Windows IT Library UPDATE--the monthly report from Windows IT Library, your free online technical reference. http://www.WindowsITlibrary.com
~~~~ THIS ISSUE SPONSORED BY ~~~~
Windows & .NET Magazine Network Web Seminars http://www.winnetmag.com/seminars
* JOIN THE HP & MICROSOFT NETWORK STORAGE SOLUTIONS ROAD SHOW!
Now is the time to start thinking of storage as a strategic weapon in your IT arsenal. Come to our 10-city Network Storage Solutions Road Show, and learn how existing and future storage solutions can save your company money--and make your job easier! There is no fee for this event, but space is limited. Register today!
* VISUAL STUDIO CONNECTIONS: 3 FOR 1 CONFERENCE OFFER
Visual Studio Connections + Microsoft ASP.NET Connections + SQL Server Magazine Connections equals the largest gathering of Microsoft product architects and independent technology gurus. Register for one conference and attend the other two for free. Choose from over 130 sessions. This conference will save you months of trial and error.
* WINDOWS NT TROUBLESHOOTING
Learn all the tweaks, tips, and administration shortcuts necessary to keep a Windows NT environment trouble-free. This reference contains detailed solutions and preventive techniques for the most common NT hotspots.
* WINDOWS 2000 AUTHENTICATION
This chapter looks at the most important OS security service--authentication--and how Windows 2000 implements it. Learn about the Win2K authentication architecture and the nuts and bolts of the Kerberos authentication protocol, such as how it compares with Windows NT LAN Manager (NTLM) and how it can be used as a single sign-on (SSO) solution between different OSs.
* ESSENTIAL ASP.NET WITH EXAMPLES IN C#
This book begins with a discussion of the rationale behind the design of ASP.NET and an introduction to how it builds on top of the Windows .NET Framework. Subsequent chapters explore the host of new features in ASP.NET, including the server-side compilation model, code-behind classes, server-side controls, form validation, the data-binding model, and custom control development. Throughout the book, working examples illustrate best practices for building Web-based applications in C#.
* CISCO NETWORKING ACADEMY PROGRAM IT ESSENTIALS II: NETWORK OPERATING SYSTEMS ENGINEERING JOURNAL AND WORKBOOK
The IT Essentials II course is designed as an intensive introduction to server hardware, multiuser OSs, multitasking OSs, and networked OSs. Students explore a variety of topics, including hardware upgrades and configuration, installation procedures, security concerns, backup procedures, and remote access. Command-line and graphical OSs are also covered. This title prepares students for the Computing Technology Industry Association's (CompTIA's) Server+ certification exam through the use of hands-on lab exercises that reinforce what the student has learned from the online curriculum and the Network Operating Systems Companion Guide.
* THE INSIDER'S GUIDE TO IT CERTIFICATION
This book offers guidelines for choosing the best study guides, helps you save hundreds of dollars, and suggests ways you can become successful in IT. The amount of time you'll save preparing for your certification exams will more than make up for the time that you spend reading this book.
* CUSTOM CGI SCRIPTING WITH PERL
This book, a resource for Web developers and programmers who program Common Gateway Interface (CGI) applications in Perl, functions as both a comprehensive reference to the fundamentals and as a hands-on tutorial with detailed examples for creating and customizing CGI applications for the Web. You'll learn important CGI basics, such as how to set up a server for integrating CGI scripts and how to work with HTTP variables. You'll also get a complete review of all the Perl syntax needed to create CGI programs and learn how to upload and test scripts and how to use libraries effectively.
* THE MICROSOFT OUTLOOK E-MAIL AND FAX GUIDE
Written for Microsoft Outlook end users and the administrators who support them, this volume explains all the real-world tasks that you're likely to encounter when working with Outlook, plus many timesaving techniques that take you beyond the basics.
* OPTIMIZING WINDOWS NT
With the expert advice of Sean Daily, you'll quickly learn how to tune your Windows NT system to get the most performance out of your existing network. This book offers working solutions for everyday networking problems and includes hundreds of benchmarking, maintenance, troubleshooting, and recovery tips.
* MICROSOFT WINDOWS NT SERVER ADMINISTRATOR'S BIBLE: OPTION PACK EDITION
This book, with specific coverage of the Windows NT 4.0 Option Pack add-ons, can help you plan, install, configure, manage, optimize, and connect NT Server 4.0 to the Internet.
