meljun cortes computer organization_lecture_chapter23_computer_security
TRANSCRIPT
Chapter 23Computer Security
MELJUN CORTESMELJUN CORTES
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
OverviewIn this chapter, you will learn to
Explain the threats to your computers and data
Describe how to control the local computing environment
Explain how to protect computers from network threats
Analyzing the Threat
Historical/Conceptual
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
ThreatsUnauthorized access
Any user accesses resources in an unauthorized way
Not locked downData destruction
Intentional or accidental data lossUnauthorized data modification
Administrative accessXP Home almost requires granting multiple
users administrator accessUse Windows 2000 or XP Pro to control access
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
ThreatsSystem crash/hardware failures
Hard drives crash, power failsRedundant systems provide protection
Viruses/spywareTravel quickly in a networkCome from the Internet, floppy disks, optical
discs, and USB drivesGoal is to prevent infection
InternetInternet
CompTIA A+Essentials
Essentials
Getting the Right Sound Card
Local Control
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Local ControlIdentify what to back up
Eliminate sensitive data from discarded media
“First, Do No Harm””Part of physician’s oath
“First, Secure the Data”Tech version of the oath
Top Secret
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
What to Back UpEssential data
Use the Backup toolDocuments and Settings folder for all usersE-mail and address booksOther data
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
What to Back UpServers
Some servers have critical data (Active Directory)
Back up System State to includeMost of Registry, security settings, and more
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Off-Site StorageBackups should be stored someplace other
than your place of businessCould be tape, CD, portable drive
Off-site storageCopy of backup stored in another
geographical locationProtects against major disaster
such as fire, flood, etc.
Backups
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
MigrationWhen a computer is replaced
Move user’s data and settings to new computer
Use a tool such as File and Settings Transfer (FAST) Wizard
Don’t connect new computer to network until security has been implemented
`
Old computer New computer
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
MigrationEliminate data remnants
Just formatting or repartitioning isn’t enoughUse a tool such as Windows WasherCan eliminate specific data or the entire
drive
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
RecycleDon’t just throw computers in trash
Keeps toxic chemicals out of landfills
Recycling centers will take them
Donate Schools and other organizations will gladly take
used computers
CompTIA A+Technician
IT Technician
Getting the Right Sound Card
Social Engineering
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Social EngineeringUsing or manipulating people in the
network to gain access to the network
InfiltrationPhysically sneaking into buildingTalking to people gathering pieces of
information
Telephone scamsSimply asking for informationImpersonating someone else
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Social EngineeringDumpster diving
Searching through trash looking for informationIndividual pieces of data can be
put together as a puzzle
Physical theftServers need to be kept
behind locked doorsThe best network security is beaten easily if
physical security is ignored
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Access ControlPhysical security
Lock the doorDon’t leave PC unattended when logged on
AuthenticationSoftware authentication using proper
passwordsHardware authentication using smart cards
and biometrics
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Access ControlUse NTFS, not FAT32
FAT32 provides very limited securityUse NTFS whenever possible
To convert FAT32 drive to NTFSConvert D:\ /FS:NTFS
Users and groupsCan add users to groupsUsers now have permissions
of group
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Network SecurityUser account control through groups
Can grant permission to groupGroups represented by icon
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Network SecurityAdding users to a group
Done in Computer Management
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Network SecurityEffective permissions (combined)
Rita is in Sales Group and Managers groupSales granted List Folder Contents
permissionManagers granted Read & Execute
permissionRita has Read & Execute AND List Folder
Contents permissions (combination of both)
Sales group Managers group
ListFolderContents
Read &Execute
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Network SecurityDefault groups
Everyone, Guests, Users
Can become backdoors to the network
Windows 2000 gives full control to the Everyone group by default
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Security PoliciesLocal Security Settings
Set via Local Security Policy in Administrator Tools
Can set Local Computer Group Policy Object Editor
Applies only to this computer
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Security PoliciesLocal Group Policy—applies locally only
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Security PoliciesExamples of what can be done with Group Policy in
a domainPrevent Registry EditsPrevent Access to the Command PromptLog on LocallyShut Down SystemMinimum Password
LengthAccount Lockout
ThresholdDisable Windows
InstallerMuch more
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Malicious SoftwareTogether known as malware
Viruses
Trojans
Worms
Spyware
Adware
Grayware
You’ve got Virus!
Hey, new mail coming your way!
