For our third session of the second part of the course, we will focus on the Windows 95 and Windows 98 operating systems. The examples are tested on Windows 98 since 95 systems are starting to be retired. The most important thing to know about this flavor of Windows is there is no file security. | Windows 9x Security Secure System Administration - SANS GIAC 2000 2001 1 For our third session of the second part of the course we will focus on the Windows 95 and Windows 98 operating systems. The examples are tested on Windows 98 since 95 systems are starting to be retired. The most important thing to know about this flavor of Windows is there is no file security. If you configure the system for multiple users and have a password screen at bootup anyone can hit cancel and still get in. If you use passwords and have two users each can see all of the other user s files. There are exactly two ways to enforce security for Windows 9x physical security and encryption. My laptop is protected by physical security. I travel a lot. I try to keep my laptop bag with me at all times. Still there are times when I leave it in the hotel room and just hope. Security for most Windows 9x users amounts to hope and nothing more. We will learn how to add a layer of security in this section with better living through encryption. The focus of most of this course will be to show you some of the clues gathering tools you can use to see and understand what is going on with your Windows 9x system. We will cover several new tools discuss the file system a bit and close with encryption. 1 Windows 9x Tools System Configuration Editor Startup System File Checker File Compare File Attributes Secure System Administration - SANS GIAC 2000 2001 2 The first section of this course will be to learn some new tools that give us information about our system. Since everything we see will be inherited from startup let s cover it at least from a high level. From the Power On Self Test POST by the ROM BIOS we go to the disk and the secondary loader which loads the the the logo screen . At this point a database called the registry is consulted for system information. Virtual Device Drivers VxDs come next followed by an army of DLLs Dynamic Link Libraries which are actually programs. If your .
