Join the God Side, Jesus is Coming…….

Archive for December, 2009

Public-Key Cryptography and Windows PKI: How it works (Microsoft Windows 2000/2003/XP)

Source: newHorizon-ITPro

Most of you have concerns about the security of the data they send and receive. Some Microsoft Windows operating systems include a native public-key infrastructure (PKI) that allows for both encryption and signing. Public-Key Cryptography guarantees that encrypted outgoing data can be understood only by the intended recipient, and ensures that signed incoming data actually came from the indicated source.

When Public-Key Cryptography is used, each person has two keys, a public key he/she shares with the world, and a private key that only he/she knows. Keys are mathematical values used to both encrypt and decrypt data. To send protected data to Jane, Joe must know Jane’s public key and use it to encrypt the data. Once encrypted, only Jane, using her private key, can decrypt the data. Jane can safely send her public key out to the world, but must protect the private key. Anyone can encode data using her public key, but only Jane can decrypt it accurately.

Suppose Joe needs data from Jane, and wants to make sure it is coming from only Jane. Jane can use her private key to encrypt the data. The data is not secure now because anyone with her public key can decrypt the data. However, only Jane’s public key can decrypt the data from her. If Joe uses Jane’s public key and decrypts the data successfully, he knows the data came from Jane. Jane’s use of her private key to encode the data is a way of signing her name to the data.

The public-key infrastuctrue of Windows permits high levels of security for email, internet exchanges, and local network traffic.

Protect the Administrator Account (Windows XP/Server 2003)

Source: NewHorizon_ITPro

It’s a recommended best practice to change the name of the administrator account to make it more difficult for hackers to find, but renaming it doesn’t always hide it as well as you might think. That’s because there are hacker tools that can find the administrator account based on its Security ID, which always ends in 500.

To protect against these tools, you need to use Group Policy to prevent Windows from displaying SIDs. To do so, open the Local Security Settings MMC (run secpol.msc) and navigate to Local Policies | Security Options. In the right details pane, click Network Access: Allow Anonymous SID/Name Translation and disable the policy. You can apply this to the whole domain by editing the default domain policy instead of the local security policy.

Tag Cloud