1 / 13

Windows Vista Security

Windows Vista Security. David Kenney Christopher Lange. Background. Windows Vista is Microsoft’s most current operating system Vista offers new security features: Windows Defender User Account Control Windows Firewall with Advanced Security. Windows Defender.

asperry
Télécharger la présentation

Windows Vista Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Windows Vista Security David Kenney Christopher Lange

  2. Background • Windows Vista is Microsoft’s most current operating system • Vista offers new security features: • Windows Defender • User Account Control • Windows Firewall with Advanced Security

  3. Windows Defender • Microsoft’s anti-spyware program now integrated with the Windows Vista operating system • Designed to detect, remove, and prevent spyware • Supports not only scanning, but real-time protection

  4. User Account Control (UAC) • Windows Vista security infrastructure • Applications run with standard user privileges until an administrator authorizes an increase in privilege • Much criticism over the number of prompts a user can receive from UAC requesting authorization

  5. Windows Firewall with Advanced Security • Not accessible by default, but can easily be accessed • Allows for more advanced control of the firewall including: • Firewall Profiles • IPSec Configuration • Connection Security Rules • Inbound/Outbound Rules • Rules Monitoring

  6. Introduction • The lab will require a new hard drive with Windows Vista pre-installed and the following software available NAS: • Cain & Abel • F-Secure BlackLight Rootkit Eliminator • Ophcrack LiveCD • Regtick • Scoundrel Simulator • Trojan Simulator • Spybot Search & Destroy with Detection Update

  7. Lab Procedure • UAC and Windows Defender will be introduced, tested, and compared with Spybot Search & Destroy • Applications such as Trojan Simulator, Regtick, and Scoundrel Simulator will be used with various privileges to test how UAC and Windows Defender will react

  8. Lab Procedure • The Windows Firewall with Advanced Security configuration will be introduced • Writing custom rules for situations such as blocking Nmap scans as was done in previous labs for Linux and Windows third party software

  9. Lab Procedure • Password cracking of Windows Vista user accounts using Ophcrack, Cain & Abel, and rainbow tables • Vista does not use LM hashes, but stores passwords in the SAM file making them harder to crack • Can be done with NTLM hashes fairly easily if the password is weak

  10. Lab Procedure • Rootkits and backdoors are always a prominent threat • We were unable to acquire any means of attacking Vista, but the DFK ThreatSimulator or similar program may one day be updated to do so • F-Secure BlackLight Rootkit Eliminator is a scanning program that is capable of checking Vista for rootkits

  11. Lab Procedure • Worms and viruses are a serious threat to all Windows operating systems • We were unable to acquire any new worms or viruses, so we used the AnnaKournikova.jpg.vbs worm from a previous lab to demonstrate the need for updated anti-virus software

  12. Conclusion • Throughout the semester we have done numerous attacks and learned security techniques for both RedHat and Windows XP • Windows Vista is still fairly new and no labs cover the new security features it offers and how effective they may or may not be

  13. Questions?

More Related