Microsoft – SQL Server – MS OS Security Apparatus

Microsoft – SQL Server – MS OS Security Apparatus

As one delves deeper into Microsoft Server Technologies one might want to consider the implications of the continual integration of security apparatus into the underlying OS.

The apparatus includes:

  • User Access Control (UAC)
  • Data Execution Prevention

Thankfully, Microsoft is enhancing “Task Manager” to indicate the current status of some of these technologies.  To all the best insight the status is reflected at each individual  process level.

Here are the steps to customize a running “Task Manager” session and have it display these statuses:

  • Launch “Task Manager”
  • Ensure that the “Show processes from all users” check-box is checked
  • Click on the menu options “View/Select Columns…”
  • In the “Select process page columns”, ensure that “User Account Control (UAC) Virtualization” and “Data Execution Prevention” columns are checked

Select Process Page Columns

Once the new columns are visible, the “Task Manager” will reflect the state of these security settings for each running process.

Windows Task Manager

Disable UAC – Windows 2008/R2 (Command Line)

http://www.howtogeek.com/howto/windows-vista/enable-or-disable-uac-from-the-windows-vista-command-line/


C:\Windows\System32\cmd.exe /k %windir%\System32\reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t 
REG_DWORD /d 0 /f

Disable UAC – Windows 2008/R2 (Registry)

http://kb.webtrends.com/support/solutiondetail.aspx?Id=50140000000aJ4f

To completely disable UAC for Windows 2008 R2, modify the system registry. Back up the registry before proceeding:

  • Navigate to the following key:

   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion

\Policies\System

  • Edit the key below as follows:

EnableLUA – Set this to “0” (off) instead of “1” (on)

  • Restart the server for the change to take effect.

The most comprehensive set of choices for changing UAC is provided by Daniel Petri @ http://www.petri.co.il/disable_uac_in_windows_vista.htm

Data Execution Prevention Settings

  • Click Start, and then click Control Panel.
  • Under Pick a category, click Performance and Maintenance.
  • Under or Pick a Control Panel icon, click System.
  • Click the Advanced tab.
  • In the Performance area, click Settings and then access the “Data Execution Prevention”.
  • The choices available are “Turn on DEP for essential Windows programs and services only” and “Turn on DEP for all programs and services except those I select:
  • Click OK to close System Properties then close Performance and Maintenance.

Data Execution Prevention

References

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s