Windows vista security
Download
1 / 13

Windows Vista Security - PowerPoint PPT Presentation

Windows Vista Security David Kenney Christopher Lange Background Windows Vista is Microsoft’s most current operating system Vista offers new security features: Windows Defender User Account Control Windows Firewall with Advanced Security Windows Defender

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha

Download Presentation

Windows Vista Security

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Windows Vista Security

David Kenney

Christopher Lange


Background

  • Windows Vista is Microsoft’s most current operating system

  • Vista offers new security features:

    • Windows Defender

    • User Account Control

    • Windows Firewall with Advanced Security


Windows Defender

  • Microsoft’s anti-spyware program now integrated with the Windows Vista operating system

  • Designed to detect, remove, and prevent spyware

  • Supports not only scanning, but real-time protection


User Account Control (UAC)

  • Windows Vista security infrastructure

  • Applications run with standard user privileges until an administrator authorizes an increase in privilege

  • Much criticism over the number of prompts a user can receive from UAC requesting authorization


Windows Firewall with Advanced Security

  • Not accessible by default, but can easily be accessed

  • Allows for more advanced control of the firewall including:

    • Firewall Profiles

    • IPSec Configuration

    • Connection Security Rules

    • Inbound/Outbound Rules

    • Rules Monitoring


Introduction

  • The lab will require a new hard drive with Windows Vista pre-installed and the following software available NAS:

    • Cain & Abel

    • F-Secure BlackLight Rootkit Eliminator

    • Ophcrack LiveCD

    • Regtick

    • Scoundrel Simulator

    • Trojan Simulator

    • Spybot Search & Destroy with Detection Update


Lab Procedure

  • UAC and Windows Defender will be introduced, tested, and compared with Spybot Search & Destroy

  • Applications such as Trojan Simulator, Regtick, and Scoundrel Simulator will be used with various privileges to test how UAC and Windows Defender will react


Lab Procedure

  • The Windows Firewall with Advanced Security configuration will be introduced

  • Writing custom rules for situations such as blocking Nmap scans as was done in previous labs for Linux and Windows third party software


Lab Procedure

  • Password cracking of Windows Vista user accounts using Ophcrack, Cain & Abel, and rainbow tables

  • Vista does not use LM hashes, but stores passwords in the SAM file making them harder to crack

  • Can be done with NTLM hashes fairly easily if the password is weak


Lab Procedure

  • Rootkits and backdoors are always a prominent threat

  • We were unable to acquire any means of attacking Vista, but the DFK ThreatSimulator or similar program may one day be updated to do so

  • F-Secure BlackLight Rootkit Eliminator is a scanning program that is capable of checking Vista for rootkits


Lab Procedure

  • Worms and viruses are a serious threat to all Windows operating systems

  • We were unable to acquire any new worms or viruses, so we used the AnnaKournikova.jpg.vbs worm from a previous lab to demonstrate the need for updated anti-virus software


Conclusion

  • Throughout the semester we have done numerous attacks and learned security techniques for both RedHat and Windows XP

  • Windows Vista is still fairly new and no labs cover the new security features it offers and how effective they may or may not be


Questions?


ad
  • Login