University of Baltimore
Merrick School of Business

Mini-project 2: testing security of Windows.

Go to the MISLAB. Log as Administrator in your group Windows XP "machine" by selecting Windows for Administration in the boot login of the machine corresponding to your group number. Note: do not save any files in drive C:, it may be wiped out in the periodic maintenance.

1. Think about physical security: what can you do to prevent somebody bringing a diskette and booting from it, or yet install another copy of Windows? How can a person with a diskette read files in a directory formated in NTFS (Hint: NTFSDOS)? Of course if your machine is off and you have a key to it you could just turn off the key, but suppose you cannot turn off your machine or your machine does not have a key? (Hint: think about the BIOS). Should users set screen-savers for security reasons? If they should, what and how should you, as administrator, do to increase security?

2. What ports are active in your machine (take snapshots)? (Hint: use Active Ports and NukeNabber). Suppose you decided to close the default ports for Back Orifice, NetBus, SubSeven and one more backdoor program of your choice (see PacketStorm for additional backdoor programs). How can you do this using a simple firewall? Install one and do it. Show me.

3. Open Local Security Policy and (a) set account policies which increase password security (explain what and why, see this article.), and (b) set the Audit Policy. Show me. Where can you see if there were security events you asked to be logged (show me an image)?

4. Use DumpSec to see what policies (account and security) are in place (include a copy of the results in your report) and if nullsession logins are turned off. Create a shared directory and make it not visible in Network Neighborhood, then run DumpSec to check if it is hidden and what other shares are visible and their permissions.

5. Now it is time to a more delicated security action. Close ports 139, 445 and do not let XP/2K save the LAN Manager hash value of the passwords. Show me. Hint: see this slide.

6. Read OPtOut and install a sniffer in your machine (dsniff for Windows, for example). Explain how it works and show an example.

7. Another delicated operation: install BOWall. Explain how it works and its importance. Select a .dll to "fix", save it with another name (create a backup) and use BOWall to protect it (take a snapshot to show you did it). Once it is done, restore the original .dll file.

8. Turn SYSKEY on in your system and explain what it does (what it protects) and describe what you did (show snapshots, etc). What is the impact on end users?

9. Finally, check for critical security patches (Hint: see Windows Security Readings and install at least one tool (Belarc Advisor or Microsoft Baseline Security Analyzer) to check your system. Report the results -- capture the output. You may fix the most critical problems found.

Submitting the report

• Post your group project report in the Mini-project 2 entry of the Assignments folder of one of the group members in WebTycho.
• You should submit just one file per group in zip format.
• Place all your files of the project in one directory and use a free compression software from Nonags to create one file in zip format.
• You may find difficult sometimes to save some of the screens you see. If this is the case, please use a free software for screen capture you can download from Nonags.
• If you have problems capturing to your liking the reports, please use a free software from PrimoPDF to create a PDF file.

This page is maintained by Al Bento who can be reached at abento@ubalt.edu This page was last updated on September 28, 2007. Although we will attempt to keep this information accurate, we can not guarantee the accuracy of the information provided.