Using Microsoft s Free Security Tools Help Secure your Windows Systems taken from Web and Other Sources by Thomas Jerry Scott November, 2003



Similar documents
Implementing Security Update Management

KB Microsoft Network Security Hotfix Checker (Hfnetchk.exe) Tool Is Available

Web Security School Final Exam

Windows Operating Systems. Basic Security

A Roadmap for Securing IIS 5.0

Web Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability

Last Updated: July STATISTICA Enterprise Server Security

Microsoft Security Bulletin MS Important

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 8 Desktop and Server OS Vulnerabilities

Microsoft Baseline Security Analyzer

ITEC441- IS Security. Chapter 15 Performing a Penetration Test

Windows IIS Server hardening checklist

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak Capture Link Server V1.00

Locking down a Hitachi ID Suite server

FEATURE COMPARISON BETWEEN WINDOWS SERVER UPDATE SERVICES AND SHAVLIK HFNETCHKPRO

SECURITY BEST PRACTICES FOR CISCO PERSONAL ASSISTANT (1.4X)

Activity 1: Scanning with Windows Defender

System Administration Training Guide. S100 Installation and Site Management

Hardening IIS Servers

MCTS Guide to Microsoft Windows 7. Chapter 7 Windows 7 Security Features

Microsoft Baseline Security Analyzer (MBSA)

Migrating helpdesk to a new server

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak DryView 8150 Imager Release 1.0.

Sitefinity Security and Best Practices

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak DR V2.0

Spector 360 Deployment Guide. Version 7.3 January 3, 2012

Lab Configuring Access Policies and DMZ Settings

Windows Remote Access

StruxureWare Power Monitoring 7.0.1

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak CR V4.1

G/On. Basic Best Practice Reference Guide Version 6. For Public Use. Make Connectivity Easy

Security Guidelines for MapInfo Discovery 1.1

NAS 253 Introduction to Backup Plan

6WRUP:DWFK. Policies for Dedicated IIS Web Servers Group. V2.1 policy module to restrict ALL network access

TANDBERG MANAGEMENT SUITE 10.0

How To Test The Bandwidth Meter For Hyperv On Windows V (Windows) On A Hyperv Server (Windows V2) On An Uniden V2 (Amd64) Or V2A (Windows 2

Host Hardening. OS Vulnerability test. CERT Report on systems vulnerabilities. (March 21, 2011)

How To Upgrade A Websense Log Server On A Windows 7.6 On A Powerbook (Windows) On A Thumbdrive Or Ipad (Windows 7.5) On An Ubuntu (Windows 8) Or Windows

31 Ways To Make Your Computer System More Secure

Step-by-Step Guide to Securing Windows XP Professional with Service Pack 2 in Small and Medium Businesses

How To Install Powerpoint 6 On A Windows Server With A Powerpoint 2.5 (Powerpoint) And Powerpoint On A Microsoft Powerpoint 4.5 Powerpoint (Powerpoints) And A Powerpoints 2

Lectures 9 Advanced Operating Systems Fundamental Security. Computer Systems Administration TE2003

How To Set Up Safetica Insight 9 (Safetica) For A Safetrica Management Service (Sms) For An Ipad Or Ipad (Smb) (Sbc) (For A Safetaica) (

Configuration Information

Managing and Maintaining a Microsoft Windows Server 2003 Environment

Securing Windows Internet Servers

IIS Web Server Hardening

Windows 7, Enterprise Desktop Support Technician

imagepress CR Server A7000 Powered by Creo Color Server Technology For the Canon imagepress C7000VP/C6000VP/ C6000

The purpose of this report is to educate our prospective clients about capabilities of Hackers Locked.

