Windows nt security holes
This presentation is the property of its rightful owner.
Sponsored Links
1 / 11

Windows NT Security Holes PowerPoint PPT Presentation


  • 38 Views
  • Uploaded on
  • Presentation posted in: General

Windows NT Security Holes. Windows NT is getting more popular. More and more companies use NT as their platform of the Internet.They also use NT as the platform of Intranet solution.Today we will discusses the most serious security holes of Windows NT operation system. Two Parts.

Download Presentation

Windows NT Security Holes

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Windows nt security holes

Windows NT Security Holes

Windows NT is getting more popular. More and more companies use NT as their platform of the Internet.They also use NT as the platform of Intranet solution.Today we will discusses the most serious security holes of Windows NT operation system.


Two parts

Two Parts

1.The first part is about security holes existing in NT server and workstation;

2. the second part talks about two security holes existing in browser and NT machine.


Part 1 hole 1 how to get administrator

Part 1.Hole 1. How to get Administrator

  • Step 1. Rename c:\winnt\system32\logon.scr to

    logon.old

  • Step 2. Rename usrmgr.exe to logon.scr

  • Step 3. Restart your NT machine

    *Because logon.scr is existed in NT Startup Utility.It will be executed when Windows NT restart.And you will not be required to input your password.Usrmgr.exe can be executed,then you can join Administrator group.


Part 1 hole 2 the second way to get administrator right

Part 1.Hole 2.The second way to get Administrator right

  • Reinstall Windows NT operating system,

    The new operating system will cover the old operating system.Then you can config new system at your pleasure so that get Administrator right.

    * The situation will happen when somebody come in your Sever Center Room unlawful.


Part 1 hole 3 how to get password

Part 1.Hole 3. How to get Password

  • In Windows NT workstation,anybody can use some special tools to read ADMINST.PWD

    (ADMINST.PWD is a encrpytion file)

  • In Windows9X.X Client,anybody can use some special tools to read ADMINST.PWL (ADMINST.PWL is a encrpytion file)

    *After you get password,you can get the right of Default Manager, especially it is easy to get in Windows9X.X Client.


Part 1 hole 4 remote access registry

Part 1.Hole 4. Remote access Registry

  • In Windows 9X.X Client and the source which can be shared by system manager, you can run REGEDIT.EXE,then you can access NT Sever alternately and remotely.

    *Because Registry’s default setting allow anybody create and full control it. So somebody can delete and change Registry.


Part 1 hole 5 anybody can access a resource in nt domain

Part 1.Hole 5.Anybody can access a resource in NT Domain

  • In command mode,anybody just enter

    ..\\IPaddress\C$ OR

    ..\\IPaddress\D$ OR

    ..\\IPaddress\WINNT$

    then you can contact any shared resource in Windows NT Domain.


Part 1 hole 6 how to kill a nt machine

Part 1.Hole 6.How to kill a NT machine

  • You can use “Ping” command to kill a NT machine.NT can’t accept a large ICMP

    (Internet Control Messages Protocol) Package.If a Package is 64K,NT’s TCP/IP Stack will not work good and System will work offline until restart.So system will refuse some service.

    * Try this command,see what happen :

    “ ping -l 65524 host.domain.com”


Part 2 hole 1 browser s hole

Part 2.Hole 1.Browser’s Hole

  • There is a hole about all of browsers in NT & Win9X.X.When you want to view a HTML page,your browser will look for the page in your local drive at first-time.If your NT machine just is a SMB Sever,it will send username and password automatically.

    But you will never know what happen.

    * SMB is Service Message Block


Security countermeasures

Security Countermeasures.

  • Authenticating Users

  • Resource Access Control

  • Block unwanted TCP/IP Ports

  • Auditing and logging

  • Firewalls

  • Packet filters

  • Physical isolation

  • Etc,.


Thank you

Thank you

Author : BoYong Jiang

Student ID #: 103016

Date: 06/03/2000


  • Login