Computerworld

Rough year looms for NT security, say hackers

Windows NT administrators should brace for a wave of new security holes to be uncovered in the operating system during the next year, according to hackers and consultants who attended a Las Vegas conference this month. That isn't because NT is fundamentally less secure than other commercial operating systems, they said. Unix went through similar difficulties in its early years. However, because NT is relatively new and receiving lots of attention in the hacking community, administrators need to be vigilant about keeping up with the latest bugs and fixes.

Windows NT administrators should brace for a wave of new security holes to be uncovered in the operating system during the next year, according to hackers and consultants who attended a Las Vegas conference this month.

That isn't because NT is fundamentally less secure than other commercial operating systems, they said. Unix went through similar difficulties in its early years. However, because NT is relatively new and receiving lots of attention in the hacking community, administrators need to be vigilant about keeping up with the latest bugs and fixes.

"It's going to take more attention than Unix," said Matt Willis, an information security expert at Secure Computing in Minnesota.

To harden a system against outside attacks, administrators should turn off all operating system functions they don't need, advised Dominique Brezinski, a consultant at CyberSafe in Washington.

It may take some experimenting to discover what can be shut down and what is necessary to run your system, Brezinski said,but closing all potential entries is crucial to fend off attacks from outside. For example, administrators might want to shut down Simple TCP/IP Services, which includes features such as echo and quote of the day; those are sometimes used by hackers in denial-of-service attacks.

If it is at all affordable, put different services such as World Wide Web servers, file sharing and domain name servers on separate machines, Brezinski said. Software functions, much like medications, can have unintended and dangerous side effects when combined. "Pay a lot of attention to file permissions," he said.

For example, a user with read/execute privileges in one directory can copy a file out, modify it once that file is in his personal directory and copy the changed file back to the original directory even though in theory, the user doesn't have write permission for that file.

Despite its graphical interface, NT is as complex as Unix and needs just as much technical skill and attention, several NT experts said.

Brezinski, who considers himself a "classic" hacker - seeking knowledge but avoiding criminal trespass - criticized Microsoft for being slow to respond to some bug reports and for not adequately documenting all technical aspects of NT for administrators to study.

"They just don't know what they can and can't do - what services they can turn off," he said.

Brezinski said he would feel comfortable using NT for a single-use server but is less confident about multiuser setups, partly because software compatibility issues with Windows 95 prevent some strict multiuser security issues from being implemented.

Willis said it is possible to run a fairly safe NT-based system. "If you have some savvy NT guys and keep up with the latest patches, it's an acceptable thing," he said.