Welcome to SecurityDocs

A collection of 8,040 IT security white papers, carefully curated by professionals like yourself

Windows XP Professional Edition: Local Security Policies

by Johannes Helmig

The “policies” are the permissions, which are/can be assigned to Usergroups (and also to single usernames, although it is a kind of tradition to assign permissions to a usergroup and then make the user a member of the usergroup to get the permissions ).Double click on a policy/permission to display the list of usergroups, which have already this permission. Note : all users created in User Management are automatically member of the Usergroup “Everyone” To add a usergroup, use the button “Add ...

Sept. 1, 2017 0 comments TechGenix Management

Securing the Operating System and the Interface

by Tom Shinder

ISA Server is all about security. ISA is about securing network access into and out of the internal network. But after you’ve done all of your configuring, how do you know that you’ve done an adequate job of securing the internal network and the system that ISA Server is running on? Gary Andersen, a real ISA Server sharpie, asked if I could put together a checklist of some kind that ISA Server administrators can use to see if their configuration is a secure one. A great idea! Of course, secur...

Sept. 1, 2017 0 comments TechGenix

The Netbus trojan

by William Henderson

The Netbus trojan is one of the most famous trojans around. Its authored by Carl-Frederik Neikter that is very similar to the “Back Orifice” trojan distributed by CdC. It allows ANYONE running the client portion to connect and control ANYONE running the server portion of it, WITH THE SAME RIGHTS AND PRIVILEGES AS THE CURRENTLY LOGGED ON USER!

Sept. 1, 2017 0 comments TechGenix Pen Testing & Audits

Useful security tools/utilities for System administrators

by William Henderson

I will update this page regularly for new cool tools. If you have a cool utility you want me to review, email me. I have divided the security utilties in the following categories: Forensic Tools Security Tools Admin Tools Monitoring Tools InControl4 – Run this before installing ANYTHING questionable. Takes a snapshot of the entire registry, drive contents. Tells you nearly every change a piece of software makes to your system. (823K) Forensic Toolkit for NT...

Sept. 1, 2017 0 comments TechGenix

Windows .NET Server locks down “Everyone”

by Robert J. Shimonski

One of the biggest security issues you may have seen with older versions of Windows based servers is that when you assign permissions, you may accident be assigning too much because of a design flaw with anonymous access. When you have members of the Anonymous Logon group, they were also granted access to data because when an administrator thinks of ‘anonymous’, the administrator may also think this implies non-authentication. When you think of the Everyone Group, you may imply authentication...

Sept. 1, 2017 0 comments TechGenix Detection & Response

New Internet Explorer 6.0 Security Features with the .NET Server default browser

by Robert J. Shimonski

As you can see, if you are beta testing Windows .NET Server, there are quite a few differences in security as there were from Windows 2000. Some are subtle, where others are very obvious. One of the subtle ones in my opinion is the changing of Internet Explorers security settings. Now that you have Internet Explorer 6 installed on .NET server by default, you should know how to protect yourself with it. There is more added features of course, but more than ever, more security ‘enhancements’ to...

Sept. 1, 2017 0 comments TechGenix Detection & Response

Windows XP: Your Definitive Lockdown Guide

by Robert J. Shimonski

In this article, we will look at Windows based Security on your XP Desktop Systems. I have yet to see anything out there about how to check over and secure your desktop on Microsoft’s newest OS. In this article we will look at Windows XP Professional and what you need to do to be secure. This is a start to finish article on the fundamentals of OS desktop security – Microsoft style. After reading this, you may be surprised about some of the items you may have taken for granted! Lets take a look

Sept. 1, 2017 0 comments TechGenix

Analysis of Buffer Overflow Attacks

by Maciej Ogorkiewicz Piotr Frej

What causes the buffer overflow condition? Broadly speaking, buffer overflow occurs anytime the program writes more information into the buffer than the space it has allocated in the memory. This allows an attacker to overwrite data that controls the program execution path and hijack the control of the program to execute the attacker’s code instead the process code. For those who are curious to see how this works, we will now attempt to examine in more detail the mechanism of this attack and ...

Sept. 1, 2017 0 comments TechGenix Detection & Response

Securing Windows 2000 Active Directory (Part 1)

by Ricky Magalhaes

Protecting active directory’s integrity is paramount. This article will focus on active directory security and will be written in two parts. (If you would like to receive an email when Part 2 of this article is released, subscribe to the WindowSecurity.com Real-Time Article Updates from our Newsletter Subscriptions page). Active directory is the windows 2000 information repository that needs to be kept very secure. Active directory has vital service dependencies such as DNS witch changes t...

Sept. 1, 2017 0 comments TechGenix

Securing Windows 2000 Active Directory (Part 2)

by Ricky Magalhaes

For those that missed the first article in this series may click here to be taken to Part 1. In the next article Ricky Magalhaes will focus on the active directory process. As part of securing your active directory you need to ensure that as a contingency plan you are able to restore your active directory in event of disaster. If you would like to receive an email when the next article in this Active Directory series is released, subscribe to the WindowSecurity.com Real-Time Article Updates ...

