Presentation is loading. Please wait.

Presentation is loading. Please wait.

CHAPTER 3 Securing your PC and LAN Suraya Alias. Securing your desktop or Notebook Computer ◦Know an access control ◦Limit use of the administrator accounts.

Published byAlfred Lane Modified over 8 years ago

Similar presentations

Presentation on theme: "CHAPTER 3 Securing your PC and LAN Suraya Alias. Securing your desktop or Notebook Computer ◦Know an access control ◦Limit use of the administrator accounts."— Presentation transcript:

1 CHAPTER 3 Securing your PC and LAN Suraya Alias

2 Securing your desktop or Notebook Computer ◦Know an access control ◦Limit use of the administrator accounts ◦Use a personal firewall ◦Windows update ◦Security using browsers ◦Alternate client software ◦Encrypt files and folders Data backups System files backup Monthly security maintenance Router to secure a SOHO network Dealing malicious software Know step by step attack plan

3 Access Control By combining Authentication and Authorization technique on controlling access to computer, files, folder and network. Authentication ◦Proves the actual user by using id, password, PIN Authorization ◦Determines what the user can do when login to system. The privileges and rights that was assigned to him. You can lock your pc using power-on passwords and Windows password (turn off file sharing). Power-on passwords are assigned in CMOS setup to secure the CMOS/BIOS setup settings.

4 Access Control To create STRONG password; ◦Use 8 or more characters, combines numbers, characters, symbols ◦Don’t use consecutive numbers, or words such as “abcdef”, “123456” ◦Don’t use adjacent keys on keyboard “qwerty” ◦Don’t store password on pc, use different password for different system

5 Access Control using Windows Using user accounts and password Configure users with access to certain files and folders – which files can be shared Using Icacls or cacls command to control user accounts to files and folder Example: cacls test.txt /G suraya:F

6 Limit the use of the Administrator Account Preferable to use Limited User accounts for daily use Administrator accounts only for maintenance and installation This is because maybe some malware program can run using Administrator privileges. Always change password and use strong password

7 Use a Personal Firewall ◦Never connect to the Internet without using Windows Firewall ◦Firewall is a software or hardware that prevents worms or hackers from getting into your system ◦Router is one example of hardware firewall Use Anti Virus Software ◦As a defensive and offensive measure to protect against malicious software ◦AV must always be on (running in background) and updated Keep windows updates current ◦Using Windows update

8 Set Internet Explorer for optimum security Disable pop-up blocker, manage add-ons, active or block script Use alternative Client Software ◦Browser software – Firefox ◦Email Client – Outlook express Consider using Microsoft Shared Computer Toolkit for Windows XP ◦This s/w locks down the drive where XP is installed so that the user cannot change the Windows settings, configuration, installed s/w and h/w, and user data

9 Hide and Encrypt Files and Folders Protect files and folders using EFS (Encrypted File System) Encryption converts data to a different value that have to be decrypted (translated) before it can be accessed. AN encrypted file remains encrypted if you move it around NTFS logical drive but became decrypted in FAT file system Use CIPHER command to encrypt/decrypt files or folders using command prompt. Example: CIPHER /D C:\Public\*.* ◦Where /E encrypt, /D Decrypt, /S:DIR directory, PATHNAME is the path name

10 Beware of Social Engineering Don’t give out personal information to un- trusted source 3 common internet criminal 1.Phising  Where the sender of an message email scams you into responding data about yourself  Example – user password, account number or credit card number 2.Scam email  Email that usually offer false scheme 3.Virus hoax  Email that does damage by tempting you to forward it to everyone in your email address box with the intent to clogging up the email system or to delete important files

11 Protect against malicious email- scripts How scripts work ◦Written is several scripting language (vbscript, jsscript) ◦Is executed using the Windows Scripting Host (WSH) utility, Wscript.exe How scripts are spread 1.By embedding the script in the email message and attaching it. 2.When you click the link, the script with.vbs extension is executed by Wscript.exe and was spread 3.Hidden using normal flename such as coolpic.jpg, but the actual filename is coolpic.jpg.vbs How to protect against malicious script 1.Set windows to display the script file extension 2.Set windows to not execute script but to open it using notepad

12 Keep good backups of user data Back up data and system files (using Windows backup) Make use of event logging and incident reporting - using Event viewer Monitor changes to files and folders – using audit in Group Policy Monitor changes to startup – using Autoruns by Sysinternals Monitor network activity – using windows firewall Empty the recycle bin Perform monthly security maintenance routine ◦Change password, turn on windows updates ◦Install AV, check for equipment security ◦Check event viewer, the security list ◦Verify user backups has been performed currently ◦If running windows disk protection, save changes to disk are required to update installed software

