Presentation is loading. Please wait.

Presentation is loading. Please wait.

Tutorial #1. Lab#: 1 Securing your system Lab 1.2: Tenable Nessus Nessus currently works on Windows, Linux, and Mac. It is a vulnerability scanner, which.

Published byHarriet Powell Modified over 8 years ago

Similar presentations

Presentation on theme: "Tutorial #1. Lab#: 1 Securing your system Lab 1.2: Tenable Nessus Nessus currently works on Windows, Linux, and Mac. It is a vulnerability scanner, which."— Presentation transcript:

1 Tutorial #1

2 Lab#: 1 Securing your system

3 Lab 1.2: Tenable Nessus Nessus currently works on Windows, Linux, and Mac. It is a vulnerability scanner, which allows you to scan a targeted system or a range of systems and identify any vulnerabilities or weaknesses. In this exercise you will learn how to work with Nessus. Nessus has two parts a server, which is already set up, and the client which you will be working with. When you first lunch the Nessus client you need to connect to the server.

4 Conti… Click on connect on the bottom left corner. A list of servers will appear, chose your server, and click connect. After connecting to the server, the left side tap would show targets that can be scanned; you can add a new target; which could be a single host or a range of hosts. Click on add. Chose Single host, and type in your PC’s IP address. Highlight your host and click on Scan. Nessus will generate a whole report about the scanned system.

5 Lab 1.3: Run the Microsoft Baseline Security Analyzer The Microsoft Baseline Security Analyzer (MBSA) currently works with Microsoft Windows Sever 2003/2008, as well as Windows Vista, Windows XP, and Windows 2000. It allows you to scan a system and identify weaknesses and misconfigurations. To run MBSA, follow these steps: 1. Log in with administrator privileges and download the latest version of MBSA from http://technet.microsoft.com/en- us/security/cc184924.aspx.

6 Conti… 2. When prompted, choose to install the application. After the installation is complete, run MBSA. 3. Choose the option ‘Scan a computer’. 4. The default computer to scan will be the one you are sitting at, but you can change this to another on the network by specifying either the computer’s name or IP address. 5. Click Start Scan.

7 Conti… 6- View the report that is given when the scan finishes. The report will include information on missing security updates, and service packs for the operating system as well as Microsoft applications. It will also identify any user accounts that have blank or simple passwords, firewall status, the number of local administrators configured, unnecessary services.

8 Figure 1.3 MBSA

9 Figure 1.4 results of MBSA

10 Lab 1.4: Update a Windows-Based System Whether you are running Windows Server 2003 or 2008, you’ll use these steps to look for updates to your system and to begin installing them: 1. Log in as administrator and start Microsoft Internet Explorer. 2. Go to http://v4.windowsupdate.microsoft.com/en/default.as p. 3. Click Express. The system will be checked, and you can choose to install any updates that are found.

11 Lab 1.5: Configure Windows Automatic updates One of the most important things you can do to keep your systems secure is to keep them up-to-date. In this exercise, you’ll turn on Automatic Updates for a Windows XP Professional workstation: 1. Start the System applet by choosing Start  Control Panel  System. *Switch the view to Classic mode 2. Click the Automatic Updates tab. 3. Check the Keep My Computer Up To Date option (with some service packs, this becomes simply an Automatic radio button).

12 Conti… 4. In the Settings section, choose the Download the Updates Automatically and Notify Me When They Are Ready to Be Installed radio button (based upon the version of service pack you have installed, this option may not be present). 5. Click OK, and exit the System applet. This option allows the operating system to download and install updates as they become available. Some updates— such as service packs—usually require a reboot in order to be active after the installation.

13 Lab#: 2 Identifying running processes, ports, and services

14 Introduction It is important to know what processes are running on a machine at any given time. In addition to the programs that a user may be using, there are always many others that are required by the operating system, the network, or other applications.

15 Lab 2.1: Identify Running Processes on a Windows-Based Machine All recent versions of Windows include the Task Manager to allow you to see what is running. To access this information, follow these steps: 1. Right-click an empty location in the Windows Taskbar. 2. Choose Task Manager from the pop-up menu that appears. 3. The Task Manager opens to Applications by default and shows what the user is actually using. Click the Processes tab. Information about the programs that are needed for the running applications is shown, as well as all other processes running. (If the Show Processes From All Users check box appears beneath this tab, be sure to click it.) Many of the names of the processes appear cryptic, but definitions for most (good and bad) can be found at http://www.liutilities.com/products/wintaskspro/processlibrary/.

16 Conti… 4. Examine the list and look for anything out of the ordinary. After doing this a few times, you will become familiar with what is normally there and will be able to spot oddities quickly.

