Windows Vista Security David Kenney Christopher Lange Background
![Windows Vista Security David Kenney Christopher Lange Windows Vista Security David Kenney Christopher Lange](https://slidetodoc.com/presentation_image_h/17c4d1360eebc521c8ba07b1d451aa78/image-1.jpg)
Windows Vista Security David Kenney Christopher Lange
![Background n n Windows Vista is Microsoft’s most current operating system Vista offers new Background n n Windows Vista is Microsoft’s most current operating system Vista offers new](http://slidetodoc.com/presentation_image_h/17c4d1360eebc521c8ba07b1d451aa78/image-2.jpg)
Background n n Windows Vista is Microsoft’s most current operating system Vista offers new security features: • Windows Defender • User Account Control • Windows Firewall with Advanced Security
![Windows Defender n n n Microsoft’s anti-spyware program now integrated with the Windows Vista Windows Defender n n n Microsoft’s anti-spyware program now integrated with the Windows Vista](http://slidetodoc.com/presentation_image_h/17c4d1360eebc521c8ba07b1d451aa78/image-3.jpg)
Windows Defender n n n Microsoft’s anti-spyware program now integrated with the Windows Vista operating system Designed to detect, remove, and prevent spyware Supports not only scanning, but realtime protection
![User Account Control (UAC) n n n Windows Vista security infrastructure Applications run with User Account Control (UAC) n n n Windows Vista security infrastructure Applications run with](http://slidetodoc.com/presentation_image_h/17c4d1360eebc521c8ba07b1d451aa78/image-4.jpg)
User Account Control (UAC) n n n Windows Vista security infrastructure Applications run with standard user privileges until an administrator authorizes an increase in privilege Much criticism over the number of prompts a user can receive from UAC requesting authorization
![Windows Firewall with Advanced Security n n Not accessible by default, but can easily Windows Firewall with Advanced Security n n Not accessible by default, but can easily](http://slidetodoc.com/presentation_image_h/17c4d1360eebc521c8ba07b1d451aa78/image-5.jpg)
Windows Firewall with Advanced Security n n Not accessible by default, but can easily be accessed Allows for more advanced control of the firewall including: • Firewall Profiles • IPSec Configuration • Connection Security Rules • Inbound/Outbound Rules • Rules Monitoring
![Introduction n The lab will require a new hard drive with Windows Vista pre-installed Introduction n The lab will require a new hard drive with Windows Vista pre-installed](http://slidetodoc.com/presentation_image_h/17c4d1360eebc521c8ba07b1d451aa78/image-6.jpg)
Introduction n The lab will require a new hard drive with Windows Vista pre-installed and the following software available NAS: • • Cain & Abel F-Secure Black. Light Rootkit Eliminator Ophcrack Live. CD Regtick Scoundrel Simulator Trojan Simulator Spybot Search & Destroy with Detection Update
![Lab Procedure n n UAC and Windows Defender will be introduced, tested, and compared Lab Procedure n n UAC and Windows Defender will be introduced, tested, and compared](http://slidetodoc.com/presentation_image_h/17c4d1360eebc521c8ba07b1d451aa78/image-7.jpg)
Lab Procedure n n UAC and Windows Defender will be introduced, tested, and compared with Spybot Search & Destroy Applications such as Trojan Simulator, Regtick, and Scoundrel Simulator will be used with various privileges to test how UAC and Windows Defender will react
![Lab Procedure n n The Windows Firewall with Advanced Security configuration will be introduced Lab Procedure n n The Windows Firewall with Advanced Security configuration will be introduced](http://slidetodoc.com/presentation_image_h/17c4d1360eebc521c8ba07b1d451aa78/image-8.jpg)
Lab Procedure n n The Windows Firewall with Advanced Security configuration will be introduced Writing custom rules for situations such as blocking Nmap scans as was done in previous labs for Linux and Windows third party software
![Lab Procedure n n n Password cracking of Windows Vista user accounts using Ophcrack, Lab Procedure n n n Password cracking of Windows Vista user accounts using Ophcrack,](http://slidetodoc.com/presentation_image_h/17c4d1360eebc521c8ba07b1d451aa78/image-9.jpg)
Lab Procedure n n n Password cracking of Windows Vista user accounts using Ophcrack, Cain & Abel, and rainbow tables Vista does not use LM hashes, but stores passwords in the SAM file making them harder to crack Can be done with NTLM hashes fairly easily if the password is weak
![Lab Procedure n n n Rootkits and backdoors are always a prominent threat We Lab Procedure n n n Rootkits and backdoors are always a prominent threat We](http://slidetodoc.com/presentation_image_h/17c4d1360eebc521c8ba07b1d451aa78/image-10.jpg)
Lab Procedure n n n Rootkits and backdoors are always a prominent threat We were unable to acquire any means of attacking Vista, but the DFK Threat. Simulator or similar program may one day be updated to do so F-Secure Black. Light Rootkit Eliminator is a scanning program that is capable of checking Vista for rootkits
![Lab Procedure n n Worms and viruses are a serious threat to all Windows Lab Procedure n n Worms and viruses are a serious threat to all Windows](http://slidetodoc.com/presentation_image_h/17c4d1360eebc521c8ba07b1d451aa78/image-11.jpg)
Lab Procedure n n Worms and viruses are a serious threat to all Windows operating systems We were unable to acquire any new worms or viruses, so we used the Anna. Kournikova. jpg. vbs worm from a previous lab to demonstrate the need for updated anti-virus software
![Conclusion n n Throughout the semester we have done numerous attacks and learned security Conclusion n n Throughout the semester we have done numerous attacks and learned security](http://slidetodoc.com/presentation_image_h/17c4d1360eebc521c8ba07b1d451aa78/image-12.jpg)
Conclusion n n Throughout the semester we have done numerous attacks and learned security techniques for both Red. Hat and Windows XP Windows Vista is still fairly new and no labs cover the new security features it offers and how effective they may or may not be
![Questions? Questions?](http://slidetodoc.com/presentation_image_h/17c4d1360eebc521c8ba07b1d451aa78/image-13.jpg)
Questions?
- Slides: 13