Windows NT Threats and Vulnerabilities
Abstract
The objective of this research is to examine the threats and vulnerabilities of a Windows NT network. One aspect of this research is to add to the Department of Defense's understanding of the disadvantages of the system. This research demonstrates five vulnerabilities of Windows NT with respect to the military network operating system security environment. First, there is the NetBIOS-over-TCP)IP vulnerability. Windows NT by default allows networking over this protocol. This protocol could allow an attacker to remotely connect to a drive and edit the registry. Second, the server message block (SMB) vulnerability allows remote access to shared directories. An unauthorized user could use this hole to access everything on the shared resources. Third, the remote registry access vulnerability could allow an attacker to view and change the contents of another computer's Registry. Fourth, improperly set permissions could allow unauthorized access to sensitive and classified data. Fifth, the built-in file transfer protocol (H?) service allows users to change directories. Users could use this hole to sec the root directory. Before DOD becomes too committed to Windows NT, these issues need to be addressed.
Document Details
- Document Type
- Technical Report
- Publication Date
- Sep 01, 1997
- Accession Number
- ADA341457
Entities
People
- Febbie P. Moore
Organizations
- Naval Postgraduate School