DiskPulse DISK CHANGE MONITOR

Release Notes for Websense Security v7.2

Belarc Advisor Security Benchmark Summary

ecopy ShareScan v4.3 Pre-Installation Checklist

Windows 7, Enterprise Desktop Support Technician Course 50331: 5 days; Instructor-led

Enterprise Vault. For Microsoft Exchange Server. Installing and Configuring Version 5.0

Web Plus Security Features and Recommendations

Nessus scanning on Windows Domain

How To Secure An Rsa Authentication Agent

Getting Started With Halo for Windows

Course Description. Course Audience. Course Outline. Course Page - Page 1 of 12

Understanding Microsoft Web Application Security

File Share Navigator Online 1

How to Install and use Windows XP Mode and Windows Virtual PC in Windows 7 for older 32 bit only Applications

Medical Device Security Health Group Digital Output

How to Configure Windows Firewall on a Single Computer

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Burst Technology bt-loganalyzer SE

Figure 9-1: General Application Security Issues. Application Security: Electronic Commerce and . Chapter 9

ilaw Installation Procedure

"Charting the Course to Your Success!" MOC D Windows 7 Enterprise Desktop Support Technician Course Summary

Hack Your SQL Server Database Before the Hackers Do

SQL Server Hardening

Xopero Centrally managed backup solution. User Manual

LifeSize Control Installation Guide

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak Medical Image Manager (MIM) Version 6.1.

Alert Notification of Critical Results (ANCR) Public Domain Deployment Instructions

FREQUENTLY ASKED QUESTIONS

Team Foundation Server 2010, Visual Studio Ultimate 2010, Team Build 2010, & Lab Management Beta 2 Installation Guide

AdminToys Suite. Installation & Setup Guide

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration. Chapter 11 Managing and Monitoring a Windows Server 2008 Network

Workflow Templates Library

GFI White Paper PCI-DSS compliance and GFI Software products

Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines

Kaseya Server Instal ation User Guide June 6, 2008

Patch management with WinReporter and RemoteExec

Installation Guide for Pulse on Windows Server 2012

Sophos SafeGuard Native Device Encryption for Mac Administrator help. Product version: 7

AVG Internet Security Business Edition 2012

READYNAS INSTANT STORAGE. Quick Installation Guide

Enterprise Vault Installing and Configuring

WhatsUp Gold v16.3 Installation and Configuration Guide

Advanced Event Viewer Manual

Preparing Your Server for an MDsuite Installation

Administration Quick Start

Transcription:

Using Microsoft s Free Security Tools Help Secure your Windows Systems taken from Web and Other Sources by Thomas Jerry Scott November, 2003 The following chart shows the name and download locations for a number of free Microsoft security analysis tools. One path to improved security for your Microsoft is to use the available security tools from Microsoft. Tool Microsoft Baseline Security Analyzer/HFNetChk KB 824146 Scanning Tool QChain IIS Security Planning Tool IIS Lockdown Wizard URLscan Cipher.exe IPSec Policy Configuration tool Domain Controller Diagnostic Tool SQL Server tools Screensavers Location http://download.microsoft.com/download/8/e/e/ 8ee73487-4d36-4f7f-92f2-2bdc5c5385b3/mbsasetup.msi http://www.microsoft.com/downloads/details.aspx? FamilyId=13AE421B-7BAB-41A2-843B- FAD838FE472E&displaylang=en http://download.microsoft.com/download/9/5/2/ 952ac356-53cb-43a2-9c85-54b1262fca2c/Q815062_W2K_spl_X86_EN.exe http://download.microsoft.com/download/iis50/ Utility/2.0/NT5/EN-US/Iisperms.exe http://download.microsoft.com/download/iis50/utility/2.1/ NT45XP/EN-US/iislockd.exe http://download.microsoft.com/download/1/ 9/8/198a7fdf-1057-4668-9f44-035f8faeaf95/Setup.EXE http://download.microsoft.com/download/win2000platform/patch/ Q298009/NT5/EN-US/Q298009_W2K_SP3_x86_en.EXE http://download.microsoft.com/download/win2000platform/ ipsecpol/1.00.0.0/nt5/en-us/ipsecpol_setup.exe http://download.microsoft.com/download/6/b/ 0/6b078b8b-b9b3-4938-ac18-f300724d206e/dcdiag_setup.exe http://download.microsoft.com/download/6/5/c/ 65cf1ff9-1640-415e-99fb-57d4026f66e4/SQLCritUpdPkg_ENU.exe http://download.microsoft.com/download/win2000platform/ scrnsvr/1.0/nt5/en-us/seclaws.exe This article describes these tools and how their use can improve your security knowledge. Better security is often achieved by not only knowing your own systems, but also knowing where and how your enemy might attack you. Using Microsoft Free Security Tools T.J. Scott Page 1 of 11

