DECUS Providence Logo

Highlights/Overview>
Registration>
Hotel/Travel>
Seminars/Conference>
Trade Show>
For Exhibitors>
Speaker Support>
Sponsors>
Get Involved>
Update.Daily>

   
Conference Banner

Implementing Windows NT Security
This talk will address the basic issues regarding Windows NT Security. It will provide a good base understanding of the Windows NT architecture, design layout and how they relate to security implications. This presentation is geared for people perhaps not too familiar with Windows NT, but want to understand how Windows NT is designed and what potential security hackers can exploit.

The session begins by giving the audience a brief background on the history of Windows NT, how it needed to be backwards compliant to previous Microsoft operating systems and why this is a problem. I plan to discuss the NT architecture: the User layer and the Kernel layer. Understanding of the NT Executive services is important and how they relate to securing an NT system. This includes the Object Manager, Security Reference Monitor, and the Process Manager.

Windows NT is supposed to be C2 compliant. I will discuss what C2 compliant really means and what makes NT meet them. Actually, the current version of NT cannot meet the full C2 level certification but we can still benefit from the features provided.

Understanding of the Windows NT logon process is important. There are various security implications regarding doing a WINLOGON and a NETLOGON. Also, I will explain in detail what the NT Challenge/Response is and how it works. Once a user logs on, they receive a Security Access Token, which identifies them to the system. I will explain what this is and how the Security Reference Monitor uses it.

We then move to talk about the difference between Account Objects (users and groups) and Resource Objects (folders, printers, memory, files). I will discuss in detail how NT protects its resource using the Access Control List.

To complete the session, I will cover the Registry, what it is, why is it there, and the common attack points. The session ends with a complete summary of the NT system, common attack points, and how to close these holes.

At the end of the presentation, the audience should have a good basic understanding of Windows NT from a security standpoint and how they should begin better securing it. I will provide a complete step-by-step plan on how to secure their NT system. I will also include extensive real-world examples as well as hands-on demonstrations.

Prerequisites: Familiarity and working knowledge of WIndows NT

Presented by: Mark T. Edmead, President, MTE Software, Incorporated

Credentials: Mark T. Edmead has over 20 years experience in software product development, system design, and project management. He was awarded Entrepreneur of the Year 1988 finalist award sponsored by Arthur Young and Venture Magazine. Previously he taught advanced Windows 3.1 and Windows NT Programming at UC San Diego. He is currently a senior Windows NT instructor for Learning Tree International and president of MTE Software, Inc, a Microsoft Solution Provider firm specializing on Microsoft BackOffice solutions.

Mr. Edmead has been involved in the planning, installation, and training of Windows NT Server and Workstation. This includes Domain planning, Network security, capacity planning, and DHCP, WINS and RAS configurations. Delivery of custom in-house training seminars on topics including Windows NT administration, optimization and NT security. Extensive networking installation and configuration experience, hardware testing, remote troubleshooting and performance enhancement. Mr. Edmead is currently writing a book on Windows NT optimization and performance tuning for MacMillan Publishing.

Mr. Edmead is also an active public speaker. His presentations this past year include the Security and Systems Administration Conference (Monterey CA) and DECUS Los Angeles 1998.

E-mail questions and comments to: information@DECUS.org 

Footer