1 / 13

Permissions and User Rights

FORE SEC Academy Security Essentials (V). Permissions and User Rights. FORE SEC Academy Security Essentials (V). Permissions And User Rights. NTFS Overview. Windows Filesystems: - CDFS - FAT - FAT32 - NTFS Always use NTFS! - Dual-booting issues.

vangie
Download Presentation

Permissions and User Rights

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. FORESEC AcademySecurity Essentials (V) Permissions and User Rights

  2. FORESEC AcademySecurity Essentials (V) Permissions And User Rights

  3. NTFS Overview • Windows Filesystems: • - CDFS • - FAT • - FAT32 • - NTFS • Always use NTFS! • - Dual-booting issues • NTFS Features: • - Permissions • - Auditing • - Encryption • - Compression • - Transactional • - Max volume size • = 16TB

  4. NTFS DACLs • NTFS DACLs are • always enforced: • - Local Users • - IIS • - Terminal Services • - Shared Folders • - Telnet • XCACLS.EXE

  5.  Deny Overrides Allow • Permissions Can Be • Inherited

  6. NTFS Owners • Every NTFS • folder and file • has an “owner”. • Take Ownership • user right. • CREATOR • OWNER group.

  7. Principle of Least Privilege • Default DACL = Full Control for Everyone • - Not configurable. • - What NTFS permissions should I use? • - Depends on your “needs analysis”. • A good DACL to start, then apply PoLP: • - System: Full Control • - Administrators: Full Control • - Power Users: Full Control • - CREATOR OWNER: Full Control • - Authenticated Users: Read & Execute (or Modify)

  8. AGULP!

  9. AD Users and Computers • Active Directory Users and Computers. • Global, Universal and Local groups. • Security vs. Distribution groups: - Security groups can have rights and permissions, distribution groups cannot. - Universal security groups can only be created in native mode.

  10. Shared Folder Permissions • Server Service and SMB/CIFS. • Share DACLs ignored for local access: - Full Control - Change - Read • No inheritance of share permissions. • Multiple share names. • Net.exe Share

  11. Hidden & Administrative Shares • \\Server\Share$ • They do not appear in My Network Places. • C$, D$, E$, etc. • IPC$ for inter-process communications. • Audit your hidden shares!

  12. Combining NTFS & Share DACLs • NTFS Permissions: • - Users: Read • - Sales: Deny All • - Amy: Change • Share Permissions: • - Everyone: Change • - Administrators: Read • - Amy: Read • Of which groups is Amy a member? • What are Amy's final permissions then?

  13. Encrypting File System • Threats: • - Linux boot floppies • - Stolen backups • EFS is built into the NTFS driver, not a • separate application. • Transparent to user. • CIPHER.EXE

More Related