Get Help Tracking Patches Your Windows-based computers should have the latest security patches installed. In addition, they should use the optimum security configurations for your servers and employ the strictest security settings allowable in your environment. Many of your Windows systems will serve different roles and, therefore, require different configurations. This makes it difficult to track which computer requires which patches, configuration, and settings. The Microsoft Baseline Security Analyzer (MBSA) was designed to do the following tasks to help; deal with the problems just described: 1. Examine the computers in your network 2. Analyze their Windows components 3. Then generate separate security reports for each analyzed system. The MBSA runs on Windows 2000 or XP computers and can search for security vulnerabilities on computers running Windows NT 4.0, 2000, or XP.The MSBA tool looks for common security problems in many Microsoft products, such as 1. Windows Operating system 2. Common Microsoft Servers: Exchange Server, the IIS Web Server, and SQL Server 3. The Applications: Microsoft Office, Internet Explorer (IE) and the Windows Media Player. MBSA also detects and scans multiple instances of SQL Server on a computer. You can run it with its graphical user interface (GUI) or a command-line interface. The tool searches for the presence of Microsoft's security updates and service packs, confirms security best practices such as strong passwords are in place, and identifies common server security misconfigurations. It also checks for "Guest" account statuses, file system types, available file shares, members of the Administrators group, and misconfigured security zone settings. It then lets you know what you need to do to set things right. MBSA also ensures you always have the latest version of the update installed. Knowing this is advantageous because Microsoft sometimes re-releases security updates when they change. For example, patch MS03-029 was issued to fix a remote denial-of-service vulnerability, but it created a different vulnerability; the patch needed to be re-released so it affected only the main problem. Using Microsoft Free Security Tools T.J. Scott Page 2 of 11

Using Microsoft Free Security Tools T.J. Scott Page 3 of 11

The MSBA tool is similar to the older HFNetChk (Hotfix Network Check) commandline interface tool. In fact, Microsoft designed the MBSA tool to replace the HFNetChk tool.. MBSA allows you to run all HFNetChk's capabilities from MBSA's command-line interface. You can run existing scripts that use HFNetChk after making some simple changes (replacing each occurrence of hfnetchk.exe with mbsacli.exe /hf). MBSA also supercedes the Microsoft Personal Security Advisor (MPSA) and includes all checks MPSA performs. Using Microsoft Free Security Tools T.J. Scott Page 4 of 11

MBSA creates and stores its reports for individual computers as XML files, and it displays the results as HTML in the GUI. To run the GUI version, use the executable Mbsa.exe; to run the command-line interface version, use Mbsacli.exe. Because MBSA uses a master XML database to track the latest security patches and updates, it requires Internet Explorer 5.01 (or later) or a separate XML parser. MBSA provides you with a great deal of control over its processing. For example, you can specify that it scan the local computer, a named computer, a named domain, a named IP, or a range of IP addresses. You can even skip certain checks to save time when looking for a specific issue. You have many options for controlling where output goes and how reports appear, and Microsoft is planning improvements to the tool. Although Microsoft designed MBSA to replace HFNetChk, many administrators are comfortable working with HFNetChk, and it's still useful. You can also access HFNetChk functionality using the command-line interface version of MBSA. HFNetChk helps you ensure that all your Windows-based computers have the latest security patches installed using an XML database of patches, which Microsoft updates continually. HFNetChk runs on Windows NT 4.0, 2000, or XP systems and can scan local or remote computers for the patch status of Windows NT 4.0 or 2000, Internet Explorer, SQL Server, and Microsoft Data Engine, as well as all system services, including IIS. HFNetChk also requires either Internet Explorer 5.01 (or later) or an XML parser to use the XML database. When you run HFNetChk, it scans the target computers to identify the operating system, service packs, and programs installed. Then it compares this information with the XML file and matches available security patches to your combination of installed software. If patches are available for installation but aren't installed on your computer, HFNetChk displays a warning. It's up to you to heed the warning and apply the necessary fixes. The Security Tool Kit and Critical Update Notification utility are other tools to consider. The Microsoft Security Tool Kit contains important security information, current service packs, and critical security patches for Windows 2000, IIS, and Internet Explorer. The Critical Update Notification utility is part of the Security Tool Kit and links to the Windows Update site to help ensure your computers have all the latest patches installed. The Microsoft Qfecheck tool identifies the hotfix levels on servers, reports the service pack levels and hotfix versions installed on your servers. It can also identify if a patch wasn't installed correctly. The Microsoft Hotfix tool simply displays the number and versions of all hotfixes installed on your servers. It's then up to you to find out if any are missing and install them. Microsoft's KB 823980 scanning tool is designed specifically to locate host computers that don't have the MS03-026 patch installed. Without this patch, a serious problem in the Remote Procedure Call (RPC) interface of Distributed Component Using Microsoft Free Security Tools T.J. Scott Page 5 of 11

