By Daniel Grim. What Is Windows NT? IPSEC/Windows Firewall NTFS File System Registry Permissions Managing User Accounts Conclusion Outline.

Slides:

Advertisements

Similar presentations

Chapter 10 Securing Windows Server 2008 MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration.

Advertisements

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 1: Installing Windows XP Professional

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 13: Administering Web Resources.

Microsoft Windows Server 2008 Software Deployment Chris Rutherford EKU Technology: CEN/CET.

1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.

6.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.

12.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.

Hands-On Microsoft Windows Server 2003 Chapter 2 Installing Windows Server 2003, Standard Edition.

Understanding Networks I. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.

Lesson 19: Configuring Windows Firewall

Microsoft Server 2008 R2 Group Policies & Network Policy and Access Services.

Remote Desktop Security Raghav Chawla, Jon Ussery Group 20.

Terminal Server © N. Ganesan, Ph.D.. Reference Thin-Client Concept Thin-Client concept tutorial.

Installing Windows XP Professional Using Attended Installation Slide 1 of 41Session 2 Ver. 1.0 CompTIA A+ Certification: A Comprehensive Approach for all.

70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 10: Remote Access.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Baselines Chapter 14.

Chapter 6 Enumeration Modified Objectives  Describe the enumeration step of security testing  Enumerate Microsoft OS targets  Enumerate NetWare.

1 Objectives Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline.

Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.

2 © 2004, Cisco Systems, Inc. All rights reserved. IT Essentials I v. 3 Module 6 Windows NT/2000 Operating Systems.

A+ Guide to Managing and Maintaining Your PC Fifth Edition Chapter 15 Installing and Using Windows XP Professional.

Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.

MCTS Guide to Microsoft Windows Server 2008 Applications Infrastructure Configuration (Exam # ) Chapter Two Deploying Windows Servers.

Hands-On Ethical Hacking and Network Defense

Remote Desktop Services Remote Desktop Connection Remote Desktop Protocol Remote Assistance Remote Server Administration T0ols.

Guide to Operating System Security Chapter 4 Account-based Security.

Hands-On Microsoft Windows Server Security Enhancements in Windows Server 2008 Windows Server 2008 was created to emphasize security –Reduced attack.

File Recovery and Forensics

A+ Guide to Software Managing, Maintaining and Troubleshooting THIRD EDITION Chapter 8 Managing and Supporting Windows XP.

C HAPTER 6 NTFS PERMISSIONS & SECURITY SETTING. INTRODUCTION NTFS provides performance, security, reliability & advanced features that are not found in.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 5: Managing File Access.

Windows IP Security Filters October 23, 2002 Joe Klemencic Fermilab Business Services.

Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.

Fall 2011 Nassau Community College ITE153 – Operating Systems Session 22 Local Security Polcies 1.

Module 14: Configuring Server Security Compliance

Section 1: Introducing Group Policy What Is Group Policy? Group Policy Scenarios New Group Policy Features Introduced with Windows Server 2008 and Windows.

The Microsoft Baseline Security Analyzer A practical look….

Windows 7 Firewall.

1 Chapter Overview Configuring Account Policies Configuring User Rights Configuring Security Options Configuring Internet Options.

8.1 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 8: Planning.

Windows XP Professional Features ©Richard L. Goldman February 5, 2003.

A+ Guide to Managing and Maintaining Your PC Fifth Edition Chapter 13 Understanding and Installing Windows 2000 and Windows NT.

Lesson 17-Windows 2000/Windows 2003 Server Security Issues.

1 Objectives Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline.

Module 1: Installing Microsoft Windows XP Professional.

NT4 SP4 Security Jack Schmidt - Fermilab

Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.

Module 5: Designing Security for Internal Networks.

Working with Users and Groups Lesson 5. Skills Matrix Technology SkillObjective DomainObjective # Introducing User Account Control Configure and troubleshoot.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 14: Windows Server 2003 Security Features.

70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 11: Group Policy for Corporate Policy.

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

Module 7: Implementing Security Using Group Policy.

Administering Microsoft Windows Server 2003 Chapter 2.

Module 10: Windows Firewall and Caching Fundamentals.

Module 8 Implementing Security Using Group Policy.

