DEPARTMENT OF ENERGY
INFORMATION SECURITY RESOURCE CENTER
PACIFIC NORTHWEST NATIONAL LABORATORY

ADVISORY NOTICE No. 25
April 13, 1997

WINDOWS NT INHERENT FEATURE CONCERNS

Since its initial release in 1993, the Microsoft Windows NT Server operating system has established itself as the network server operating system of choice for a broad cross section of businesses. Although Windows NT 4.0 is not new to network administrators, it is becoming new to desktop computer users as entire DOE sites migrate to this operating system to upgrade computing systems and network functionality.

Windows NT 4.0 not only offers users a more powerful operating system than previous Windows offerings, but essentially makes each user a system administrator for their computer. This brings a great deal of flexibility and system configuration options that have not been previously available to the user.

This responsibility may not be tempered with an appropriate level of user knowledge, opening the door to security concerns. Installing Windows NT 4.0 may allow the examination of your hard drive from anyone on the network or allow the reconfiguration of a "standard" communication port, effectively bypassing a firewall.

With the introduction of Windows NT 4.0 into the work place as a desktop platform, users need to be informed of the increased level of responsibility at which they are performing. Although Windows NT 4.0 has improved security features that help protect unauthorized access to information and resources, without proper awareness of new features, the user may initiate settings which compromise the current network security measures.

As DOE sites migrate to Windows NT 4.0, some of the features of this operating system should be reviewed for potential weaknesses or compromises of information. Some of the customized features of Windows NT 4.0 include specifying which users have access to the computers hard drive, what permissions each user has, what services are provided to each user, and the ability to use the desktop computer as a server of web pages and information.

Easy to configure file sharing was available with the introduction of Windows 95 and is significantly enhanced with Windows NT. When configuring your computer to share files with a specific user, you could inadvertently setup your hard drive to share information with everyone on your network. This "full control" permission would allow anyone on the network to read, write, and delete files, directories, and programs on your hard drive. Unless you are familiar with the operating system software, and use advanced features during the file sharing setup, the "full control" permission is the default setting for file sharing.

With Windows NT Workstation 4.0 and the free software from Microsoft, it is possible to be a full fledged server, serving web pages and file transfer protocol (FTP). Although this is a good way to develop and test web pages prior to release, it also makes it possible to serve web pages that have not been through the site's information release process. Additionally, they may even be served outside of the firewall, and perceived as representative of DOE.

Another potential problem is the connection of users to an internal network through a smartcard. Once connected to the internal network, any functions or privileges that have been setup on a home computer, are now extended to the entire internal network. For instance, if a home computer is serving web pages, they are viewable to anyone inside the firewall. If global sharing has been selected on a home computer, these files too are available to everyone on the network. The problem is access to inappropriate or personal information by colleagues or others having privileges inside the firewall. The discovery of this type of inappropriate information could be an embarrassment to DOE and/or DOE contractors.

It is also possible to configure the TCP/IP port protocol with Windows NT 4.0. Some software installations recommend the changing of port numbers "if you experience problems with proxy servers or firewalls." This recommendation could circumvent the effectiveness of any established security measures such as firewalls or router filtering.

Finally, it should be noted that hackers have turned their full attention to Windows NT 4.0 since its release, with the main reasons being, the new challenge and dislike of Microsoft. These skilled hackers, who have traditionally focused their activities on Unix, are turning their attention to Windows NT as it displaces Unix as the server operating system of choice. Users will need to apply patches and updates to their Windows NT operating system as soon as they become available.

Periodic port assignment scans of internal networks should be accomplished to determine if an employee has changed a default communication port such as FTP or telnet.

The Windows NT users should be educated on limitations of customizing the Windows NT environment to include changing communication ports or serving web pages outside of the firewall without proper authorization.

Security and Privacy Notice
To contact send email to ISRC
Last Updated October 2001