Reading Room

Windows Issues

Featuring 48 Papers as of February 14, 2012

• • Overview
  • Download
  Securing Windows 20003 with ADAM and MIIS Feature Packs Frederic Dumesle - February 14, 2012

  Windows 2003 has been released almost 5 years ago which is a long time in IT terms. Even though hundreds of article, white papers and case study are broadly available a significant number of scenarios involving Windows 2003 in Perimeter Design are scarce at best.

• • Overview
  • Download
  Auditing Windows Environments PowerShell XML output, windows security, ossams Cody Dumont - February 7, 2012

  A security professional often performs security assessments for customers and will use many tools to collect data. Each tool stores data in a separate format; this requires the assessor to develop a proprietary automated process or use a manual process to correlate all the data.

• • Overview
  • Download
  Protecting Laptop Computers Gregory Hill - June 11, 2010

  The most important facet of protecting laptops is to understand the goals. Carefully building a Threat Model brings the goals into focus by selecting the assets to be protected and assigning an importance to each one in terms of the expected risk exposure of not protecting them. This concentrates limited resources on the critical areas. The information is transferred to the Master Protection Plan to select the most effective methods to achieve the goal. Next, the custom Protection Plan is implemented by installing products and configuring components. Lastly, the protected assets must be monitored and the plan adjusted to keep abreast of changing goals and new threats.

• • Overview
  • Download
  Winquisitor: Windows Information Gathering Tool Michael Cardosa - January 19, 2010

  Winquisitor is a tool that facilitates the timely retrieval of information from multiple Windows systems enabling the administrator to respond in an appropriate amount of time. Unlike other command line tools, Winquisitor allows multiple types of queries in a single command with several output formats.

• • Overview
  • Download
  Preventing Incidents with a Hardened Web Browser Chris Crowley - December 15, 2009

  There is substantial industry documentation on web browser security because the web browser is currently a frequently used vector of attack. This paper investigates current literature discussing the threats present in today's environment.

• • Overview
  • Download
  Session Hijacking in Windows Networks Paul Jess - March 28, 2008

  Before we can explore the session hijack attack, it is essential that we gain a basic understanding of network communications. The first section of this paper covers some of this background information needed to understand how computers communicate on a network. First we take a look at the TCP/IP protocol (Transmission Control Protocol/Internet Protocol) examining a concept critical to network communication called the three-way-handshake. Once we have a basic understanding of these concepts, we can then work towards understanding how the session hijack attack exploits the design flaws inherent in the TCP/IP protocol.

• • Overview
  • Download
  Windows Remote Desktop Heroes and Villains Greg Farnham - December 14, 2007

  This paper will focus on a fictitious scenario of a non-profit organization that would like to understand the threats to remote desktop and improve security. This paper will review past vulnerabilities in the Windows Remote Desktop service, review threats, review mitigation techniques and summarize the results.

• • Overview
  • Download
  Laptop Security: Windows® Vista vs. XP Gregory Hill - July 26, 2007

  Laptop computers are an irresistible target for criminals, resulting in hundreds of thousands of thefts and millions of electronic intrusions causing billions of dollars in losses. The majority of these computers run the Microsoft XP operating system, which, although containing many security enhancements over its predecessors, is nonetheless frequently compromised.

• • Overview
  • Download
  How to Avoid Information Disclosure when Managing Windows with WMI Alex Timkov - July 17, 2007

  This paper provides an introduction to accessing Windows via WMI in a secure manner.

• • Overview
  • Download
  Windows Security Patch Management Case Study: Using Software Update Services to Deploy Critical Windows Updates Michael Shepherd - May 5, 2005

  This paper covers the use of Microsoft Software Update Services (SUS) software to roll out Windows updates at a small office.

• • Overview
  • Download
  Exploitation of the SSL PCT Overflow Eric Zielinski - May 5, 2005

  This document establishes a detailed scenario in which a given exploit is used to gain complete control of a targeted system. The attack will be demonstrated in phases which will include intelligence gathering, network information disclosures, and a vulnerability assessment.

• • Overview
  • Download
  Exploiting Microsoft Internet Explorer Cursor and Icon File Handling Vulnerability Jerry Chen - May 5, 2005

  This paper will focus on Microsoft .ANI file handling vulnerability, which was discovered by eEye Digital Security Company on November 15, 2004.

• • Overview
  • Download
  Implementing a Secure WebDAV System Richard Ross - January 18, 2005

  This paper describes the process of implementing a secure remote file sharing system using WebDAV. It tells why a remote file sharing system is needed, how a secure solution is implemented and assesses the security of the solution.

• • Overview
  • Download
  Policy and the Windows Server 2003 Group Policy Management Console Norman Knight - April 8, 2004

  Group policy was first introduced with the release of Windows 2000 Server and Active Directory in the year 2000. With the introduction of Windows Server 2003, Microsoft has also released the Group Policy Management Console.

