M2
Windows NT Security
Rik Farrow, Consultant
Who should attend:
System and network administrators, and programmers, who must work with NT systems and need to understand its security principles.
Windows NT is the result of an unusual marriage between disparate operating systems: a completely reworked replacement for Digital Equipment's VMS and Windows 3.1. On the one hand, there are security features to satisfy the most avid control freak: centralized control over user accounts, file sharing, desktop appearance, fine grained object access, encryption, a security monitor, and auditing sensitive enough to capture most security related events. On the other hand, it provides support for an API that has been the main target for virus writers, and application programmers who have never even considered the notion of security.
This tutorial explains the security mechanisms in Windows NT, and how they can best be used to improve the security of networked NT systems. This is not just a review of NT's security-related GUIs (although they are included), we will go behind the scenes and discover the file and directory hierarchy of the trusted computing block, Web server (IIS), registry and event logs, and system files and libraries. Whenever possible, we will explore the command line interfaces and tools for controlling and auditing security of NT systems.
In particular, we will learn about:
|
The NT registry, a file system-like construct for storing device and application configuration, passwords, and other system values, all of which are protected by access control lists (ACLs)
|
|
User accounts, local and global groups, rights, and privileges
|
|
Domains, domain controllers, local and network authentication
|
|
NT Passwords, and collecting and cracking passwords
|
|
ACLs for file, directories, and other objects
|
|
NT's event and audit mechanism; and
|
|
Correct configuration of IIS, RAS, network services, and protecting NT systems with firewalls
|
Rik Farrow
provides UNIX and Internet security consulting and training. He has been working with UNIX system security since 1984, and with TCP/IP networks since 1988. He is the author of UNIX System Security and System Administrator's Guide to System V. Farrow writes two columns for ;login:, and a network security column for Network magazine.
Tutorials at-a-Glance Symposium Speakers
|