13 Securing your wired or wireless network Use a router to secure a SOHO (small office home office) network ◦Limit communication from outside the network ◦Limit communication from within the network ◦Secure a wireless access point ◦Implement virtual private network (VPN) Authentication Technologies for larger networks ◦Encrypt user accounts and passwords ◦Popular protocols – CHAP (challenge Handshake Authentication Protocol) and Kerberos ◦Using smart card and biometric data

14 Dealing with malicious software Also known as malware or computer infestation Is an unwanted program that harms and being transmitted to your pc without your knowledge. Example ◦VIRUS (can replicate and attach itself to other program) ◦Adware – produces unwanted pop ups ◦Spam – junk email ◦Spyware – software that install itself to spy and collects information ◦Worm – program that copies itself through network without host program by overloading the network ◦Browser hijacker – does mischief by changing the homepage or redirect it ◦Dialer – a software installed in your pc that disconnects your phone line and re-direct to expensive dial up ◦Keylogger, logic bomb, trojan horse

15 How a VIRUS works A boot sector virus ◦Hides in boot sector program, floppy, hard disk or MBR (master boot record) A file virus ◦Hides in an executable (.exe,.com) program that contains macro A multiparte virus ◦Combination of boot sector and file virus A macro ◦Small program that can be automatic executed when document first load A Macro virus ◦Attached to email of files, hides in document files A Script virus ◦Hides in a web page link, executes when user clicks A stealth virus – keeps a copy of the infected file, change the attributes of its host program A polymorphic virus – it replicates and change its attributes Encrypting virus – continually transform themselves so that AV cannot detect

16 Step by step attack plan To clean up infected system ◦Run AV software ◦Run Adware, Spyware Removal software ◦Search out and destroy what’s left  Respond to any startup errors  Delete malicious files  Turn off system restore for a while during scanning (purge restore point)  Clean the registry  Root out (search for) rootkits – program that can prevent task manager from displaying core process ◦ Spyware and adware is also rootkits ◦ Example anti root kit software – backlight by F-secure

Download ppt "CHAPTER 3 Securing your PC and LAN Suraya Alias. Securing your desktop or Notebook Computer ◦Know an access control ◦Limit use of the administrator accounts."

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
Putting It All Together 1.  Maintaining a Hard Drive Ch 4 Lab  Hardware cleaning tips ▪ Microsoft Tips Microsoft Tips ▪ Computer Hope Tips Computer.

Putting It All Together 1.  Maintaining a Hard Drive Ch 4 Lab  Hardware cleaning tips ▪ Microsoft Tips Microsoft Tips ▪ Computer Hope Tips Computer.
Online Safety. Introduction The Internet is a very public place Need to be cautious Minimize your personal risk while online Exposure to: viruses, worms,

Online Safety. Introduction The Internet is a very public place Need to be cautious Minimize your personal risk while online Exposure to: viruses, worms,
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.

Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.
Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.

Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.
Computer Viruses.

Computer Viruses.
A+ Guide to Software, 4e Chapter 10 Securing Your PC and LAN.

A+ Guide to Software, 4e Chapter 10 Securing Your PC and LAN.
Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.

Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.
Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.

Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.
A+ Guide to Managing and Maintaining Your PC, 7e Chapter 20 Security Practices.

A+ Guide to Managing and Maintaining Your PC, 7e Chapter 20 Security Practices.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Created by Dragon Lee May-2003. Computer Virus What is computer virus? Computer virus refers to a program which damages computer systems and/or destroys.

Created by Dragon Lee May Computer Virus What is computer virus? Computer virus refers to a program which damages computer systems and/or destroys.
Security. Physical security Protection from fire/water Protection from dust and extremes of temperature.

Security. Physical security Protection from fire/water Protection from dust and extremes of temperature.
A+ Guide to Managing and Maintaining Your PC Fifth Edition Chapter 9 Optimizing and Protecting Hard Drives.

A+ Guide to Managing and Maintaining Your PC Fifth Edition Chapter 9 Optimizing and Protecting Hard Drives.
Internet Safety By Megan Wilkinson. Viruses If your computer haves a viruses on it, it will show one of them or a different one. All commuters have different.

Internet Safety By Megan Wilkinson. Viruses If your computer haves a viruses on it, it will show one of them or a different one. All commuters have different.
Internet safety By Lydia Snowden.

Internet safety By Lydia Snowden.
Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.

Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.
Course ILT Security Unit objectives Configure operating system and file system security Install a fingerprint scanner and card reader Manage the human.

Course ILT Security Unit objectives Configure operating system and file system security Install a fingerprint scanner and card reader Manage the human.

Similar presentations

Ads by Google