Object Model (DCOM) could allow attackers to execute arbitrary code remotely on a vulnerable machine. The Microsoft QChain tool allows you to perform several hotfixes before restarting. Usually when you install a hotfix, you're instructed to restart the server after each installation. This can be time-consuming, as well as disruptive to operations and other dependent components. Instead, you run each hotfix installer using the -z switch so that the installer won't restart after the installation. When all hotfix installers have run, you run QChain and restart the computer. Locking Down the System After installing all necessary patches to system components, you'll need to configure your system to reduce security vulnerabilities to a minimum. Unfortunately, almost every feature that involves communication or needs to be configured represents a vulnerability. Therefore, turning off unnecessary features increases security. You want as many drawbridges up as you can manage. The IIS Security Planning Tool helps you plan the level of security you want for your IIS servers. You can choose various levels depending on the role you want a given server to fill. Using a Dynamic HTML (DHTML) interface, the IIS Security Planning Tool helps you select the services the server will provide. Then the tool recommends the most suitable deployment and installation options to achieve the security for those services. You'll need a browser to run the IIS Security Planning Tool, as its name is IISPermissions.htm. Once the IISPermissions.htm tool is running, you can select options including which client operating system to use, whether IIS is local to the browser client, the IIS and operating system versions you want, and the type of authentication to use. The tool displays those computers and resources the client can reach. Using Microsoft Free Security Tools T.J. Scott Page 6 of 11

Although all the features of Microsoft's server products are useful and, in many cases, indispensable for supporting your enterprise applications, some can also make the system vulnerable. Attackers are adept at locating weak points in your security armor and leveraging them to the utmost. For this reason, it's prudent to remove or turn off any features that aren't used, to prevent misuse. Naturally, with so many features, this is practically impossible to do manually. The IIS Lockdown Wizard simplifies the process. It includes templates for IISdependent Microsoft products and components such as Exchange, Commerce Server, BizTalk, Small Business Server, SharePoint Portal Server, FrontPage Server Extensions, and SharePoint Team Server. These templates itemize the features you can shut down for each component or product, depending on its role. For example, if your IIS server is a Dynamic Web Server, the tool removes any functionality that specific Web server role doesn't require. In particular, the IIS Lockdown Wizard can remove or disable IIS services such as FTP, HTTP, Network News Transport Protocol (NNTP), and SMTP (e-mail), all of which are vulnerable to specific attacks. You can also remove ISAPI DLL script mappings and directories you don't need, as well as change file and folder access control lists (ACLs), disable script maps, remove unused virtual directories, and set file permissions. Although the IIS Lockdown Wizard has an interactive user interface, you can also run it from an answer file. This enables you to create scripts to handle specific situations and configurations. You can also run the IIS Lockdown Wizard in unattended mode to configure your settings automatically. The IIS Lockdown Wizard is available both as part of the Security Toolkit and independently. Using Microsoft Free Security Tools T.J. Scott Page 7 of 11