• • Overview
  • Download
  Highly Available PC First Step in Business Continuity for Executives Joseph Fraher - March 4, 2004

  There are many ways to make users adhere to rules that are in their best interest. Local Policies and Domain policies are great for enforcing such rules. Forcing users to save data to a network drive is easily achievable through such policies. Enforcing these policies is another issue.

• • Overview
  • Download
  Windows Vista: First Steps Johannes Ullrich - December 23, 2003

  Guide to Microsoft Windows Vista settings. Vista tips for home users and small businesses without a firewall, who rely on downloading patches from Microsoft directly.

• • Overview
  • Download
  An Overview of the Kerberos Authentication Proto Pam Todaro - December 14, 2003

  This paper will expound on some of the benefits gained by using the Kerberos authentication protocol rather than the Windows NT LAN Manager protocol.

• • Overview
  • Download
  Centralized Windows 2000 Event Logging: A Step-by-Step Guide Scott Richardson - November 5, 2003

  The purpose of this paper is to show you how to setup a centralized logging system for your Windows 2000 Corporate Network.

• • Overview
  • Download
  Securing IIS6: From the OS, Up Joey Peloquin - November 5, 2003

  This document provides a detailed look at securing Internet Information Services v6.0 (IIS6), using a combination of security templates and manual techniques.

• • Overview
  • Download
  Using Microsoft Terminal Services and Windows Terminals to Protect Confidentiality, Integrity, and A Tony Sweeney - October 31, 2003

  This paper examines Terminal Services with Windows terminals and its range of technical, educational, cultural, political, and internal marketing challenges.

• • Overview
  • Download
  Microsoft Windows Security Patches Dan Rolsma - October 31, 2003

  This paper is for those who have a Microsoft Windows computer attached to the Internet, and haven't installed the latest Microsoft security patches: the first section is where to get these patches and how to install them, and the second is why.

• • Overview
  • Download
  Tightening Site Access Stephen Willis - October 31, 2003

  This document shows some of the steps one system administrator has taken (albeit gradually) to tighten up access to his organization's IT site.

• • Overview
  • Download
  Quick Guide to IIS Web Server Security Brian LeVasseur - October 31, 2003

  The author describes his experience learning how to secure his organization's systems on the fly.

• • Overview
  • Download
  NetMeeting Security Concerns Jody Weiner - October 31, 2003

  This paper examines how NetMeeting allows a system's firewall perimeter defense to be bypassed in three ways: via social engineering; holes or vulnerabilities created in the firewall configuration; and, bugs in the program itself can cause security issues.

• • Overview
  • Download
  Windows XP and Full Raw Sockets: A New Security Concern from Home-based PC's or a Desirable N Jim Kehres - October 31, 2003

  This paper examines what raw sockets are and how they can be used for malicious intent.

• • Overview
  • Download
  Introduction to the Microsoft Windows XP Firewall Matt Snitchler - October 31, 2003

  This paper examines how Microsoft's Internet Connection Firewall (ICF) functions and reviews its worthiness.

• • Overview
  • Download
  Event Logs: Defining Their Purpose in Today's Network Security Environment Steve Meyer - October 31, 2003

  The purpose of this research topic is to identify the purpose of the event log in today's network security environment.

• • Overview
  • Download
  An investigation of Microsoft's Passport protocol and issues regarding its security, privacy Arthur Hermann - October 31, 2003

  An investigation of Microsoft's Passport protocol and issues regarding its security, privacy standards and utilization in the XP and .Net initiatives

• • Overview
  • Download
  Three Defenses to a Secure System: Virus Scanning, Applying Patches and System Monitoring Angelina Lucero - October 31, 2003

  This document describes issues to consider when setting up virus scanning software, using Microsoft tools to make patching operating systems easier, and a few specific tools that you can use to benchmark or monitor your operating system that might help you spot those abnormalities that should not be there.

• • Overview
  • Download
  SANS Windows Security Training Philip Blow - October 31, 2003

  This paper will suggest a network architecture and installation process that can be used when the inclusion of IIS web servers in a Windows Domain cannot be avoided.

• • Overview
  • Download
  NT/2000 Security Tool Kit on A Budget Albert Rice - October 31, 2003

  This paper will focus on the shareware, freeware and low cost commercial security tools that one security administrator has found useful and has used to solve real time security issues for his company.

• • Overview
  • Download
  Windows 9X in a Bad Neighborhood Terry Wehunt - October 31, 2003

  This paper discusses security of Windows 9X machines under the control of certain registry settings and the impact of malicious code on maintaining registry setting.

