Check out the new USENIX Web site.
12TH SYSTEMS ADMINISTRATION CONFERENCE (LISA '98) - Dec 6-11, 1998 - Marriott Copley Place Hotel, Boston, Massachusetts
 
Register for LISA 98! Program at-a-Glance Program Committee Table of Contents Questions? Contact the USENIX Conference Office
- Full-day Class -   MONDAY
 

M5   Windows NT Security
Rik Farrow, Consultant

Who should attend: System and network administrators and programmers who work with NT systems and need to understand its security principles. Those accustomed to working with UNIX systems will benefit from the comparisons between UNIX and NT.

Windows NT is the result of an unusual marriage between disparate operating systems: a completely reworked replacement for DECs VMS and Windows 3.1. On the one hand, there are security features to satisfy the most avid control freak: centralized control over user accounts, file sharing, desktop appearance, fine grained object access, encryption, a security monitor, and auditing sensitive enough to capture most security related events. On the other hand, most programmers writing for NT have no concept of writing secure software for multiuser systems. After taking this tutorial participants will understand the complex security model of Windows NT which, when correctly configured, can make it reasonably secure.

This tutorial explains the security mechanisms in Windows NT, and how it can best be used to improve the security of networked NT systems. We will not only review NT's security related GUI's, we will go behind the scenes and discover the file and directory hierarchy of the trusted computing block, Web server (IIS), registery and event logs, and system files and libraries. Wherever possible we will explore the command line interfaces and tools for controlling and auditing security of NT systems. In this course you will learn about:

-    The NT registry, a file system-like construct for storing device and application configuration, passwords, and other system values, all of which is protected by access control lists (ACLs);
-    User accounts, local and global groups, rights, and privileges
-    Domains, domain controllers, local and network authentication
-    NT passwords, and collecting and cracking passwords
-    ACLs for file, directories, and other objects
-    NT's event and audit mechanism
-    Correct configuration of IIS, RAS, network services, and protecting NT systems with firewalls
 

Rik Farrow  (M5, T5provides UNIX and Internet security consulting and training. He has been working with UNIX system security since 1984, and with TCP/IP networks since 1988. He has taught at the IRS, Department of Justice, NSA, US West, Canadian RCMP, Swedish Navy, and for many US and European user groups. He is the author of UNIX System Securityand System Administrator's Guide to System V. Farrow writes columns for ;login: and Network Magazine.
 

Program at-a-Glance - Tutorials - Technical Sessions - Registration -
Birds-of-a-Feather - Activities & Services - Hotel & Travel Info - Conference Home 		Conference Index
Events Calendar
USENIX home