Download PP_ch23f

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Document related concepts

Security-focused operating system wikipedia , lookup

Cyber-security regulation wikipedia , lookup

Malware wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Unix security wikipedia , lookup

Computer security wikipedia , lookup

Next-Generation Secure Computing Base wikipedia , lookup

Security and safety features new to Windows Vista wikipedia , lookup

Mobile security wikipedia , lookup

Computer and network surveillance wikipedia , lookup

Cybercrime countermeasures wikipedia , lookup

Transcript
Computer Security
Chapter 23
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Overview
• In this chapter, you will learn to
– Explain the threats to your computers and data
– Describe how to control the local computing
environment
– Explain how to protect computers from
network threats
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Historical/Conceptual
Analyzing the Threat
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Threats
• Unauthorized access
– Any user accesses resources
in an unauthorized way
– Not locked down
• Data destruction
– Intentional or accidental data loss
– Unauthorized data modification
• Administrative access
– XP Home almost requires granting multiple users
administrator access
– Use Windows 2000 or XP Pro to control access
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Threats
• System crash/hardware failures
– Hard drives crash, power fails
– Redundant systems provide protection
• Viruses/spyware
– Travel quickly in a network
– Come from the Internet, floppy disks, optical discs,
and USB drives
• Goal is to prevent infection
Internet
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Essentials
CompTIA A+
Essentials
Getting the Right Sound Card
Local Control
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Local Control
• Identify what to back up
• Eliminate sensitive data
from discarded media
• “First, Do No Harm””
– Part of physician’s oath
• “First, Secure the Data”
– Tech version of the oath
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Top Secret
What to Back Up
• Essential data
–
–
–
–
Use the Backup tool
Documents and Settings folder for all users
E-mail and address books
Other data
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
What to Back Up
• Servers
– Some servers have critical data (Active Directory)
– Back up System State to include
• Most of Registry, security settings, and more
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Off-Site Storage
• Backups should be stored someplace
other than your place of business
– Could be tape, CD, portable drive
• Off-site storage
– Copy of backup stored in another
geographical location
– Protects against major disaster
such as fire, flood, etc.
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Backups
Migration
• When a computer is replaced
– Move user’s data and settings to new computer
– Use a tool such as File and Settings Transfer
(FAST) Wizard
– Don’t connect new computer to network until
security has been implemented
`
Old computer
New computer
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Migration
• Eliminate data remnants
– Just formatting or repartitioning isn’t enough
– Use a tool such as Windows Washer
– Can eliminate specific data or the entire drive
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Recycle
• Don’t just throw computers in trash
– Keeps toxic chemicals out of landfills
– Recycling centers will take them
– Donate
• Schools and other organizations will gladly take
used computers
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
IT Technician
CompTIA A+
Technician
Getting the Right Sound Card
Social Engineering
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Social Engineering
• Using or manipulating people in the
network to gain access to the network
• Infiltration
– Physically sneaking into building
– Talking to people gathering pieces of information
• Telephone scams
– Simply asking for information
– Impersonating someone else
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Social Engineering
• Dumpster diving
– Searching through trash looking for information
– Individual pieces of data can be
put together as a puzzle
• Physical theft
– Servers need to be kept
behind locked doors
– The best network security is beaten easily if
physical security is ignored
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Access Control
• Physical security
– Lock the door
– Don’t leave PC unattended when logged on
• Authentication
– Software authentication using proper passwords
– Hardware authentication using smart cards
and biometrics
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Access Control
• Use NTFS, not FAT32
– FAT32 provides very limited security
– Use NTFS whenever possible
• To convert FAT32 drive to NTFS
– Convert D:\ /FS:NTFS
• Users and groups
– Can add users to groups
– Users now have permissions
of group
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Network Security
• User account control through groups
– Can grant permission to group
– Groups represented by
icon
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Network Security
• Adding users to a group
– Done in Computer Management
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Network Security
• Effective permissions (combined)
–
–
–
–
Rita is in Sales Group and Managers group
Sales granted List Folder Contents permission
Managers granted Read & Execute permission
Rita has Read & Execute AND List Folder Contents
permissions (combination of both)
List
Folder
Contents
Sales group
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Read &
Execute
Managers group
Network Security
• Default groups
– Everyone, Guests, Users
– Can become backdoors to the network
– Windows 2000 gives full control to the Everyone
group by default
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Security Policies
• Local Security Settings
– Set via Local Security Policy in Administrator Tools
– Can set Local Computer Group Policy Object Editor
– Applies only to this computer
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Security Policies
• Local Group Policy—applies locally only
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Security Policies
• Examples of what can be done with
Group Policy in a domain
–
–
–
–
–
Prevent Registry Edits
Prevent Access to the Command Prompt
Log on Locally
Shut Down System
