Windows NT Security
System administrators and network managers desperately need expert guidance on setting up and maintaining secure NT environments. In this book, a leading consultant to top global companies presents hands-on, task-oriented coverage you need and insight into the key underlying concepts critical to maximizing NT security. You'll find detailed coverage for NT 4 enterprise networks, plus five chapters previewing the major security enhancements in Windows 2000, and practical guidance for migration. Windows NT Security introduces both Windows NT 4's and Windows 2000's security models, and provides exceptional insight into the file and directory security mechanisms that are at the heart of NT security. Learn how to secure Internet and intranet connections provided via IIS, as well as RRAS remote access connections. Establish a rock-solid security foundation from scratch, discover best practices for auditing NT security, and learn techniques for enhancing flawed security. Identify the best ways to implement encryption and authentication, including a preview of Windows 2000 Kerberos authentication, and master complex tools such as the Microsoft Certificate Server.
- Paperback | 432 pages
- 178.56 x 233.93 x 29.72mm | 825.53g
- 14 Sep 1999
- Pearson Education (US)
- Prentice Hall
- Upper Saddle River, United States
- w. figs.
Table of contents
(NOTE: Most chapters begin with an Introduction.)I. SYSTEM SECURITY OVERVIEW. 1. Introduction to Security Concepts.Layered Approach to Securing Your Network. Physical Security. Location. Use of Removable Media. Removal of Unnecessary Hardware. Denial of Service. IT Security Control Objectives. Confidentiality. Integrity. Availability. Legal Notice at Logon. Qualities Defining a Secure System. Discretionary Access Controls. Audit Capabilities. Mandatory Identification and Authentication. Memory Management and Object Reuse. Encrypted Data Transfer. Encrypted File System. Summary.2. NT 4.0 Security Architecture Overview. Design Goals for Windows NT 4.0 Security. Modules of the NT 4.0 Security Architecture. Graphical Identification and Authentication (GINA) DLL. Trusted System. Objects. Access Control Lists (ACL). Access Control Entry (ACE). System Identifier (SID). Local Security Authority (LSA). Access Tokens. Security Reference Monitor (SRM). Security Account Manager (SAM). File and Directory Permissions. Mandatory Logon Process. Single Logon. Security Support Provider Interface (SSPI). Intra- and Interdomain Communication. Authenticated RPC and DCOM. NTLM Authentication. Impersonation. Security Implementation Overview. Installation Security Concerns. Logon and the Authentication Process. The Administrator Account. File and Directory Security. Registry Security. User Profiles. System Policies. Auditing Capability. New Security Management Tools. Microsoft Management Console. Security Configuration Manager for NT. Microsoft Proxy Server.II. WINDOWS NT 4.0 SECURITY COMPONENTS. 3. File and Directory Security. Disk Partitions. FAT. CDFS. CDFS. Share Permissions. NTFS. File and Directory Permissions. File Permissions. File Permissions. Directory Permissions. Viewing File and Directory Permissions. Setting File and Directory Permissions. The "No Access" Permission. Implementing File and Directory Security. Securing a New Volume. Directory Structure. Securing an Existing Volume. Conflicting Permissions. NTFS Permissions and the Administrator. Default System Permissions. Taking Ownership of Files or Directories. Share Permissions. NTFS and Share Permissions Working Together. Default Shares. Applying Share Permissions. NTFS Security or Share Security?4. User Profiles. User Profile Overview. What Is a User Profile? Types of User Profiles. User Profile Location. Creating a Roaming User Profile for NT 4.0. Define the Location. Create the Network Share. Create a Template User Account. Create a Base Profile. Distribute the Base Profile. User Setup. Amend the Roaming Profile. Making a Profile Mandatory. Profile Permissions. Amending the Profile with