Last Articles

Most popular password

Fake ARP-server on the Internet

Why can not I log in as an administrator from any location?

Идентификаторы защиты (SID)

Can you trust a domain that is connected to the Internet?

Administrative boundaries: the forest or domain?

The basic principles of security

Protection system in Windows - Fact or Fiction

Chronology of the ARPANET - INTERNET

Network Information Security: Myths and Realities Omnipotence hackers

Network security model and resource sharing

Remote attacks on distributed computing systems

Characteristics and mechanisms of implementation of standard remote attacks

Administrative methods to protect against remote attacks on the Internet

Control of virtual connections in the distributed CS

Control over route messages to the distributed CS

Pros and cons of a distributed aircraft with dedicated channels

Mythical remote attacks on the Internet

Malfunction host on the network

Substitution of one of the subjects TCP-connections on the Internet

Идентификаторы защиты (SID)

  So far we have talked about the elements of security, using their "common" names, such as the administrator of the Domain Admins group or Domain Admins. But inside the Windows NT family of systems, each of these objects is represented globally unique 48-bit number, called a security identifier or SID (Security Identifier). This approach allows the system to distinguish between, for example, the local Administrator account the same name of computer A and the local Administrator account on your computer.

  In the SID consists of several parts. Consider an example of such an identifier.


  Prior to the SID, the letter S, and its parts are separated by hyphens. The first number (in this case 1) is the revision number, the second - the value of office identifier (for Windows Server 2003, it is always 5). This is followed by four options under the authority (in this example is 21, and three long strings of numbers), and the latter indicates a relative identifier (RID - Relative Identifier) (in our example, the value is 500).

  The SID may seem complicated, but it is important to understand that one part is unique to the installation, or domain, and another - is common to all installations and Wamena (relative identifier R1D). After you install Windows Server 2003, a local computer randomly selects the SID. The same thing happens when you create a domain under Windows Server 2003 - he also gets a unique identifier SID. Thus, for any computer or domain that is running Windows Server 2003, under the powers will always be unique (unless these are fake and do not overlap, as happens in certain types of low-level copying of disks).

  In any case, the value of R1D is constant for all computers and domains. For example, the identifier SID, whose value is 500 RiD, always belongs to the Administrator account of the local machine. RID 501 is used to account Guest. For the domain RID starts from 1001 and shows the number of user accounts (eg, RID 1015 will fifteenth user domain). Suffice it to say that renaming the account does not affect the corresponding S1D, so the account will always be identified. Renaming the account Administrator, you just change its name, Windows Server 2003 (or an attacker, using special equipment) is always defined by the value of CE R1D 500.

Top 5 most read

The basic rules of safe behavior on the Internet

What to do if you forget the BIOS password

How to crack passwords?

Social engineering as a way of committing crimes in the sphere of computer information

You forget your password. What should I do? Part 3

Copyright © 2010 BRV ISTCOM S.R.L.- раскрутка сайта