Microsoft Windows OverviewTyronne Nash

Perry Holloway

William Wright

Overview

Evolution of Windows

DOS extensions

GUI front-end styles

Operating system

Server platforms

File systems

Overview (cont)

Windows 2000 design goals

Windows 2000 basic install

Windows 2000 Registry

Sources for some of the historical information and images:

 

http://www.microsoft.com/windows/winhistorydesktop.mspx

http://toastytech.com/guis

1985

Windows 1.0

Extension to DOS

GUI front end

Added use of mouse

Task manager

Used underlying DOS

Windows 1.0

1987

Windows 2.x

Windows /386

Overlapping Windows

VGA

DDE

Used underlying DOS

Theme used: “MS Eye Bleeder”

1990

Windows 3.x (WIN3.x)

32 bit processing

File Manager

Print Manager

Presentation Manager

Modular Virtual device drivers (VxDs)

Use of extended memory

Used underlying DOS

1993

Windows for Workgroups 3.11 (WFW)

Native networking support

RAS

Used underlying DOS

1993

Windows NT 3.1 (WINNT)

Windows Advanced Server 3.1

Designed to be application server

Client /server

Microsoft Mail

Network management

(Security, Sever management)

1993

Windows NT Workstation 3.5 (WINNT WS)

Open GL

Long file names

1994

Windows NT server 3.5

(based on NT Server 3.1)

1995

WINNT 3.51

Minor server upgrade release

Windows 95 (WIN95)

Integrated 32 bit TCP/IP stack

Plug and Play (PnP)

Attempt to add security

WIN95

Security ??

 

Multiple logons

Use of ESC key will bypass login process

Policy editor (POLEDIT)

Note: this not well documented

Still able to drop to DOS and the machine is yours

1996

WINNT WS 4.0

Added the W95 interface

 

WIN95 OEM Service Release 2 (OSR2)

FAT32 introduced

Bugfix

1996

WINNT 4.0

Full 32 bit OS

Look and feel of WIN95

1997

NT Server Enterprise Edition (EE)

Scaled up server for corporate clients with large networks

1998

NT Server Terminal Server (TS)

The NT product line was renamed to Windows 2000

Windows 98

USB support

1999

WIN98 Second Edition (SE)

Fixed must of the bugs in WIN98

Networking support for home users

2000

Windows Millennium Edition (WIN ME)

System Restore

Windows 2000 Professional W2K Pro)

Based on NT code

2000 (cont)

USB Firewire

Added support for Kerberos protocol

NTFS 5.0

Encrypting file system (EFS)

2001

Windows XP Professional

WINNT and WIN9X derivatives combined into one code base

Windows XP Home

Easier networking

No Domain authentication

File systems

FAT12 and FAT16 (FAT)

FAT

FAT started with DOS

Max size 32MB

Can be read by all Windows operating systems

File systems (cont)

FAT32

Started with WIN95 OSR2

Max size 2 terabytes

Supported size is much less

Can be read by all WIN9X, WIN ME, W2K and WIN XP

File systems

NTFS

Max size can more than 2TB

NTFS 5.0 supports EFS

Can be read by W2K, WIN XP, maybe WINNT 4.0 SP4

Window 2000 Design Goals

Windows NT

Compatibility

Reliability

Extensibility

Scalability

Distributability

Certifiability

Windows 2000

Internet Standardization

Ease of Administration

Scalability

Security

Performance

Reliability

Internet Standardization Was a new focus because of the growth of the internet

Increased support for the open Standards

Networking is improved ( added new Microsoft Management Console (MCC) administrative interfaces) (TCP/IP network services have been improved and updated)

Support for the Layer 2 Tunneling Protocol (L2TP) (industry standard Internet protocol used for building Virtual Private Networks (VPN)) (Builds secure tunnels across internetworks) (can Leverage public key certificates and IP Security)

Supports IP Security, Kerberos, and PKI (public key infrastructure)

Most important addition is the Active Directory

Supports Lightweight Directory Access Protocol (LDAP) – Specifies the way clients and servers exchange directory information

Ease of Administration Has Support for many Items

Improved management infrastructure

Microsoft Management Console

Windows Management

Active Directory and Group Policy

Component Object Model

Windows Driver Model

Plug and Play and Advanced Configuration and Power Interface

Quality of Service

Ease of Administration – Cont.

Total Cost of Ownership

IntelliMirror

User Document Management

User Setting Management

Software installation

Remote Installation Services

Group Policy

Scalability

One that will run on many hardware environments

Provides multi-platform support through its layered, microkernel architecture and use of the Hardware Abstraction Layer (HAL)

Two different security models – the workgroup and domain models

Security Built in support for certification authorities and smart cards, as well as the

standards-based Kerberos authentication protocol

Active Directory – Cornerstone – its granular access control, inheritance, and delegation of administrative tasks gives you the flexibility to secure resources without compromising you network’s purpose

Key Improvements

Security Configuration Editor (SCE)

Security Configuration Manager (SCM)

Windows 2000 Authentication

Public Key Cryptography

Performance

Microsoft distributed file system (Dfs) allows shares to be mirrored between file

servers and enables clients to automatically choose the closest server

Reliability

Error and exception handling – uses structured exception handling for capturing error conditions and responding uniformly.

