Windows NT Security Holes Windows NT is getting more popular. More and more companies use NT as their platform of the Internet.They also use NT as the.

Slides:

Advertisements

Similar presentations

WEB AND WIRELESS AUTOMATION connecting people and processes InduSoft Web Solution Welcome.

Advertisements

SYSTEM ADMINISTRATION Chapter 19

1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.

Hardware Firewalls: Advanced Feature © N. Ganesan, Ph.D.

1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.

Understanding Networks. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.

Report Distribution Report Distribution in PeopleTools 8.4 Doug Ostler & Eric Knapp 7264.

Network Shares and Accounts Sharing Printers, Drives, Folders – Setup Windows 95/98 Windows NT (2000, XP) Linux – Users – Groups.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.

Enumeration. Local IP addresses Local IP addresses (review)  Some special IP addresses  localhost (loopback address)  Internal networks 

Remote Desktop Security Raghav Chawla, Jon Ussery Group 20.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

1 Enabling Secure Internet Access with ISA Server.

Printing Terminology. Requirements for Network Printing At least one computer to operate as the print server Sufficient RAM to process documents Sufficient.

Event Viewer Was of getting to event viewer Go to –Start –Control Panel, –Administrative Tools –Event Viewer Go to –Start.

1 Guide to Network Defense and Countermeasures Chapter 6.

11 NETWORK PROTOCOLS AND SERVICES Chapter 10. Chapter 10: Network Protocols and Services2 NETWORK PROTOCOLS AND SERVICES  Identify how computers on TCP/IP.

1Federal Network Systems, LLC CIS Network Security Instructor Professor Mort Anvair Notice: Use and Disclosure of Data. Limited Data Rights. This proposal.

Module 7: Configuring TCP/IP Addressing and Name Resolution.

Intranet, Extranet, Firewall. Intranet and Extranet.

Chapter 4 Windows NT/2000 Overview. NT Concepts  Domains –A group of one or more NT machines that share an authentication database (SAM) –Single sign-on.

Services and Disk Management. Default Services (some) Alerter ClipBook Server Computer Browser DNS Client Event Log Messenger Net Logon Network DDE Network.

Chapter 7: Using Windows Servers to Share Information.

Overview: Identify the Internet protocols and standards Identify common vulnerabilities and countermeasures Identify specific IIS/WWW/FTP concerns Identify.

Introduction to SQL Server 2000 Security Dave Watts CTO, Fig Leaf Software

Remote Desktop Services Remote Desktop Connection Remote Desktop Protocol Remote Assistance Remote Server Administration T0ols.

Module 4: Add Client Computers and Devices to the Network.

A+ Guide to Software Managing, Maintaining and Troubleshooting THIRD EDITION Chapter 12 Windows on the Internet.

Chapter 10 Networking and the Internet ITSC 1458.

8.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 8: Introducing Computer Accounts.

User Manager for Domains.  Manages the user accounts in a domain  It is located in the PDC  While User Manager exists in each NT machine, but it is.

File Recovery and Forensics

Installing SIGNZ on a stand- alone machine. These slides will guide you through the installation of the SIGNZ ‘server’ and ‘client’ components on one machine.

Chapter 13 Users, Groups Profiles and Policies. Learning Objectives Understand Windows XP Professional user accounts Understand the different types of.

Client – Server Application Can you create a client server application: The server will be running as a service: does not have a GUI The server will run.

Hour 7 The Application Layer 1. What Is the Application Layer? The Application layer is the top layer in TCP/IP's protocol suite Some of the components.

Hacker’s Strategies Revealed WEST CHESTER UNIVERSITY Computer Science Department Yuchen Zhou March 22, 2002.

System Hacking Active System Intrusion. Aspects of System Hacking System password guessing Password cracking Key loggers Eavesdropping Sniffers Man in.

NT4 SP4 Security Jack Schmidt - Fermilab

CHAPTER 9 Sniffing.

1 Linux Networking and Security Chapter 5. 2 Configuring File Sharing Services Configure an FTP server for anonymous or regular users Set up NFS file.

Networking in Linux. ♦ Introduction A computer network is defined as a number of systems that are connected to each other and exchange information across.

TCOM Information Assurance Management System Hacking.

Accessing Evitech network via FTP by Susan Jansson.

Administering Group Policy Chapter Eleven. Exam Objectives in this Chapter  Plan a Group Policy strategy using Resultant Set of Policy Planning mode.

Monitoring Troubleshooting TCP/IP Chapter 3. Objectives for this Chapter Troubleshoot TCP/IP addressing Diagnose and resolve issues related to incorrect.

Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®

Module 3 l Objectives –Identify the security risks associated with specific NT Services –Understand the risk introduced by specific protocols –Identify.

“ is not to be used to pass on information or data. It should used only for company business!” – Memo from IBM Executive The Languages, Methods &

HNC COMPUTING - Network Concepts 1 Network Concepts Network Concepts Network Operating Systems Network Operating Systems.

Session 11: Cookies, Sessions ans Security iNET Academy Open Source Web Development.

IS 4506 Windows NTFS and IIS Security Features.  Overview Windows NTFS Server security Internet Information Server security features Securing communication.

By Daniel Grim. What Is Windows NT? IPSEC/Windows Firewall NTFS File System Registry Permissions Managing User Accounts Conclusion Outline.

Mac OS X backdoor Trojan, now in beta? 報告人：劉旭哲. Introduction It targets users of Mac OS X As even the malware itself admits, it is not yet finished. It.

SSH. 2 SSH – Secure Shell SSH is a cryptographic protocol – Implemented in software originally for remote login applications – One most popular software.

INTERNET APPLICATIONS CPIT405 Install a web server and analyze packets.

Windows Vista Configuration MCTS : Network Security.

Microsoft OS Vulnerabilities April 1, 2010 MIS 4600 – MBA © Abdou Illia.

Chapter 7: Using Windows Servers

FIREWALL configuration in linux

Footprinting and Scanning

Implementing a Secure ISA Server

Introduction to SQL Server 2000 Security

Intuit has launched QuickBooks File Doctor tool (QBFD) in QuickBooks File Doctor is a tool that has been designed to recover the damaged company.

Unit 27: Network Operating Systems

Security through Group Policy

Designing IIS Security (IIS – Internet Information Service)

Presentation transcript:

Windows NT Security Holes Windows NT is getting more popular. More and more companies use NT as their platform of the Internet.They also use NT as the platform of Intranet solution.Today we will discusses the most serious security holes of Windows NT operation system.

Two Parts 1.The first part is about security holes existing in NT server and workstation; 2. the second part talks about two security holes existing in browser and NT machine.

Part 1. Hole 1. How to get Administrator Step 1. Rename c:\winnt\system32\logon.scr to logon.old Step 2. Rename usrmgr.exe to logon.scr Step 3. Restart your NT machine *Because logon.scr is existed in NT Startup Utility.It will be executed when Windows NT restart.And you will not be required to input your password.Usrmgr.exe can be executed,then you can join Administrator group.

Part 1. Hole 2.The second way to get Administrator right Reinstall Windows NT operating system, The new operating system will cover the old operating system.Then you can config new system at your pleasure so that get Administrator right. * The situation will happen when somebody come in your Sever Center Room unlawful.

Part 1. Hole 3. How to get Password In Windows NT workstation,anybody can use some special tools to read ADMINST.PWD (ADMINST.PWD is a encrpytion file) In Windows9X.X Client,anybody can use some special tools to read ADMINST.PWL (ADMINST.PWL is a encrpytion file) * After you get password,you can get the right of Default Manager, especially it is easy to get in Windows9X.X Client.

Part 1. Hole 4. Remote access Registry In Windows 9X.X Client and the source which can be shared by system manager, you can run REGEDIT.EXE,then you can access NT Sever alternately and remotely. * Because Registry’s default setting allow anybody create and full control it. So somebody can delete and change Registry.

Part 1. Hole 5.Anybody can access a resource in NT Domain In command mode,anybody just enter..\\IPaddress\C$ OR..\\IPaddress\D$ OR..\\IPaddress\WINNT$ then you can contact any shared resource in Windows NT Domain.

Part 1. Hole 6.How to kill a NT machine You can use “Ping” command to kill a NT machine.NT can’t accept a large ICMP (Internet Control Messages Protocol) Package.If a Package is 64K,NT’s TCP/IP Stack will not work good and System will work offline until restart.So system will refuse some service. * Try this command,see what happen : “ ping -l host.domain.com”

Part 2. Hole 1.Browser’s Hole There is a hole about all of browsers in NT & Win9X.X.When you want to view a HTML page,your browser will look for the page in your local drive at first-time.If your NT machine just is a SMB Sever,it will send username and password automatically. But you will never know what happen. * SMB is Service Message Block

Security Countermeasures. Authenticating Users Resource Access Control Block unwanted TCP/IP Ports Auditing and logging Firewalls Packet filters Physical isolation Etc,.

Thank you Author : BoYong Jiang Student ID #: Date: 06/03/2000