Computer Security and Penetration Testing Chapter 16 Windows Vulnerabilities.

Slides:

Advertisements

Similar presentations

Managing User, Computer and Group Accounts

Advertisements

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.

Chapter Five Users, Groups, Profiles, and Policies.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Chapter 7 HARDENING SERVERS.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 6: Configure and Troubleshoot Local User and Group Accounts.

12.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.

Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.

Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Chapter 5: Configuring Users and Groups. Windows Vista User Accounts User accounts are the primary means of authentication Built-in Accounts –Administrator:

5.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.

Check Disk. Disk Defragmenter Using Disk Defragmenter Effectively Run Disk Defragmenter when the computer will receive the least usage. Educate users.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.

1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.

Event Viewer Was of getting to event viewer Go to –Start –Control Panel, –Administrative Tools –Event Viewer Go to –Start.

Hacking Windows 2K, XP. Windows 2K, XP Review: NetBIOS name resolution. SMB - Shared Message Block - uses TCP port 139, and NBT - NetBIOS over TCP/IP.

Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.

Chapter 4 Windows NT/2000 Overview. NT Concepts  Domains –A group of one or more NT machines that share an authentication database (SAM) –Single sign-on.

Copyright © 2002 ProsoftTraining. All rights reserved. Operating System Security.

Windows This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited and added material. Dr. Stephen.

Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.

September 18, 2002 Introduction to Windows 2000 Server Components Ryan Larson David Greer.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.

Module 8: Managing Client Configuration and Connectivity.

Chapter 14: Remote Server Administration BAI617. Chapter Topics Configure Windows Server 2008 R2 servers for remote administration Remotely connect to.

CN1260 Client Operating System Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+

Managing User Accounts, Passwords and Logon Chapter 5 powered by dj.

6.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 6: Administering User Accounts.

User Manager for Domains.  Manages the user accounts in a domain  It is located in the PDC  While User Manager exists in each NT machine, but it is.

With Windows XP, you can share files and documents with other users on your computer and with other users on a network. There is a new user interface.

0Gold 11 0Gold 11 LapLink Gold 11 Firewall Service How Connections are Created A Detailed Overview for the IT Manager.

The Microsoft Baseline Security Analyzer A practical look….

11 MANAGING AND DISTRIBUTING SOFTWARE BY USING GROUP POLICY Chapter 5.

Security Planning and Administrative Delegation Lesson 6.

DIT314 ~ Client Operating System & Administration CHAPTER 5 MANAGING USER ACCOUNTS AND GROUPS Prepared By : Suraya Alias.

Chapter 13 Users, Groups Profiles and Policies. Learning Objectives Understand Windows XP Professional user accounts Understand the different types of.

System Hacking Active System Intrusion. Aspects of System Hacking System password guessing Password cracking Key loggers Eavesdropping Sniffers Man in.

Guide to MCSE , Second Edition, Enhanced1 The Windows XP Security Model User must logon with: Valid user ID Password User receives access token Access.

NT SECURITY Introduction Security features of an operating system revolve around the principles of “Availability,” “Integrity,” and Confidentiality. For.

Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.

Chapter 10: Rights, User, and Group Administration.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 11: Managing Access to File System Resources.

Troubleshooting Security Issues Lesson 6. Skills Matrix Technology SkillObjective Domain SkillDomain # Monitoring and Troubleshooting with Event Viewer.

Working with Users and Groups Lesson 5. Skills Matrix Technology SkillObjective DomainObjective # Introducing User Account Control Configure and troubleshoot.

Security Planning and Administrative Delegation Lesson 6.

Page 1 User Accounts Lecture 3 Hassan Shuja 09/21/2004.

Managing Local Users & Groups. OVERVIEW Configure and manage user accounts Manage user account properties Manage user and group rights Configure user.

TCOM Information Assurance Management System Hacking.

1 Chapter Overview Managing Object and Container Permissions Locating and Moving Active Directory Objects Delegating Control Troubleshooting Active Directory.

1 Microsoft Windows 2000 Network Infrastructure Administration Chapter 4 Monitoring Network Activity.

Ethical Hacking: Defeating Logon Passwords. 2 Contact Sam Bowne Sam Bowne Computer Networking and Information Technology Computer Networking and Information.

Working with Users and Groups Lesson 5. Skills Matrix Technology SkillObjective DomainObjective # Introducing User Account Control Configure and troubleshoot.

CHAPTER 5 MANAGING USER ACCOUNTS & GROUPS. User Accounts Windows 95, 98 & Me do not need a user account like Windows XP Professional to access computer.

Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.

Unit 9 ITT TECHNICAL INSTITUTE NT1330 Client-Server Networking II Date: 2/17/2016 Instructor: Williams Obinkyereh.

Maintaining and Updating Windows Server 2008 Lesson 8.

6/19/2016 أساسيات الأتصال و الشبكات Communication & Networks Fundamentals lab 4.

19 Copyright © 2008, Oracle. All rights reserved. Security.

Hacking Windows.

Objectives Differentiate between the different editions of Windows Server 2003 Explain Windows Server 2003 network models and server roles Identify concepts.

