Presentation is loading. Please wait.

Presentation is loading. Please wait.

By Daniel Grim. What Is Windows NT? IPSEC/Windows Firewall NTFS File System Registry Permissions Managing User Accounts Conclusion Outline.

Published byRoland Holt Modified over 8 years ago

Similar presentations

Presentation on theme: "By Daniel Grim. What Is Windows NT? IPSEC/Windows Firewall NTFS File System Registry Permissions Managing User Accounts Conclusion Outline."— Presentation transcript:

1 By Daniel Grim

2 What Is Windows NT? IPSEC/Windows Firewall NTFS File System Registry Permissions Managing User Accounts Conclusion Outline

3 First version 3.1 released July 27, 1993 alongside the existing Windows 3.1 OS Windows NT uses a hybrid kernel which was designed to replace the monolithic kernel used in DOS and the Windows 95/98 series Provides both server and client versions Includes all versions of Windows from Windows 2000 forward, including Windows 8 and Windows Server 2012 Designed to allow multiple users to run applications on the same computer simultaneously and to allow users to run applications with alternate credentials What is Windows NT?

4 Windows 2000 included an Local Security policy management snap-in for MMC(Microsoft Management Console) Allows users to specify rules for both inbound and outbound connections from the workstation or server to other computers IP Security policy editor is not available in Home or Starter editions of newer Windows versions Windows XP SP2 introduced similar functionality in the Windows Firewall feature for Home and Starter editions Windows Firewall/IPSEC

5 IPSEC Policies Run secpol.msc or use Control Panel Administrative Tools to access

6 Can allow or deny access to specific ports for outbound or inbound traffic Can hide the presence of a server on the network by blocking incoming traffic without sending a network reset response back to the client Can block commonly abused protocols such as ICMP (used for ping) Resource kits for select Windows versions provide a command-line tool called ipsecpol.exe to manage policies IPSEC Policies

7 Windows XP/Vista/7 Firewall Accessed via Control Panel

8 Provides all functionality of Windows 2000 IPSEC policies and some new features Allows the user to give specific rules to individual programs Can setup a policy to deny network access to all programs that are not whitelisted IPSEC policy editor can be accessed in Professional and Enterprise editions of Windows 7/8 also Windows XP/Vista/7 Firewall

9 More secure than FAT file systems Default File System for Windows 2000 and above installer, though those operating systems still support FAT Allows every file on the file system to have permissions assigned to it specifying who can access/modify a file or directory Supports encrypted files and directories Command-line utility (cacls.exe) available as well as GUI interface for managing permissions NT File System (NTFS)

10 Windows NT registry editor provides similar permissions settings to the NTFS file system options On earlier version of NT, up to and including 2000, Regedt32.exe is used to set permissions for registry keys In newer releases the standard regedit.exe is used to set registry key permissions This feature allows an administrator to specify exactly which users should be able to modify certain parts of the windows registry Certain registry keys should only be writable by Administrators, but readable by all users Example: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersio n\Run Registry Permissions

11 Can place users in multiple groups to be used to assign different security permissions Default Groups are Administrators and Users Accounts can be managed using the User Accounts option in Control Panel or using a command-line utility: net.exe user /? Groups can also be managed using these same tools, but the command- line for local groups is: net.exe localgroup /? Account policies such as password length, password requirement and other requirements can be set in the Local Security Policy Settings in Professional, Enterprise, and Server versions Managing User Accounts and Groups

12 There are two default accounts which exist on every Windows NT workstation machine, they are Administrator and Guest Accounts that are not needed, such as Guest, can be deactivated using either control panel or the command-line utilities Accounts should be set to require a password using these utilities, especially those with administrative privileges Managing User Accounts and Groups

13 Windows NT provides many tools for workstation security Windows NT can be a very secure OS when these tools are implemented properly These tools can be used to control access to files, registry keys, and even network ports or protocols without any additional software needing to be installed with the OS Many other tools are available within the OS, especially in the Server editions, but the tools covered in this presentation are essential for taking the first steps to secure a system running Windows NT Conclusion

14 Questions?

15 A History of Windows – Microsoft Windows – http://windows.microsoft.com/en-us/windows/history#T1=era3 http://windows.microsoft.com/en-us/windows/history#T1=era3 Using IPSEC to Lock Down a Server - http://technet.microsoft.com/en- us/library/bb726948.aspxhttp://technet.microsoft.com/en- us/library/bb726948.aspx Applying permissions to a Windows registry key - http://www.sophos.com/en-us/support/knowledgebase/13811.aspx http://www.sophos.com/en-us/support/knowledgebase/13811.aspx Local Security Policy Editor – Windows 7 Help Forums - http://www.sevenforums.com/tutorials/7357-local-security-policy-editor- open.html http://www.sevenforums.com/tutorials/7357-local-security-policy-editor- open.html Hybrid Kernel – Wikipedia - http://en.wikipedia.org/wiki/Hybrid_kernel#NT_kernel http://en.wikipedia.org/wiki/Hybrid_kernel#NT_kernel References

Download ppt "By Daniel Grim. What Is Windows NT? IPSEC/Windows Firewall NTFS File System Registry Permissions Managing User Accounts Conclusion Outline."

Similar presentations

Chapter 10 Securing Windows Server 2008 MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration.

Chapter 10 Securing Windows Server 2008 MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Module 1: Installing Windows XP Professional

Module 1: Installing Windows XP Professional
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 13: Administering Web Resources.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 13: Administering Web Resources.
Microsoft Windows Server 2008 Software Deployment Chris Rutherford EKU Technology: CEN/CET.

Microsoft Windows Server 2008 Software Deployment Chris Rutherford EKU Technology: CEN/CET.
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.

1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.

Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.
6.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

6.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.
12.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

12.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.

Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.
Hands-On Microsoft Windows Server 2003 Chapter 2 Installing Windows Server 2003, Standard Edition.

Hands-On Microsoft Windows Server 2003 Chapter 2 Installing Windows Server 2003, Standard Edition.
Understanding Networks I. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.

Understanding Networks I. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.
Lesson 19: Configuring Windows Firewall

Lesson 19: Configuring Windows Firewall
Microsoft Server 2008 R2 Group Policies & Network Policy and Access Services.

Microsoft Server 2008 R2 Group Policies & Network Policy and Access Services.
Remote Desktop Security Raghav Chawla, Jon Ussery Group 20.

Remote Desktop Security Raghav Chawla, Jon Ussery Group 20.
Terminal Server © N. Ganesan, Ph.D.. Reference Thin-Client Concept Thin-Client concept tutorial.

Terminal Server © N. Ganesan, Ph.D.. Reference Thin-Client Concept Thin-Client concept tutorial.

Similar presentations

Ads by Google