• • Overview
  • Download
  XP - The Future of Secure Operating Systems? Justin Coburn - October 31, 2003

  This paper examines why Windows XP is a major step in the direction of more security and fewer vulnerabilities than earlier versions of Windows.

• • Overview
  • Download
  NULL Sessions In NT/2000 Joe Finamore - October 31, 2003

  This paper is going to discuss the issue of null sessions in NT 4.0 and Windows 2000. It will investigate the uses and vulnerabilities of such sessions, and will show how to control and/or eliminate those vulnerabilities.

• • Overview
  • Download
  Configuring Internet Explorer Security Zones: A New Tool for the Security Community Ken Barber - October 31, 2003

  This paper reviews the literature on risks inherent in each of the active content technologies, and the very different ways in which they approach security, as well as the meanings and implications of all but one of IE's security zone settings. In addition, Microsoft's System Policy Editor tool for Windows NT is examined and a policy editor template for the IE security zones is suggested.

• • Overview
  • Download
  Assessing the security of the Windows XP Internet Connection Firewall David Collins - October 31, 2003

  This paper describes an empirical evaluation comparing Microsoft's Internet Connection Firewall (ICF) with ZoneAlarm Pro, a popular workstation firewall.

• • Overview
  • Download
  The Raw And The Uncooked: The Windows XP Raw Sockets Saga, Final Words (Hopefully) Tony Menzies - October 31, 2003

  Following the large amount of often emotional debate surrounding the introduction of raw sockets into Microsoft Windows XP, and the relative lack of clarity on the issue, this paper is intended to provide a comprehensive review of all major aspects of the issue so as to permit the reader to formulate their own opinion on the issue. The author's personal conclusion is also included.

• • Overview
  • Download
  Windows NT/2000 Event Logs William Mendez - October 31, 2003

  This paper will help one to completely automate the process of gathering, filtering and alerting when relevant events are found using inexpensive tools and resources already available. The goal is to prevent potential attacks or misusage by making it easy and cost effective to gather and review event logs.

• • Overview
  • Download
  Vulnerability Risk Mitigation - Patching the Microsoft Windows Environment Tracy Lynn - October 31, 2003

  This manuscript discusses procedures for regularly patching a Microsoft Windows environment, beginning with a discussion what vulnerabilities are, how they find their way into developers' code, and why they have become such an issue. The balance of the paper presents a number of options for patching the vulnerabilities, using either freely available tools or products that require purchasing licenses.

• • Overview
  • Download
  Microsoft .NET - An Overview Rob McBee - October 31, 2003

  This paper discusses the Windows .NET Server operating system, purported to provide many important new security features and improve on the ones included in the original Windows 2000 Server.

• • Overview
  • Download
  NetMeeting 3.01 Remote Desktop Sharing: Security Concerns Randy Humphrey - October 31, 2003

  This paper examines the concept of Remote Desktop, in particular analyzing Microsoft's NetMeeting 3.0 Remote Desktop Sharing (RDS) offering.

• • Overview
  • Download
  Discretionary Access Control Knowledge, a Practical System Dean Bushmiller - October 31, 2003

  This paper offers a new solution for administrators to reduce abuse of access controls and simplify permissions management.

• • Overview
  • Download
  Security-What Does "Trust" Have To Do With It? Ken Lange - October 31, 2003

  A large part of the technology industry is concerned with information security and trustworthy computing, and the purpose of this paper is to determine how the infrastructure and relationship between trust and security has evolved in technology.

• • Overview
  • Download
  IP Security in Windows 2000: Step-by-Step Timothy Rogers - October 31, 2003

  This paper provides an overview of Internet Protocol Security (IPSec)

• • Overview
  • Download
  Microsoft Windows XP Home Edition Security Implementation Dennis Schrader - October 31, 2003

  This document is designed to guide home users on how to implement sufficient security measures on a home computer running Microsoft Windows XP Home Edition.

• • Overview
  • Download
  Security Issues For Exchange 2000 Outlook Web Access Implementation Paula Kohrt - October 31, 2003

  The purpose of this paper is to cover the fundamental security considerations during the implementation of an Exchange 2000 Outlook Web Access (OWA) Front End (FE) server in a demilitarized zone (DMZ) using secure HTTP access.

• • Overview
  • Download
  Taking the Confusion Out of Security Templates Robert Aitken - October 31, 2003

  This paper will address how security templates are constructed using the Security Templates Snap-in to the Microsoft Management Console (MMC).

• • Overview
  • Download
  Top 10 Mistakes on Windows Internal Networks Deirdre Hurley - October 31, 2003

  In this paper I aim to highlight ten common mistakes on Windows systems, which make the job of a disgruntled employee or a malicious attacker who manages to get past your firewall, far easier.

Masters This paper was created by a SANS Technology Institute student as part of their Master's curriculum.