4.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 12: Implementing Security.

Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.

Configuring Print Services Lesson 7. Print Sharing Print device sharing is another one of the most basic applications for which local area networks were.

Configuring Windows Firewall with Advanced Security

HARDENING CLIENT COMPUTERS

Securing Windows 7 Lesson 10.

Presentation transcript:

By Daniel Grim

What Is Windows NT? IPSEC/Windows Firewall NTFS File System Registry Permissions Managing User Accounts Conclusion Outline

First version 3.1 released July 27, 1993 alongside the existing Windows 3.1 OS Windows NT uses a hybrid kernel which was designed to replace the monolithic kernel used in DOS and the Windows 95/98 series Provides both server and client versions Includes all versions of Windows from Windows 2000 forward, including Windows 8 and Windows Server 2012 Designed to allow multiple users to run applications on the same computer simultaneously and to allow users to run applications with alternate credentials What is Windows NT?

Windows 2000 included an Local Security policy management snap-in for MMC(Microsoft Management Console) Allows users to specify rules for both inbound and outbound connections from the workstation or server to other computers IP Security policy editor is not available in Home or Starter editions of newer Windows versions Windows XP SP2 introduced similar functionality in the Windows Firewall feature for Home and Starter editions Windows Firewall/IPSEC

IPSEC Policies Run secpol.msc or use Control Panel Administrative Tools to access

Can allow or deny access to specific ports for outbound or inbound traffic Can hide the presence of a server on the network by blocking incoming traffic without sending a network reset response back to the client Can block commonly abused protocols such as ICMP (used for ping) Resource kits for select Windows versions provide a command-line tool called ipsecpol.exe to manage policies IPSEC Policies

Windows XP/Vista/7 Firewall Accessed via Control Panel

Provides all functionality of Windows 2000 IPSEC policies and some new features Allows the user to give specific rules to individual programs Can setup a policy to deny network access to all programs that are not whitelisted IPSEC policy editor can be accessed in Professional and Enterprise editions of Windows 7/8 also Windows XP/Vista/7 Firewall

More secure than FAT file systems Default File System for Windows 2000 and above installer, though those operating systems still support FAT Allows every file on the file system to have permissions assigned to it specifying who can access/modify a file or directory Supports encrypted files and directories Command-line utility (cacls.exe) available as well as GUI interface for managing permissions NT File System (NTFS)

Windows NT registry editor provides similar permissions settings to the NTFS file system options On earlier version of NT, up to and including 2000, Regedt32.exe is used to set permissions for registry keys In newer releases the standard regedit.exe is used to set registry key permissions This feature allows an administrator to specify exactly which users should be able to modify certain parts of the windows registry Certain registry keys should only be writable by Administrators, but readable by all users Example: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersio n\Run Registry Permissions

Can place users in multiple groups to be used to assign different security permissions Default Groups are Administrators and Users Accounts can be managed using the User Accounts option in Control Panel or using a command-line utility: net.exe user /? Groups can also be managed using these same tools, but the command- line for local groups is: net.exe localgroup /? Account policies such as password length, password requirement and other requirements can be set in the Local Security Policy Settings in Professional, Enterprise, and Server versions Managing User Accounts and Groups

There are two default accounts which exist on every Windows NT workstation machine, they are Administrator and Guest Accounts that are not needed, such as Guest, can be deactivated using either control panel or the command-line utilities Accounts should be set to require a password using these utilities, especially those with administrative privileges Managing User Accounts and Groups

Windows NT provides many tools for workstation security Windows NT can be a very secure OS when these tools are implemented properly These tools can be used to control access to files, registry keys, and even network ports or protocols without any additional software needing to be installed with the OS Many other tools are available within the OS, especially in the Server editions, but the tools covered in this presentation are essential for taking the first steps to secure a system running Windows NT Conclusion

Questions?

A History of Windows – Microsoft Windows – Using IPSEC to Lock Down a Server - us/library/bb aspxhttp://technet.microsoft.com/en- us/library/bb aspx Applying permissions to a Windows registry key Local Security Policy Editor – Windows 7 Help Forums - open.html open.html Hybrid Kernel – Wikipedia References