| Javascript Feeds RSS Feed Security Dashboard | SearchSecurity.com |
|
Windows 2000 and NT
|
|
Windows 2003
|
|
Windows XP
|
|
Top 10 Mistakes on Windows Internal Networks In this paper I aim to highlight ten common mistakes on Windows systems, which make the job of a disgruntled employee or a malicious attacker who manages to get past your firewall, far easier. All of the mistakes are in re lation to Microsoft Windows operating systems, as my past experience at conducting internal network assessments, has shown me that the easiest way for an attacker to get onto any internal network is via these high -risk Microsoft Windows vulnerabilities. As well as this, because backward -compatibility is a feature of Windows systems, all of these mistakes apply to both Windows NT and Windows 2000, after all Windows 2000 is based on NT technology. For each mistake outlined, a tool or a technique, which will a id the system administrator in identifying if the problem exists on his/her network, is recommended.
03/28/2004
|
|
Discretionary Access Control Knowledge, a Practical System The popular operating systems today are Microsoft NT 4.0 and Windows 2000. These operating systems offer a great deal of control over resources to endusers in the form of discretionary access control. Typically, corporate documents are stored on these operating systems in an insecure manner. Our highest threat to our data is our users, as supported by a 2001 Information Security Magazine survey. 58 percent of the 2545 IT managers cited abuse of access controls as an internal breach.1 Further, SANS lists “Unprotected Windows Networking Shares” as one of the top twenty vulnerabilities.2 Discretionary access control for the Microsoft operating systems needs to be better understood.
03/28/2004
|
|
Securing the Internal Network The goal of this document is to define new guidelines in order to improve the security in Microsoft Windows-based internal networks. In order to be useful in real situations, these measures have been thought in function of obtaining the lowest-cost possible approach, to prevent such a project to become financially prohibitive. Security being a field in constant evolution, it is possible that new solutions will be integrated to these presented here in the future.
03/21/2004
|
|
The Dark Side of NTFS (Microsoft’s Scarlet Letter) Admins & users know very little about a feature of the NTFS file system called 'alternate data streams' (ADSs). This paper describes in detail how ADSs are created and manipulated, and how code hidden in ADSs can be executed. Specific differences in the treatment of ADSs by NT, 2K, and XP are noted.
By H. Carvey, 03/21/2004
|
|
Page: 12 3 |
