVOL\
- %systemroot%\NTDS\
- %systemroot%\system32\Spool\
- %systemroot%\system32\ntmsdata
- %systemroot%\cluster
- %systemroot%\Microsoft.NET\
- %systemroot%\Syswow64\LogFiles
- %systemroot%\system32\LogFiles
|
|
| DNS server |
- %systemroot%\system32\dns\
|
|
| DHCP server |
- %systemroot%\system32\dhcp\
|
|
| WINS server |
- %systemroot%\system32\wins\
|
|
| IIS |
- %systemroot%\system32\inetsrv\
- %systemroot%\IIS Temporary Compressed Files\ (for IIS 6.0)
- Disk:\inetpub\temp\IIS Temporary Compressed Files\ (for IIS 7.0)
- %systemroot%\system32 \LogFiles
- %systemroot%\IIS
|
|
| SQL server |
- %Program Files%\Microsoft SQL Server\
- <SQL Server Installed folder>\*\OLAP\Data
- <SQL Server Installed folder>\*\OLAP\Backup
- <SQL Server Installed folder>\*\OLAP\Log
- *.MDF
- *.LDF
- *.NDF
- *.BAK
- *.TRN
|
|
| WSUS |
- Disk:\MSSQL$WSUS\
- Disk:\WSUS\
- Disk:\Windows\SoftwareDistribution\Datastore
- Disk:\WsusDatabase
|
|
| Sharepoint |
- Disk:\Program Files\SharePoint Portal Server\
- Disk:\Program Files\Common Files\Microsoft Shared\Web Storage System\
- Disk:\Program Files\Common Files\Microsoft Shared\Web Service Extensions
- Disk:\Program Files\Microsoft Office Servers
- %systemroot%\Temp\Frontpagetempdir
- %systemroot%\Temp\WebTempDir
For Windows 2003 only:
- C:\Documents and Settings\All Users\Application Data\Microsoft\SharePoint\Config
- C:\Documents and Settings\<SharePoint service account>\Local Settings\Application Data
- C:\Documents and Settings\<SharePoint service account>\Local Settings\Temp\
- C:\Documents and Settings\Default User\Local Settings\Temp
For Windows 2008 only:
- C:\Users\<SharePoint service account>\Local
- C:\Users\<SharePoint service account>\Local\Temp
- C:\Users\Default\AppData\Local\Temp
- C: \ProgramData\Microsoft\SharePoint\Config
|
|
| Microsoft Operations Manager 2005 Server |
- %Program Files%\Microsoft Operations Manager 2005\
- %allusersprofile%\Application Data\Microsoft\Microsoft Operations Manager\
|
|
| Hyper – V |
- Disk:\ProgramData\Microsoft\Windows\Hyper-V\
- Disk:\Users\Public\Documents\Hyper-V\
- Virtual machine configuration folders
- Virtual machine hard disk folders
- Disk:\ProgramData\Microsoft\Windows\Hyper-V
- Disk:\Users\Public\Documents\Hyper-V\Virtual Hard Disks
- Disk:\ProgramData\ProgramData\Microsoft\Windows\Hyper-V\Snapshots
- For Windows 2008 R2 only: Disk:\ClusterStorage
- .AVHD
- .ISO
- .VFD
- .VHD
- .VSV
- .XML
|
| Vmware |
|
| Citrix |
|
| ISA Server |
- C:\Program Files\Microsoft ISA Server\ISALogs
- C:\Program Files\Microsoft SQL Server\MSSQL$MSFW\Data
|
