nt-part2_2
Analysis of the Security of Windows NT
1 March 1999
2
Abstract
This paper presents an analysis of the security in Windows NT 4.0, working
in both stand-alone and networking mode. The objective of the work was to
find out how secure this operating system actually is. A technical overview of
the system, and in particular its security features is given. The system security
was analyzed and practical intrusion attempts were made in order to verify
vulnerabilities or to find new ones. All vulnerbilities are described in detail
and classified according to a classification scheme. A comparison to com-
monly known UNIX weaknesses was made. It revealed generic similarities
between the two systems to a surprisingly high degree. Finally a number of
recommendations are given. The paper concludes that there are ample oppor-
tunities to improve the security of Windows NT. We have reason to believe
that it is probably not higher than that of UNIX.