Windows%20Vista?????? - PowerPoint PPT Presentation

About This Presentation
Title:

Windows%20Vista??????

Description:

... User GP LSA Shell Machine GP Profiles MSGINA.DLL SCM Other Sessions WinLogon User GP Shell MSGINA.DLL Session 0 WinInit RCM LSA Group Policy Profiles SCM ... – PowerPoint PPT presentation

Number of Views:112
Avg rating:3.0/5.0
Slides: 48
Provided by: micros402
Category:

less

Transcript and Presenter's Notes

Title: Windows%20Vista??????


1
Windows Vista??????
  • ???
  • ????????
  • MCSE Security/Messaging
  • MVP/MCT

2
????
  • ??Windows???????
  • ???????????

Level 200
3
????
  • Windows Vista??????
  • ??????
  • IE 7.0?????
  • Windows Defender????
  • ???????
  • ?????????
  • ?????

4
Windows Vista ???
??????
???????
IE ????
??????
???
Windows Defender
5
Windows XP ?????
  • ????
  • ??????
  • ?????????

??
6
Windows Vista ??????
  • ?????????
  • ??????
  • ????????

??????
???????
??
S
S
S
D
D
D
?????? ???? ????? ?????????
S
D
D
7
Windows ??????
??????
  • ????????????
  • ???????????????????????
  • ?????????,??????

????
????
?????
??
8
Internet Explorer 7?????
  • ??????
  • URL ????
  • ???????????
  • ActiveX Opt-in
  • ????????
  • ?????????????(Windows Vista only)
  • ?? Windows Defender ????????
  • ?????????
  • ??????
  • ????????????????
  • SSL????
  • International Domain Name (IDN)
    ????(http//www.microsóft.com)
  • ?????? (Parental Control, Windows Vista only)

9
Internet Explorer ????
10
??????(Phishing Filter)
URL Reputation Service
https//urs.microsoft.com
Known Good URLs
IEAPFLTR.DAT
11
Windows Defender
  • ????????????
  • ????,???????
  • ???????

12
Windows Vista ???
13
??????
Inbound
Outbound
Default Block most Few core exceptions
Default Allow all interactive Restrict services
Allow rules Programs, services Users,
computers Protocols, ports
Block rules Programs, services Users,
computers Protocols, ports
14
????
Windows XP SP2 Windows Vista
Direction Inbound Inbound, outbound
Default action Block Configurable for direction
Packet types TCP, UDP, some ICMP All
Rule types Application, global ports, ICMP types Multiple conditions from basic five-tuple to IPsec metadata
Rule actions Block Block, allow, bypass with rule merge logic
UI and tools Control Panel, netsh C-Panel, more netsh, MMC
APIs Public COM, private C More COM to expose rules, more C to expose features
Remote management none Via hardened RPC interface
Group policy ADM file MMC, netsh
Terminology Exceptions profiles Rules categoriesprofiles
15
??????(NAP)
3
1
2
?????
4
???????
Windows Vista Client
????
DHCP, VPN Switch/Router
5
  • ?????
  • ??????????????
  • ? DHCP, VPN, IPsec, 802.1X ????????
  • ???????????,?? IT ?????
  • ???????????

??
16
Windows DefenderWindows Firewall?????
17
???????(UAC)
18
UAC Architecture
Standard User Rights
Administrative Rights
Admin logon
Admin Token
Standard User Token
19
UAC ArchitectureStandard User Mode
Standard User Rights
Administrative Rights
Standard User Mode
20
UAC ArchitectureAdmin Privileges
Standard User Rights
Administrative Rights
Admin Privileges
21
?????????
22
????
23
??????????????
24
????
  • ????? Smart Cards
  • ?? Certificate Service Provider (CSP)
  • ??????????????? Smart Cards
  • ??????
  • ???? GINA (msgina.dll)
  • ??????????????
  • ??????

25
WinLogon ??Windows XP
Session 0
WinLogon
LSA
User GP
Profiles
SCM
Machine GP
MSGINA.DLL
Shell
Other Sessions
WinLogon
User GP
MSGINA.DLL
Shell
26
WinLogon ??Windows Vista
Session 0
LSA
RCM
WinInit
Profiles
SCM
Group Policy
Other Sessions
WinLogon
LogonUI
Credential Provider 1
Credential Provider 2
Credential Provider 3
27
Credential Providers?????

