HostedDB - Dedicated UNIX Servers

nt-part2_26 Analysis of the Security of  Windows NT 1 March 1999 26 trust account on the trusted domain. This logon attempt will not succeed since these type of accounts does not allow interactive logons. Instead an error message is returned stating that this is an illegal operation. The error message will, however, tell the system that the account exists and that a trust relationship should be established between the two domain controllers. The events that takes place now is somewhat similar to the events taking place when a client is first started and a user logs on to a domain, see sec- tion 5.4.1. First a type of discovery process is carried out by the trusting PDC to locate the trusted PDC. The trusting PDC will then establish a secure channel to the trusted PDC. This channel is then used in the same way as the secure channel in a normal logon and any attempt, remote or interactive, to logon to a machin in the trusting domain will be handled as a pass-through-logon. 4.4  Shares A share is basically an exported resource, i.e. a printer or a file system tree. A folder, a drive or a printer can be shared by an administrator, power user or server operator. There are two types of security on shares: user-level security or share-level security. In user-level security users are given access to a share dependent of their user name and password. This type of share is the one used in NT and optionally in Window 95. Every share has an ACL attached to it. Depending on the rights of the user, or a group of which s/he is a member of in this ACL, s/he can do different things in this share. If the share is a NTFS file system tree, the least of the rights in the combination of the ACL for the share and the ACL for the manipulated file or directory will be used when granting access to the user to this object. When the share is created it will by default have Everyone full control as its permissions. The shares that a computer export can be seen in the  network neighbourhood or by typing  net view \\computername in the command prompt. If the share name of a share is ended with a $-sign, it will not show up in any of the previously mentioned methods. In share-level security users are given access depending on if they can give the right password for a particular share or not. Every share has an optional password for reading and one for writing. This type of security is used in Windows for workgroups and Windows 95. In NT, there exists a special kind of shares called administrative shares or system shares. They have all a $-sign at the end of their names and are created by the system when it is booted. Some of the shares that are created in this way are C$-Zx$, IPC$, PRINT$ and ADMIN$. The shares with volume names are the local drives of the exporting computer. IPC$ is the interprocess communication share which is used among other things for establishing secure channels on Domain Control (DC). PRINT$ is the local spooler service and ADMIN$ is the root of the local system directory, e.g. c:\winnt. The rights on these shares can not be set and the access rights on the drive shares are limited to administrators. These shares can be removed or stopped from being created at boot time. However, if IPC$ is removed from a PDC or a BDC no user will be able to logon to that domain using that DC. This might even take some time to discover since the last ten logons on a workstation is cached by default to enable logon if a DC should fail. 4.5  Server Message Block (SMB) SMB is a application level protocol used by Microsoft for a number of thinks. Among those are authentication, RPC and the Common Internet File System protocol (CIFS).