Download presentation
Presentation is loading. Please wait.
1
Permissions and User Rights
FORESEC Academy Security Essentials (V) Permissions and User Rights
2
FORESEC Academy Security Essentials (V)
Permissions And User Rights
3
NTFS Overview - CDFS - FAT - FAT32 - NTFS Always use NTFS!
Windows Filesystems: - CDFS - FAT - FAT32 - NTFS Always use NTFS! - Dual-booting issues NTFS Features: - Permissions - Auditing - Encryption - Compression - Transactional - Max volume size = 16TB
4
NTFS DACLs NTFS DACLs are always enforced: - Local Users - IIS
- Terminal Services - Shared Folders - Telnet XCACLS.EXE
5
Deny Overrides Allow Permissions Can Be Inherited
6
NTFS Owners Every NTFS folder and file has an “owner”. Take Ownership
user right. CREATOR OWNER group.
7
Principle of Least Privilege
Default DACL = Full Control for Everyone - Not configurable. - What NTFS permissions should I use? - Depends on your “needs analysis”. A good DACL to start, then apply PoLP: - System: Full Control - Administrators: Full Control - Power Users: Full Control - CREATOR OWNER: Full Control - Authenticated Users: Read & Execute (or Modify)
8
AGULP!
9
AD Users and Computers Active Directory Users and Computers.
Global, Universal and Local groups. Security vs. Distribution groups: - Security groups can have rights and permissions, distribution groups cannot. - Universal security groups can only be created in native mode.
10
Shared Folder Permissions
Server Service and SMB/CIFS. Share DACLs ignored for local access: - Full Control - Change - Read No inheritance of share permissions. Multiple share names. Net.exe Share
11
Hidden & Administrative Shares
\\Server\Share$ They do not appear in My Network Places. C$, D$, E$, etc. IPC$ for inter-process communications. Audit your hidden shares!
12
Combining NTFS & Share DACLs
NTFS Permissions: - Users: Read - Sales: Deny All - Amy: Change Share Permissions: - Everyone: Change - Administrators: Read - Amy: Read Of which groups is Amy a member? What are Amy's final permissions then?
13
Encrypting File System
Threats: - Linux boot floppies - Stolen backups EFS is built into the NTFS driver, not a separate application. Transparent to user. CIPHER.EXE
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.