[...]... automatic group S- 1-5 -2 Network users automatic group S- 1-5 -3 Batch users automatic group S- 1-5 -4 Interactive users automatic group S- 1-5 -6 Service users automatic group S- 1-5 -1 1 Authenticated users automatic group S- 1-5 -[ domain SID ]-5 00 Administrator built-in account S- 1-5 -[ domain SID ]-5 01 Guest built-in account S- 1-5 -[ domain SID ]-1 000 Default SID of first account on a local system or Windows NT domain... 128-bit key Very difficult to brute force Kerberos Widely accepted as a secure authentication protocol, exact methods vary by implementation Can be captured and brute forced, but process is very slow Reference Center Windows Authentication Methods LM (LAN Manager) RC 16 Reference Center Common Security Identifiers (SIDs) Security Identifiers (SIDs) Description S- 1-1 -0 Everyone automatic group S- 1-5 -1 ...This page intentionally left blank HACKNOTES: THE SERIES M cGraw-Hill/Osborne has created a brand-new series of portable reference books for security professionals These are quick-study books kept to an acceptable number of pages and meant to be a truly portable reference The goals of the HackNotes series are ■ To provide quality condensed security reference information that is easy to access... and applying the hash LSA Comprised of the Local Security Authority Subsystem (LSASS) and the Security Reference Monitor (SRM), the Local Security Authority is the system responsible for enforcing Windows system security Reference Windows Security Fundamentals: Center Concepts Concept RC 14 Reference Center Windows Default User Accounts Default Accounts Description SYSTEM, Local System The core operating... Windows Security Fundamentals Security Identifier Alphanumerical representation of a Windows system or domain and the associated user or group identifier, known as a RID Reference Center Hacking Fundamentals: Concepts Nudge string RC 4 Reference Center Windows Security Fundamentals Built-in accounts Default accounts Each Windows operating system ships with a number of user-contexts installed by default... powerful security facilities, the initial security profile of the operating system is very inviting to attackers Because it is not necessary to configure security parameters to get an application or server working properly, system hardening is often overlooked or dismissed under the classic rule of “if it ain’t broke, don’t fix it.” HackNotes Windows Security Portable Reference is designed to provide the Windows. .. password is by using a brute-force or dictionary attack and applying the hash LSA Comprised of the Local Security Authority Subsystem (LSASS) and the Security Reference Monitor (SRM), the Local Security Authority is the system responsible for enforcing Windows system security Figure RC-1 Use the Security Options grouping of the Local Group Policy Object (GPO) to apply controls for anonymous users and... Services UNIQUE Internet Information Services Windows Security Fundamentals: Concepts RC 13 Windows Security Fundamentals: Concepts Summary Security Identifier Alphanumerical representation of a Windows system or domain and the associated user or group identifier, known as an RID Built-in accounts Default accounts Each Windows operating system ships with a number of user contexts installed... getting across the point of the topic Most importantly, so that these handy portable references don’t burden you with unnecessary verbiage to wade through during your busy day, we have kept the writing clear, concise, and to the point xi xii HackNotes Windows Security Portable Reference Whether you are new to the information security field and need useful starting points and essential facts without... complete step-by-step procedures to deploy the techniques discussed Reference Center Hacking Fundamentals: Concepts ICMP Message Types RC 2 RC 5 Common Ports and Services RC 7 Common NetBIOS Name Table Definitions RC 12 Windows Security Fundamentals: Concepts RC 13 RC 14 Windows Authentication Methods RC 15 Common Security Identifiers (SIDs) RC 16 RC 17 RC 18 Windows Default . complete step-by-step procedures to deploy the techniques discussed. xiv HackNotes Windows Security Portable Reference HackNote / HackNotes Windows Security Portable Reference / O’Dea / 22278 5-0 / FM P:10CompHackNote78 5-0 fm.vp Friday,. . . . . . . 235 viii HackNotes Windows Security Portable Reference HackNote / HackNotes Windows Security Portable Reference / O’Dea / 22278 5-0 / FM P:10CompHackNote78 5-0 fm.vp Friday, June. example: [bash]# whoami root xii HackNotes Windows Security Portable Reference HackNote / HackNotes Windows Security Portable Reference / O’Dea / 22278 5-0 / FM P:10CompHackNote78 5-0 fm.vp Friday, June