LSA
WinLogon
1. Ctrl Alt Delete
9. LSALogonUser
2. ??????
8. ??????
5. ????,??????????
LogonUI
4. ????
Credential Provider Interfaces
6. ??????????
7. ?????????
3. ????????
Credential Provider 2
Credential Provider 1
Credential Provider 3
28
??????
  • ??????
  • ??????????????????????????
  • ??????
  • ??????????????
  • ??????,??
  • ????????
  • ???????

29
Windows Vista ?????
30
?????
31
Windows Vista ????
32
(No Transcript)
33
BitLocker ????
  • ???????????,?????????????????????????
  • ??????????? v1.2 TPM ???? USB ???????

BitLocker
34
BitLocker And TPM Features
  • BitLocker Drive Encryption (BDE)
  • ??????
  • ?? TPM v1.2 ??? pre-OS ???
  • ???????????
  • Pre-OS ???
  • USB startup key, PIN, and TPM ??
  • ??? Microsoft TPM Driver
  • ?????????
  • TPM Base Services (TBS)
  • Enables third party applications
  • Active Directory??
  • ???? key ? AD
  • Group Policy ??
  • Scriptable ??
  • TPM ??
  • BitLocker??
  • ???????

35
??? Trusted Platform Module (TPM)?
  • ??????Smartcard?????
  • ????
  • ???????
  • RSA, SHA-1, RNG
  • ?????????
  • ????????????(Key)
  • ????? Endorsement Key (EK)
  • ????? Storage Root Key (SRK)
  • ????????
  • ????????? (hashes)
  • ?????????

TPM 1.2 spec www.trustedcomputinggroup.org
36
BitLocker Drive ????Static Root of Trust
Measurement of boot components
37
????????????
  • Wheres the Encryption Key?
  • SRK (Storage Root Key)contained in TPM
  • SRK encrypts FVEK (Full Volume Encryption Key)
    protected by TPM/PIN/USB Storage Device
  • FVEK stored (encrypted by SRK) on hard drive in
    the OS Volume
  • OS Volume Contains
  • Encrypted OS
  • Encrypted Page File
  • Encrypted Temp Files
  • Encrypted Data
  • Encrypted Hibernation File

3
OS Volume
FVEK
SRK
2
1
System
System Volume Contains MBR, Boot manager, Boot
Utilities (Unencrypted, small)
38
???????
Ease of Deployment / Maintenance
???????????????????????????
TPM Only What it is Protects
Against Most SW attacks User Must N/A No user
impact
TPM PIN What it is what you
know Protects Against Many HW attacks User
Must Enter PIN to boot
39
BitLocker Drive Encryption
40
BitLocker ?????
  • ??????????
  • USB key??, ????? PIN
  • ??????
  • ?????? pre-OS ??(BIOS upgrade, etc)
  • ??????
  • ???????????
  • ????
  • Modified or missing pre-OS files(Hacked BIOS,
    MBR, etc)

41
BitLocker ?????
  • ?????????????
  • ?? BitLocker ???????????
  • ?? Group Policy ?????? AD
  • ????????????
  • ??????????????
  • ??? USB ?????
  • ?????
  • ???????

42
?? BitLocker ?????
  • Hard Disk
  • BitLocker ?????????
  • System partition (Active, NTFS, minimum 1.5GB)
  • OS must be installed on separate partition
  • OS and other partition(s) can be of any size
  • USB
  • System boot from USB 1.x and 2.x USB
  • USB read/write in pre-OS environment
  • FAT16, FAT32, or NTFS file system

43
??????
44
USB??????
45
??
???????
?????????
  • IE ?????????
  • Windows Defender
  • ????????
  • IPSec ??
  • ??????
  • ???????
  • ????? Smartcards
  • ??????
  • Bitlocker
  • RMS ?????

????
  • ????????
  • ??????
  • ?????
  • ??????
  • ????????

46
For More Information
  • TechNet
  • www.microsoft.com/taiwan/technet
  • Windows Vista
  • www.microsoft.com/taiwan/windowsvista
  • Windows Vista Resources for IT Professional
  • www.microsoft.com/technet/windowsvista/default.msp
    x
  • IE Website
  • http//www.microsoft.com/windows/ie/
  • MVP Community????
  • www.microsoft.com/taiwan/community

47
(No Transcript)
Write a Comment
User Comments (0)
About PowerShow.com