Ask the Expert

What are some common security vulnerabilities related to Windows NT?

What are some common security vulnerabilities related to Windows NT?

    Requires Free Membership to View

Windows NT is rich in features and that's what makes it more vulnerable. But no matter what NOS you choose to deploy, security should always be the primary concern. It's not possible to list out all of the vulnerabilities here, but sure I can list out some of the common ones. They are:
  • Using IPC$ to make anonymous connections.
  • Unrestricted Registry Access
  • Open Shares
  • Weak password (No password policy enforced)
  • Unrestricted user Permissions
  • Local Administrator account
  • Un-encrypted password database.
  • Unrestricted Trust relationships
  • Enabling DCOM support
  • Enabling IP Packet forwarding (even when it's not required)
  • Running MDAC in unsafe mode.
  • Running RPC
  • LocalSystem account does not have a password (most of the privileged services run with the same account)
  • Using Anonymous, Guest or default Administrator account.
  • NT uses NetBIOS as an abstration layer from the underlying network transport protocol. This helps an attacker gather information about the hosts (NetBIOS information)
  • The remote procedure call (RPC) Endpoint Mapper and Distributed Component Object Model (DCOM) Service Control Manager (SCM) listen on TCP and UDP port 135. Any user who can connect to port 135 can obtain information about which dynamic RPC and DCOM services are running and what ports they are listening on. To stop the Endpoint Mapper and SCM from listening on this port, you must disable the RPC Server service, which cripples NT.

    I recently responded to a similar question. Below is the link to the same.
    http://searchnetworking.techtarget.com/ateQuestionNResponse/0,289625,sid7_cid554727_tax287058,00.html

  • This was first published in April 2004

    There are Comments. Add yours.

     
    TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

    REGISTER or login:

    Forgot Password?
    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
    Sort by: OldestNewest

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to: