Home Basic<br />Home Premium<br />Windows Vista<br />Ultimate<br />Business<br />Security In  Windows Vista<br />
Home Basic<br />Home Premium<br />Group Members<br />Ultimate<br />MIRZA HAMZA BABAR<br />DANIYAL MASOUD<br />OBAID  ULLAH...
Home Basic<br />Home Premium<br />Security Features<br />Users<br />UAC – User Account Control<br />Shares<br />Security C...
Users<br />Login, Windows Welcome screen is the only available logon<br />Displays all enabled accounts on the system, def...
User Account Control<br />Windows Vista security infrastructure<br />Applications run with standard user privileges until ...
Shares<br />File sharing is enabled by default<br />Same old default admin shares<br />C$<br />ADMIN$<br />IPC$<br />Vista...
Security Center<br />Return of Automatic Updates, Windows Firewall, and Internet Security Settings (IE Security Tab)<br />...
Firewall<br />Now does outbound inspection<br />Default action is allow all outbound<br />Default logging, disabled<br />N...
IPSec Configuration
Connection Security Rules
Inbound/Outbound Rules
Rules Monitoring</li></li></ul><li>EFS <br />( Encrypted File System )<br />File level encryption<br />Full Support in Bus...
Bit Locker<br />Full Disc encryption<br />Supported in Enterprise and Ultimate<br />Bit Locker does not like debuggers<br ...
Upcoming SlideShare
Loading in …5
×

Seurity In Vista

350 views

Published on

Security In Windows Vista

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
350
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Seurity In Vista

  1. 1.
  2. 2. Home Basic<br />Home Premium<br />Windows Vista<br />Ultimate<br />Business<br />Security In Windows Vista<br />
  3. 3. Home Basic<br />Home Premium<br />Group Members<br />Ultimate<br />MIRZA HAMZA BABAR<br />DANIYAL MASOUD<br />OBAID ULLAH KHAN<br />SAMI UMER<br />Business<br />
  4. 4. Home Basic<br />Home Premium<br />Security Features<br />Users<br />UAC – User Account Control<br />Shares<br />Security Center<br />Firewall<br />EFS<br />Bit Locker<br />Windows Defender<br />Services Lockdown<br />DEP – Data Execution Prevention<br />Ultimate<br />Business<br />
  5. 5. Users<br />Login, Windows Welcome screen is the only available logon<br />Displays all enabled accounts on the system, default is install account<br />Setting “Do not display last user name” gives an empty “user” + “password” prompt<br />Guest and Administrator are disabled by default with blank passwords.<br />Administrator is not visible via “User Accounts” in Control Panel<br />Built-in Guest account cannot set a password via “User Accounts” in Control Panel<br />Built –in Administrator account stays disabled in Safe Mode<br />Password Policy is still blank with no complexity by default<br />Anonymous enumeration is disabled by default<br />Same as XP SP2<br />NT-Offline does not work <br />
  6. 6. User Account Control<br />Windows Vista security infrastructure<br />Applications run with standard user privileges until an administrator authorizes an increase in privilege<br />Much criticism over the number of prompts a user can receive from UAC requesting authorization<br />
  7. 7. Shares<br />File sharing is enabled by default<br />Same old default admin shares<br />C$<br />ADMIN$<br />IPC$<br />Vista by default does not use “Simple File Sharing”, a sharing feature that was enabled by default in XP<br />UAC blocks local admin accounts from remotely accessing remote admin shares<br />Sharing is unnecessarily convoluted with additional options. <br />Public Folder Sharing<br />Password Protected Sharing<br />Media Sharing<br />
  8. 8. Security Center<br />Return of Automatic Updates, Windows Firewall, and Internet Security Settings (IE Security Tab)<br />Expanded to include “Malware” (Virus / Spyware) and UAC<br />
  9. 9. Firewall<br />Now does outbound inspection<br />Default action is allow all outbound<br />Default logging, disabled<br />Not accessible by default, but can easily be accessed<br />Allows for more advanced control of the firewall including:<br /><ul><li>Firewall Profiles
  10. 10. IPSec Configuration
  11. 11. Connection Security Rules
  12. 12. Inbound/Outbound Rules
  13. 13. Rules Monitoring</li></li></ul><li>EFS <br />( Encrypted File System )<br />File level encryption<br />Full Support in Business, Enterprise, and Ultimate<br />Default AES 256 bit <br />Right Click and enable via properties of file<br />CLI command Cipher.exe<br />Limited Support in Home<br />if you have the encryption key or certificate, you can<br />Decrypt files by running Cipher.exe<br />Modify an encrypted file<br />Copy an encrypted file as decrypted to a hard disk<br />Import EFS certificates and keys<br />Back up EFS certificates and keys by running Cipher.exe<br />
  14. 14. Bit Locker<br />Full Disc encryption<br />Supported in Enterprise and Ultimate<br />Bit Locker does not like debuggers<br />It is strongly recommend that you do not run a debugger when Bit Locker is enabled. Running a debugger on your Bit Locker-enabled computer requires you to follow the recovery process every time you restart the computer.<br />
  15. 15. Windows Defender<br />MS’s answer to Anti-Spyware<br />In comparisons Defender did not identify the multitude of objects as identified by other products<br />Microsoft’s anti-spyware program now integrated with the Windows Vista operating system<br />Designed to detect, remove, and prevent spyware<br />Supports not only scanning, but real-time protection<br />
  16. 16. Service Lockdown<br />MS has modified the behavior of various services<br />Applied an ACL model to services<br />As Per MS <br />Introduction of a per-service security identifier (SID).<br />Moving services from Local System to a lesser privileged account such as Local Service<br />Removal of un-necessary Windows privileges on a per-service basis for example debugging.<br />Applying a write-restricted access token to the service process. <br />Services are assigned network firewall policy. The firewall policy is linked directly to per-service SID.<br />Implementation of Kernel Patch Protection / Patch Guard<br />MS choose to block raw disk access from user mode<br />Sc.exe - for manual service foo.<br />
  17. 17. DEP<br />Actually a feature from XP SP2<br />Supposed to randomize the memory locations used to stop overflow attempts<br />Enabled by default on Vista<br />“Essential” programs and services only<br />Can be configured for all programs except ‘x’ <br />bcdedit.exe - for manual foo.<br />

×