Vista tested: Expert shares results

I ran several tests against Windows Vista as both an untrusted outsider and a trusted insider, as well as with/without the Windows Firewall enabled. These best- and worst-case scenario techniques always uncover issues that would be tough to find otherwise, so be sure to make them part of your security testing methodology.

I admit that this was a pre-production version of Vista, but what I found didn't really surprise me because the same old Windows issues were present: NetBIOS leaks here, ports open there, generic network problems -- you name it. Sure, it's not the final release of the operating system (OS), but I'll wager that none of these fundamental problems will change. The fact is, it's a complex, networked OS, and no matter what the marketing gods want us to believe, it's going to have certain flaws that people can and will take advantage of.

The following screenshots, along with brief descriptions, show what I was able to uncover using the standard ethical hacking methodology of enumerating, checking for vulnerabilities and exploiting those vulnerabilities.

[IMAGE]
Port scan results show which services are available on a typical Vista system.

[IMAGE]
QualysGuard scan results show that many of the old Windows weaknesses still exist in Vista.

[IMAGE]
Proactive Password Auditor crack was successful against Vista accounts.

I know, I know. This was carefully setup in a lab environment and no big-time exploits were found. But just wait; it's only a matter of time before serious Vista flaws are made public and the guys over at the Metasploit Project and the experts at vend

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Windows Vista security issues, updates and alerts Ten ways to sell security to management Improve Windows security with our top 10 tips Windows Vista management tutorial Minasi says Vista SP1 solves problems, adds new ones Does Vista's strong security make it better than XP? Are Windows Vista's features silencing critics? Managing single sign-on security burdens in Windows Top 10 ways to improve Windows Vista security A Windows security checklist for IT managers Unauthenticated vs. authenticated security testing Windows desktop security tips How Windows 7 stands up to security tests Securing sensitive data on Windows-based laptops Gathering and documenting your Windows desktop security policies Windows desktop security standards documentation best practices Desktop security preparation for a new wave of Windows apps Four Internet Explorer 8 group policy security settings The state of enterprise security and emerging threats in 2009 Why should Windows shops use Microsoft Baseline Security Analyzer? A first look at Windows 7 security enhancements Using Sysinternals tools in security management scenarios

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary drive-by download  (SearchEnterpriseDesktop.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

ors like Core Security Technologies have nicely packaged exploits to help us out.

But that's just the beginning, because once other tools like the powerful Ophcrack Live CD and many others support Vista, we're back to square one with Windows weaknesses in the enterprise.

That is, unless you've really hardened your Vista systems against attacks -- including turning on BitLocker Drive Encryption and tweaking Windows Firewall -- and your users are always doing the right things. (Ha ha!)

As Vista becomes more prevalent over the next year or two, just like any other operating system, it'll serve to introduce risks into your environment. So, test and test often. Also, make sure you have good tools that you're comfortable using to help you find a lot of the vulnerabilities that would be next to impossible to uncover yourself -- that's almost half the battle. Don't overlook the importance of manually poking and prodding the OS from every possible angle keeping that malicious mindset intact.

Thinking like the bad guys and understanding how they can (and will) exploit OS weaknesses will prove to be very fruitful -- for Vista and beyond.

About the author: Kevin Beaver is an independent information security consultant, speaker and expert witness with Atlanta-based Principle Logic LLC. He has more than 19 years of experience in IT and specializes in performing information security assessments regarding compliance and IT governance. Kevin has authored/co-authored six books on information security including Hacking For Dummies and Hacking Wireless Networks For Dummies (Wiley) as well as The Practical Guide to HIPAA Privacy and Security Compliance (Auerbach). He's also the creator of the Security On Wheels audiobook series. You can reach Kevin at kbeaver@principlelogic.com>.

Rate this Tip To rate tips, you must be a member of SearchEnterpriseDesktop.com. Register now to start rating these tips. Log in if you are already a member. DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.