FORESEC Academy Security Essentials V WINDOWS SECURITY FORESEC
- Slides: 17
FORESEC Academy Security Essentials (V) WINDOWS SECURITY
FORESEC Academy Agenda Chapter 25: The Windows Security Infrastructure Chapter 26: Permissions and User Rights Chapter 27: Security Templates and Group Policy Chapter 28: Service Packs, Hotfixes, and Backups Chapter 29: Securing Windows Network Services Chapter 30: Automation and Auditing
FORESEC Academy Security Essentials (V) The Windows Security Infrastructure
FORESEC Academy Windows Operating Systems Windows 9 x/Me Windows NT Windows 2000 Windows XP Windows 2003
FORESEC Academy Windows 9 x/Me (1 of 2) Not designed for security and cannot be secured, period. - No filesystem security - Can't really require initial logon - Weak authentication protocol (LM) - Extremely vulnerable to Do. S attacks - Virtually no logging capabilities - Prone to lock-ups and crashes - Boot into other OS to circumvent everything
FORESEC Academy Windows 9 x/Me (2 of 2) But if you’re stuck with 9 x/Me, then: - Use them as “thin clients” to Terminal Services or Citrix servers - Keep all mail on Exchange Server, not in local personal storage files (. PST) - Store all documents on servers - Install ADCE for NTLMv 2 support
FORESEC Academy Windows NT 4. 0 Windows NT is dead, DEAD. Service Pack 6 a is the last one. Was at least intended to be secure: - User-based access control - Domain controllers, trusts, and single sign-on - NTFS and NTLM - Detailed logging - Protected memory spaces in OS - VMS pedigree
FORESEC Academy Windows 2000 (1 of 2) It's more like Windows NT version 9. 0: - Active Directory - Group Policy - Kerberos - IPSec - PKI & Smart Cards - EFS - Scriptability & CMD Tools
FORESEC Academy Windows 2000 (2 of 2) Standard Server Advanced Server Datacenter Server Max CPUs 4 8 32 Max RAM 4 GB 8 GB 32 GB Load. Balancing n/a 32 -Node Cluster Nodes n/a 2 -Node 4 -Node
FORESEC Academy Windows XP A better Windows 2000 Professional. . . XP Professional vs. Home Edition Only with XP Professional: - Ability to join a domain - Encrypting File System - Editable file ACLs - Remote Desktop support - Roaming user profiles - Dual CPU support
FORESEC Academy Windows Server 2003 (1 of 3) Successor to Windows 2000 Server - Not intended for desktops. - Mostly an incremental upgrade to Win 2000. - Scalability and fault-tolerance enhancements. Cross-forest trusts. You can mix-and-match your Windows 2000 and 2003 Servers fairly easily.
FORESEC Academy Windows Server 2003 (2 of 3) Standard Server Advanced Server Datacenter Server Max CPUs 4 8 32 Max RAM 4 GB 8 GB 32 GB Load. Balancing n/a 32 -Node Cluster Nodes n/a 8 -Node 64 -bit CPU No Yes
FORESEC Academy Windows Server 2003 (3 of 3) Windows Server 2003 Web Edition - Dedicated-purpose operating system - Not available through retail channels. - Intended for ISP. s and ASP. s. - Intended for turn-key hardware appliances. Only supports two 32 -bit CPUs and no more than 2 GB of RAM. (Why? ? ? ) Probably better off with Standard Server. . .
FORESEC Academy Workgroups (1 of 3) - No domain controllers! - Stand-alone computers only. - Local accounts and local accounts databases only. - Permissions can be assigned to local users and groups only. - Local groups cannot have users from other machines. - User names may be identical across machines, but their SIDs are different (more on this in just a moment). -Users are typically local administrators of their own machines. -A “workgroup administrator” simply has a separate administrative account on every machine. -Workgroups tend to be small, e. g. , less than 100 boxes. -You can have stand-alones or entire workgroups in the midst of domain members, e. g. , IIS servers on a service subnet.
FORESEC Academy Workgroups (2 of 3) Benefits of workgroups: - Conceptual simplicity. - Lower initial cost. - Each computer protects itself. - Each user is typically an administrator of his or her own machine, allowing personal creative expression and joy.
FORESEC Academy Workgroups (3 of 3) Drawbacks of workgroups: - Users are insane. - Workgroup = Anarchy Very difficult to manage a large number of stand-alones (no scalability). - No single sign-on without great effort. - No consistent permissions or rights.
FORESEC Academy Manage Local Accounts Windows NT - User Manager Windows 2000/XP/2003 - User Accounts applet in control Panel. - Computer Management snap-in in Administrative Tools folder. - NET. EXE
- Foresec
- Microsoft windows small business server 2011 essentials
- Small business server 2011 end of life
- Windows server 2012 r2 essentials
- Windows server 2012 essentials launchpad download
- Windows essentials 2014
- Windows 2019 essentials limits
- Microsoft powerpoint 2014
- William stallings network security essentials 5th edition
- Kr
- Cissp guide to security essentials
- Cissp guide to security essentials
- Network security essentials 5th edition
- Private security
- Windows movie maker speed up video
- Windows media player 9 for windows 10
- Windows live mail xp
- Windows driver kit windows 7