Presentation is loading. Please wait.

Presentation is loading. Please wait.

 A short talk on Windows security for the SEC module  Slides available at

Published byHester Wilson Modified over 9 years ago

Similar presentations

Presentation on theme: " A short talk on Windows security for the SEC module  Slides available at"— Presentation transcript:

1  A short talk on Windows security for the SEC module  Slides available at http://www.cs.nott.ac.uk/~mvr/G53SEC http://www.cs.nott.ac.uk/~mvr/G53SEC

2 In Windows, it is possible to... Set permissions for:  Users – Permissions for individual users  Computers – Permissions for individual computers  Groups – Permissions for Groups of users or computers Set permissions on:  Files – Permissions for individual files  Folders – Permissions for folders (directories) & their contents  Printers– Permissions for printers

3  Right click on folder, file or printer and select properties, then security tab

4

5

6  Files & subfolders within folders inherit permissions from their parent

7 See help and support Center on how to create accounts

8  Go to the Control Panel  Click on Security Center (sic)  Click on Windows Firewall

9  Microsoft release regular updates and patches to secure vulnerabilities  http://www.microsoft.com/technet/security/d efault.mspx and for links to current patches and service packs http://www.microsoft.com/technet/security/d efault.mspx  Windows Update from Start Menu

10

11 The Web browser insecurity ‘Iceberg’ It represents the number of Internet users at risk because they don’t use the latest most secure Web browsers and plug-ins to surf the Web. More than 600 million users are at risk

12  In January 2005, less than 10 million infected machines.  In January 2006, Professor Merrick Furst from the Georgia Tech’s College of Computing explained at least 7 percent of the Internet was infected. For him typical numbers of conscripted machines ranged from around 75 million to 100 million.  By January 2007, the figure was between 100 and 150 million.  October 2009 the total is anywhere up to 80% of connected devices!

13  There are literally dozens of different ways a computer can become infected with spyware, viruses and other malware. Some of the common ways are:  Accepting without reading – the user simply accepts what he or she sees on the screen without reading the prompt and/or understand what it's asking.  Opening e-mail attachments  Another very common way people become infected with viruses and other spyware is by opening e-mail attachments, even when from a co-worker, friend, or family member. E-mail addresses can be easily faked and even when not faked your acquaintance may unsuspectingly be forwarding you an infected file.  Not running the latest updates  Many of the updates, especially those associated with Microsoft Windows and other operating systems and programs, are security updates.

14  Pirating software, music and/or movies  If you or someone on your computer is participating in underground places on the Internet where you're downloading copyrighted music, movies, software, etc. for free, often many of the files can contain viruses, spyware and/or malicious software.  No anti-virus spyware scanner  If you're running a computer with Microsoft Windows it's highly recommended you have some form of anti-virus and spyware protection on that computer to help clean it from any infections currently on the computer and to help prevent any future infections.  Downloading infected software  Finally, downloading any other software from the Internet can also contain viruses and other malware. When downloading any type of software (programs, utilities, games, updates, demos, etc.), make sure you're downloading the software from a reliable source and that while installing it you're reading all prompts about what the program is putting on your computer.  Most, if not all of these problems can be avoided by using a standard User account, as opposed to those with Administrator privileges.

15  Browser hijacks  Social Engineering  Identity theft  Advance fee or ‘419’ scams  Phishing  Targeted Trojans  In 2007, the UK’s Fraud Prevention Service CIFAS identified over 65,000 victims of identity theft.

16  For research purposes, the Chief Security Analyst for a leading AV firm created a Hotmail account using a colleague’s name. Using this spoof identity, he easily secured sensitive commercial and personal information from a range of email correspondents.  A Senior Analyst for another firm exploring 419 scams replied to spam emails and was ‘rewarded’ with an authentic-looking cheque for $78,000. He was directed to deposit the cheque, keep 10% and wire the balance to Hong Kong. Had he done so, the cheque would have bounced and he would have lost over $70,000.  Many cases have been reported where auction website accounts have been hijacked, and where phishing emails claiming to be from online payment portals have aimed to steal users’ login names and passwords.