Understanding Operating System Configurations

Lesson #8 MCTS Cert Guide Microsoft Windows 7, Configuring Chapter 8 Configuring Applications and Internet Explorer.

Unit 9 NT1330 Client-Server Networking II Date: 8/9/2016

Figure 6-9: Managing Users and Groups

Operating System Security

Security Planning and Administrative Delegation

Presentation transcript:

Computer Security and Penetration Testing Chapter 16 Windows Vulnerabilities

Computer Security and Penetration Testing2 Objectives Describe the windows operating systems Explain the vulnerabilities of Windows Server 2008/XP/Vista/7/8

Computer Security and Penetration Testing3 Windows Operating System Windows XP Windows Vista Windows Server 2008 Windows 7 Windows 8

Computer Security and Penetration Testing4 Vulnerabilities in Windows 2008/XP/Vista/7/8 All of these operating systems are useful for building large corporate networks All three have good networking features and user- friendly interfaces –Microsoft continues to support these with new security patches Not remotely secure with default installation settings

Computer Security and Penetration Testing5 Passwords Security of passwords is very important to the security of any system –Encryption algorithms and hash values are used to secure them Easiest way to break password security –Use a password-burning program, which can set the administrator password to a blank Windows 2000 and later applications store passwords in the form of hash values –Database called Security Accounts Manager (SAM)

Computer Security and Penetration Testing6 Passwords (continued) Operating system locks the SAM database –Making it impossible to read the SAM database from within a Windows operating system Hackers are able to crack these passwords by using password-cracking tools Hackers can import passwords from the Windows registry Hackers might also copy the SAM database and use the password cracker on the file

Computer Security and Penetration Testing7 Passwords (continued) Microsoft utility SYSKEY –Safeguards passwords from cracking activities –Encrypts passwords with a 128-bit algorithm, making it very difficult to crack Newer password crackers like Cain and Abel can crack 128-bit encryption pwdump3 gives remote access to the SAM database –On a computer in which the SYSKEY utility is active –Hackers need to have administrator privileges

Computer Security and Penetration Testing8 Default Accounts Default “Administrator” account –Default password is blank Nobody can delete the administrator account from a Windows computer –Possible to change the password Users can change the name from Administrator to something else –Then, make a new account named Administrator but give it no special access privileges

Computer Security and Penetration Testing9 Default Accounts (continued) Default “Guest” account –Allows nonregular users to access the system –Default password is blank Default “default” account –Has full administrative rights at installation Default accounts make a password cracker’s life much easier

Computer Security and Penetration Testing10 File Sharing In Windows, users can share files in a folder –Select the “Share this folder” option to enable the sharing feature To set the permissions more tightly, click the Permission button in the Properties dialog box Access can be restricted based on user or group

Computer Security and Penetration Testing11 Windows Registry Windows 95 was the first version of Windows to use a registry One critical vulnerability in the registry is related to the registry information about an action performed by a user during login Windows registry maintains this information in a key called –HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wi ndows\ CurrentVersion\Run

Computer Security and Penetration Testing12 Windows Registry (continued) Automatically, every user of a Windows 2000 and XP computer has a “SetValue” access to this registry key “Set Value” access lets any user who has access to the system, make modifications –A user who does not have administrator privileges can alter this key to obtain unauthorized access

Computer Security and Penetration Testing13 Trust Relationship Trust relationship –Allows the authenticated users of a Windows domain to access resources on another domain, without being authenticated by it Operating systems authenticate users –By means of verifying their Security Identifiers (SIDs) in the access control list Access control lists store SIDs and the user rights related to each SID –Resources maintain an access control list

Computer Security and Penetration Testing14 Trust Relationship (continued) A trusting domain allows the trusted domain to authenticate users Cracker can hack a network and add unauthorized SIDs into that domain’s ACL Hackers require administrator privileges on the trusted domain in order to exploit this –Furthermore, they need strong technical knowledge Microsoft provides patch programs for Windows 2000, known as SID filters, that solve this issue

Computer Security and Penetration Testing15 RPC Service Failure Remote Procedure Call (RPC) service of Windows –Does not validate inputs that are submitted to it for processing Hackers can easily send RPC requests with invalid inputs –Invalid inputs lead to the system services stopping for a period of time

Computer Security and Penetration Testing16 Summary Microsoft Windows is the most common preinstalled operating system in the world The security of the applications running on a computer is dependent on the security of the operating system The belief that Windows is less secure than other operating systems stems in part from the sheer ubiquity of Windows and from the philosophy underlying the design of the original Windows systems

Computer Security and Penetration Testing17 Summary (continued) Vulnerabilities affecting one or more of these systems include password security, default accounts, file sharing defaults, Windows registry security defaults, trust relationships between domains, Event Viewer buffer overflow, NBNS protocol spoofing, RPC service failure, SMTP authentication, Telnet vulnerabilities, IP fragments reassembly, and Reset-Browser frame vulnerability Although Vista places a greater emphasis on security than its predecessors, some vulnerabilities exist