Đang chuẩn bị liên kết để tải về tài liệu:
HackNotes Windows Security Portable Reference phần 7

Giao diện mới được coi là trực quan hơn, và các ứng dụng mới chạy nhanh hơn và thanh lịch hơn theo giao diện Windows 3.1. Tất cả mọi người nâng cấp, và Windows 9x, có chứng thực LAN Manager, Cài đặt phần mềm Group Policy dựa trên thường được sử dụng để hỗ trợ | 128 Part III Windows Hardening that allowed local users to escalate privileges to that of the SYSTEM user a flaw discovered by @stake Inc. Technically the flaw lies in the DSDM DDE Share Database Manager undocumented functions within this module allow an attacker to specify arbitrary command lines to be executed in the SYSTEM user context. Microsoft has provided a patch for this issue for Windows 2000 systems details are available from http www.microsoft.com technet security bulletin MS01-007.asp. For the truly adventurous @stake released proof-of-concept code for this vulnerability the C source for this tool can be found at http www .atstake.com research advisories 2001 netddemsg.cpp. Network DDE is used by some Microsoft Office applications to share data on the network particularly when NetMeeting is not available. The NetDDE privilege escalation is fixed in Windows 2000 SP3 and a patch is available for Windows 2000 SP1 and SP2. Nevertheless this networked service is not commonly used and should be disabled whenever possible. Network Location Awareness Startup Manual The NLA service provides applications an interface to determine what network they are on or in the case of multiple networks which to use. Previously applications that were multiple adapter aware did so by corresponding directly with the available network interfaces for information the NLA simplifies that task by providing a common interface. NT LM Security Support Provider Startup Manual This service of the LSASS provides NTLM authentication for protocols that do not make use of named pipes for communication such as telnet services when NT authentication is used. If non-standard authenticated services are not offered this service can probably be disabled without negative impact. Performance Logs and Alerts Startup Manual This is the service that provides data storage and limits monitoring for the system monitor via Perfmon. If no monitoring is in place this service can be disabled but the logs and .