Index

Previous page
Table of content
Next page

A

access checks, 127

access control list entries (ACEs), 24, 174

components, 174

deny, 184-186

Documents and Settings with, 184-185

icalcls tool and find all, 195

SIDs and, 174

access control lists (ACLs), 114-117, 171-201. See also ACL UI; discretionary access control lists; mandatory access control lists; system access control lists

default, 183

significant changes in, 183

definition, 171

earlier versions, 178-179

editor, 177

forms of, 173

major changes in, 178-179

management, 171-201

best practices, 201

permissions, 24, 171

modification, 156

registry, 199-200

representations, 174

resetting, 195

icacls and, 195

restoring, 192-193

icacls and, 192-193

saving, 191, 192

editing and, 192

icacls tool and, 191, 192

subinacl tool and, 199, 201

terminology, 172-175

tools for managing, 190-199

using, 175-178

verification of, 177

Windows XP, 178-179

default, 179

problems in, 178-179

access control permissions, IIS, 326-332

"Access Credential Manager as a trusted caller," 141

Access data sources across domains (setting), 270, 279

access masks, 174

access points (APs), 462. See also Wi-Fi

access tokens, 114, 125. See also security tokens

account lockout, 47, 539-546

facts, 540-541

parameters/settings, 539-540

password strength and, 541-545

account rights, 140

privileges v., 140

accounts. See specific accounts

ACEs. See access control list entries

ACL editor, 177. See also access control lists

ACL UI, 177, 197-199. See also access control lists

changes to, 197-199

Windows XP, 197

ACLs. See access control lists

Active Directory, 112.

See also Security Accounts Manager

SAM v., 112

Schema, 514

Active Scripting (setting), 275, 281

ActiveX controls, 33, 222, 223, 257

ActiveX controls and plug-ins (settings), 265-268, 278-279. See also specific settings

summary of, 278-279

ActiveX Installer service, 136, 137, 218-220, 222

Adobe Flash Player and, 219

configuration, 218-220

documentation on, 219

usage, 219

Add-on management, 256-257

Address Space Layout Randomization (ASLR), 5

Ad-Hoc mode, 462-463

admin-approval mode, 133, 136, 168

consent prompt settings for, 150

administrative templates, 492-493

settings, 504

new, 504-510

reboot/logon required, 510

Administrator account, built-in, 146-147, 180

disabled by default, 180

security importance of, 528, 529

filtered token for, 150

setting, 150

RID 500, 124, 146, 180

in safe mode, 146, 147

special treatment of, 146-147, 180

Administrator Lists, 317

administrators (admins), 128

non-, 129

UAC and, 129-130

power of, 129

ADMX files, 39, 492-493, 514, 515

migration tool, 493

template embedding, 493

Adobe Flash Player, 219

ActiveX Installer and, 219

Advanced Group Policy Management toolkit, Microsoft, 222

advfirewall, 424

adware, 64-65

browser cookies, 237

AES. See Asymmetric Encryption Standard

Airsnort, 465

All Users profile, 91

Allow META REFRESH (setting), 270, 279

Allow previously unused ActiveX controls to run without prompting (setting), 265, 278

Allow programmatic clipboard access (setting), 275-276, 281

Allow scripting of Internet Explorer web browser control (setting), 270-271, 279

Allow script-initiated Windows without size or position constraints (setting), 271, 279

Allow scriptlets (setting), 266, 278

Allow status bar updates via script (setting), 276, 281

Allow web pages to use restricted protocols for active content (setting), 271, 280

Allow websites to open Windows without address or status bars (setting), 271, 280

Allow websites to prompt for information using scripted window (setting), 276, 281

Anonymous authentication, 320, 323

anti-hammering defense, 47

anti-malware. See malware, automated

anti-phishing filter. See phishing filter

anti-virus programs. See viruses

API. See Application Programming Interfaces

application(s)

malware location in, 66

manifests, 165

misconfiguration, 56-57

security, 203-223

best practices, 222-223

UAC leveraging in, 164-167

UIAccess and, 152

vulnerabilities, 54-56

web server, 294-295

application pools, 309-311

identities, 311-314

Application Programming Interfaces (API), 424

Windows Firewall, 424-425

APs. See access points

Aronoff, Andrew, 70

ASLR. See Address Space Layout Randomization

ASP.NET Impersonation, 320-321

other authentication methods v., 325

Asymmetric Encryption Standard (AES), 26, 466

at.exe, 216

Attachment Manager, 506

attachments, malicious. See malicious file attachments

attacks. See specific attacks

auditing, 162, 533

elevation, 162-164

Process Tracking, 538

security tweak, 533

Auditpol.exe, 30

authentication exemption rules, 428

authentication methods, 14-16, 109. See also logon authentication; specific authentication methods

IIS, 318-325

support for, 14-16

authentication protocols, 110-112. See also Kerberos; LAN Manager; NT LAN Manager

challenge-response, 111

Authenticode, 265

reliant components-Run signed/not signed with, 265, 278

AuthIP, 451-452

multiple credentials and, 451-452

SDI and, 451-452

automated malware. See malware, automated

Automatic prompting for ActiveX controls (setting), 266, 278

Automatic prompting for file downloads (setting), 268-269, 279

Automatic Updates, 230

autorun programs, 99-100

locations for, 99-100

Autoruns utility, 70, 100, 235

example, 100

Web site location, 100


Previous page
Table of content
Next page
Windows Vista Security. Securing Vista Against Malicious Attacks
Windows Vista Security. Securing Vista Against Malicious Attacks
ISBN: 470101555
EAN: N/A
Year: 2004
Pages: 163
BUY ON AMAZON
ADO.NET 3.5 Cookbook (Cookbooks (OReilly))
MySQL Stored Procedure Programming
CompTIA Project+ Study Guide: Exam PK0-003
Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input Validation & More
Python Standard Library (Nutshell Handbooks) with
Digital Character Animation 3 (No. 3)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy