Microsoft Windows Overview Tyronne Nash Perry Holloway William Wright
Dec 21, 2015
Microsoft Windows OverviewTyronne Nash
Perry Holloway
William Wright
Overview
Evolution of Windows
DOS extensions
GUI front-end styles
Operating system
Server platforms
File systems
Overview (cont)
Windows 2000 design goals
Windows 2000 basic install
Windows 2000 Registry
Sources for some of the historical information and images:
http://www.microsoft.com/windows/winhistorydesktop.mspx
http://toastytech.com/guis
1985
Windows 1.0
Extension to DOS
GUI front end
Added use of mouse
Task manager
Used underlying DOS
Windows 1.0
1987
Windows 2.x
Windows /386
Overlapping Windows
VGA
DDE
Used underlying DOS
Theme used: “MS Eye Bleeder”
1990
Windows 3.x (WIN3.x)
32 bit processing
File Manager
Print Manager
Presentation Manager
Modular Virtual device drivers (VxDs)
Use of extended memory
Used underlying DOS
1993
Windows for Workgroups 3.11 (WFW)
Native networking support
RAS
Used underlying DOS
1993
Windows NT 3.1 (WINNT)
Windows Advanced Server 3.1
Designed to be application server
Client /server
Microsoft Mail
Network management
(Security, Sever management)
1993
Windows NT Workstation 3.5 (WINNT WS)
Open GL
Long file names
1994
Windows NT server 3.5
(based on NT Server 3.1)
1995
WINNT 3.51
Minor server upgrade release
Windows 95 (WIN95)
Integrated 32 bit TCP/IP stack
Plug and Play (PnP)
Attempt to add security
WIN95
Security ??
Multiple logons
Use of ESC key will bypass login process
Policy editor (POLEDIT)
Note: this not well documented
Still able to drop to DOS and the machine is yours
1996
WINNT WS 4.0
Added the W95 interface
WIN95 OEM Service Release 2 (OSR2)
FAT32 introduced
Bugfix
1996
WINNT 4.0
Full 32 bit OS
Look and feel of WIN95
1997
NT Server Enterprise Edition (EE)
Scaled up server for corporate clients with large networks
1998
NT Server Terminal Server (TS)
The NT product line was renamed to Windows 2000
Windows 98
USB support
1999
WIN98 Second Edition (SE)
Fixed must of the bugs in WIN98
Networking support for home users
2000
Windows Millennium Edition (WIN ME)
System Restore
Windows 2000 Professional W2K Pro)
Based on NT code
2000 (cont)
USB Firewire
Added support for Kerberos protocol
NTFS 5.0
Encrypting file system (EFS)
2001
Windows XP Professional
WINNT and WIN9X derivatives combined into one code base
Windows XP Home
Easier networking
No Domain authentication
File systems
FAT12 and FAT16 (FAT)
FAT
FAT started with DOS
Max size 32MB
Can be read by all Windows operating systems
File systems (cont)
FAT32
Started with WIN95 OSR2
Max size 2 terabytes
Supported size is much less
Can be read by all WIN9X, WIN ME, W2K and WIN XP
File systems
NTFS
Max size can more than 2TB
NTFS 5.0 supports EFS
Can be read by W2K, WIN XP, maybe WINNT 4.0 SP4
Window 2000 Design Goals
Windows NT
Compatibility
Reliability
Extensibility
Scalability
Distributability
Certifiability
Windows 2000
Internet Standardization
Ease of Administration
Scalability
Security
Performance
Reliability
Internet Standardization Was a new focus because of the growth of the internet
Increased support for the open Standards
Networking is improved ( added new Microsoft Management Console (MCC) administrative interfaces) (TCP/IP network services have been improved and updated)
Support for the Layer 2 Tunneling Protocol (L2TP) (industry standard Internet protocol used for building Virtual Private Networks (VPN)) (Builds secure tunnels across internetworks) (can Leverage public key certificates and IP Security)
Supports IP Security, Kerberos, and PKI (public key infrastructure)
Most important addition is the Active Directory
Supports Lightweight Directory Access Protocol (LDAP) – Specifies the way clients and servers exchange directory information
Ease of Administration Has Support for many Items
Improved management infrastructure
Microsoft Management Console
Windows Management
Active Directory and Group Policy
Component Object Model
Windows Driver Model
Plug and Play and Advanced Configuration and Power Interface
Quality of Service
Ease of Administration – Cont.
Total Cost of Ownership
IntelliMirror
User Document Management
User Setting Management
Software installation
Remote Installation Services
Group Policy
Scalability
One that will run on many hardware environments
Provides multi-platform support through its layered, microkernel architecture and use of the Hardware Abstraction Layer (HAL)
Two different security models – the workgroup and domain models
Security Built in support for certification authorities and smart cards, as well as the
standards-based Kerberos authentication protocol
Active Directory – Cornerstone – its granular access control, inheritance, and delegation of administrative tasks gives you the flexibility to secure resources without compromising you network’s purpose
Key Improvements
Security Configuration Editor (SCE)
Security Configuration Manager (SCM)
Windows 2000 Authentication
Public Key Cryptography
Performance
Microsoft distributed file system (Dfs) allows shares to be mirrored between file
servers and enables clients to automatically choose the closest server
Reliability
Error and exception handling – uses structured exception handling for capturing error conditions and responding uniformly.
Component Redundancy – provides reliability by providing redundant systems that protect the computer when a single component fails
IntelliMirror – users will never lose access to their most critical network documents, application, and desktop settings because of this
Installing Window 2000Step One
Make sure that your system meets all the System requirement
Device are in the Hardware Compatibility List
Pentium 166 or greater with 64 MB of memory
At least 650 MB of hard drive space
Step Two
Insert the Window 2000 CD into the CD-ROM and run the WINNT or WINNT32 program from the disk
Or simply reboot the machine if it is capable of booting from the CD_ROM
Step Three
Windows 2000 Setup
It tells you what it believes you have on the system such as: type of
PC, Video Card, Keyboard, Mouse, etc
It sets you video card to the VGA mode. It is a good idea to keep this until the installation is complete so to avoid loading the wrong video card, and thus having to start over.
Step Four
Disk Partition
At this point of the installation it will ask you to tell it what partition on the harddrive to install it on
Import to choose the correct partition especially if it is going on a dual boot machine
It is a good Idea to know what kind of partition to use. NTFS or FAT32. NTFS is more secure and allows file-level security. Its downfall is that it cannot use DOS Based, low-level utilities to read or manipulate the drive. If you have these issue one resolution is when you partition the drive to make a small FAT32 Partition
Disk Partition - Cont
Step Four
Ask you to personalize your copy with your name and company name. This is
optional
Step Five
Ask you to pick the Licensing option you are going to use when installing Windows Server 2000
Per Seat
Per Server
It requires you to make the decision however it will allow you to change it one time
Step Six
It next ask to create the Emergency Repair Disk
Gives windows enough information to bring up your system based on the last time you updated the disk
Stores the critical system configuration files needed to recover Window 2000
Needs to be updated regularly – Start + Programs + Accessories + System Tools + Backup
Good idea to do every time you make major changes
Step Seven
Network Setup
During the network setup Window 2000 will do the following
Connecting to the network – it will ask you if the computer will participate on a network or Wired to the network
Network Setup – Cont
Installing the Network Card
Installing Protocols - It automatically assumes you want NetBeui, TCP/IP, and IPX/SPX
Step Eight
Service Installation
Internet Information Server
Gateway Services for Novell
DNS and DHCP Server
Remote Access Service (RAS)
TCP/IP and SNMP
Step Nine
Security
Need to tell the machine is joining a workgroup or domain
Windows 2000 server and workstations must be granted access to join a domain
Very secure machine – It needs to validate all other machines in the network.
Step Ten
Setting the Time Zone and Rebooting
Registry2000 Registry – Was created to improve the configuration mess
Windows 2000 Tries to improve on the configuration mess with the Registry
It is one big, central, secure database containing all the configuration information about the server, its applications, and its users
Describes the hardware configuration, installed system and application software, user and group account security, desktop settings and profiles, file association, and applications supporting object Linking and Embedding (OLE)
Can be modified by the configuration tools in control panel, the windows 2000 setup applet, Active Directory Users and computers, third-party configuration tools, and soft ware installation procedures
A Database containing configuration data for application, hardware, and device drivers, as well as data on network protocols and adapter card settings.
Changing the Registry
Can be do by Administrative tools directory, applications within Control Panel, or by opening up Registry Editor and Manually changing fields values
It is a good idea to save your registry before you make any changes manually so that you can reverse it at anytime if something goes wrong.
This can be do by going to start, run and typing regedt32.
Benefits to the Administrator
Collects all configuration information while accommodating the data and storage needs of system components
Allows discretionary access control to local and remote configuration data. Can be protected by Access Control List (ACL)
Records and preserves security and desktop information on an individual basis.
