Tools List for Understanding Windows Integrity Mechanism (WIM) Print E-mail
General
Written by Darwin Sanoy   
Wednesday, June 10, 2009 4:53am

If your company decided to wait on Vista, you may not have had opportunity to get into the core technology that Microsoft introduced in version 6 of its kernel which powers Vista, Win7, Server 2008 and Server 2008R2.  Integrity Levels (ILs) are a new and significant feature of the new kernel.

Here is a list of the tools that allow you to view and change Integrity Levels:

  • whoami /groups – lists the integrity level of the instance of cmd.exe that the command is executed within.  Built into the operating system.
  • icacls.exe /setintegritylevel – views and sets file integrity levels.  Built into the operating system.
  • procexp.exe – shows integrity levels for any running process.

The following two tools were written by Mark Minasi for his book “Administering Windows Vista Security – The Big Surprises”  As usual his book leverages a light hearted style to get you through the core concepts – still an applicable read to Windows 7 if you didn’t get up to speed on Vista.

  • chml.exe – allows detailed Integrity Level permissions settings and custom ILs on files.   – it is helpful for understanding ILs in depth.
  • regil.exe – allows detailed Integrity Level permissions settings and custom ILs on registry keys. It was written by Mark Minasi for his book “Administering Vista Security – The Big Surprises”.
Our CSI-300 Foundations of Application Internals course can also help you get your head wrapped around Windows Integrity Mechanism.

Download Process Explorer

Download Tools From Mark’s Book

 

Add comment


Security code
Refresh