windows security a practical approach. basics passwords passwords strong password should:strong...
TRANSCRIPT
Windows SecurityWindows Security
A practical approachA practical approach
BasicsBasics
PasswordsPasswords• Strong password should:Strong password should:
Be longBe long Contain:Contain:
• LettersLetters• PunctuationPunctuation• SymbolsSymbols• NumbersNumbers
Password CheckerPassword Checker• http://www.microsoft.com/security/online-http://www.microsoft.com/security/online-
privacy/password-checker.aspxprivacy/password-checker.aspx
PasswordPassword
Password is known ONLY to userPassword is known ONLY to user Storing/Managing PasswordsStoring/Managing Passwords
• Password algorithmsPassword algorithms Password filesPassword files
File SystemFile System
NTFS Security AdvantagesNTFS Security Advantages• Access Control ListAccess Control List• Granular structureGranular structure• Supports server authenticationSupports server authentication• Ability to encrypt files and directoriesAbility to encrypt files and directories
Encrypted File System (EFS)Encrypted File System (EFS)
PERMISSIONSPERMISSIONSFor files, directories, networked devicesFor files, directories, networked devices
APPLICABLE ON:APPLICABLE ON:- UsersUsers- ComputersComputers- Networked devicesNetworked devices- Groups of:Groups of:
- UsersUsers- ComputersComputers- Networked devicesNetworked devices
INHERITANCEINHERITANCE
NTFS Access ControlNTFS Access Control
Surfing the InternetSurfing the Internet
BrowsersBrowsers• FFFF• IEIE• Others (Opera, Chrome, etc)Others (Opera, Chrome, etc)
Browser Add-onsBrowser Add-ons• NoScriptNoScript• FlashBlockFlashBlock
Environmental ThreatsEnvironmental Threats
COMPONENT OBJECT MODELSCOMPONENT OBJECT MODELS Object Linking and Embedding (OLE)Object Linking and Embedding (OLE)
Remote Procedure Call (RPC)Remote Procedure Call (RPC) ActiveXActiveX
JAVA APPLETSJAVA APPLETS
External threatsExternal threats Browser relatedBrowser related
• Hijacks (BHO)Hijacks (BHO) Drive-by downloadsDrive-by downloads
WMF (2005), ActiveX, DCOMWMF (2005), ActiveX, DCOM ScamsScams
• Confidence trickingConfidence tricking PhishingPhishing
• Fake EmailsFake Emails ID TheftID Theft
• Data harvestingData harvesting Social EngineeringSocial Engineering
• Psychological manipulationPsychological manipulation Targeted MalwareTargeted Malware
• Silent_banker Silent_banker
Human ErrorHuman Error
EmailsEmails DownloadsDownloads
• P2PP2P• Underground sourcesUnderground sources
System patches out of dateSystem patches out of date Clicking without reading/fully Clicking without reading/fully
understanding (‘Nexters’)understanding (‘Nexters’)
PrivacyPrivacy Indexing servicesIndexing services
• Google DesktopGoogle Desktop Social websitesSocial websites
• FacebookFacebook ID ThreatsID Threats Facebook ApplicationsFacebook Applications
• Source of infectionSource of infection• Data miningData mining
Search enginesSearch engines• GoogleGoogle
Scrapped google engine (Scroogle)Scrapped google engine (Scroogle)• IxquickIxquick• DuckDuckGoDuckDuckGo
Operating System Security Operating System Security SoftwareSoftware
Anti VirusAnti Virus• Microsoft Security Essentials (MSE)Microsoft Security Essentials (MSE)
Anti Spy/MalwareAnti Spy/Malware• Windows DefenderWindows Defender
Tracking SoftwareTracking Software• AdeonaAdeona
FirewallFirewall• Windows FirewallWindows Firewall• Sygate Personal FirewallSygate Personal Firewall
Common SenseCommon Sense Strong PasswordStrong Password Latest updatesLatest updates Unprivileged user accountUnprivileged user account Read EVERYTHING on screenRead EVERYTHING on screen Never disclose any login detailsNever disclose any login details Never believe in something for nothingNever believe in something for nothing Be AwareBe Aware Better safe than sorryBetter safe than sorry
Safe SystemSafe System Internet BrowsingInternet Browsing
• Tightened settings for BrowsersTightened settings for Browsers• Do not log in as AdministratorDo not log in as Administrator• Build up adequate layer of defence through application layerBuild up adequate layer of defence through application layer• Real-Time anti-vir/spy/mal/ad wareReal-Time anti-vir/spy/mal/ad ware
Electronic MailElectronic Mail• Set up for plain text onlySet up for plain text only• Be careful what you subscribe toBe careful what you subscribe to
(mailing list harvesting)(mailing list harvesting)
• Spam filtersSpam filters• Email address obfuscatingEmail address obfuscating• Structuring multiple email addresses for different purposesStructuring multiple email addresses for different purposes
System layerSystem layer• Hidden files (double extensions)Hidden files (double extensions)• Start-upStart-up• Active software protectionActive software protection
THE ENDTHE END
Thank youThank you