Regedt32. Ntuser.xxx Registry Permission Changes. Default User Profile. Windows NT 3.5x Profile Upgrades. Creating a Roaming Profile for Windows 95. Client Workstation Setup. Domain User Setup. Create the Profile. Making the Windows 95 Profile Mandatory.5. System Policies. Policy Editor Installation. Windows NT Server. Windows NT Workstation. Windows 95. System Policy Editor Modes. Registry Mode. File Mode. Registry Mode vs File Mode. Available Settings Groups. Computer Settings. User Settings. Windows NT 4.0 Policy Editor Interface. Categories. Policy Settings. Template Files. Policy File. Default Computer Policy. Network. System. Windows NT Network. Windows NT Printers. Windows NT Remote Access. Windows NT Shell. Windows NT System. Windows NT User Profiles. Individual Computer Policy. Default User Policy. Control Panel. Desktop. Shell. System Restrictions. Windows NT Shell. Windows NT System. Individual User and Group Policies. Single User. Groups. Group Priorities. Saving the Policy. Automatic Update Mode. Manual Update Mode. Policy Implementation Rules. Policy Conflict Resolution. Computer Policy Conflicts. User Policy Conflicts. The Dangers of Conflicts. Policy Template Files. Template File Structure. Hints for Building Custom Template Files. Summary.6. Cryptography. What Is Cryptography? Encryption and Decryption. Asymmetric (Public Key) Cryptography. Symmetric (Shared Key) Cryptography. Shared Key vs Public Key. Encryption Algorithms. One-way Functions. RC4. Data Encryption Standard (DES). RSA. Authentication. NT LAN Manager (NTLM). Distributed Password Authentication (DPA). Kerberos v5. Standard. Smart Cards. Kerberos in Windows 2000. Kerberos vs NTLM. Verification. Hash Function. Digital Signatures. Digital Envelopes. Digital (Public Key) Certificates. Secure Channel Services (SCS). Secure Sockets Layer (SSL). Private Communications Technology (PCT).7. Proxy Server. Services Overview. Benefits of Proxy Server. Single External Contact Point. Concealing Internal IP Addresses. Packet Filtering. Protection of Published Data. Administering Proxy Server. Permissions. Web Proxy. Winsock Proxy. Socks Proxy. Packet Filtering. Enabling Packet Filtering. Adding a Predefined Exception Rule. Creating a Custom Exception Rule. Creating a Custom Exception Rule. Editing Existing Exception Rules. Removing Exception Rules. Reset Defaults. Domain Filtering. Granting Access: Web and Winsock Services. Denying Access: Web and Winsock Services. Domain Filtering with Socks Proxy. Alerting. Rejected Packets. Protocol Violations. Disk Full. Switching Off Alerting. Configuring Email. Services Logging. Windows NT Event Log. Text File Logging. Database Logging. Packet Filter Logging. Text File Logging. Database Logging. General Proxy Server Guidelines.8.Intallations. Password Restrictions. Removing POSIX and OS/2 Subsystems. Restrict Access to Floppies and CD-ROMs. Last Logged-On Username Display. NTuser.dat Registry File.9. NT Audit. Windows NT Audit Basics. System Audit. Application Audit. Security Audit. Windows NT Security Audit Capabilities. Audit Policy Design. What to Audit. Whom to Audit. When to Audit. When to Clear the Audit Log. Example Audit Scenario. Event Viewer. Restrict Guest Access. Check Registry Security. Audit Policy Setup. Event Log Settings. Event Log Distribution. Enabling Audit Policies. Viewing Event Data. Summary.10. Microsoft Management Console. MMC Panes. Consoles. Creating Your Own Consoles. Windows NT 4.0 SP4. Windows 2000. Console Layout. Saving Your Consoles. Accessing Saved Consoles. Console Security Settings. Summary.11. Security Configuration Manager for NT 4.0. The Dangers of the SCM. Installation and Configuration. SCM-NT Functionality Overview. Template File Definition. Security Configuration. Security Analysis. Security Configuration Areas. SECEDIT Command-Line Utility. Unconfigured System Analysis. Comparing Analysis Results. Comparing Analysis Results. Applying a Standard Security Configuration File. Saving the New Configuration. Template Files. Custom Template File Location. Creating a Blank Template. Creating Custom Templates. Template Descriptions. Configured System Analysis. Security Areas. Static Definitions. Account Policies. Local Policies. Event Log. Dynamic Definitions. Restricted Groups. System Services. Registry. File System. ACL Editor. Protection of Child Objects. Inheritable Permissions. Advanced Attributes. Updating the Baseline Template. Summary.III. LOOKING FORWARD TO WINDOWS 2000. 