* MICROSOFT WINDOWS NT SECRETS: OPTION PACK EDITION
Packed with the kind of notes, tips, and workarounds that come only from years of working day-in and day-out with a product, this book will help you optimize the performance, reliability, and security of your network.
* A+ CERTIFICATION: HOW TO PASS YOUR EXAMS
This book walks you through all the skills tested in the Computing Technology Industry Association's (CompTIA's) CompTIA A+ certification exam--both the A+ Core Hardware exam and the A+ OS Technologies exam.
* ATTACKING YOUR OWN NT NETWORKS
This tip is excerpted from Mark Joseph Edward's "Internet Security with Windows NT" (29th Street Press, 1998).
Windows NT shares can be vulnerable to attack. Let me point out a few tidbits that may help you strengthen the security of your shared objects.
First, remember that NT creates several default file shares upon installation; two of the most prevalent are C$ and D$, which give the Administrator group access to C:\ and D:\. Although other default shares are established during NT installation, these two are attacked most often. Remember to rename these shares to something obscure.
As a general rule, NT requires a user name and password to access shares, but there are several important exceptions. NT does not require a password if the Everyone group has access and the Guest account is enabled with a blank password. Therefore, it is always wise to disable the Guest account unless using it is absolutely necessary. In that case, pick an incredibly hard-to-guess password.
Writing programs that attack shares is pretty easy. In fact, all that's needed is the machine name, IP address, and the share name, which are easy to obtain with the NBTStat command. With a little luck, NBTStat might provide an actual user name as well. Such a program includes a small loop that reads a text-based dictionary file one line at a time and pipes the words into a command such as net use x: \\MACHINE_NAME\SHARE_NAME dictionary_word /USER:username
It's not hard, but it is rather slow.
Other dangerous shares under Windows NT include the registry share. The registry is not exactly a share in the true sense of the word because it can't be unshared, but it does allow access from machines across a network. NT uses the native Remote Procedure Calls (RPC) mechanism to access the registry on the remote computer. Until recently, this registry share was, by default, made available with read permission to Everyone after a fresh installation of Windows NT. Because most programs store sensitive information in the registry (including NT's own user security database, SAM), the presence of this share creates a great security threat.
Microsoft finally realized that blindly sharing the registry is not a good idea and released SP2 for NT 3.51 to make it possible to disable network access to the registry. Simply create the following key; only the users listed in the ACL for this key can access the registry remotely. The key on NT 4.0 is
When information about the registry share vulnerabilities spread in the NT community, some sources started recommending removing the Everyone group's access from the HKEY_LOCAL_MACHINE key without propagating permissions through the entire tree. On the surface, this method works well, but remember, a malicious programmer could still use the Windows NT API to grab any subkey within the HKEY_LOCAL_MACHINE key.
Here's how to reach us with your comments and questions:
* COMMENTS ABOUT THE BOOK REVIEW OR THE NEWSLETTER IN GENERAL? Email Dave Bernard at [email protected]
* TECHNICAL QUESTIONS? Please post your technical questions to the discussion area. http://www.winnetmag.com/forums
* PRODUCT NEWS? Email press releases to [email protected]
* QUESTIONS ABOUT YOUR WINDOWS IT LIBRARY UPDATE SUBSCRIPTION? Email Customer Support at [email protected]
* WANT TO SPONSOR WINDOWS IT LIBRARY UPDATE? Email [email protected]
This email newsletter is brought to you by Windows & .NET Magazine, the leading publication for Windows professionals who want to learn more and perform better. Subscribe today. http://www.winnetmag.com/sub.cfm?code=00inxupb
Receive the latest information about the Windows and .NET topics of your choice. Subscribe to our other FREE email newsletters. http://www.winnetmag.com/email
Thank you for reading Windows IT Library UPDATE.
You are subscribed as #EmailAddr#.
MANAGE YOUR ACCOUNT You can manage your entire Windows & .NET Magazine Network email newsletter account on our Web site. Simply log on, and you can change your email address, update your profile information, and subscribe or unsubscribe to any of our email newsletters all in one place. http://www.winnetmag.com/email
_________________________________________________________ Copyright 2003, Penton Media, Inc.