Flylib.com

Books Software

 
 
 

Category list


Similar pages

Introducing Windows 2000 Security


Buy on amazon.com >>
Stinson C. Siechert C
    << Previous page
    Table of contents
    Next page >>
    [Previous] [Next]

    Introducing Windows 2000 Security

    The security provided by Windows 2000 is designed to meet the following requirements:

    • Each user must identify himself or herself when logging on.
    • The system must insulate objects assigned to processes. For example, memory used by a program must be made inaccessible to other programs, and programs must not be able to read data from deleted files.
    • The owner of a resource must be able to control access to that resource.
    • System administrators must be able to audit system events and restrict access to the event log.
    • The system must protect itself from external tampering.

    One of the ways Windows 2000 meets these requirements is by assigning each user a security ID (SID) . Your SID, a gigantic number guaranteed to be unique, follows you around wherever you go in Windows 2000. When you log on, the operating system first validates your user name and password. Then it creates a security access token . You can think of this as the electronic equivalent of an ID badge. It includes your name and SID, plus information about any user groups to which your account belongs. (User groups are described later in this chapter). Any program you start gets a copy of your security access token.

    Whenever you attempt to walk through a controlled "door" in Windows 2000 (for example, when you connect to a shared printer), or any time a program attempts to do that on your behalf , the operating system examines your security access token and decides whether to let you pass. If access is permitted, you notice nothing. If access is denied , you see an unavailable menu or dialog-box control, or, in some cases, you get to hear a beep and read a noxious message.

    In determining whom to pass and whom to block, Windows 2000 consults the resource's access control list (ACL) . This is simply a list showing which SIDs have which kinds of access privileges. Every resource subject to access control has an ACL.

    [Previous] [Next]

    Understanding Permissions and Rights

    SEE ALSO
    For a list of Windows 2000 rights, see Table 27-2.

    Windows 2000 distinguishes two types of access privileges: permissions and rights. A permission is the ability to access a particular object in some defined manner—for example, to write to an NTFS file or to modify a printer queue. A right is the ability to perform a particular systemwide action, such as resetting the clock.

    The owner of a resource (or an administrator) assigns permissions to the resource via its properties dialog box. For example, if you are the printer owner or have administrative privileges, you can restrict someone from using a particular printer by visiting the properties dialog box for that printer. Administrators set rights via Local Security Policy in Administrative Tools. For example, if you have an administrative account, you can use Local Security Policy to grant someone the right to load a device driver.

    NOTE
    In this book, as in many of the Windows 2000 messages and dialog boxes, privileges serves as an informal term encompassing both permissions and rights.

    [Previous] [Next]

    User Accounts

    The backbone of Windows 2000 security is the ability to uniquely identify each user. Windows 2000 assigns each user a user account . The user account is identified by a user name and password, which the user enters when logging on to the system. Windows then controls, monitors , and restricts access to system resources based on the permissions and rights associated with each user account by the resource owners and the system administrator. For information about managing user accounts, see "Working with Local User Accounts and Groups."

    In addition to such "normal" user accounts, Windows 2000 provides two special accounts that have predefined sets of permissions and rights associated with them: the Administrator account, and the Guest account.

    Administrator Account

    {% if main.adsdop %}{% include 'adsenceinline.tpl' %}{% endif %}

    Every computer running Windows 2000 has a special account named Administrator. This account has full rights over the entire computer. It can create other user accounts and is generally responsible for managing the computer. Many system features and rights are off limits to accounts other than Administrator (or another account that belongs to the Administrators group). For example, most features in Computer Management, the tool used to manage user accounts and other items, are disabled when the user is not Administrator or a member of the Administrators group . For more information about groups, see "User Groups" and "Working with Local User Accounts and Groups."

    TIP
    To make it more difficult for intruders to use the Administrator account, you should rename it so they'll be forced to guess its user name as well as its password. For information about renaming user accounts, see "Renaming, Deleting, and Disabling Accounts."

    Guest Account

    Most Windows 2000 systems also include an account named Guest. This account resides at the other end of the privilege spectrum. It is designed to allow an infrequent or temporary user such as a visitor to log on to the system without providing a password and use the system in a restricted manner. Choices made by the system administrator determine the level of access afforded to the Guest account. (By default, the Guest account is disabled on a clean install of Windows 2000; no one can use an account that's disabled.)

    WARNING
    Enabling the Guest account not only allows anyone to log on to your computer using the user name Guest (with no password), but it allows anyone on your network to see your shared folders if you share them using default settings. (The other users could even be running an unsecure system such as Windows 98, which doesn't require a logon name and password.) Shared folders on a FAT32 volume are then completely open to access, and anonymous users can view, modify, create, or delete files. If your shared folders are on an NTFS volume and you use the default NTFS access permissions, they won't be able to access the share—but they will be able to see the shared folder name. If you must enable the Guest account, be sure you deny Guest access to shares, folders, and files that you don't want guests and other unauthenticated users to see. (A user on another computer or another domain might be authenticated on their system, but not on yours.)


    Buy on amazon.com >>
    Stinson C. Siechert C
      << Previous page
      Table of contents
      Next page >>

      Similar products

       
      flylib.com © Copyright 2008-2013. All Rights Reserved.
      if you may any questions please contact us: flylib@qtcs.net
      Privacy policy