Problem solve Get help with specific problems with your technologies, process and projects.

What are some common security vulnerabilities related to Windows NT?

What are some common security vulnerabilities related to Windows NT?
Windows NT is rich in features and that's what makes it more vulnerable. But no matter what NOS you choose to deploy, security should always be the primary concern. It's not possible to list out all of the vulnerabilities here, but sure I can list out some of the common ones. They are:
  • Using IPC$ to make anonymous connections.
  • Unrestricted Registry Access
  • Open Shares
  • Weak password (No password policy enforced)
  • Unrestricted user Permissions
  • Local Administrator account
  • Un-encrypted password database.
  • Unrestricted Trust relationships
  • Enabling DCOM support
  • Enabling IP Packet forwarding (even when it's not required)
  • Running MDAC in unsafe mode.
  • Running RPC
  • LocalSystem account does not have a password (most of the privileged services run with the same account)
  • Using Anonymous, Guest or default Administrator account.
  • NT uses NetBIOS as an abstration layer from the underlying network transport protocol. This helps an attacker gather information about the hosts (NetBIOS information)
  • The remote procedure call (RPC) Endpoint Mapper and Distributed Component Object Model (DCOM) Service Control Manager (SCM) listen on TCP and UDP port 135. Any user who can connect to port 135 can obtain information about which dynamic RPC and DCOM services are running and what ports they are listening on. To stop the Endpoint Mapper and SCM from listening on this port, you must disable the RPC Server service, which cripples NT.

    I recently responded to a similar question. Below is the link to the same.

  • This was last published in April 2004

    Dig Deeper on Network Security Monitoring and Analysis

    Start the conversation

    Send me notifications when other members comment.

    Please create a username to comment.