Servers face exploits from attackers who try to use specially crafted HTTP requests to cause buffer overflows or escalations in user privileges, among other destructive outcomes. For example, it's possible for extremely long URLs, strange characters, or certain combinations of characters to present risks. To prevent or mitigate these kinds of attacks, Web site administrators need to filter HTTP requests so hazardous ones don't reach the server. The Microsoft URLScan tool is an ISAPI filter that examines incoming HTTP requests before they reach IIS. Blocking potentially dangerous HTTP requests reduces risks and improves overall performance, because the server doesn't have to handle those requests and can concentrate on legitimate requests. You can install URLScan on servers running IIS 4.0 and later while running the IIS Lockdown Tool, or you can install it independently. The URLScan tool is integrated into the IIS Lockdown Wizard with its own customized templates for filtering HTTP requests based on each supported server role. Most administrators use URLScan in conjunction with the IIS Lockdown Wizard, so this integration saves you the trouble of creating custom filters. You can also install URLScan within the IIS Lockdown Wizard. The latest edition of URLScan, version 2.5, adds filters that limit the size of incoming HTTP requests and special characters known to be part of certain exploits. The tool also provides administrators with more options, such as giving them the capability to log long URLs; and it allows them greater latitude when configuring URLScan, such as giving them the capability to change the directory for the log files. URLScan includes a set of default characters to exclude, which is based on previous attacks. For example, hackers have used ".." in directory traversal attacks. However, you'll need to keep in mind that the default set might include characters that are legitimate for your system. In this case, you'll need to alter the configuration file to permit those specific characters. The default characters are there for a reason, so be prepared to accept the consequences for altering them. For example, you might need to monitor specifically for attacks that use those same characters. One danger you face is that attackers might be able to access sensitive information on the system. Another danger is that an attacker can find significant system information (such as passwords) in ordinary files. And yet another danger is the possibility of an attacker using information in "deleted" files (files that still exist physically, but are inaccessible normally). Protecting Special Files For these and other reasons, Microsoft developed the Encrypting File System (EFS). EFS performs automatic data encryption and decryption on NTFS disk drives. It's transparent to applications: During normal file reads and writes, the files are encrypted or decrypted automatically. You can designate entire folders as encrypted. In this case, all files in, or added to, that folder will be encrypted. Using Microsoft Free Security Tools T.J. Scott Page 8 of 11

To encrypt a folder s files, the steps are: In Windows Explorer, right click on the folder, choose Properties, then Advanced, and then check the Encrypt files to Secure Data checkbox. You can also use the cipher.exe command-line tool to manage encrypted data in the EFS, if you want to work on a file at a time.. The tool can also "wipe" or overwrite "deleted" data on a drive permanently, making that data physically inaccessible and eliminating the possibility of an attacker gaining access to it. You must install cipher.exe with its installer package to add the NTFS functionality that the cipher.exe requires to run properly. Data Transit Security Over the Network IP security protocol (IPSec) is a commonly used protocol to enhance security. It provides authentication and confidentiality for exchanged packets, and is available for both IP versions 4 and 6. However, IPSec's policies can be complex and difficult to configure properly. The Windows 2000 Resource Kit includes the IPSec Policy Configuration tool, Ipsecpol.exe. This command-line utility can help you create, assign, and delete IPSec policies. Ipsecpol.exe can handle dynamic and static policies in Active Directory as well as in local and remote registries. As with most tools that are powerful and flexible, Ipsecpol.exe can be a little confusing to use. Following Microsoft's examples will help you achieve certain results in specific situations and become familiar with how the tool works. It can also be confusing to keep track of the services that run on your system's domain controllers. The Windows 2000 Support Tools include the DcDiag.exe utility for this purpose. DcDiag.exe checks for all services that could run on the domain controllers in your environment. You should be aware that because some services are disabled in the Domain Controller Baseline Policy, DcDiag.exe will report them as errors. Keep track of these disabled services so you can discriminate between them and any actual problems with your domain configuration. Securing SQL Microsoft provides several tools specifically for improving SQL Server 2000's security. However, many administrators aren't even aware they're running SQL Server. This is because the SQL Server Desktop Engine (also known as MSDE 2000) underlies much of the functionality of the Windows system, which also makes it vulnerable to SQL-specific attacks. SQL Server 2000 is vulnerable to certain known attacks, such as the Slammer worm. Microsoft offers three tools to help you combat such attacks: SQL Scan, SQL Check, and SQL Critical Update. The SQL Critical Update Kit also includes these three tools, as well as a Systems Management Server (SMS) deployment tool and the Servpriv.exe utility. The same kit also provides the SQL Server 2000 Critical Update Wizard, which leads you through the steps to check and update your computer. Using Microsoft Free Security Tools T.J. Scott Page 9 of 11