Sept. 1, 2017 0 comments TechGenix Apps & Hardening

Securing Windows 2000 Active Directory (Part 3) – Backup and Restoration

by Ricky Magalhaes

In this article I will focus on the active directory process. As part of securing your active directory you need to ensure that as a contingency plan you are able to restore your active directory in event of disaster. (For those that missed the first two articles in this series may click here to be taken to Part 1 and here to be taken to Part 2). When backing up active directory Microsoft only supports one type of backup, you can only perform a full backup on active directory. Incremental a...

Sept. 1, 2017 0 comments TechGenix Apps & Hardening

Hidden Backdoors, Trojan Horses and Rootkit Tools in a Windows Environment

by Bartosz Bobkiewicz

Not every case of a successful intrusion is “crowned” with a replaced Web site on the server, data theft or damage. Often electronic intruders do not wish to create a spectacle but prefer to avoid fame by hiding their presence on compromised systems, sometimes leaving certain unexpected things. They use sophisticated techniques to install specific “malware” (backdoors) to let them in again later with full control and in secret.Obviously, hackers have a variety of motives for installing malevo...

Sept. 1, 2017 0 comments TechGenix

Securing Windows 2000 Active Directory (Part 4) – Restoration

by Ricky Magalhaes

In this article I will focus on how important restoring the active directory is compared to running it securely. Having an un-restorable backup is disastrous especially if your AD has been corrupted by an attacker or a new AD targeting virus. There is no point in baking up and having thousands of dollars invested in a backup strategy if you can not restore.The most important part of your backup strategy should have a restore focus, and should start with what you can restore rather than baki...

Sept. 1, 2017 0 comments TechGenix

Securing Data in Transit with IPSec

by Deb Shinder

Network security has many facets, and much emphasis is placed (rightly) on keeping intruders and attackers out of the network via firewalls. However, in today’s business environment, there are also many instances in which sensitive data needs to be protected within the local network from users who have legitimate access to the network – but do not need to have access to the data in question. The answer in that case is encryption (and encrypting data also provides an extra layer of security a...

Sept. 1, 2017 1 comment TechGenix Encryption & Authentication

SMBDie: Crashing Windows Servers with Ease

by Robert J. Shimonski

In this article, we will look at Windows based Security tools, and in this article, we will look at how to easily crash a Windows server in about 5 seconds. What is SMBDie? SMBDie is a tool (proof of concept) that was created to exploit a problem with the Windows operating system and when activated, will crash and Blue Screen the server immediately. We will get into all the details, but for the most part, this article will explain the following: What is SMB What is the attack (and w...

Sept. 1, 2017 0 comments TechGenix Apps & Hardening

Securing Windows 2000 DNS by design (Part 1)

by Ricky Magalhaes

This white paper will focus on the importance of securing your Windows network’s DNS service and the features, functionality and security of the DNS server by using design. Several deployment methods for DNS in a Windows 2000 environment will be covered and defined. This document is intended to provide clarification when enabling the operational requirements of the organizations designing secure DNS. Knowing that windows 2000 and above relies heavily on the functioning of DNS, your focus s...

Sept. 1, 2017 1 comment TechGenix Apps & Hardening

Securing Windows 2000 DNS by using configuration (Part 2)

by Ricky Magalhaes

This white paper will focus using DNS configuration with the intent to secure DNS. A previous white paper has been written on DNS security design and using both white papers will allow a more holistic view on DNS security. Click here to read Part 1. This white paper demonstrates the importance of securing your Windows network’s DNS service and the features, functionality and security of the DNS server by manipulating configuration. Several configuration methods and a quick configuration guid...

Sept. 1, 2017 0 comments TechGenix Apps & Hardening

Understanding Windows Logging

by Ricky Magalhaes

Logging is an underused tool on most windows networks. It is mostly used in a crisis to rectify events that have already taken place and that were not preempted. This is true for several reasons firstly there is vast amounts of data to get through, and because logistically it may not be viable to inspect every log on a vast network manually, this aspect is neglected. Applications are available that consolidate logs into a central place but what is needed is some form of artificial intellige...

Sept. 1, 2017 0 comments TechGenix Apps & Hardening

Hardening Windows NT/2000/XP Information Systems

by Ricky Magalhaes

A firewall is an integral part of any network that is connected to the internet. If no firewall is set up as a bastion host, many attacks can take place against windows without the administrator knowing. The multitude of these attacks can be so great that the machine will hang-up, this will make the task of isolating what attack took place incredibly challenging. If no firewall is available a router can be used to filter out unwanted protocols and ports that intruders may use to attack netw...

Sept. 1, 2017 0 comments TechGenix Apps & Hardening

Security concerns on Internet connections (Dialup-Connection to the Internet)

by Johannes Helmig

As part of the setup of the local network, File-and-Print Sharing is installed in most cases, with sharing of the disk(s):And on most private networks, passwords are usually not defined. Lets have a closer look to the network configuration: we need to check the combination “TCP/IP -> Dial-Up Adapter” (which is used for the Internet connections):And this is the security problem: when installing “File-and-Print Sharing”, then Windows configures by default a Binding (=connection) between each ...

Sept. 1, 2017 0 comments TechGenix

Subscribe

We'll send you a carefully curated list of the best IT security white papers to your mailbox every Friday.