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
MalwareViruses
Designed to attach themselves to a program When program is used, the virus goes into
actionCan wipe out data, send spam e-mails, and
more
TrojansDesigned to look like one program (such as a
game or utility)Does something else too, such as erase CMOS
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
MalwareWorms
Similar to a Trojan but on a networkTravels from machine to machine through network Commonly infects systems because of security flaws
Best protection against WormsRun antivirus softwareKeep security patches
up to dateUse tools such as
Windows Update or Automatic Update to get critical updates
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Antivirus ProgramsAntivirus programs
Can be set to scan entire computer actively for viruses
Can be set as virus shield to monitor activity such as downloading files, receiving e-mail, etc.
Viruses have digitalsignatures
Antivirus programs havelibrary of signatures
Update signatures regularly
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Virus TechniquesPolymorphics/Polymorphs
Viruses attempt to change or morph to prevent detection
Code used to morph (scrambling code) often used as signature
StealthVirus attempts to hide and appear invisibleMost are in boot sectorSome use little-known software interruptOthers make copies of innocent-looking files
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Virus Prevention TipsScan all incoming programs and data
Scan the PC daily
Update signatures regularly
Keep bootable CD-R with copy of antivirus program
Be careful with e-mailConsider disabling preview windowOnly open attachments from known sources
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
MalwareSpam
Unsolicited commercial e-mail (UCE)To avoid, don’t give out your e-mail address
Pop-upsMany modify the browser so hard to close
Some open up other pop-ups when one pop-up is closedTo close
Right-click the browser on the taskbar and select CloseWhile the pop-up is displayed, press Alt-F4
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
SpywareFamily of programs that run in the background
Can send information on your browsing habits Can run distributed computing apps, capture
keystrokes to steal passwords, reconfigure dial-up, and more
Preventing installationBeware of free programs
such as Gator, Kazaa, othersAdobe’s Shockwave and
Flash reputable, but many others are not
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
SpywareAggressive tactics
Try to scare you into installing their program
Removing SpywareWindows DefenderLavasoft’s Ad-AwarePepiMK’s Spybot
Search & Destroy
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
GraywareNot destructive in themselves
Leach bandwidth in networks
Some people consider them beneficial
Used to sharefiles (e.g., BitTorrent)
Can push networkover the edge
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
FirewallsUsed to block malicious programs from the
InternetCan be software, hardware,
or both
Windows XP has built-in firewall
InternetInternet
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
EncryptionMakes data packets unreadable
Changes plaintext into cipher text
Encryption occurs at many levels
Multiple encryption standards and options
Our lowest sell price is$150,000
Encryptionalgorithm
*2jkpS^aou23@`_4Laujpf
Decryptionalgorithm
Our lowest sell price is$150,000
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Network AuthenticationAuthentication
Proving who you areDone by providing credentials
i.e., user name and passwordCredentials rarely passed in plaintext
Common remote access protocolsPAP: Password Authentication Protocol (clear text)
Rarely usedCHAP: Challenge Handshake Authentication
Protocol Most popular
MS-CHAP: Microsoft CHAP Popular with Microsoft applications
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
EncryptionDial-up encryption
Set on the server
Data encryptionMultiple protocols possible
Microsoft method of choiceis IPSec (IP Security)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Application EncryptionMany applications can use other protocols
to encrypt dataOn the Web, HTTPS commonly usedUse digital certificatesCertificates issued by trusted
authoritiesTrusted authorities added to
Web browsersInvalid certificates can
be cleared from cache
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Wireless IssuesSet up wireless encryption
WEP,WPA, or preferably WPA2Have clients use static address
If you must use DHCP, limit available addresses
Change default SSIDAnd disable SSID broadcast
Filter by MAC addressesChange default user name and passwordsTurn on WAP firewall
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
ReportingEvent Viewer
Application SecuritySystem
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Event ViewerCan view errors that a user saw
and forgot
Can get help with errors by clicking the Microsoft link
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
ReportingAuditing
Event auditing—logs eventsObject access auditing—logs resource accessSomeone else will set up—but you need to be
aware of the policies
Incidence reportingWhen events occur, you need to report themSupervisors and/or managers may have more
informationReporting one seemingly innocuous event may
help the supervisor solve a bigger problem
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Beyond A+Security in Windows Vista
User Account Control Helps prevent malware from running with administrator
privileges
Security Center First appeared in Windows XP SP2 Enhanced in Windows Vista
Parental Controls Allows parents (or supervisors) to monitor and/or restrict
access Can restrict Web sites and downloads, login times, games,
and more
© 2007 The McGraw-Hill Companies, Inc. All rights reserved