17 Conti… 5. Notice the values in the CPU column. Those values will always total 100, with System Idle Processes typically making up the bulk. High numbers on another process can indicate that there is a problem with it. If the numbers do not add up to 100, it can be a sign that a rootkit is masking some of the display. 6. Close the Task Manager.

18 Lab 2.2: using Processes explorer to identify running Processes, Ports and Services Process Explorer is a system monitoring and examination utility and can be used as the first step in debugging software or system problems. To use Process Explorer follow these steps: Double click “procexp” on your desktop.

19 Conti… Click Ctrl+L. a lower panel will show up. The top window always shows a list of the currently active processes, including the names of their owning accounts, whereas the information displayed in the bottom window depends on the mode that Process Explorer is in: if it is in handle mode you'll see the handles that the process selected in the top window has opened; if Process Explorer is in DLL mode you'll see the DLLs and memory-mapped files that the process has loaded.

20 Figure 2.1 Process Explorer.

21 Click Ctrl+I, a system information window will appear showing statistics and graphs about the system. Click on any process from the top window (i.e. svchost.exe), and right click on it and chose ‘properties’.

22 Figure2.2 System information from Process explorer

23 Lab#: 3 Windows system

24 Lab#: 3 It is important for a security professional to know the way around your system, either windows, Linux, or any other system. In this Lab, you will be learning some important security aspects in the Windows system; this lab will go over users and permissions, sharing and folders permissions.

25 Lab 3.1: Adding new user in Windows User name is the ID used by windows and a lot other systems to identify users, in this exercise, you will be creating new user on your windows system, to do so follow these steps:

26 Conti… Choose Start  Control Panel. Double click ‘User Accounts’. Click the Create a New Account link. Enter a name for the account. Select the type of account you want to create for Windows. Click the Create Account button. Close the Control Panel.

27 Figure 3.1 adding a user.

28 Lab 3.2: Identify User Accounts with Administrator Access in Windows XP User management is simplified by adding users to groups. To see which users are members of the Administrators group, follow these steps: 1. Choose Start  Run  Click on Start  enter compmgmt.msc, then click on the OK button 2. Within the left frame, expand Local Users and Groups and then expand Groups, as shown in Figure 3.2.

29 3. Double-click Administrators and a list of users appears. You can use the Add or Remove button to place users in this group or take them from it, respectively. 4. Exit the Computer Management console. 5. Exit Control Panel.

30 Figure 3.2 Expand the Groups folder to see the local groups.

31 Lab 3.3: Hide and Access a Windows Share This lab requires two Windows workstations. A simple method for “protecting” shares is to make them hidden. To hide a share in Windows, you use the dollar sign character ($) as the last character of its name. It will then no longer appear in listings and will need to be referred to specifically to be accessed. Follow these steps: 1. On Computer1, choose to share the C:\WINDOWS directory, and name the share DATA$.

32 Conti… 2. On Computer2, look for the share. Use My Network Places (or Network Neighborhood on older Windows operating systems) to look for the share. You should not be able to see the share because the name ends with $. 3. Right-click My Network Places and choose Map Network Drive. 4. In the Path box, type \\Computer1\DATA$. 5. Click OK. You should now be able to access the share.

33 Lab 3.4: Secure the Account Database The Windows XP account database can be secured through encryption to prevent it from being compromised. To perform this action, follow these steps: 1. Choose Start  Run. 2. Type syskey and press Enter. The dialog box shown in Figure 3.3 appears. 3. Click Update. The dialog box shown in Figure 3.3 appears.

34 Conti… 4. Choose Password Startup. 5. Enter a password that you want to require during startup. 6. Enter the same password in the Confirm box. 7. Click OK. Note the warning—once encryption is enabled, it cannot be disabled.

35 Figure 3.3 Use encryption to secure the Windows XP account database.

36 Lab 3.5: Changing ACL for a folder Access Control Lists apply only to files stored on an NTFS formatted drive, each ACL determines which users (or groups of users) can read or edit the file. When a new file is created it normally inherits ACL's from the folder where it was created. The easy way in Windows is by right clicking on the folder and changing the privileges, to do so follow these steps: 1. Double click the folder ‘My Document’, and then create new folder in it. 2. Right click on the new folder, and chose ‘properties’.

37 Conti… 3. Click on the 3 rd tap ‘Security’. 4. You will see all users, including the user you have created. Click on any user. 5. User’s permissions are displayed in the bottom window; you can change any permission by clicking on ‘Allow’ or ‘Deny’. 6. Click on advanced and explore what other options you can perform.

