This paper presents an analysis of the security in Windows NT 4.0, working in both stand-alone and networking mode. The objective of the work was to find out how secure this operating system actually is. A technical overview of the system, and in particular its security features is given. The system security was analyzed and practical intrusion attempts were made in order to verify vulnerabilities or to find new ones. All vulnerbilities are described in detail and classified according to a classification scheme. A comparison to commonly known UNIX weaknesses was made. It revealed generic similarities between the two systems to a surprisingly high degree. Finally a number of recommendations are given. The paper concludes that there are ample opportunities to improve the security of Windows NT. We have reason to believe that it is probably not higher than that of UNIX.

Click Here to download this article