Skip to main content

WINDOWS: Security Architecture Of Windows

There are three components of Windows Security  

1. LSA (Local Security Authority) 

2.SAM (Security Account Manager) 

3. SRM (Security Reference Manager) 

1. LSA (Local Security Authority)  

LSA is a central part of "NT" Security.It is also known as Security Subsystem.It maintains the local security policy.It verifies the users logging on to the windows,creates token and also handles password.One thing to keep in mind is that here if we force "lsass.exe" to terminate so we'll lose it's account and our PC will restart.Always remember that if "lsass.exe" file is running from somewhere else location so that "lsass.exe"file is not always but can be virus or any other malware.This file is located in "C:\Windows\System32"  

 

During the log on of the machine a person types his/her "username" and "password" to log in. Then password is sent in a secret format using hash function.Here it calls right appropriate  authentication package.Then "LSA" uses this authentication to prepare or generate appropriate security access token.

2. SAM (Security Account Manager)   


The "SECURITY ACCOUNT MANAGER" is a database in our operating system which contains our username and password and interesting thing is that it can also be found our "HARD DRIVE" When ever we make a new account and password it gets stored in our "SAM" file.Here in SAM each windows password can be assigned which is in encrypted form.When other service operates and everything goes clear than it announces other service available , so that other service can start accessing the SAM database. Remember when our operating system starts then this SAM file can not be access or becomes inaccessible.  


Windows Security files are located at “C:\Windows\System32\Config\SAM” Generally most Windows can be manually configured to disable the hashes which results to the invalid LM hashes when the user changes their password.Remember the Sam file cannot be moved or copied  while windows is running as Windows files system keeps a continuous watch on SAM file.The SAM file will only release and open the lock until the "BLUE SCREEN OF DEATH" has been thrown away or our operating system has been shut down.  

 3. SRM (Security Reference Manager)  

 The Security Reference Monitor is a security architecture component that is used to control the user request to access objects in the system.The Security Reference Monitor enforces access validation and audit generation policy.When ever a person wants to access the particular file so SRM validates our request. 

 

 Here the reference monitor verifies our access token requests where a good example is Windows NT Line which not onlt includes Windows 2000 but also Windows XP which does not contain any reference monitor and was designed completely with different architecture.and also Windows 3.x and 9.x were also not build with any reference monitor

Comments

Popular posts from this blog

How to make 50$ per day using Instagram

Instagram has been the talk of the town and all for the right reasons. It's one of the best mediums for Affiliate Marketing. If you're new to CPA, then Instagram is really the best place to start with it. Keep in mind that no matter how much I spoonfeed information to you here, you are gonna have to put some effort into it to see results. Why? - There's thousands of people already doing but there's money for everyone.

A little history - I got back into Internet Marketing 7 months ago and decided to try out Instagram as everyone was doing it. And my first choice was OGads obviously. In the past 7 months I've made over $11,000 using Instagram so it's safe to say I know what am talking about. :)
What you need to get started - 
1. Account on OGads - These guys are currently the best Mobile CPA network and you're gonna want to be a part of them. Very good offers and very helpful staff.
Signup to OGads - http://ogads.com/ 

2. Bot to run Instagram accounts - I personal…

Hacker (Computer Security)

In the PC security connection, a programmer is somebody who looks for and abuses shortcomings in a PC framework or PC system. Programmers may be propelled by a large number of reasons, for example, benefit, dissent, challenge. enjoyment or to assess those shortcomings to help with evacuating them. The subculture that has developed around programmers is regularly alluded to as the PC underground and is currently a known community.While different employments of the word programmer exist that are identified with PC security, for example, alluding to somebody with a propelled comprehension of PCs and PC networks,they are seldom utilized as a part of standard connection. They are liable to the longstanding programmer definition discussion about the term's actual importance. In this debate, the term programmer is recovered by PC software engineers who contend that somebody who breaks into PCs, whether PC criminal (dark caps) or PC security master (white hats),is all the more fittingly…