Use it to determine all the hardware components installed on a local or remote system, the BIOS revision levels for motherboards and video adapters, the numbers and types of SCSI adapters, the devices installed on each adapter, and IRQ and base address and DMA channel assignments for specific components
Contains the Following Types of configuration information
AUTOEXEC.BAT,CONFIG.SYS, WIN.INI, SYSTEM.INE, CONTROL.INI, LANMAN.INI, PROTOCOL.INI and miscellaneous INI files
Device Driver Data
Network Protocols and Network Adapters
Component and Application that use the Registry
Setup
Hardware Detector
Windows 2000 Kernel
Device Drivers
Administrative tools
HKEY_LOCAL_MACHINE
This is where the system stores hardware, software, and security information
Hardware and operating system data such as bus type, system memory, device drivers, and startup control data
Five main KEYS
HKEY_LOCAL_MACHINE\HARDWARE
Describes the physical hardware in the computer, the way that device drivers use the hardware, and mappings and related data that link kernel mode drivers with various user mode code
All information in it is volatile, meaning that the settings are recomputed each time the system is started and then discarded when the system is shut down
Description Key – describes the actual computer hardware – the make of the motherboard, type of video adapter, SCSI adapters, serial ports. Parallel ports, sound cards, network adapters, and so on
Device Map Key – contains miscellaneous data in formats specific to particular classes of drivers
Resource Map Key – describes which device drivers claim specific hardware resources
HKEY_LOCAL_MACHINE\SAM HKEY_LOCAL_MACHINE\SECURITY
Has no visible information – the point to set security policies such as specific user rights, as well as information for user and group accounts and for the domains in Window 2000 Server
HKEY_LOCAL_MACHINE\SOFTWARE –
Contains data about software installed on the local computer, along with miscellaneous configuration data
HKEY_LOCAL_MACHINE\SYSTEM
Controls system startup, device driver loading, W2K services, and operating system behavior
Describes bootable and nonbootable configuration in a group of ControlSets, where each ControlSet represents a unique configuration
HKEY_CLASSES_ROOT
Contains information on file associations and data required to support Microsoft’s Object Linking and Embedding technology
Provides information on filename-extension association and OLE that can be used by Windows shell application and OLE applications
HKEY_USERS
Information about active users
Includes Profiles on any user who has local access to the system, including environment variables, personal program groups, desktop settings, network connections, printers, and application preferences
It contains a default profile for user that have never logged on
Security ID for other users
HKEY_CURRENT_USER
Contains the user profile for the person currently logged onto the machine
User’s profile groups, desktop settings, printers, application preferences, and network connections
HKEY_CURRENT_CONFIG
Contains the configuration information for the particular hardware
configuration you booted with
Event Viewer
Events are significant occurrences in the operating system (power interruption, hard drive out of free space)
Viewed with Event Viewer
Three main types of event logsApplication – e.g., database query malformed
Security – e.g., all attempted logins
System – e.g., modem failure
Logging Information
Logs are stored in \SystemRoot\SYSTEM32\CONFIG
Events can be filtered by many criteria
Three types of log entries:Information – Successful events, failed events or both
Warning – Irregular event that doesn’t affect system
Error – A failed event or network error
Security EventsEnabled in Group Policy Editor
Logon and logoffFile and object (applications) access (including attempts at accessing restricted files)User and group managementSecurity policy changesRestart, shutdownProcess tracking – enable only when absolutely necessary!
Sample Error Event
Encrypting File System (EFS)
Allows encryption of files and directors to be transparent to user and applications
Deters “back door” methods of accessing NTFS partitions via boot disks or other operating systems
Brief Summary of Inner Workings
Each file has a randomly generated number called the File Encryption Key (FEK)
FEK used to encrypt file with DESX
User’s public RSA key encrypts FEK
Encrypted FEK appended to end of file
Private RSA keys can be stored on smart cards or disk (not recommended)
W2K Command Line Magic
Start -> Run -> CMD
Command buffer accessible by pressing up and down arrows
Auto complete directories by pressing TAB
Surround files or directories with spaces in double-quotation marks (e.g., “My Documents”)
Commands can be used in batch files or login scripts
“Help” command displays list of all W2K commands, “command-name /?” displays help for specific command
ipconfig
Displays IP and ARP (Address Resolution Protocol) informationRenews, releases DHCP IP licensesWorks on devices similar to Linux’s eth0 but without obfuscated names, e.g., “Ethernet 3COM” or “Local Area Connection 1”; wildcards * and ? AcceptedWorks on all interfaces to the computer (serial, parallel)
arp
Displays the ARP table on the machine
If connectivity problems exist between two machines, running arp on both machines and comparing the MAC (unique 6x16-bit addressed stored in network interface card) values for the two machines might gives clues as to why the two machines can’t see one another
nbtstat and netstat
Displays network usage statistics including bytes received and sent, errors
Displays list of ports open and what connections to and from the machine exist
nbtstat gives statistics for connections using NetBios over TCP/IP (a.k.a. NBT)
netstat gives statistics from a network adapter on a local or remote machine
route
Views and modifies the route table
If a better route is known by a network administrator between two hosts, the admin can add this route to the route table.
ping
Ping, or Packet InterNet Gopher, is a TCP/IP utility
Sends a message to a specified host, waits for a reply
Useful for checking if a host can be accessed and the latency between two hosts
tracert – the funnest command of all
Displays the route a packet will take when transferring from your machine to the specified IP
Displays latency/ping at each step along the route
Useful for determining network bottlenecks between key servers
net
accounts – modifies password restrictions, synchronizes user accounts databasecomputer – adds or deletes computers from a domainconfig – views and allows certain modifications to how a computer behaves on the network (e.g., max users connected)continue – restarts a paused servicefile – find out if a specified file is open and who is using the filename – sends a message to the specified computer on the networkpause – pauses a serviceprint – gets a list of jobs current printing, deletes a specified jobsession – displays information about connections between a W2K server and a client, disconnect a specified machine from the servershare – shares files, directories over the networkstart – displays list of available services to run, starts the specified servicestatistics – displays statistics about clients connected to a servertime – synchronizes the clock to a specified machine’s clockuse – maps network drivesuser – adds, edits and deletes user accountsview – displays a list of network resources
Beyond Windows XP
Fleetwood Mac or Microsoft?
Stevie Nicks