Presentation is loading. Please wait.

Presentation is loading. Please wait.

FORESEC Academy FORESEC Academy Security Essentials (V)

Published byJonathan Higgins Modified over 8 years ago

Similar presentations

Presentation on theme: "FORESEC Academy FORESEC Academy Security Essentials (V)"— Presentation transcript:

1 FORESEC Academy FORESEC Academy Security Essentials (V)

2 FORESEC Academy Agenda  Chapter 25 : The Windows Security Infrastructure  Chapter 26 : Permissions and User Rights  Chapter 27 : Security Templates and Group Policy  Chapter 28 : Service Packs, Hotfixes, and Backups  Chapter 29 : Securing Windows Network Services  Chapter 30 : Automation and Auditing

3 FORESEC Academy FORESEC Academy Security Essentials (V) The Windows Security Infrastructure

4 FORESEC Academy Windows Operating Systems  Windows 9 x/Me  Windows NT  Windows 2000  Windows XP  Windows 2003

5 FORESEC Academy Windows 9x/Me (1 of 2)  Not designed for security and cannot be secured, period. - No filesystem security - Can't really require initial logon - Weak authentication protocol (LM) - Extremely vulnerable to DoS attacks - Virtually no logging capabilities - Prone to lock-ups and crashes - Boot into other OS to circumvent everything

6 FORESEC Academy Windows 9x/Me (2 of 2) But if you’re stuck with 9 x/Me, then: - Use them as “thin clients” to Terminal Services or Citrix servers - Keep all mail on Exchange Server, not in local personal storage files (.PST) - Store all documents on servers - Install ADCE for NTLMv 2 support

7 FORESEC Academy Windows NT 4.0  Windows NT is dead, Dead, DEAD.  Service Pack 6a is the last one.  Was at least intended to be secure: - User-based access control - Domain controllers, trusts, and single sign-on - NTFS and NTLM - Detailed logging - Protected memory spaces in OS - VMS pedigree

8 FORESEC Academy Windows 2000 (1 of 2) It's more like Windows NT version 9.0 : - Active Directory - Group Policy - Kerberos - IPSec - PKI & Smart Cards - EFS - Scriptability & CMD Tools

9 FORESEC Academy Windows 2000 (2 of 2) Standard Server Advanced Server Datacenter Server Max CPUs4832 Max RAM4 GB8 GB32 GB Load- Balancing n/a32-Node Cluster Nodes n/a2-Node4-Node

10 FORESEC Academy Windows XP  A better Windows 2000 Professional...  XP Professional vs. Home Edition  Only with XP Professional: - Ability to join a domain - Encrypting File System - Editable file ACLs - Remote Desktop support - Roaming user profiles - Dual CPU support

11 FORESEC Academy Windows Server 2003 (1 of 3)  Successor to Windows 2000 Server - Not intended for desktops. - Mostly an incremental upgrade to Win 2000. - Scalability and fault-tolerance enhancements.  Cross-forest trusts.  You can mix-and-match your Windows 2000 and 2003 Servers fairly easily.

12 FORESEC Academy Windows Server 2003 (2 of 3) Standard Server Advanced Server Datacenter Server Max CPUs4832 Max RAM4 GB8 GB32 GB Load- Balancing n/a32-Node Cluster Nodes n/a8-Node 64-bit CPUNoYes

13 FORESEC Academy Windows Server 2003 (3 of 3)  Windows Server 2003 Web Edition - Dedicated-purpose operating system - Not available through retail channels. - Intended for ISP.s and ASP.s. - Intended for turn-key hardware appliances.  Only supports two 32 -bit CPUs and no more than 2 GB of RAM. (Why???)  Probably better off with Standard Server...

14 FORESEC Academy Workgroups (1 of 3) -Users are typically local administrators of their own machines. -A “workgroup administrator” simply has a separate administrative account on every machine. -Workgroups tend to be small, e.g., less than 100 boxes. -You can have stand-alones or entire workgroups in the midst of domain members, e.g., IIS servers on a service subnet. - No domain controllers! - Stand-alone computers only. - Local accounts and local accounts databases only. - Permissions can be assigned to local users and groups only. - Local groups cannot have users from other machines. - User names may be identical across machines, but their SIDs are different (more on this in just a moment).

15 FORESEC Academy Workgroups (2 of 3)  Benefits of workgroups: - Conceptual simplicity. - Lower initial cost. - Each computer protects itself. - Each user is typically an administrator of his or her own machine, allowing personal creative expression and joy.

16 FORESEC Academy Workgroups (3 of 3)  Drawbacks of workgroups: - Users are insane. - Workgroup = Anarchy Very difficult to manage a large number of stand-alones (no scalability). - No single sign-on without great effort. - No consistent permissions or rights.

17 FORESEC Academy Manage Local Accounts  Windows NT - User Manager  Windows 2000/XP/2003 - User Accounts applet in control Panel. - Computer Management snap-in in Administrative Tools folder. - NET.EXE

Download ppt "FORESEC Academy FORESEC Academy Security Essentials (V)"

Similar presentations

1.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.

1.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.
Lesson 18 – INSTALLING AND SETTING UP WINDOWS 2000 SERVER.

Lesson 18 – INSTALLING AND SETTING UP WINDOWS 2000 SERVER.
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 6: Configure and Troubleshoot Local User and Group Accounts.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 6: Configure and Troubleshoot Local User and Group Accounts.
1.1 Installing Windows Server 2008 Windows Server 2008 Editions Windows Server 2008 Installation Requirements X64 Installation Considerations Preparing.

1.1 Installing Windows Server 2008 Windows Server 2008 Editions Windows Server 2008 Installation Requirements X64 Installation Considerations Preparing.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.

11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Chapter 1 Introducing Windows Server 2012/R2

Chapter 1 Introducing Windows Server 2012/R2
5.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.

5.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
11 WORKING WITH USER ACCOUNTS Chapter 6. Chapter 6: WORKING WITH USER ACCOUNTS2 CHAPTER OVERVIEW Understand the differences between local user and domain.

11 WORKING WITH USER ACCOUNTS Chapter 6. Chapter 6: WORKING WITH USER ACCOUNTS2 CHAPTER OVERVIEW Understand the differences between local user and domain.
Chapter 7 Installing and Using Windows XP Professional.

Chapter 7 Installing and Using Windows XP Professional.
Users and Groups Security Architecture Editing Security Policies The Registry File Security Auditing/Logging Network Issues (client firewall, IPSec, Active.

Users and Groups Security Architecture Editing Security Policies The Registry File Security Auditing/Logging Network Issues (client firewall, IPSec, Active.
70-270: MCSE Guide to Microsoft Windows XP Professional Chapter 5: Users, Groups, Profiles, and Policies.

70-270: MCSE Guide to Microsoft Windows XP Professional Chapter 5: Users, Groups, Profiles, and Policies.
Module 1: Introduction to Administering Accounts and Resources

Module 1: Introduction to Administering Accounts and Resources
9.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.

Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.
Working with Workgroups and Domains

Working with Workgroups and Domains
Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.

Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.
Chapter 4 Windows NT/2000 Overview. NT Concepts  Domains –A group of one or more NT machines that share an authentication database (SAM) –Single sign-on.

Chapter 4 Windows NT/2000 Overview. NT Concepts  Domains –A group of one or more NT machines that share an authentication database (SAM) –Single sign-on.

Similar presentations

Ads by Google