12. Windows 2000 Overview. Introduction to the Windows 2000 Infrastructure. The Reality of Client/Server Technology. Client/Server Moves On. Features. Introduction of the Active Directory. Hierarchical Namespace. Object Organization. Replicating the Active Directory. Scalability. A Complete Directory Solution? Do You Use Administrator Account Too Much?13. Active Directory. What Is a Directory Service? Directory Terminology. Windows 2000 Active Directory Overview. Centralized Management. Single Unified Directory. Scalability. Domain Structure. Organizational Units (OU). Active Directory Structure. Naming Support. Partitions. MultiMaster Replication. Active Directory Security. Administration. Secondary Logon. Trusted Administrative Applications. Delegation of Administrative Rights and Processes. Windows 2000 Authentication Process. Local Machine Authentication. Application Server Authentication. Domains and Trust Relationships. Inheritance. Transitive Trusts. Advantages of the Directory System. Object Organization. Scalability. Replication. Groups. Granularity of Access Controls. Management Interfaces. Summary.14. Security Configuration Tool Set. Building Your Security Management Console. Benefits of Saved Console. New Console Creation. Security Configuration Server service. Security Configuration Editor (SCE). Security Configuration Manager (SCM). Group Policy Editor. Introduction to Security Policies. Security Configuration Editor (SCE). Preinstalled Security Policy Templates. Security Configuration Manager (SCM). Sample Security Implementation: Local Machine. Build a New Template. Implement the New Template. Security Policy Violation and Analysis. Group Policy Editor. Security Configuration Manager: Command Line.15. Group Policies. Group Policies. Benefits of Group Policies. Group Policy Categories. Uses of Group Policies. User and Computer Settings. Security Groups. Software Policies. Software Management. Scripting. User File and Folders. Group Policies vs Local Policies. Group Policy Storage. Backward Compatibility. Group Policy Administration Requirements. Group Policy Migration Pattern. Group Policy Implementation. Summary.16. File Systems. Distributed File System. Securing Your Data in a DFS. Load Balancing. Disparate File Systems. ACLs. Encrypting File System (EFS) Architecture. NTFS Integration. Low Administrative Overhead. File Encryption, Decryption, and Recovery Mechanisms. File Encryption. Accessing Encrypted Files. File Decryption. File Recovery. File Sharing. Encryption and Decryption Processes. Implementing File and Folder Encryption. Implementing File and Folder Decryption. Copying Encrypted Files and Folders. Backing Up Encrypted Files and Folders. Restoring Encrypted Files and Folders. Encrypted File Recovery Process. Defining Recovery Agents. Adding Recovery Agents. The Future of EFS.Appendix A: System Policy File Listings. Common.adm. Winnt.adm.Appendix B: Proxy Server Logging Information. Services Logging Information. Server-Oriented Fields. Client-Oriented Fields. Connection-Oriented Fields. Object-Oriented Fields. Packet Filter Logging Information. Service Information Fields. Remote Information Fields. Local Information Fields. Filter Information Fields. Packet Information Fields.Appendix C:Security Checklist. Index.
About Michael McInerney
Michael McInerney is a UK-based consultant on Microsoft technologies specializing in security issues. His clients include Barclays Bank Global Network Infrastructure Group. He is currently assisting a US Fortune 100 company in ensuring the security of the NT environment in its European Treasury Centre.