A relatively unknown compatibility feature of NTFS, Alternate Data Streams (ADS) provides hackers with a method of hiding root kits or hacker tools on a breached system and allows them to be executed without being detected by the systems administrator.
One key security practice that is often overlooked by admins is the Windows registry. In addition to configuration information, the registry contains security contexts that can be used to elevate a user’s privilege. If left unsecured, it is a good platform from which a hacker can use to gain access to administrative functions of the computer, and even possibly the domain as well.
Just a few years ago, the focus of enterprise security was primarily split between perimeter security and authentication controls. Security engineers spent their time mulling over firewall implementations, access rights, and the occasional implementation of encryption technologies. A new movement though has overtaken the industry as security breaches have become more and more common despite perimeter defenses, thus forcing enterprises to start reassessing security again from a host based perspective.
With his first article for WindowSecurity.com, we are pleased to welcome Ray Zadjmool (MCSE, CISSP, CCNA) to our team of authors. FTP [File Transfer Protocol] is one of the oldest and most popular services found on the on the internet today. Serving as an easy and effective method by which to transfer files over a network, FTP has become a standard that is both accepted and widely accessible to users across almost every network and operating system in use today. In this article we will examine 10 options available native in Windows 2000 that can be used to secure an FTP site.