SACE (System Access Control Entry), 141, 142-143
designator, 174
flags, 174-176, 177-179
rights, 179
trustee, 180
type, 176-177
SACL (System Access Control List), 141, 142
salt, 215
Save Filter to Custom View dialog box, 37
Save the recovery password dialog box, 203
sc.exe, 244
getname, 245
qsidtype, 254
restricted SID commands, 254
showsid, 254
sidtype… restricted, 252
syntax, 244-245
Schneier, Bruce, Secrets and Lies: Digital Security in a Networked World, 31
SCM (Service Control Manager), 244
screen, grayed out screen with Consent UI, 106
.SDB (System Database) file extensions, 101
SDDL. See Security
Descriptor Definition Language (SDDL)
sealing the key, to TPM, 188
SeBackupPrivilege, 71
SeChangeNotifyPrivilege, 5, 70
SeCreateGlobalPrivilege, 6, 7
SeCreateTokenPrivilege, 70
Secrets and Lies: Digital Security in a Networked World (Schneier), 31
sector, 189
sector key, 193
securable objects, 137-138
Secure Desktop, 106-109
disabling, 107
enabling applications with, 108-109
manifests and access, 108
Secure Hashing Algorithm (SHA), 31
"secure locations," 109
secure startup, 186
security
early need for, 134
option changes, 25-31
LAN Manager deemphasized, 28-30
named pipe access, 26-27
share and Registry access, 27
unsigned driver warnings, 30-31
Security Descriptor Definition Language (SDDL), 140, 146, 173
label syntax, 174-180
SACE flags, 177-179
SACE rights, 179
SACE trustee, 180
SACE type, 176-177
SACL designator, 174
SACL flags, 174-176
strings for setting integrity levels, 180
displaying, 180
security ID (SID), in token, 67-68
Security Zone in Internet Explorer 7, 236
SeDebugPrivilege, 71
SeImpersonatePrivilege, 71
SeIncreaseWorkingSet Privilege, 70
SeLoadDriverPrivilege, 71
SeProfileSingleProcessPrivilege, 6, 7
SeRelabelPrivilege, 71, 147-148, 151
SeRestorePrivilege, 71
service accounts, 241-242
Service Control Manager (SCM), 244
service host, 242
services, 241
basics, 241-244
displaying during boot process, 15
isolation, 251-254
how it works, 251-252
multiple with different privileges, 249-250
and process speed, 52
random location assignment, 229-230
reducing privileges, 247-250
by admins, 248-249
by developers, 248
restricting network ports, 255
session separation, 246-247
SID for, 251
displaying, 254
granting write permissions, 252-253
restricting, 252
sc.exe commands, 254
starting, 52
troubleshooting, 234
Vista toughening, 245-246
services.exe, 244
services.msc, 244
SeShutdownPrivilege, 6, 70
sessions, separation, 246-247
SeTakeOwnershipPrivilege, 71
SeTcbPrivilege, 70
SeTimeZonePrivilege, 70
SeUndockPrivilege, 6
SeUnl, 70
SHA (Secure Hashing Algorithm), 31
shares, XP anonymous access, 27
shields
in Control Panel, 86
program icons with, 85
"shim," 101
short-term patch, virtualization as, 125
shortcuts
adding to Programs folder, 77
Advanced Properties dialog box for, 78
shrink command, 202
shutting down system, user privilege allowing, 70
SID for service, 251
displaying, 254
granting write permissions, 252-253
restricting, 252
sc.exe commands, 254
simple volume, 189
SMTP server, configuring to accept alert e-mails, 40
sos option in BCD, 15
source computer for subscription, 43
authentication between collector and, 53-55
setup, 44-46
split token, 64
SPOOLSS named pipe, 27
spyware, 112
SQL\QUERY named pipe, 27
SQL Server, database location, 115
SRK (Storage Root Key), 188
standard user token, 65, 66
creating from administrator account, 74
and integrity rules, 154
Windows creation of, 66-74
standard users, 4
file and Registry virtualization for, 123-125
privileges, 70
Start menu
Administrative Tools, Event Viewer, 33
All Programs, Accessories, command prompt, 3
Command Prompt context menu, Run as administrator, 75
Computer, 117
Computer context menu, Properties, 21
context menu, Properties, 7
Control Panel, 19
Network and Internet Connections, 19, 20
Security, BitLock Drive Encryption, 203
Explore, 77
"Run…," restoring, 7-8
starting, Event Viewer, 33
startup key, 197, 198, 207
without TPM, 204
Storage Root Key (SRK), 188
store for BCD, 10
subinacl tool, 68
Subscription Properties dialog box, 47, 47, 50, 50, 57
subscriptions
collector setup, 44
creating, 44-50
on collector, 46-50
names for, 47
overview, 43-44
setup, 56-57
sources setup, 44
troubleshooting delays, 50-52
svchost.exe, 242, 242, 250
services running in, 243
tokens for, 243, 243-244
Sysinternals, Process Explorer, 242
sysmain.sdb, 101
System Access Control Entry (SACE), 141, 142-143
designator, 174
flags, 174-176, 177-179
rights, 179
trustee, 180
type, 176-177
viewing, 142
System Access Control List (SACL), 141, 142
system BCD store, 10. See also store for BCD
"The system cannot find the file specified" message, 117
"System error 5 has occurred." message, 3
system files, modifying, 170-173
System integrity level, 140, 141
beta testers and, 170
potential for malware manipulation, 168
system partition, 189
System Properties dialog box, Remote tab, 21, 21
System Recovery Options dialog box, 201-202
System Restore for XP, 24
system time, right to modify, 6