Presentation is loading. Please wait.

Presentation is loading. Please wait.

Types of security violation –

Published byBerenice Allen Modified over 6 years ago

Similar presentations

Presentation on theme: "Types of security violation –"— Presentation transcript:

1 Windows XP system security presented by – vikram suthar (2011173) siddharth ubana (2011145)

2 Types of security violation –
Security problem? System secure if resources used and accessed as intended under all circumstance Intruders (crackers) attempt to breach security Threat is potential security violation Attack is attempt to breach security and it can be accidental or malicious Easier to protect against accidental than malicious misuse Types of security violation – Breach of confidentiality Unauthorized reading of data Breach of integrity Unauthorized modification of data Breach of availability Unauthorized destruction of data Theft of service Unauthorized use of resources Denial of service (DOS) Prevention of legitimate use

3 security violation method
Masquerading (breach authentication) Pretending to be an authorized user to escalate privileges Replay attack As is or with message modification Man-in-the-middle attack Intruder sits in data flow, masquerading as sender to receiver and vice versa Session hijacking Intercept an already-established session to bypass authentication

4 Common security ATTACKS

5 Security levels Impossible to have absolute security, but make cost to perpetrator sufficiently high to deter most intruders Security must occur at four levels to be effective: Physical Data centers, servers, connected terminals Human Avoid social engineering, phishing, dumpster diving Operating System Protection mechanisms, debugging Network Intercepted communications, interruption, DOS Security is as weak as the weakest link in the chain But can too much security be a problem?

6 Security threads Many variations, many names
Trojan Horse Code segment that misuses its environment Exploits mechanisms for allowing programs written by users to be executed by other users Spyware, pop-up browser windows, covert channels Up to 80% of spam delivered by spyware-infected systems .T rap Door Specific user identifier or password that circumvents normal security procedures Could be included in a compiler How to detect them?

7 Virus dropper inserts virus onto the system
Many categories of viruses, literally many thousands of viruses File / parasitic Boot / memory Macro Source code Polymorphic to avoid having a virus signature Encrypted Stealth Tunneling Multipartite Armored Why is Windows the target for most attacks? Most common Everyone is an administrator Licensing required? Monoculture considered harmful

8 Cryptography as a security tool
Broadest security tool available Internal to a given computer, source and destination of messages can be known and protected OS creates, manages, protects process IDs, communication ports Source and destination of messages on network cannot be trusted without cryptography Cryptography Means to constrain potential senders (sources) and / or receivers (destinations) of messages Based on secrets (keys) Enables Confirmation of source Receipt only by certain destination Trust relationship between sender and receiver

9 Use Microsoft Baseline Security Analyzer (MBSA)
Microsoft provides a user friendly tool to check your system's patch level and security settings called Microsoft Baseline Security Analyzer (MBSA). The MBSA is available at

10 Restrict Anonymous Windows systems are intended for ease of use and the ability to quickly establish communications with other systems. This is good for the usability of the system by new and novice users however this imposes several security risks. By default Windows 2000 and Windows XP (prior to Service Pack 2) allow for anyone to view key information about your system that is best kept private. This information in the hands of a less than nice person can give them a head start to compromising your system. Select Start Run… Enter the command “regedit.exe” (without quotes) When the registry windows pops up Double click (expand) HKEY_LOCAL_MACHINE Double click (expand) SYSTEM Double click (expand) Current Control Set.

11 Double click (expand) Control
Select LSA In the right pane select and double click the value “restrict anonymous” Set the “Value data” to a one 1 Repeat this for the following values. In the right pane select and double click the value “restrictanonymoussam” In the right pane select and double click the value “every one includes anonymous” Set the “Value data” to a zero 0 Reboot the PC.

12 Install Third Party Firewall
Windows XP Service Pack 2 comes with a firewall built into the Windows OS. This native firewall is free and a good start for host based firewall protection. However the native Windows firewall is limited in its configuration options. The Windows XP Firewall only blocks inbound network traffic, that is network communications originating from a remote system on the internet attempting to talk to or enter your PC. All outbound traffic is automatically passed by the Windows XP firewall without inspection. This is important to note because if you machine gets compromised, let’s say with a spam bot that performs mass distribution, the Windows XP firewall will do nothing to stop the 80,000 messaged coming out of your PC. If you install and use a commercial or open-source firewall that inspects both inbound and outbound traffic you can more tightly control not only who is able to talk to your PC, but with whom your PC is able to talk. Keep in mind that most firewalls will have few rules by default and you must ensure that they are configured properly based on your typical network functions. You may have to read more about TCP/IP to get the most out of your firewall.

