Microsoft Office Tutorials and References
In Depth Information
Protecting Against Attacks
Spoofing means impersonating another user in an unauthorized way, or pretending to be someone else.
An example related to Excel Services could be if user A tries to trick the server into believing that he or
she is user B in order to access the workbook and data results that user B is allowed to see.
Securing the Passwords
To protect against spoofing, you need to ensure that the users of your system do not disclose their
passwords, and that there is no way for a malicious user to find out those passwords. Here are some tips:
Educate your users to keep their passwords private. They should not share the passwords
with any friends or coworkers.
Change the passwords at an interval that you determine best for your needs.
Ensure that the complexity requirements for the passwords are enough to prevent a malicious
user from figuring them out by a brute-force attack.
Changing the passwords too often or having them too complex for users to remember them
might have an opposite effect: users may write them down.
Ensure that every user has individual credentials to the system, rather than shared credentials
for a group of people.
If you use basic authentication, the username and password are sent in clear text over the network. A
malicious attacker listening to the network communications may use these usernames and passwords
to log in to the system. Therefore, you should not use basic authentication except if you have a way to
ensure that the network traffic is secure from eavesdropping.
One of the ways of transmitting data between the WFE and the ECS is over a trusted subsystem. With
this method, the WFE sends the request on behalf of a user. The ECS trusts the special account that the
WFE is using to send the requests to the ECS to send the correct user.
A malicious attacker who obtains this trusted subsystem account and is able to send requests to the
ECS directly can pretend he or she is the WFE, and trick the ECS into executing requests on behalf of
Following are possible mitigations against this threat:
Protect the credentials of the trusted subsystem account.
Use delegation instead of a trusted subsystem between the WFE and the ECS. You can do this
by either having the WFE and the ECS on the same machine, or by enabling Kerberos-constrained
delegation between these components.
Install a firewall between the WFE and the ECS to prevent users outside the organization from
calling the ECS directly. Some users will still be able to access the ECS directly, but because they
are behind the firewall, the threat is reduced.