|
Windows NT Security |
Security is a feature that most users are highly interested in when choosing an operating system or server technology. Security defines the interactions between the desktop and the Internet and between the desktop and server. Windows NT features a C2-level security system and is oriented for the stand alone user rather than for networks, although it can be implemented in a network setting as well. One of the aspects of this security system is the object security. This makes all shared files, folders, documents, and programs are treated as objects within the operating system. The security applied to the objects protects the memory from being read after it has been deallocated. In addition, any NT objects can be set to varying levels of access depending upon their use and importance by the administrator protecting only what needs to be protected. Every user of an NT system is assigned a logon name and password. All system resources must be protected on a user to user basis and the authentication process is used in this aspect. Each user has their own logon and password which is associated with a level of access. The level of access is determined by what files, folders, and system parameters they need access to and they are assigned by the system administrator. This further heightens the security and allows for the tracking of access to files as a function of users on the network or system. As the system has access parameters, so do the owners of files and folders. An owner of a file is allowed to control which other users can have access to their files. This is done through the use of discretionary access control lists, DACL, and system access control lists, SACL. The owner can reset the security identifier which determines the owner of the file so that files and folders can be transferred to other users in a secure manner. Auditing allows for the tracking of system and file access within Windows NT. All actions must be audited to determine security access and events in the system or over the network. These audit files are only accessible by the system administrator which enables them to track security hacks; this also ensures a hacker cannot cover their tracks. There are some vulnerabilities to Windows NT security just as with all operating systems. The largest one is that NT is backwards compatible making it weak against the vulnerabilities of the LAN Manager; these weaknesses are associated with the NetBIOS or Network Basic Input/Output System in LAN Manager. Along with this NT has small encryption key sizes, a fairly weak encryption method (generally speaking), and a password system that could use some improving. A few ports are susceptible to attack as well in the Windows NT 4.0 system; ports such as 80, 53 ,and 139, which are part of the network HTTP, DNS, and NetBIOS, are weak and can be used by an external source to create a disruption of service. The only known cure is to reboot the system or network. Resources:
Security in Windows NT: A short summary
Hard Drive Data Recovery Services |
||