Windows Security Mechanisms Al Bento - University of Baltimore.

Slides:

Advertisements

Similar presentations

Managing User, Computer and Group Accounts

Advertisements

©2006 Microsoft Corporation. All rights reserved. Windows Vista Security Tidbits Steve Riley Senior Security Strategist Microsoft Corporation

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Lesson 17: Configuring Security Policies

1 Chapter Overview Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions.

© Neeraj Suri EU-NSF ICT March 2006 Budapesti Műszaki és Gazdaságtudományi Egyetem Méréstechnika és Információs Rendszerek Tanszék Zoltán Micskei

12.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

1 Security and Protection Chapter 9. 2 The Security Environment Threats Security goals and threats.

Security SIG: Introduction to Tripwire Chris Harwood John Ives.

Mastering Windows Network Forensics and Investigation Chapter 14: Other Audit Events.

Guide to Operating System Security Chapter 5 File, Directory, and Shared Resource Security.

Access Control Lists and NTFS Permissions INFO333 – Lecture Mariusz Nowostawski Noria Foukia.

Edwin Sarmiento Microsoft MVP – Windows Server System Senior Systems Engineer/Database Administrator Fujitsu Asia Pte Ltd

MS systems use one of the following: LanManager Hash (LM) LanManager Hash (LM) NT LanManager (NTLM) NT LanManager (NTLM) Cached passwords Cached passwords.

 Name: Hatem elbuhaisi  Name no:  University of Palestine  Miss : yasmen elboboo  Chairing Information Technology Hands-On Microsoft Windows.

Users and Groups Security Architecture Editing Security Policies The Registry File Security Auditing/Logging Network Issues (client firewall, IPSec, Active.

Security features of Windows What is computer security ? Computer security refers to the protection of all components—hardware, software, and stored.

Chapter 4 Windows NT/2000 Overview. NT Concepts  Domains –A group of one or more NT machines that share an authentication database (SAM) –Single sign-on.

Hands-On Microsoft Windows Server 2008 Chapter 5 Configuring, Managing, and Troubleshooting Resource Access.

70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory Chapter 9: Active Directory Authentication and Security.

Sharing Resources Lesson 6. Objectives Manage NTFS and share permissions Determine effective permissions Configure Windows printing.

Operating System Security CS460 Cyber Security Spring 2010.

CN1260 Client Operating System Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+

Hands-On Microsoft Windows Server Security Enhancements in Windows Server 2008 Windows Server 2008 was created to emphasize security –Reduced attack.

Chapter Six Windows XP Security and Access Controls.

Module 10: Configuring Windows XP Professional to Operate in Microsoft Networks.

7.3. Windows Security Descriptors

C HAPTER 6 NTFS PERMISSIONS & SECURITY SETTING. INTRODUCTION NTFS provides performance, security, reliability & advanced features that are not found in.

Section 7: Implementing Security Using Group Policy Exploring the Windows Security Architecture Securing User Accounts Exploring Security Policies Hardening.

Sagar Joshi Senior Security Consultant | ACE Team, Microsoft Information Security

Welcome Thank you for taking our training. Collection 6425: Configure Windows 2008 Active Directory Domain Services Course 6710 – 6719 at

Designing Group Security Designing security groups Designing user rights.

Windows Security. Security Windows 2000/XP Professional security oriented Authentication Authorization Internet Connection Firewall.

Computer Security and Penetration Testing Chapter 16 Windows Vulnerabilities.

SSL, Single Sign On, and External Authentication Presented By Jeff Kelley April 12, 2005.

Module 4 Managing Access to Resources in Active Directory ® Domain Services.

8.1 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 8: Planning.

Breno de MedeirosFlorida State University Fall 2005 Windows servers The NT security model.

Understanding Group Policy James Michael Stewart CISSP, TICSA, CIW SA, CCNA, MCSE NT & W2K, iNet+

© Wiley Inc All Rights Reserved. MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition.

Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.

Mastering Windows Network Forensics and Investigation Chapter 13: Logon and Account Logon Events.

Active Directory Travis Favors Ryan Manuel Robert Rayer.

Module 3 Configuring File Access and Printers on Windows ® 7 Clients.

COMP2221 Networks in Organisations Richard Henson March 2014.

Module 11: Securing a Microsoft ASP.NET Web Application.

NT4 SP4 Security Jack Schmidt - Fermilab

NT SECURITY Introduction Security features of an operating system revolve around the principles of “Availability,” “Integrity,” and Confidentiality. For.

Module 3: Managing a Microsoft ® Windows ® Small Business Server Environment.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 11: Managing Access to File System Resources.

Page 1 User Accounts Lecture 3 Hassan Shuja 09/21/2004.

Access Control  privilege How does your code manage who has access to what?  authorization  permission Two OS models: Unix Windows.

Windows 2000 Security Yingzi Jin. Introduction n Active Directory n Group Policy n Encrypting File System.

Module 2: Introducing Windows 2000 Security. Overview Introducing Security Features in Active Directory Authenticating User Accounts Securing Access to.

Understand Audit Policies LESSON Security Fundamentals.

Privilege Management Chapter 22.

Introduction to Microsoft Windows 2000 Security Microsoft Windows 2000 Security Services Overview Security subsystem components Local security authority.

Configuring and Managing Resource Access Lecture 5.

4.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 12: Implementing Security.

Windows Server 2003 檔案分享管理林寶森

CSCI 530 Lab Passwords. Overview Authentication Passwords Hashing Breaking Passwords Dictionary Hybrid Brute-Force Rainbow Tables Detection.

LINUX Presented By Parvathy Subramanian. April 23, 2008LINUX, By Parvathy Subramanian2 Agenda ► Introduction ► Standard design for security systems ►

Managing Users CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University.

Sharing Resources Lesson 6. Objectives Manage NTFS and share permissions Determine effective permissions Configure Windows printing.

4 Securing Secure the hardware –Lock the server room and other ways to get access to the hardware. –Password protect the BIOS-setup Secure the NOS.

Windows Active Directory – What is it? Definition - Active Directory is a centralized and standardized system that automates network management of user.

Windows 2000 Security I will give a high-level overview on W2K Security, which is complex I am not an expert on Windows Security Probably some of you know.

Unit OS7: Security 7.4. Quiz Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze.

Florida State University

Presentation transcript:

Windows Security Mechanisms Al Bento - University of Baltimore

Authentication Challenge/response authentication protocol (CHAP) LAN Manager: saves passwords as hashes: as a 128-bit number, with passwords up to14 digits, but with two 7 digits parts, not case sensitive, easier to break change possible combinations from 2 84 to 2 37 uses old, easy to break DES encryptionDES saved on SAM (Windows Security Accounts Manager) at %systemroot%\system32\config\SAM NTLM and NTLM2: improved LAN ManagerNTLM and NTLM2 NTLM -- MD4 encryption, case sensitive, password up to 127 characters, supports up 56 bit encryption.MD4 NTLM2 -- improves NTLM to authenticate by session, and supports up to 128-bit encryption Kerberos: uses AES encryption and very secure.AES

Authentication (2) Defaults XP by default uses both LM & NTLM Vista, Windows 7 defaults to NTML2 Active Directory defaults to Kerberos, drops back as needed Security options See Microsoft long note on optionsnote on options Many different options: store LAN Manager, Lan Manager authentication level, etc.options authentication level Compatibility issues: example of Windows 7 and Win 2k serverWindows 7 and Win 2k server example of Windows 7 and Win 2003 serverWindows 7 and Win 2003 server of course all sort of issues with XP, 98, and other settings in NT, 2K, etc. More on authentication : a black hat presentation.black hat presentation

Tokens What are tokens?tokens A data structure that contains authentication and authorization information for a user. Windows creates the access token when the user logs on and the user's identity is confirmed.access token The access token contains the user's security ID (SID), the list of groups that the user is a member of, and the list of privileges held by that user. Each process or thread started for the user inherits a copy of the access token. In some cases a user may have more than one access token, with different levels of authority. What do they do? Provide the security context for processes and threads when accessing objects in the system Securable objects include files, directories, devices, registry keys, etc, and have specific user and group permissions. Some risks: token kidnapping.token kidnapping

Access Control List What is an ACL?ACL is a list of access control entries (ACE). Each ACE in an ACL identifies a trustee and specifies the access rights allowed, denied, or audited for that trustee. The security descriptor for a securable object can contain two types of ACLs: a DACL and a SACL. DACL: discretionary access control list (DACL) identifies the trustees that are allowed or denied access to a securable object. When a process tries to access a securable object, the system checks the ACEs in the object's DACL to determine whether to grant access to it. SACL: A system access control list (SACL) enables administrators to log attempts to access a secured object. Each ACE specifies the types of access attempts by a specified trustee that cause the system to generate a record in the security event log. Tokens and ACL When a user logs in he/she is assigned a access token; and securable objects have ACLs. When an user attempts to access a securable object the Windows security subsystem compare the information in the token access with the securable object and grant or deny access.