Minimum Password
Length
– Account Lockout
Threshold
– Disable Windows
Installer
– Much more
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Malicious Software
• Together known as malware
Hey, new mail coming
your way!
– Viruses
– Trojans
– Worms
You’ve got Virus!
– Spyware
– Adware
– Grayware
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Malware
• Viruses
– Designed to attach themselves to a program
– When program is used, the virus goes into action
– Can wipe out data, send spam e-mails, and more
• Trojans
– Designed to look like one program (such as a game
or utility)
– Does something else too, such as erase CMOS
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Malware
• Worms
– Similar to a Trojan but on a network
– Travels from machine to machine through network
– Commonly infects systems because of security flaws
• Best protection against
Worms
– Run antivirus software
– Keep security patches
up to date
– Use tools such as
Windows Update or
Automatic Update to
get critical updates
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Antivirus Programs
• Antivirus programs
– Can be set to scan entire computer actively
for viruses
– Can be set as virus shield to monitor activity such
as downloading files, receiving e-mail, etc.
– Viruses have digital
signatures
– Antivirus programs have
library of signatures
– Update signatures
regularly
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Virus Techniques
• Polymorphics/Polymorphs
– Viruses attempt to change or morph to prevent
detection
– Code used to morph (scrambling code) often used
as signature
• Stealth
–
–
–
–
Virus attempts to hide and appear invisible
Most are in boot sector
Some use little-known software interrupt
Others make copies of innocent-looking files
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Virus Prevention Tips
• Scan all incoming programs and data
• Scan the PC daily
• Update signatures regularly
• Keep bootable CD-R with copy of
antivirus program
• Be careful with e-mail
– Consider disabling preview window
– Only open attachments from known sources
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Malware
• Spam
– Unsolicited commercial e-mail (UCE)
– To avoid, don’t give out your e-mail address
• Pop-ups
– Many modify the browser so hard to close
• Some open up other pop-ups when one pop-up is closed
– To close
• Right-click the browser on the taskbar and select Close
• While the pop-up is displayed, press Alt-F4
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Spyware
• Family of programs that run in the
background
– Can send information on your browsing habits
– Can run distributed computing apps, capture
keystrokes to steal passwords, reconfigure dial-up,
and more
• Preventing installation
– Beware of free programs
such as Gator, Kazaa, others
– Adobe’s Shockwave and
Flash reputable, but many
others are not
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Spyware
• Aggressive tactics
– Try to scare you into
installing their program
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
• Removing Spyware
– Windows Defender
– Lavasoft’s Ad-Aware
– PepiMK’s Spybot
Search & Destroy
Grayware
• Not destructive in themselves
– Leach bandwidth in networks
– Some people
consider them
beneficial
– Used to share
files (e.g.,
BitTorrent)
– Can push network
over the edge
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Firewalls
• Used to block malicious programs from
the Internet
– Can be software, hardware,
or both
– Windows XP has built-in firewall
Internet
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Encryption
• Makes data packets unreadable
– Changes plaintext into cipher text
– Encryption occurs at many levels
– Multiple encryption standards and options
Our lowest
sell price is
$150,000
Encryption
algorithm
*2jkpS^
aou23@
`_4Laujpf
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Decryption
algorithm
Our lowest
sell price is
$150,000
Network Authentication
• Authentication
– Proving who you are
– Done by providing credentials
• i.e., user name and password
– Credentials rarely passed in plaintext
• Common remote access protocols
– PAP: Password Authentication Protocol (clear text)
• Rarely used
– CHAP: Challenge Handshake Authentication
Protocol
• Most popular
– MS-CHAP: Microsoft CHAP
• Popular with Microsoft applications
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Encryption
• Dial-up encryption
– Set on the server
• Data encryption
– Multiple protocols possible
– Microsoft method of choice
is IPSec (IP Security)
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Application Encryption
• Many applications can use other
protocols to encrypt data
– On the Web, HTTPS commonly used
– Use digital certificates
– Certificates issued by trusted
authorities
• Trusted authorities added to
Web browsers
– Invalid certificates can
be cleared from cache
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Wireless Issues
• Set up wireless encryption
– WEP,WPA, or preferably WPA2
• Have clients use static address
– If you must use DHCP, limit available addresses
• Change default SSID
– And disable SSID broadcast
• Filter by MAC addresses
• Change default user name and
passwords
• Turn on WAP firewall
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Reporting
• Event Viewer
– Application
– Security
– System
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Event Viewer
• Can view errors that a user saw
and forgot
• Can get help with
errors by clicking
the Microsoft link
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Reporting
• Auditing
– Event auditing—logs events
– Object access auditing—logs resource access
– Someone else will set up—but you need to be
aware of the policies
• Incidence reporting
– When events occur, you need to report them
– Supervisors and/or managers may have more
information
– Reporting one seemingly innocuous event may help
the supervisor solve a bigger problem
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
Beyond A+
• Security in Windows Vista
– User Account Control
• Helps prevent malware from running with administrator
privileges
– Security Center
• First appeared in Windows XP SP2
• Enhanced in Windows Vista
– Parental Controls
• Allows parents (or supervisors) to monitor and/or restrict
access
• Can restrict Web sites and downloads, login times, games,
and more
© 2007 The McGraw-Hill Companies, Inc. All rights reserved
© 2007 The McGraw-Hill Companies, Inc. All rights reserved