Check out the new USENIX Web site. USENIX Windows NT Symposium - August 3-5, 1998 - Modison Renaissance Hotel, Seattle, Washington
 
 
RegistrationTutorials ContentsSee information on the Large Installation System Administration of Windows NT Conference (LISA NT)See information on the 2nd USENIX Windows NT SymposiumHotel & TravelUSENIX & SAGE Thank Supporting MembersStudent Discounts and Stipends

 

W1   Windows NT Security   full-day program
Rik Farrow, Consultant

Who should attend: System and network administrators, and programmers, who work with NT systems and need to understand its security principles. Those accustomed to working with UNIX systems will benefit from the comparisons between UNIX and NT.

This tutorial explains how to maximize the security of networked NT systems. Windows NT offers security features to satisfy the most avid control freak: centralized control over user accounts, file sharing, desktop appearance, fine grained object access, encryption, a security monitor, and auditing sensitive enough to capture most security related events. But, Windows NT also suffers from an API which has been the main target for virus writers and for applications which were programmed without any notion of security. After taking this tutorial participants will understand the complex security model of Windows NT which, when correctly configured, can make it reasonably secure.

Go behind the scenes to discover the file and directory hierarchy of the trusted computing block, Web server (IIS), registry and event logs, system files and libraries, as well as review NT's security-related GUI's. We will explore the command line interfaces and tools for controlling and auditing security of NT systems. Particular emphasis will be placed on:

-    The NT registry, a file system-like construct for storing device and application configuration, passwords, and other system values, all of which protected by access control lists (ACLs)
 
-    User accounts, local and global groups, rights, and privileges
 
-    Domains, domain controllers, local and network authentication
 
-    NT Passwords, collecting and cracking passwords
 
-    ACLs for file, directories, and other objects
 
-    NT's event and audit mechanism
 
-    Correct configuration of IIS, RAS, network services, and protecting NT systems with firewalls
 
 


Rik Farrow   provides UNIX and Internet security consulting and training. He has been working with UNIX system security since 1984, and with TCP/IP networks since 1988. He has taught at the IRS, Department of Justice, NSA, US West, Canadian RCMP, Swedish Navy, and for many US and European user groups. He is the author of UNIX System Security and System Administrator's Guide to System V. Farrow writes columns for ;login:, and Network Magazine.
 


   Symposium Index
   Events Calendar
   USENIX home
Tutorials - Registration - Hotel & Travel Info -
See also the Large Installation System Administration of Windows NT (LISA NT) Conference See also the 2nd USENIX Windows NT Symposium