Windows VistaInside Out :Windows VistaInside Out Chapter 30 – Automating Windows Vista Last modified 11-27-07


Editions :Editions The Automation Tools are the same in all editions of Windows Vista


Four Ways to Automate Tasks :Four Ways to Automate Tasks Task Scheduler Easiest and simplest Batch Programs Carried over from MS-DOS Windows Script Host Can run scripts written in VBScript, JScript, and other languages Windows PowerShell Not included in Vista by default A free download from Microsoft


We Only Cover Task Scheduler :We Only Cover Task Scheduler The other three methods are not part of this class: Batch Programs Windows Script Host Windows PowerShell


New Features in Task Scheduler :New Features in Task Scheduler Implemented as a Microsoft Management Console (MMC) snap-in More information about tasks Integrated with the Event Viewer Events can trigger tasks More extensive triggering and scheduling options Launch when computer is idle Launch when a specific user logs on


Launching Task Scheduler :Launching Task Scheduler Control Panel, System And Maintenance, Scroll to bottom, under Administrative Tools, Schedule Tasks Or taskschd.msc at a Command Prompt Or Start, search for "Task Scheduler"


Task Scheduler Window :Task Scheduler Window View, Customize, and then deselect Action Pane To update, Action, Refresh


Display All Running Tasks :Display All Running Tasks Select top node in left pane Action, Display All Running Tasks


Task Details :Task Details Browse to task in folder tree to see read-only details in lower pane To modify them, right-click task name in the top pane and click Properties


Task Scheduler Terminology :Task Scheduler Terminology Trigger The time or the event that causes a task to run Action What the task does Condition An additional requirement that, along with the trigger, must be met for the task to run Setting A property that affects the behavior of a task


Demonstration: System Restore :Demonstration: System Restore See when Restore Points were made


Scheduling Tasks with the Schtasks Command :Scheduling Tasks with the Schtasks Command Schtasks /Create Schtasks /Change Schtasks /Delete Schtasks /End Schtasks /Query Schtasks /Run


Windows VistaInside Out :Windows VistaInside Out Chapter 31 – Advanced Security Management


Topics :Topics Windows Firewall With Advanced Security User Rights Auditing


Editions :Editions Windows Firewall With Advanced Security is the same in all editions of Windows Vista User rights are the same in all Editions But the console for viewing and modifying them is available only in the Business, Enterprise, and Ultimate editions


Editions :Editions Auditing is preconfigured and cannot be changed in the home editions The other editions allow you to control exactly what you audit


Protecting a System with Windows Firewall :Protecting a System with Windows Firewall For basic control, use Windows Firewall application in Control Panel For more advanced tasks, use: Windows Firewall With Advanced Security, or The Netsh command-line utility


To Open Windows Firewall with Advanced Security :To Open Windows Firewall with Advanced Security Start, FIRE or wf.msc at a command prompt


Viewing Active Rules and Security :Viewing Active Rules and Security A firewall rule defines how a given network packet is handled by the Windows Firewall Exceptions in Windows Firewall comprise one of more rules


Inbound Rules :Inbound Rules There are a lot of rules You can make custom rules if you like (see textbook)


Demonstration :Demonstration Restricting Remote Desktop to LAN connections Double-click "Remote Desktop (TCP-In)


Demonstration :Demonstration On the Advanced tab, click Customize Select desired interface types


Logging Firewall Activity :Logging Firewall Activity Right-click the top-level folder: Windows Firewall With Advanced Security On Local Computer Properties Choose the desired profile's tab Domain, Private, or Public


Firewall Log :Firewall Log To view the log, you need an elevated Notepad window


Logging Settings :Logging Settings In the Logging section, click Customize Logging successful packets is usually worthless—too much boring data


Using the Netsh Command to Manage Windows Firewall :Using the Netsh Command to Manage Windows Firewall You can enable Windows Firewall with this command: netsh firewall set opmode enable There are a lot of netsh commands, to use some of them, do the Server Core project


Testing Your Computer’s Network Security :Testing Your Computer’s Network Security To see the currently active network connections, at a Command Prompt: netstat -a | more You could just use netstat –a, but it would scroll off the screen This command uses numbers instead of DNS names, and shows process IDs: netstat -aon | more


Correlating Process IDs :Correlating Process IDs Netstat shows the PID that is listening Task Manager shows the process


Managing User Rights :Managing User Rights A user right is authorization to perform an operation that affects an entire computer A permission, is authorization to perform an operation on a specific object—such as a file or a folder


Local Security Policy :Local Security Policy Available only on Business, Enterprise, or Ultimate editions of Vista. At a command prompt, type secpol.msc


Default User Rights :Default User Rights These User Rights are what makes an Administrator different from a User It is not common to change them from their default settings You could change "Bypass Traverse Checking" to prevent security problems in nested folders


Auditing Security Events :Auditing Security Events Auditing writes events into the Security Log, when A monitored folder is accessed Logon or Logoff Many other possibilities


Enabling Auditing :Enabling Auditing Before any events can be written to the Security log, you must enable Auditing in Local Security Settings Enable thedesiredauditing


Monitoring Access to Folders and Files :Monitoring Access to Folders and Files Right-click file or folder, Properties, Security tab, Advanced, Auditing tab Add, Everyone Check events to audit


Security Events :Security Events Now you will see a LOT of events from the auditing