Hacking For Beginners – Manthan Desai
2010
3. Windows Hacking and SecuritySecurity Architecture of Windows
There are three components of Windows Security:
LSA (Local Security Authority) SAM (Security Account Manager) SRM (Security Reference Monitor)
LSA (Local Security Authority)
LSA is the Central Part of NT Security. It is also known as Security Subsystem. The Local Security Authority or LSA isa key component of the logon process in both Windows NT and Windows 2000. In Windows 2000, the LSA isresponsible for validating users for both local and remote logons. The LSA also maintains the local security policy.
During the local logon to a machine, a person enters his name and password to the logon dialog. This informationis passed to the LSA, which then calls the appropriate authentication package. The password is sent in a non-reversible secret key format using a one- way hash function. The LSA then queries the SAM database for the User’saccount information. If the key provided matches the one in the SAM, the SAM returns the users SID and the SIDsof any groups the user belongs to. The LSA then uses these SIDs to generate the security access token.
www.hackingtech.co.tv
Page 28