Component Redundancy – provides reliability by providing redundant systems that protect the computer when a single component fails

IntelliMirror – users will never lose access to their most critical network documents, application, and desktop settings because of this

Installing Window 2000Step One 

Make sure that your system meets all the System requirement

Device are in the Hardware Compatibility List

Pentium 166 or greater with 64 MB of memory

At least 650 MB of hard drive space

Step Two

Insert the Window 2000 CD into the CD-ROM and run the WINNT or WINNT32 program from the disk

Or simply reboot the machine if it is capable of booting from the CD_ROM

Step Three

Windows 2000 Setup

It tells you what it believes you have on the system such as: type of

PC, Video Card, Keyboard, Mouse, etc 

It sets you video card to the VGA mode. It is a good idea to keep this until the installation is complete so to avoid loading the wrong video card, and thus having to start over.

Step Four

Disk Partition

At this point of the installation it will ask you to tell it what partition on the harddrive to install it on

Import to choose the correct partition especially if it is going on a dual boot machine

It is a good Idea to know what kind of partition to use. NTFS or FAT32. NTFS is more secure and allows file-level security. Its downfall is that it cannot use DOS Based, low-level utilities to read or manipulate the drive. If you have these issue one resolution is when you partition the drive to make a small FAT32 Partition

Disk Partition - Cont

Step Four

Ask you to personalize your copy with your name and company name. This is

optional

Step Five

Ask you to pick the Licensing option you are going to use when installing Windows Server 2000

Per Seat

Per Server

It requires you to make the decision however it will allow you to change it one time

Step Six

It next ask to create the Emergency Repair Disk

Gives windows enough information to bring up your system based on the last time you updated the disk

Stores the critical system configuration files needed to recover Window 2000

Needs to be updated regularly – Start + Programs + Accessories + System Tools + Backup

Good idea to do every time you make major changes

Step Seven

Network Setup

During the network setup Window 2000 will do the following

Connecting to the network – it will ask you if the computer will participate on a network or Wired to the network

Network Setup – Cont

Installing the Network Card

Installing Protocols - It automatically assumes you want NetBeui, TCP/IP, and IPX/SPX

 

Step Eight

Service Installation

Internet Information Server

Gateway Services for Novell

DNS and DHCP Server

Remote Access Service (RAS)

TCP/IP and SNMP

Step Nine

Security

Need to tell the machine is joining a workgroup or domain

Windows 2000 server and workstations must be granted access to join a domain

Very secure machine – It needs to validate all other machines in the network.

Step Ten

Setting the Time Zone and Rebooting

Registry2000 Registry – Was created to improve the configuration mess

Windows 2000 Tries to improve on the configuration mess with the Registry

It is one big, central, secure database containing all the configuration information about the server, its applications, and its users

Describes the hardware configuration, installed system and application software, user and group account security, desktop settings and profiles, file association, and applications supporting object Linking and Embedding (OLE)

Can be modified by the configuration tools in control panel, the windows 2000 setup applet, Active Directory Users and computers, third-party configuration tools, and soft ware installation procedures

A Database containing configuration data for application, hardware, and device drivers, as well as data on network protocols and adapter card settings.

Changing the Registry

Can be do by Administrative tools directory, applications within Control Panel, or by opening up Registry Editor and Manually changing fields values

It is a good idea to save your registry before you make any changes manually so that you can reverse it at anytime if something goes wrong.

This can be do by going to start, run and typing regedt32.

Benefits to the Administrator

Collects all configuration information while accommodating the data and storage needs of system components

Allows discretionary access control to local and remote configuration data. Can be protected by Access Control List (ACL)

Records and preserves security and desktop information on an individual basis.

Use it to determine all the hardware components installed on a local or remote system, the BIOS revision levels for motherboards and video adapters, the numbers and types of SCSI adapters, the devices installed on each adapter, and IRQ and base address and DMA channel assignments for specific components

 

Contains the Following Types of configuration information

AUTOEXEC.BAT,CONFIG.SYS, WIN.INI, SYSTEM.INE, CONTROL.INI, LANMAN.INI, PROTOCOL.INI and miscellaneous INI files

Device Driver Data

Network Protocols and Network Adapters

Component and Application that use the Registry

Setup

Hardware Detector

Windows 2000 Kernel

Device Drivers

Administrative tools

HKEY_LOCAL_MACHINE

This is where the system stores hardware, software, and security information

Hardware and operating system data such as bus type, system memory, device drivers, and startup control data

Five main KEYS

HKEY_LOCAL_MACHINE\HARDWARE

Describes the physical hardware in the computer, the way that device drivers use the hardware, and mappings and related data that link kernel mode drivers with various user mode code

All information in it is volatile, meaning that the settings are recomputed each time the system is started and then discarded when the system is shut down

Description Key – describes the actual computer hardware – the make of the motherboard, type of video adapter, SCSI adapters, serial ports. Parallel ports, sound cards, network adapters, and so on

