meljun cortes computer organization lecture chapter23 computer security
TRANSCRIPT
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
OverviewIn this chapter, you will learn to
Explain the threats to your computers and data
Describe how to control the local computing environment
Explain how to protect computers from network threats
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
ThreatsUnauthorized access
Any user accesses resources in an unauthorized way
Not locked down
Data destructionIntentional or accidental data lossUnauthorized data modification
Administrative accessXP Home almost requires granting multiple users
administrator accessUse Windows 2000 or XP Pro to control access
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
ThreatsSystem crash/hardware failures
Hard drives crash, power failsRedundant systems provide protection
Viruses/spywareTravel quickly in a networkCome from the Internet, floppy disks, optical discs, and USB drives
Goal is to prevent infection
InternetInternet
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Local ControlIdentify what to back up
Eliminate sensitive data from discarded media
“First, Do No Harm””Part of physician’s oath
“First, Secure the Data”Tech version of the oath
Top Secret
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
What to Back UpEssential data
Use the Backup toolDocuments and Settings folder for all usersE-mail and address booksOther data
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
What to Back UpServers
Some servers have critical data (Active Directory)Back up System State to include
Most of Registry, security settings, and more
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Off-Site StorageBackups should be stored someplace other than your place of
businessCould be tape, CD, portable drive
Off-site storageCopy of backup stored in another
geographical locationProtects against major disaster
such as fire, flood, etc.
Backups
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
MigrationWhen a computer is replaced
Move user’s data and settings to new computerUse a tool such as File and Settings Transfer (FAST) WizardDon’t connect new computer to network until security has
been implemented
Old computer New computer
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
MigrationEliminate data remnants
Just formatting or repartitioning isn’t enoughUse a tool such as Windows WasherCan eliminate specific data or the entire drive
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
RecycleDon’t just throw computers in trash
Keeps toxic chemicals out of landfills
Recycling centers will take them
Donate Schools and other organizations will gladly take
used computers
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Social EngineeringUsing or manipulating people in the network to gain access
to the network
InfiltrationPhysically sneaking into buildingTalking to people gathering pieces of information
Telephone scamsSimply asking for informationImpersonating someone else
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Social EngineeringDumpster diving
Searching through trash looking for information
Individual pieces of data can be put together as a puzzle
Physical theft
Servers need to be kept behind locked doors
The best network security is beaten easily if physical security is ignored
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Access ControlPhysical security
Lock the doorDon’t leave PC unattended when logged on
AuthenticationSoftware authentication using proper passwordsHardware authentication using smart cards
and biometrics
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Access ControlUse NTFS, not FAT32
FAT32 provides very limited securityUse NTFS whenever possible
To convert FAT32 drive to NTFSConvert D:\ /FS:NTFS
Users and groupsCan add users to groupsUsers now have permissions
of group
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Network SecurityUser account control through groups
Can grant permission to groupGroups represented by icon
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Network SecurityAdding users to a group
Done in Computer Management
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Network SecurityEffective permissions (combined)
Rita is in Sales Group and Managers groupSales granted List Folder Contents permissionManagers granted Read & Execute permissionRita has Read & Execute AND List Folder Contents
permissions (combination of both)
Sales group Managers group
ListFolderContents
Read &Execute
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Network SecurityDefault groups
Everyone, Guests, Users
Can become backdoors to the network
Windows 2000 gives full control to the Everyone group by default
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Security PoliciesLocal Security Settings
Set via Local Security Policy in Administrator ToolsCan set Local Computer Group Policy Object EditorApplies only to this computer
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Security PoliciesLocal Group Policy—applies locally only
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Security PoliciesExamples of what can be done with Group Policy in a
domainPrevent Registry EditsPrevent Access to the Command PromptLog on LocallyShut Down SystemMinimum Password
LengthAccount Lockout
ThresholdDisable Windows
InstallerMuch more
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Malicious SoftwareTogether known as malware
Viruses
Trojans
Worms
Spyware
Adware
Grayware
You’ve got Virus!
Hey, new mail coming your way!
