Windows Vista Security - PowerPoint PPT Presentation

windows vista security l.
Skip this Video
Loading SlideShow in 5 Seconds..
Windows Vista Security PowerPoint Presentation
Download Presentation
Windows Vista Security

play fullscreen
1 / 13
Download Presentation
Windows Vista Security
Download Presentation

Windows Vista Security

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Windows Vista Security David Kenney Christopher Lange

  2. Background • Windows Vista is Microsoft’s most current operating system • Vista offers new security features: • Windows Defender • User Account Control • Windows Firewall with Advanced Security

  3. Windows Defender • Microsoft’s anti-spyware program now integrated with the Windows Vista operating system • Designed to detect, remove, and prevent spyware • Supports not only scanning, but real-time protection

  4. User Account Control (UAC) • Windows Vista security infrastructure • Applications run with standard user privileges until an administrator authorizes an increase in privilege • Much criticism over the number of prompts a user can receive from UAC requesting authorization

  5. Windows Firewall with Advanced Security • Not accessible by default, but can easily be accessed • Allows for more advanced control of the firewall including: • Firewall Profiles • IPSec Configuration • Connection Security Rules • Inbound/Outbound Rules • Rules Monitoring

  6. Introduction • The lab will require a new hard drive with Windows Vista pre-installed and the following software available NAS: • Cain & Abel • F-Secure BlackLight Rootkit Eliminator • Ophcrack LiveCD • Regtick • Scoundrel Simulator • Trojan Simulator • Spybot Search & Destroy with Detection Update

  7. Lab Procedure • UAC and Windows Defender will be introduced, tested, and compared with Spybot Search & Destroy • Applications such as Trojan Simulator, Regtick, and Scoundrel Simulator will be used with various privileges to test how UAC and Windows Defender will react

  8. Lab Procedure • The Windows Firewall with Advanced Security configuration will be introduced • Writing custom rules for situations such as blocking Nmap scans as was done in previous labs for Linux and Windows third party software

  9. Lab Procedure • Password cracking of Windows Vista user accounts using Ophcrack, Cain & Abel, and rainbow tables • Vista does not use LM hashes, but stores passwords in the SAM file making them harder to crack • Can be done with NTLM hashes fairly easily if the password is weak

  10. Lab Procedure • Rootkits and backdoors are always a prominent threat • We were unable to acquire any means of attacking Vista, but the DFK ThreatSimulator or similar program may one day be updated to do so • F-Secure BlackLight Rootkit Eliminator is a scanning program that is capable of checking Vista for rootkits

  11. Lab Procedure • Worms and viruses are a serious threat to all Windows operating systems • We were unable to acquire any new worms or viruses, so we used the AnnaKournikova.jpg.vbs worm from a previous lab to demonstrate the need for updated anti-virus software

  12. Conclusion • Throughout the semester we have done numerous attacks and learned security techniques for both RedHat and Windows XP • Windows Vista is still fairly new and no labs cover the new security features it offers and how effective they may or may not be

  13. Questions?