Check out the new USENIX Web site.
 1998 USENIX Annual Technical Conference - June 15-19, 1998 - Marriott Hotel, New Orleans, Louisiana
Jump to Conference Home Page Jump to Registration Information
Table of Contents
T9   Windows NT Security for UNIX Administrators  New
Rik Farrow, Consultant

Who should attend: System and network administrators and programmers, who must work with NT systems and need to understand its security principles. People accustomed to working with UNIX systems will benefit from the comparisons between UNIX and NT.

Windows NT is the result of an unusual marriage between two disparate operating systems: a completely reworked replacement for Digital Equipment's VMS and Microsoft's Windows 3.1. On the one hand, there are security features to satisfy the most avid control freak: centralized control over user accounts, file sharing, desktop appearance, fine grained object access, encryption, a security monitor, and auditing sensitive enough to capture most security related events. On the other hand, NT supports an API that has been the main target of virus writers, and for application programmers who have never even considered the notion of security.

Windows NT possesses the features which, correctly configured, can make it reasonably secure. But the complex security model is likely to be the cause of security problems as only experts are likely to be able to apply it correctly.

This tutorial explains the security mechanisms in Windows NT, and how they can best be used to improve the security of networked NT systems. It is not just a review of NT's security related GUI's, although they are included. We will go behind the scenes and discover the file and directory hierarchy of the trusted computing block, Web server (IIS), registery and event logs, and system files and libraries. Wherever possible we will explore the command line interfaces and tools for controlling and auditing security of NT systems.

Topics will include:

-    The NT registry, a filesystem-like construct for storing device and application configuration, passwords, and other system values, all of which protected by access control lists (ACLs)

-    User accounts, local and global groups, rights, and privileges

-    Domains, domain controllers, local and network authentication

-    NT passwords: collecting and cracking

-    ACLs for file, directories, and other objects

-    NT's event and audit mechanism

-    Correct configuration of IIS, RAS, network services, and protecting NT systems with firewalls

Rik Farrow  provides UNIX and Internet security consulting and training. He has been working with UNIX system security since 1984, and with TCP/IP networks since 1988. Rik has taught at the IRS, Department of Justice, NSA, US West, Canadian RCMP, Swedish Navy, and for many US and European user groups. He is the author of UNIX System Security and System Administrator's Guide to System V. Farrow writes two columns for ;login:, and a network security column for Network magazine.

Program at-a-Glance - Tutorials - Technical Program - Registration -
Birds-of-a-Feather - Conference Activities - Hotel & Travel Info - Conference Home
Conference Index
Events Calendar