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
MalwareViruses
Designed to attach themselves to a program When program is used, the virus goes into actionCan wipe out data, send spam e-mails, and more
TrojansDesigned to look like one program (such as a game or utility)Does something else too, such as erase CMOS
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
MalwareWorms
Similar to a Trojan but on a networkTravels from machine to machine through network Commonly infects systems because of security flaws
Best protection against WormsRun antivirus softwareKeep security patches
up to dateUse tools such as
Windows Update or Automatic Update to get critical updates
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Antivirus ProgramsAntivirus programs
Can be set to scan entire computer actively for viruses
Can be set as virus shield to monitor activity such as downloading files, receiving e-mail, etc.
Viruses have digitalsignatures
Antivirus programs havelibrary of signatures
Update signatures regularly
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Virus TechniquesPolymorphics/Polymorphs
Viruses attempt to change or morph to prevent detectionCode used to morph (scrambling code) often used as signature
StealthVirus attempts to hide and appear invisibleMost are in boot sectorSome use little-known software interruptOthers make copies of innocent-looking files
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Virus Prevention TipsScan all incoming programs and data
Scan the PC daily
Update signatures regularly
Keep bootable CD-R with copy of antivirus program
Be careful with e-mailConsider disabling preview windowOnly open attachments from known sources
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
MalwareSpam
Unsolicited commercial e-mail (UCE)To avoid, don’t give out your e-mail address
Pop-upsMany modify the browser so hard to close
Some open up other pop-ups when one pop-up is closed
To close Right-click the browser on the taskbar and select Close While the pop-up is displayed, press Alt-F4
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
SpywareFamily of programs that run in the background
Can send information on your browsing habits Can run distributed computing apps, capture keystrokes to
steal passwords, reconfigure dial-up, and more
Preventing installationBeware of free programs
such as Gator, Kazaa, othersAdobe’s Shockwave and
Flash reputable, but many others are not
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
SpywareAggressive tactics
Try to scare you into installing their program
Removing SpywareWindows DefenderLavasoft’s Ad-AwarePepiMK’s Spybot
Search & Destroy
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
GraywareNot destructive in themselves
Leach bandwidth in networks
Some people consider them beneficial
Used to sharefiles (e.g., BitTorrent)
Can push networkover the edge
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
FirewallsUsed to block malicious programs from the Internet
Can be software, hardware, or both
Windows XP has built-in firewall
InternetInternet
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
EncryptionMakes data packets unreadable
Changes plaintext into cipher text
Encryption occurs at many levels
Multiple encryption standards and options
Our lowest sell price is$150,000
Encryptionalgorithm
*2jkpS^aou23@`_4Laujpf
Decryptionalgorithm
Our lowest sell price is$150,000
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Network AuthenticationAuthentication
Proving who you areDone by providing credentials
i.e., user name and passwordCredentials rarely passed in plaintext
Common remote access protocolsPAP: Password Authentication Protocol (clear text)
Rarely usedCHAP: Challenge Handshake Authentication Protocol
Most popularMS-CHAP: Microsoft CHAP
Popular with Microsoft applications
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
EncryptionDial-up encryption
Set on the server
Data encryption
Multiple protocols possible
Microsoft method of choiceis IPSec (IP Security)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Application EncryptionMany applications can use other protocols to encrypt data
On the Web, HTTPS commonly usedUse digital certificatesCertificates issued by trusted
authorities Trusted authorities added to
Web browsers
Invalid certificates can be cleared from cache
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Wireless IssuesSet up wireless encryption
WEP,WPA, or preferably WPA2Have clients use static address
If you must use DHCP, limit available addressesChange default SSID
And disable SSID broadcastFilter by MAC addressesChange default user name and passwordsTurn on WAP firewall
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
ReportingEvent Viewer
Application SecuritySystem
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Event ViewerCan view errors that a user saw
and forgot
Can get help with errors by clicking the Microsoft link
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
ReportingAuditing
Event auditing—logs eventsObject access auditing—logs resource accessSomeone else will set up—but you need to be aware of the
policies
Incidence reportingWhen events occur, you need to report themSupervisors and/or managers may have more informationReporting one seemingly innocuous event may help the
supervisor solve a bigger problem
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Beyond A+Security in Windows Vista
User Account Control Helps prevent malware from running with administrator privileges
Security Center First appeared in Windows XP SP2 Enhanced in Windows Vista
Parental Controls Allows parents (or supervisors) to monitor and/or restrict access Can restrict Web sites and downloads, login times, games, and more