N

namespace, 519

NAT (Network Address Translation), 301

NAT-T (NAT-Transversal), 301

.NET Framework Support Service, 286

.NET Framework-reliant components, IE settings for, 367–368, 375

Net Logon service, 274, 287

NetBIOS protocol, 158–159

NetMeeting Remote Desktop Sharing service, 274

Netscape browser, 350

Netsh.exe command, 67

network

access to computers on, policy settings for, 496, 499

access to, security options for, 508–510

defending against attacks of, 56

edge protection of, inadequacy of, 55–56

EFS (Encrypting File System) on, 469–471

Network Address Translation (NAT), 301

network client, Microsoft, security options for, 506–508

Network Configuration Operators group, 86, 108

Network Connections service, 274

Network DDE DSDM service, 274

Network DDE service, 274

Network group

computer accounts in, 115

definition of, 108

SID for, 84

Network Location Awareness (NLA) service, 275

Network News Transfer Protocol (NNTP) service, 286, 445

network protocol analyzer programs (sniffing attacks), 16–17, 168–171

Network Provisioning Service, 275

network security, IIS, 437–438

Network Service account, 101, 423–424

network traffic, securing. See IPSec (IP Security) protocol

NetworkService account, 85, 261, 262

NeverShowExt values, registry, 250

NewDotNet adware program, 73

News URI handler, 249

Nigerian scams, 394

NLA (Network Location Awareness) service, 275

Nmap fingerprinting tool, 9

NNTP (Network News Transfer Protocol) service, 286, 445

nntp URI handler, 249

Non-unique Authority, 84

Nordahl boot disk (Nordahl-Hagen, Peter), 161–163

Normal.dot file, 25

Norton Personal firewall, 68

Notify permission, registry keys, 242

Novell logon client, 41

NT Authority, 84

NT LM Security Support Provider service, 275

NT (NTLAN Man) hash algorithm, 147–148, 149

NT Resetter, 163

Ntbootdd.sys file, 132

Ntdetect.com file, 132

Ntds.dit file, 80

NTFS permissions

best practices for, 135–136, 332

changed as the result of another action, 128

combinations of, 125–126

compared to SRPs, 344

default settings for, 132–135

definition of, 122

for distribution groups, 96

effective permissions, determining, 129–131

EFS (Encrypting File System) and, 130, 462

group policy objects and, 220–221

for high-risk files, 218–221

for IIS, 435–436, 450, 452–453

improperly configured, 16

inheritance of, 128–129

list of, 123–125

misconceptions about, 79

modifying, 122–123

multiple groups contributing to, 88, 130

for prevention of unauthorized execution of software, 330–332

for security groups, 96

in security token, 117

for services, 290–292

setting using AGULP method, 97–99

Simple File Sharing and, 131

NTLAN Man (NT) hash algorithm, 147–148, 149

Ntldr file, 25, 132

NTLM authentication protocol, 153, 450

NTLMv2 authentication protocol, 153–154

Ntuser.dat hive, registry, 229

Null Authority, 84

Nullsoft WinAmp media files, 196, 248

.nws files, 199