Firewalls: RE: NT Security

Firewalls
(September 1996)

Indexed By Thread: [Previous] [Next]

Subject:	RE: NT Security
From:	Leonard Miyata <leonard @ geminisecure . com>
Date:	Thu, 26 Sep 1996 09:59:27 -0700 (PDT)
To:	Chris Pugrud <ChrisP @ steldyn . com>
Cc:	"'Joseph S. D. Yao'" <jsdy @ cospo . osis . gov>, "'dckinder @ ahcbsd1 . ovnet . com'" <dckinder @ ahcbsd1 . ovnet . com>, Firewalls Mailing list <firewalls @ GreatCircle . COM>
In-reply-to:	<c=US%a=_%p=Stellar_Dynamics%l=JUNEAU-960925233255Z-353 @ juneau . steldyn . com>

As far as NTFS and (isolated host) C2 ratings, one of the requirements
is no floppy drive. Unlike the DOS file system (FAT16), NTFS does
support multiple user access control bindings. I understand that there
exists a DOS utility to read NTFS partitions. If you have access to the
NT machine, you reboot with a DOS system floppy disk, and with this
utility, you can bypass all NT file access control

Personal Opinions provided by
Leonard Miyata
aka leonard @
 geminisecure .
 com
Gemini Computers Inc.

On Wed, 25 Sep 1996, Chris Pugrud wrote:

> Close on the C2 rating.  NT was rated with NTFS and requires it.  What
> the rating excluded was networking.  Although, there has been a lot of
> noise on here lately that C2 does not cover or include networking.  I'll
> leave that to the pundits.
> 
> Chris
> 
> >-----Original Message-----
> From:        	Joseph S. D. Yao [SMTP:jsdy @
 cospo .
 osis .
 gov]
> Sent:         	Wednesday, September 25, 1996 1:09 PM
> To:            	dckinder @
 ahcbsd1 .
 ovnet .
 com
> Cc:            	Firewalls Mailing list
> Subject:   	Re: NT Security
> > Date: Fri, 6 Sep 1996 15:28:07 +0000
> > From: dckinder @
 ahcbsd1 .
 ovnet .
 com
> > Subject: NT Security
> ...
> > So far, however, I have been unable to obtain technical information 
> > on NT-based security questions.  I would like to be able to have at 
> > least a journeyman's understanding of this subject as well.
> > 
> > If somebody could direct me to a website or a book or other source of 
> > information that deals specifically with NT security, I would 
> > appreciate it.
> 
> When I was putting together some material a couple of years ago, the
> only source was a few pages out of the huge (and expensive) four-volume
> Microsoft administrators' reference manual.  A quick Web search does
> turn up:
> 
> 	Trusted Systems' Windows NT Security textbook
> 	http://somarsoft.com/security.htm
> 
> and other sporadic network resources.  Just enter "Windows NT security"
> to Alta Vista and watch the resources pop up.
> 
> Much has been made of NT's "C2" certification.  I've heard that it was
> certified without the standard NT file system; and with that file
> system, it can't be certified.  Beware.
> 
> --
> Joe Yao				jsdy @
 cospo .
 osis .
 gov - Joseph S. D. Yao
> COSPO Computer Support						EMT-A/B
> -----------------------------------------------------------------------
> 	PLEASE ... send or Cc: all "COSPO Computer Support" mail to
> 			sys-adm @
 cospo .
 osis .
 gov
> 
>

Follow-Ups:

Re: NT Security
From: Stewart Shinewald <stewarts @ cul . ca>

References:

RE: NT Security
From: Chris Pugrud <ChrisP @ steldyn . com>

Indexed By Date	Previous:	tcpr 1.3 released From: paul @ alantec . com (G. Paul Ziemba)
Indexed By Date	Next:	Re: Firewalls-Digest V5 #537 From: marchany @ vtserf . cc . vt . edu
Indexed By Thread	Previous:	RE: NT Security From: Chris Pugrud <ChrisP @ steldyn . com>
Indexed By Thread	Next:	Re: NT Security From: Stewart Shinewald <stewarts @ cul . ca>