13 Enable EFS EFS (Encrypting File System) is the native Windows encryption for the system hard drive. This encryption when applied to the hard drive, folders, or files will prevent someone from reading the data on the hard drive if the hard drive is removed from your PC and connected to another Pc or device as a slave. Encryption is becoming more common and is especially gaining industry recognition and often mandated via corporate policy for mobile devices (laptops, PDA’s, “smart” cell phones, etc.). Encryption concepts are beyond the scope of this checklist however many resources can be found with a simple search engine query.

14 Install Anti-Virus Software
Anti-Virus Software used to be an optional item, however in today’s world of Hi-Speed, Wireless, Always-On internet connections, and the general pervasiveness of computer devices, along with the ever increasing number of malware programs Anti-Virus software is a must have. Without it your PC’s days are truly numbered . Use of Anti-Spyware Software Anti-Spyware is the “new Anti-Virus”. As with Anti-Virus software Anti-Spyware software is a must have. Spyware can be more pervasive, annoying, and detrimental to the performance of your machine than a large percentage of the known viruses. Often times it is also more difficult to completely remove Spyware. Spyware can bring a system to a crawl, inundate the user with popups, steal passwords and credentials, display pornography which can be deemed offensive (esp. during a presentation), to name a few things

15 Strong password EVERY account on a system should have a strong password. What is a strong password? - The commonly accepted definition of a strong password is a password that contains eight (8) or more alphanumeric characters with mixed case. At least one character is a capital, at least one character is a number, and at least one character is a special character Characters should not be sequential or repeating. The reason for a strong password is that the more complex and seemingly random the characters the longer it will take a program or person to guess and / or crack the password. As computers get bigger and faster a given password takes less time to crack. A password of 8 characters that is only lower case alphabet characters can be cracked in about a half hour. A password of 8 characters using both upper and lower case and numbers can be cracked in about a month.

16 A password of 8 characters of both, upper and lower case, numbers, and special characters can be cracked in about two years. Enable Auditing In the event that your PC should become compromised an audit trail may give the user (you) information as to how the system was compromised, the user account that performed the compromise, and what should be changed to prevent further compromise. By default Windows is configured with little to no logging enabled. Windows Audit Logging is not available for Windows Home. The following settings will provide a good starting point for audit logging. To enable logging Select Start Settings Control Panel Administrative Tools Local Security Policy Select “Audit Policy” in the left pane Double click each entry in the right pane and check the appropriate settings

17 Account logon events - Success, Failure
Account management - Success, Failure Directory Service Access - no auditing Logon events - Success, Failure Object access - Failure Policy change - Success, Failure Privilege use - Failure Process Tracking - no auditing System events - Success, Failure

18 Thank you

Download ppt "Types of security violation –"

Similar presentations

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Chapter 15 Security Bernard Chen Spring 2007. Protection vs. Security Protection (Ch.14) deals with internal problem Security (Ch. 15) Deals with external.

Chapter 15 Security Bernard Chen Spring Protection vs. Security Protection (Ch.14) deals with internal problem Security (Ch. 15) Deals with external.
Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.

Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts The Security Problem A system is secure iff its resources are used and accessed as.

Silberschatz, Galvin and Gagne  Operating System Concepts The Security Problem A system is secure iff its resources are used and accessed as.
Chapter 15: Security. The Security Problem Security must consider external environment of the system, and protect the system resources Intruders (crackers)

Chapter 15: Security. The Security Problem Security must consider external environment of the system, and protect the system resources Intruders (crackers)
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Security A system is secure if its resources are used and accessed as intended under all circumstances. It is not generally possible to achieve total security.

Security A system is secure if its resources are used and accessed as intended under all circumstances. It is not generally possible to achieve total security.
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.

Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.

Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.

Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.
Silberschatz and Galvin  1999 20.1 Operating System Concepts Module 20: Security The Security Problem Authentication Program Threats System Threats Threat.

Silberschatz and Galvin  Operating System Concepts Module 20: Security The Security Problem Authentication Program Threats System Threats Threat.
14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Chapter 14: Protection.

14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Chapter 14: Protection.
Chapter 13 Understanding E-Security. 2 OBJECTIVES What are security concerns (examples)? What are two types of threats (client/server) Virus – Computer.

Chapter 13 Understanding E-Security. 2 OBJECTIVES What are security concerns (examples)? What are two types of threats (client/server) Virus – Computer.
29.1 Lecture 29 Security I Based on the Silberschatz & Galvin’s slides And Stallings’ slides.

29.1 Lecture 29 Security I Based on the Silberschatz & Galvin’s slides And Stallings’ slides.
Network Security CSC332. Dr. Munam Ali Shah PhD: University of Bedfordshire MS: University of Surrey M.Sc: University of Peshawar Serving COMSATS since.

Network Security CSC332. Dr. Munam Ali Shah PhD: University of Bedfordshire MS: University of Surrey M.Sc: University of Peshawar Serving COMSATS since.
Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.

Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.

Similar presentations

Ads by Google