Information Security News mailing list archives
Is Win2000 secure?
From: mea culpa <jericho () DIMENSIONAL COM>
Date: Thu, 4 Nov 1999 10:08:45 -0700
From: darek.milewski () us pwcglobal com From: NWFusion Focus [mailto:news () gaeta itwpub1 com] NETWORK WORLD FUSION FOCUS: JIM REAVIS on SECURITY Today's Focus: Windows 2000: It's new, it's big! Is it secure? 10/29/99 By Jim Reavis As I am just putting the finishing touches on this article, the news coming across the wire is that Windows 2000, the rechristened NT operating system, will in fact live up to its name and be released in February of 2000, not late in 1999 as repeatedly promised. Microsoft President Steve Ballmer said at the Gartner Group's Symposium/ITxpo that Microsoft would not ship Win 2000 until it was "absolutely, positively right." This will likely be acceptable to most of you in IT land, as there is an increasing recognition that this is a significant upgrade worthy of the name change. Many of the new features in Windows 2000 are security related and take advantage of emerging standards. Will Windows 2000 improve your organization's security posture? The new security features in Windows 2000 cover a variety of new areas. One of the most notable and pleasant features is the integration of IP Security. IPSec is an IETF standard for encryption of TCP/IP traffic across the wire. It is the standard that is integrated into IPv6 and is considered to be a more secure method for TCP/IP encryption than its predecessors, including Microsoft's own Point-to-Point Tunneling Protocol. IPSec is fast becoming the lingua franca of virtual private networks, and Microsoft's native adoption of IPSec is significant in giving organizations the capability to roll out secure, heterogeneous VPNs globally. A significant security standard implemented in Windows 2000 is Kerberos, the network authentication protocol developed at MIT. Like IPSec, Kerberos is on the IETF standards track and provides capabilities for Windows 2000 to exchange credentials with, as well as authenticate with, other enterprise systems. Unlike the current Microsoft authentication protocol NTLM, Kerberos makes no assumption of trust and is a superior option for mitigating the risk of internal security breaches. Kerberos can be used in place of the NTLM authentication protocol for homogeneous Windows 2000 communications. Windows 2000 will need to use NTLM for interoperable authentication with NT 4.0 and Windows 9x systems. For those of you that had large networks of P's using Netbeui, which were migrated to TCP/IP, it will be a similarly long period of coexistence to migrate off of NTLM. Having Kerberos-aware networks will become increasingly important in the future; it is not only more secure, but is also more efficient - users and resources can bypass domain controllers after initial authentication. It also provides a solid foundation for open Single Signon solutions. Other new security features incorporated into Windows 2000 include: * Encrypted File System. One component is transparent file encryption on NTFS file systems, configurable on a per folder/file basis. The underlying encryption algorithm is standard DES, using 128 bit keys for North America and 40 bit keys internationally. Microsoft is lobbying the Department of Commerce for an exemption to export strong crypto, but that will not happen the first time around, even with the release delay and the Clinton Administration's pronouncement of loosening crypto regulations. However, even weak crypto is an improvement over nothing, and if you are not already using PGP or something else to encrypt your data, there is no reason not to use a seamless option like Encrypted File System (EFS). The Encrypted File System includes recovery capabilities, a feature that will delight administrators and infuriate privacy advocates. Any time a crypto system is recoverable, the possibility exists that an unauthorized person can decrypt data. An analysis of EFS key recovery by security analysts is ongoing; so far all parties agree that it is critical to store the recovery key securely and maintain physical security to ensure that the recovery capability is not compromised and data is not exposed. * Public-key infrastructure. PKI will be an integral part of Windows 2000. Several standards are incorporated into the operating system to enable Windows 2000 to function as a PKI, including a certificate authority, the LDAP-enabled Active Directory, a key management system, and other related components. It remains to be seen what the impact will be on the third-party PKI industry; it is likely that Microsoft's own PKI solution will be sufficient on the low end and midrange. * Extensive Testing. Windows 2000 has had an extensive development and test period. The first beta appeared in September of 1997, and Beta 2, which had most of the final features in place, shipped in August of 1998. Beta 3 shipped in May and Release Candidate 2 shipped in September to over 650,000 subscribers. Microsoft also took a new step in its development process by opening Windows 2000 to a hacker challenge. Launched in August of this year, the