---

---

Analysis of the Security of  Windows NT 1 March 1999 2 Abstract This paper presents an analysis of the security in Windows NT 4.0, working in both stand-alone and networking mode. The objective of the work was to find out how secure this operating system actually is. A technical overview of the system, and in particular its security features is given. The system security was analyzed and practical intrusion attempts were made in order to verify vulnerabilities or to find new ones. All vulnerbilities are described in detail and classified according to a classification scheme. A comparison to com- monly known UNIX weaknesses was made. It revealed generic similarities between the two systems to a surprisingly high degree. Finally a number of recommendations are given. The paper concludes that there are ample oppor- tunities to improve the security of Windows NT. We have reason to believe that it is probably not higher than that of UNIX.