17  A professional footballer recorded in his blog that he was training with a rival team. His club found out and sacked him – demonstrating just how difficult it is to control access to information once it has been posted on the Internet.  Similarly, a company employee posted photos of himself in the pub on his social networking profile – when he claimed to be absent from work ill. He lost his job.  As a research exercise, IT security company Sophos set up a Facebook profile for a plastic frog. 82 people replied to Friend Requests and handed over personal information of potential value to cyber-criminals.  Also as a research exercise, the BBC deployed a program to collect personal data from Facebook users, who believed the program to be a harmless application – just like thousands of tests, quizzes, jokes etc already available on the Internet.

18  Windows security is the start of the solution, not the be all & end all  Most commercial sector organisations are using hardware solutions in addition to Windows security features  Awareness of security issues is important for everyone within an organisation

19  http://www.nottingham.ac.uk/is/about/policies/doc uments/local/Secpolicy07.pdf http://www.nottingham.ac.uk/is/about/policies/doc uments/local/Secpolicy07.pdf  http://www.microsoft.com/technet/Security/tools/d efault.mspx http://www.microsoft.com/technet/Security/tools/d efault.mspx  http://www.microsoft.com/windowsxp/using/securit y/learnmore/accesscontrol.mspx http://www.microsoft.com/windowsxp/using/securit y/learnmore/accesscontrol.mspx  http://www.petri.co.il/ http://www.petri.co.il/  http://www.securityfocus.org/ http://www.securityfocus.org/  Google etc …..

20  Computer Management - User Accounts  Local Security Policy – Audit Logon etc..  Event Viewer – logs System, Security and Application events  Local User Manager – add/edit users & groups

21  BE AWARE! – Security issues are by and large caused by lack of awareness. Ask yourself the question “Will I cause any harm to the system or other users?”  COMMON SENSE! – Common sense will help in deciding whether something you are about to do is a security risk  “If it sounds to good to be true, then it probably is” – Most scams, be they in the physical or virtual world, count on greed or foolishness to succeed. Very rarely do you ever get something for nothing

Download ppt " A short talk on Windows security for the SEC module  Slides available at"

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.

Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
How to protect yourself, your computer, and others on the internet

How to protect yourself, your computer, and others on the internet
Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.

Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
Internet Safety Gleneagles Computer Club February 16, 2015 by Deborah Benson.

Internet Safety Gleneagles Computer Club February 16, 2015 by Deborah Benson.
The Internet.

The Internet.
SECURITY CHECK Protecting Your System and Yourself Source:

SECURITY CHECK Protecting Your System and Yourself Source:
7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
Fraud, Scams and ID Theft …oh my! Deb Ramsay ESD 101 Chief Information Officer Technology Division.

Fraud, Scams and ID Theft …oh my! Deb Ramsay ESD 101 Chief Information Officer Technology Division.
Cyber check Do you work safely and responsibly online? Do you know about the risks to your cyber security? What are your online responsibilities ? How.

Cyber check Do you work safely and responsibly online? Do you know about the risks to your cyber security? What are your online responsibilities ? How.
NCS welcome all participants on behalf of Quick Heal Anti Virus and Fortinet Firewall solution.

NCS welcome all participants on behalf of Quick Heal Anti Virus and Fortinet Firewall solution.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Internet Safety Basics Never share names, schools, ages, phone numbers, or addresses. Never open an email from a stranger – it may contain viruses that.

Internet Safety Basics Never share names, schools, ages, phone numbers, or addresses. Never open an from a stranger – it may contain viruses that.
IDENTITY THEFT ARE YOU SAFE?. HOW DOES THIS HAPPEN TO ME? Internet “Security “ When using a public computer, never access any vital accounts like banking.

IDENTITY THEFT ARE YOU SAFE?. HOW DOES THIS HAPPEN TO ME? Internet “Security “ When using a public computer, never access any vital accounts like banking.
Teach a man (person) to Phish Recognizing email scams, spams and other personal security attacks July 17 th, 2013 High Tea at IT, Summer, 2013.

Teach a man (person) to Phish Recognizing scams, spams and other personal security attacks July 17 th, 2013 High Tea at IT, Summer, 2013.
How It Applies In A Virtual World

How It Applies In A Virtual World
Internet safety By Lydia Snowden.

Internet safety By Lydia Snowden.
Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.

Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.
First Community Bank www.fcbnm.com Prevx Safe Online Rollout & Best Practice Presentation.

First Community Bank Prevx Safe Online Rollout & Best Practice Presentation.
Viruses & Security Threats Unit 1 – Understanding Computer Systems JMW 2012.

Viruses & Security Threats Unit 1 – Understanding Computer Systems JMW 2012.

Similar presentations

Ads by Google