Certain threats are so serious that Microsoft has created tools specifically to deal with them. The Slammer worm is one such threat to SQL Server or the Microsoft SQL Server Desktop Engine (MSDE); I'll discuss the tools that address it. The Slammer Vulnerability Assessment Tool performs tests on your computer or environment to assess whether there are vulnerabilities in the Slammer worm. If vulnerabilities exist, the tool suggests an option for downloading the appropriate patch. This tool runs from the Microsoft Web site and accesses the machines you specify. SQL Critical Update scans the computer it's running on for instances of SQL Server 2000 and MSDE 2000 that are vulnerable to the Slammer worm, then updates the pertinent files. SQL Critical Update runs on Windows 98, ME, NT 4.0, 2000, and XP. Unfortunately, SQL Critical Update only runs locally, not remotely. The SQL Scan tool (Sqlscan.exe) does a search similar to the SQL Critical Update, but on a wider scale. It can scan an individual computer, a Windows domain, or a range of IP addresses for instances of SQL Server 2000 and MSDE 2000. If it finds any instances, it then determines if they're vulnerable to the Slammer worm. Note that SQL Scan doesn't change any files, as SQL Critical Update does; it simply identifies the vulnerabilities, and you'll still need to take the steps to fix them. SQL Scan runs only on Windows 2000 (or higher) and scans computers running Windows NT 4.0, 2000, or XP Professional. It doesn't work on Windows 98, ME, or XP Home Edition. SQL Check scans only the computer it's running on for instances of SQL Server 2000 and MSDE 2000. If it finds areas that are vulnerable to Slammer, it disables them (for Windows NT 4.0, 2000, or XP) or identifies them (for Windows 98 or ME). The SQL Critical Update Wizard is an associated tool that leads you through the process of detecting vulnerabilities and updating any affected files. It runs on Windows 98, ME, NT 4.0, 2000, and XP. If you've used the appropriate lockdown tools, your system should be battened down well. However, this isn't a one-time process. You should keep abreast of newly discovered vulnerabilities and the methods for dealing with them. Also reassess your system configuration periodically: Sometimes changes in applications or usage merit changing what's turned on and what's turned off. Using Microsoft Free Security Tools T.J. Scott Page 10 of 11

Mastering The Art of Detection Once you've configured your system, you must still assume that it will be a target of an attack. New exploits are hatched daily, and even the strongest armor has chinks. You've erected a fence; now you need to patrol it. You can configure your Windows system to post errors or events into one or more log files. These files are usually on the local machine, and it's often helpful to access them for analysis or comparison, especially when you're trying to understand what happened during a security incident. The Dump Event Log tool command-line tool (Dumpel.exe), included in the Windows 2000 Server Resource Kit, assists in this process. It dumps an event log for a local or a remote system into a specified tab-separated text file. You can then import the resulting file into a spreadsheet or database, or use scripts to analyze the file. The Dump Event Log tool can also filter certain event types to zero in on a specific issue. Research in computer security shows consistently that user problems, not malicious software, cause the most security problems. The reformed hacker, Kevin Mitnick, in his new book The Art of Deception details how social engineering hacks work. A good paraphrase of Mitnick s basic message is People are the weakest link in your security chain. To deal with user problems, Microsoft provides two screensavers to remind users of basic security practices. One screensaver displays the Ten Immutable Laws of Security, and the other displays the Ten Immutable Laws of Security Administration. By installing these screensavers, you might gain some valuable allies in your security battle: your users. As a bottom line notion, you should think about security in general terms. Use the basic steps patching and lockdown, and monitoring and recovery to form the outline of your own security plans. Further, take advantage of the security tools that are available. You never achieve a fully secure system; instead security is a neverending path you must strive not to stray from. Using Microsoft Free Security Tools T.J. Scott Page 11 of 11

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information