windows security a practical approach. basics passwords passwords strong password should:strong...

Windows SecurityWindows Security

A practical approachA practical approach

BasicsBasics

PasswordsPasswords• Strong password should:Strong password should:

Be longBe long Contain:Contain:

• LettersLetters• PunctuationPunctuation• SymbolsSymbols• NumbersNumbers

Password CheckerPassword Checker• http://www.microsoft.com/security/online-http://www.microsoft.com/security/online-

privacy/password-checker.aspxprivacy/password-checker.aspx

PasswordPassword

Password is known ONLY to userPassword is known ONLY to user Storing/Managing PasswordsStoring/Managing Passwords

• Password algorithmsPassword algorithms Password filesPassword files

File SystemFile System

NTFS Security AdvantagesNTFS Security Advantages• Access Control ListAccess Control List• Granular structureGranular structure• Supports server authenticationSupports server authentication• Ability to encrypt files and directoriesAbility to encrypt files and directories

Encrypted File System (EFS)Encrypted File System (EFS)

PERMISSIONSPERMISSIONSFor files, directories, networked devicesFor files, directories, networked devices

APPLICABLE ON:APPLICABLE ON:- UsersUsers- ComputersComputers- Networked devicesNetworked devices- Groups of:Groups of:

- UsersUsers- ComputersComputers- Networked devicesNetworked devices

INHERITANCEINHERITANCE

NTFS Access ControlNTFS Access Control

Surfing the InternetSurfing the Internet

BrowsersBrowsers• FFFF• IEIE• Others (Opera, Chrome, etc)Others (Opera, Chrome, etc)

Browser Add-onsBrowser Add-ons• NoScriptNoScript• FlashBlockFlashBlock

Environmental ThreatsEnvironmental Threats

COMPONENT OBJECT MODELSCOMPONENT OBJECT MODELS Object Linking and Embedding (OLE)Object Linking and Embedding (OLE)

Remote Procedure Call (RPC)Remote Procedure Call (RPC) ActiveXActiveX

JAVA APPLETSJAVA APPLETS

External threatsExternal threats Browser relatedBrowser related

• Hijacks (BHO)Hijacks (BHO) Drive-by downloadsDrive-by downloads

WMF (2005), ActiveX, DCOMWMF (2005), ActiveX, DCOM ScamsScams

• Confidence trickingConfidence tricking PhishingPhishing

• Fake EmailsFake Emails ID TheftID Theft

• Data harvestingData harvesting Social EngineeringSocial Engineering

• Psychological manipulationPsychological manipulation Targeted MalwareTargeted Malware

• Silent_banker Silent_banker

Human ErrorHuman Error

EmailsEmails DownloadsDownloads

• P2PP2P• Underground sourcesUnderground sources

System patches out of dateSystem patches out of date Clicking without reading/fully Clicking without reading/fully

understanding (‘Nexters’)understanding (‘Nexters’)

PrivacyPrivacy Indexing servicesIndexing services

• Google DesktopGoogle Desktop Social websitesSocial websites

• FacebookFacebook ID ThreatsID Threats Facebook ApplicationsFacebook Applications

• Source of infectionSource of infection• Data miningData mining

Search enginesSearch engines• GoogleGoogle

Scrapped google engine (Scroogle)Scrapped google engine (Scroogle)• IxquickIxquick• DuckDuckGoDuckDuckGo

Operating System Security Operating System Security SoftwareSoftware

Anti VirusAnti Virus• Microsoft Security Essentials (MSE)Microsoft Security Essentials (MSE)

Anti Spy/MalwareAnti Spy/Malware• Windows DefenderWindows Defender

Tracking SoftwareTracking Software• AdeonaAdeona

FirewallFirewall• Windows FirewallWindows Firewall• Sygate Personal FirewallSygate Personal Firewall

Common SenseCommon Sense Strong PasswordStrong Password Latest updatesLatest updates Unprivileged user accountUnprivileged user account Read EVERYTHING on screenRead EVERYTHING on screen Never disclose any login detailsNever disclose any login details Never believe in something for nothingNever believe in something for nothing Be AwareBe Aware Better safe than sorryBetter safe than sorry

Safe SystemSafe System Internet BrowsingInternet Browsing

• Tightened settings for BrowsersTightened settings for Browsers• Do not log in as AdministratorDo not log in as Administrator• Build up adequate layer of defence through application layerBuild up adequate layer of defence through application layer• Real-Time anti-vir/spy/mal/ad wareReal-Time anti-vir/spy/mal/ad ware

Electronic MailElectronic Mail• Set up for plain text onlySet up for plain text only• Be careful what you subscribe toBe careful what you subscribe to

(mailing list harvesting)(mailing list harvesting)

• Spam filtersSpam filters• Email address obfuscatingEmail address obfuscating• Structuring multiple email addresses for different purposesStructuring multiple email addresses for different purposes

System layerSystem layer• Hidden files (double extensions)Hidden files (double extensions)• Start-upStart-up• Active software protectionActive software protection

THE ENDTHE END

Thank youThank you