38 Thanks !

39 Tutorial Delivered By : Maqsood Mahmud Researcher/TA, Center of Excellence in Information Assurance, College of Computer and Information Sciences (CCIS), King Saud University, Riyadh, Kingdom of Saudi Arabia. Cell: +966-544062273 Office: +966-1-4697350 Fax: +966-1-4675423 E-mail : information493@gmail.com Web: http://faculty.ksu.edu.sa/maqsood

Download ppt "Tutorial #1. Lab#: 1 Securing your system Lab 1.2: Tenable Nessus Nessus currently works on Windows, Linux, and Mac. It is a vulnerability scanner, which."

Similar presentations

®® Microsoft Windows 7 Windows Tutorial 8 Connecting to Networks with Mobile Computing.

®® Microsoft Windows 7 Windows Tutorial 8 Connecting to Networks with Mobile Computing.
DNR-322L & DNR-326.

DNR-322L & DNR-326.
XP Tutorial 9 New Perspectives on Microsoft Windows XP 1 Microsoft Windows XP Exploring Your Network Tutorial 9.

XP Tutorial 9 New Perspectives on Microsoft Windows XP 1 Microsoft Windows XP Exploring Your Network Tutorial 9.
XP Tutorial 4 New Perspectives on Microsoft Windows XP 1 Microsoft Windows XP Personalizing Your Windows Environment Tutorial 4.

XP Tutorial 4 New Perspectives on Microsoft Windows XP 1 Microsoft Windows XP Personalizing Your Windows Environment Tutorial 4.
Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.

Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.
NetAcumen ActiveX Download Instructions

NetAcumen ActiveX Download Instructions
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
Microsoft Windows Vista Chapter 6 Customizing Your Computer Using the Control Panel.

Microsoft Windows Vista Chapter 6 Customizing Your Computer Using the Control Panel.
Lab 03 Windows Operating Systems (Cont.). PYP002 Preparatory Computer ScienceWindows Operating System2 Objectives Develop a good understanding of 1. The.

Lab 03 Windows Operating Systems (Cont.). PYP002 Preparatory Computer ScienceWindows Operating System2 Objectives Develop a good understanding of 1. The.
Lesson 19 – ADMINISTERING WINDOWS 2000 SERVER : THE BASICS.

Lesson 19 – ADMINISTERING WINDOWS 2000 SERVER : THE BASICS.
Fall 2011 Nassau Community College ITE153 – Operating Systems Session 24 NTFS Permissions and Sharing Printers 1.

Fall 2011 Nassau Community College ITE153 – Operating Systems Session 24 NTFS Permissions and Sharing Printers 1.
WINDOWS XP BACKNEXTEND 1-1 LINKS TO OBJECTIVES Starting Windows Using the Taskbar, opening & switching programs Using the Taskbar, opening & switching.

WINDOWS XP BACKNEXTEND 1-1 LINKS TO OBJECTIVES Starting Windows Using the Taskbar, opening & switching programs Using the Taskbar, opening & switching.
File sharing. Connect the two win 7 systems with LAN card Open the network.

File sharing. Connect the two win 7 systems with LAN card Open the network.
Ch 9 Managing Active Directory User Accounts. Objectives Create Organizational Unit Creating User Accounts in Active Directory Disabling, Enabling, and.

Ch 9 Managing Active Directory User Accounts. Objectives Create Organizational Unit Creating User Accounts in Active Directory Disabling, Enabling, and.
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.

1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
Copyright 2007, EMC Paradigm Publishing Inc. WINDOWS XP BACKNEXTEND 1-1 LINKS TO OBJECTIVES Starting Windows Using the Taskbar, opening & switching programs.

Copyright 2007, EMC Paradigm Publishing Inc. WINDOWS XP BACKNEXTEND 1-1 LINKS TO OBJECTIVES Starting Windows Using the Taskbar, opening & switching programs.
Working with SharePoint Document Libraries. What are document libraries? Document libraries are collections of files that you can share with team members.

Working with SharePoint Document Libraries. What are document libraries? Document libraries are collections of files that you can share with team members.
16.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 16: Examining Software Update.

16.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 16: Examining Software Update.
Windows Tutorial 9 Maintaining Hardware and Software

Windows Tutorial 9 Maintaining Hardware and Software
Working with Drivers and Printers Lesson 6. Skills Matrix Technology SkillObjective DomainObjective # Understanding Drivers and Devices Install and configure.

Working with Drivers and Printers Lesson 6. Skills Matrix Technology SkillObjective DomainObjective # Understanding Drivers and Devices Install and configure.

Similar presentations

Ads by Google