Microsoft Windows 2000 Beta Internet Test Site has apparently withstood most attacks. Microsoft has stated that the challenge has pointed out some denial of service problems related to TCP SYN and fragmentation attacks, but if someone has found a major hole in this test, they have not come forward. Now as any security expert can tell you, a test like this cannot prove security, only insecurity. It is also no indication that the configuration used is the default for Windows 2000, or something that can be easily duplicated by systems administrators. Still, it is a positive that Microsoft has had enough confidence to hold a hacker challenge and at least found a few issues worthy of fixing. If nothing else, you cannot accuse Microsoft of rushing to get this product out - it has been a long time coming. The major security questions we have with Windows 2000 do not concern whether or not Microsoft is trying to do the right thing - they clearly are, and the security feature enhancements we have mentioned are welcome. The question is: Can any single company's testing and quality assurance process deliver 30 million lines of code without significant security vulnerabilities? A lot of new concepts are introduced in this release, chief among them the Active Directory. Although based upon the standard Lightweight Directory Access Protocol, the LDAP standard does not specify a security model, which has been left up to Microsoft to invent. Microsoft clearly has placed more emphasis upon security in this operating system than any of its predecessors. If the Windows 2000 release is followed by a relative minor spate of security bugs, it will prove that the heightened emphasis on security can translate into a successful and secure operating system. If Windows 2000 proves to have an unreasonable number of security vulnerabilities, it could prove to be the end of major milestone releases of operating systems in favor of more conservative, iterative operating system upgrades. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ FOR RELATED LINKS -- Click here for Network World's home page: http://www.nwfusion.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Windows 2000: Holy grail or fool's crusade?, Windows TechEdge, 06/04/99 http://www.windowstechedge.com/wte/wte-1999-06/wte-06-beta3.html Hacker test/challenge: http://www.windows2000test.com/ Windows 2000 Web site: http://microsoft.com/windows/server/ Archive of Network World Fusion Focus on Security newsletters: http://www.nwfusion.com/newsletters/sec/ Other security-related articles from Network World: Bid to allow 'Net wiretaps draws fire, Network World, 10/25/99 http://www.nwfusion.com/news/1999/1025wiretap.html ClickNet develops hacker detection product, Network World, 10/25/99 http://www.nwfusion.com/archive/1999/78821_10-25-1999.html About the author ---------------- Tim Greene is a senior editor at Network World, covering virtual private networking gear, remote access, core switching and local phone companies. You can reach him at tgreene () nww com. ~~~~~~~~~~~~~~~~~~~This newsletter sponsored by IPivot~~~~~~~~~~~~~~~~~ How fast is your site in secure mode? If you answered, 'not very', you need one of our Commerce Accelerators. IPivot, an Intel Company, will help your site run up to 50 times faster throughout your customer's entire secure transaction. http://www3.nwfusion.com/click;678689;0;0;2;0;?http://nww1.com/go/678689.ht m l VPN Solutions ------------- You are trying to figure out the best VPN solution for your organization. And you need to make the right choice because the wrong one could lead to unexpected network costs, time-consuming deployment issues and performance degradation. Participate in a free, one-hour virtual seminar, "Not Sure Which Way to Go? Choosing the Right VPN Solution". Sit back, relax and learn practical recommendations on VPN implementation. Produced by Network World and Altiga Networks. Find complete content and registration information at http://www3.nwfusion.com/click;667971;0;0;2;0;?http://nww1.com/go/667971.ht m l Questions or comments? ---------------------- * For editorial comments, write Charley Spektor, Managing Editor at: cspektor () nww com * For advertising information, write Jamie Kalbach, Account Executive at: jkalbach () nww com * For all other inquiries, write Christine Rhoder, Circulation Marketing Manager at: crhoder () nww com Subscription Services --------------------- You can subscribe or unsubscribe to any of your e-mail newsletters by updating your form at: http://www.nwfusion.com/focus/subscription.html For subscription changes that cannot be handled via the web, please send an email to our customer service dept: listnews () gaeta itwpub1 com Network World Fusion is part of IDG.net, the IDG Online Network. IT All Starts Here: http://www.idg.net Copyright Network World, Inc., 1999 ---------------------------------------------------------------- The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer. ISN is sponsored by Security-Focus.COM
Current thread:
- Is Win2000 secure? mea culpa (Nov 04)
- <Possible follow-ups>
- Re: Is Win2000 secure? mea culpa (Nov 04)