Device Map Key – contains miscellaneous data in formats specific to particular classes of drivers

Resource Map Key – describes which device drivers claim specific hardware resources

HKEY_LOCAL_MACHINE\SAM HKEY_LOCAL_MACHINE\SECURITY

Has no visible information – the point to set security policies such as specific user rights, as well as information for user and group accounts and for the domains in Window 2000 Server

HKEY_LOCAL_MACHINE\SOFTWARE –

Contains data about software installed on the local computer, along with miscellaneous configuration data

HKEY_LOCAL_MACHINE\SYSTEM

Controls system startup, device driver loading, W2K services, and operating system behavior

Describes bootable and nonbootable configuration in a group of ControlSets, where each ControlSet represents a unique configuration

HKEY_CLASSES_ROOT

Contains information on file associations and data required to support Microsoft’s Object Linking and Embedding technology

Provides information on filename-extension association and OLE that can be used by Windows shell application and OLE applications

HKEY_USERS

Information about active users

Includes Profiles on any user who has local access to the system, including environment variables, personal program groups, desktop settings, network connections, printers, and application preferences

It contains a default profile for user that have never logged on

Security ID for other users

HKEY_CURRENT_USER

Contains the user profile for the person currently logged onto the machine

User’s profile groups, desktop settings, printers, application preferences, and network connections

  HKEY_CURRENT_CONFIG

Contains the configuration information for the particular hardware

configuration you booted with

Event Viewer

Events are significant occurrences in the operating system (power interruption, hard drive out of free space)

Viewed with Event Viewer

Three main types of event logsApplication – e.g., database query malformed

Security – e.g., all attempted logins

System – e.g., modem failure

Logging Information

Logs are stored in \SystemRoot\SYSTEM32\CONFIG

Events can be filtered by many criteria

Three types of log entries:Information – Successful events, failed events or both

Warning – Irregular event that doesn’t affect system

Error – A failed event or network error

Security EventsEnabled in Group Policy Editor

Logon and logoffFile and object (applications) access (including attempts at accessing restricted files)User and group managementSecurity policy changesRestart, shutdownProcess tracking – enable only when absolutely necessary!

Sample Error Event

Encrypting File System (EFS)

Allows encryption of files and directors to be transparent to user and applications

Deters “back door” methods of accessing NTFS partitions via boot disks or other operating systems

Brief Summary of Inner Workings

Each file has a randomly generated number called the File Encryption Key (FEK)

FEK used to encrypt file with DESX

User’s public RSA key encrypts FEK

Encrypted FEK appended to end of file

Private RSA keys can be stored on smart cards or disk (not recommended)

W2K Command Line Magic

Start -> Run -> CMD

Command buffer accessible by pressing up and down arrows

Auto complete directories by pressing TAB

Surround files or directories with spaces in double-quotation marks (e.g., “My Documents”)

Commands can be used in batch files or login scripts

“Help” command displays list of all W2K commands, “command-name /?” displays help for specific command

ipconfig

Displays IP and ARP (Address Resolution Protocol) informationRenews, releases DHCP IP licensesWorks on devices similar to Linux’s eth0 but without obfuscated names, e.g., “Ethernet 3COM” or “Local Area Connection 1”; wildcards * and ? AcceptedWorks on all interfaces to the computer (serial, parallel)

arp

Displays the ARP table on the machine

If connectivity problems exist between two machines, running arp on both machines and comparing the MAC (unique 6x16-bit addressed stored in network interface card) values for the two machines might gives clues as to why the two machines can’t see one another

nbtstat and netstat

Displays network usage statistics including bytes received and sent, errors

Displays list of ports open and what connections to and from the machine exist

nbtstat gives statistics for connections using NetBios over TCP/IP (a.k.a. NBT)

netstat gives statistics from a network adapter on a local or remote machine

route

Views and modifies the route table

If a better route is known by a network administrator between two hosts, the admin can add this route to the route table.

ping

Ping, or Packet InterNet Gopher, is a TCP/IP utility

Sends a message to a specified host, waits for a reply

Useful for checking if a host can be accessed and the latency between two hosts

tracert – the funnest command of all

Displays the route a packet will take when transferring from your machine to the specified IP

Displays latency/ping at each step along the route

Useful for determining network bottlenecks between key servers

net

accounts – modifies password restrictions, synchronizes user accounts databasecomputer – adds or deletes computers from a domainconfig – views and allows certain modifications to how a computer behaves on the network (e.g., max users connected)continue – restarts a paused servicefile – find out if a specified file is open and who is using the filename – sends a message to the specified computer on the networkpause – pauses a serviceprint – gets a list of jobs current printing, deletes a specified jobsession – displays information about connections between a W2K server and a client, disconnect a specified machine from the servershare – shares files, directories over the networkstart – displays list of available services to run, starts the specified servicestatistics – displays statistics about clients connected to a servertime – synchronizes the clock to a specified machine’s clockuse – maps network drivesuser – adds, edits and deletes user accountsview – displays a list of network resources

Beyond Windows XP

Fleetwood Mac or Microsoft?

Stevie Nicks