Presentation is loading. Please wait.

Presentation is loading. Please wait.

Managing Local Security in Windows Threats to Computers and Users Defense Against Threats Windows Local Security Accounts Applying Security to Files and.

Published by Modified over 10 years ago

Similar presentations

Presentation on theme: "Managing Local Security in Windows Threats to Computers and Users Defense Against Threats Windows Local Security Accounts Applying Security to Files and."— Presentation transcript:

1 Managing Local Security in Windows Threats to Computers and Users Defense Against Threats Windows Local Security Accounts Applying Security to Files and Folders, Common Windows Security Problems Chapter 7

2 Threats to Computers and Users Accidental, Deliberate, Natural and Unnatural Disasters Fires; Earthquakes; Floods ? Dropped Theft and damage Protect against disasters with frequent backups Backup critical data files Image backups Multiple backup sets Why? Chapter 7

3 Threats to Computers and Users Computer Hardware Theft Secure computers physically Laptops more vulnerable Unsophisticated thieves steal for the value of hardware. Sophisticated thieves will search hard drive for data. Identify Theft Personal information is stolen and used to commit fraud Obtaining a social security # and other key personal information may be enough to steal someone's identity Fraud a form of identity theft The use of deceit & trickery to obtain money or valuables Chapter 7

4 Threats to Computers and Users Accidental, Deliberate, Natural and Unnatural Disasters Continued) Other Deliberate Attacks Spyware Bluesnarfing Password Crackers Spam Trojan Horse Pop-Up Download War Driving Phishing Keystroke Logger Viruses, Worms, Adware Home Page Hijack PC Hijacking Back Doors Chapter 7

5 Define Spyware whether malicious or not, “Spyware” is software secretly placed on a computer that records and reports user activity. Phishing is attempt to lure a user into surrendering their personal information, by pretending to be an official request from a legitimate business. (PayPal, eBay, Citibank, IRS Tax refund) Chapter 7

6 Attackers Online attackers or organized crime – monetary gain Credit card trafficking Identity theft Financial account access Hire out Marketing organizations Online surfing and purchasing habits Trend related activities to mount marketing campaigns Trusted Insiders sell information leverage to gain advantage Black mail Chapter 7

7 Attack Form Application add-ons: Often bundled with software Web site installs: Malicious Web sites often disguise spyware as a helpful utility and prompt users to install the spyware when browsing the site. E-mail attachments or links: especially HTML graphics images, misrepresented links Software Install Prompt Pop-up Windows: Chapter 7

8 Spyware Types Adware – demos, free trials, EULA deception Keyloggers – record key press Trojans - attached to a useful program Scumware – altered link rerouting (email) Dialers – hidden time pay phone calls (Porn) Browser & search engine Hijackers Chapter 7

9 Spyware Visual Examples Spyware has been known to masquerade as a prize- notification pop-up window. Masquerading as anti- spyware - This is one of the cruelest tricks in the book. This type of software convinces you that it's a tool to detect and remove spyware.

10 Spyware Visual Examples continued: Peer-to-peer file-sharing clients. While it officially claims otherwise, Kazaa has been known to include Spyware in its download package. Bonzi Buddy is an "add-on" application that includes spyware in its package. Browser add-ons – are particularly nasty add-ons are considered browser hijackers -- these embed themselves deeply in your machine and take quite a bit of work to get rid of.

11 Indicators Unexplainable, reduction in computer performance. “unauthorized device hijacking” Toolbars appear that can't be deleted permanently. Heavy increase in pop-up ads. “internet pollution” Search engine or browser home page has changed, “Hijacked”. Excessive or unexplained network or modem traffic. “bandwidth stealing” Chapter 7

12 Spyware Statistics Spyware dishing websites, at the end of Q1 of 2006, the number was 427,000, while at the end of Q2 2006, the number reached an astonishing 527,136. Infection rates Q2 of 2006: Home user – 89% Small & Medium size Businesses – 50% Enterprise Businesses – 21% Business Effects Reported: Performance slow down – 65% Productivity Loss – 58% Loss in sales – 20% The Spyware King: China 42%, United States 17% Chapter 7

13 Emotions Emotional effects on home user and IT personnel Direct Revenue an advertising company (spyware) tracked the most frequently used aggressive words found in customer complaints for June of 2005. The top three are, ’”die” (103 times), “f-----“(44), and “kill” (15) (Elgin & Grow, 2006). No where to turn, no recourse! Controversial Course teaches Spyware Code writing Chapter 7

14 Legislation Federal - Computer Fraud and Abuse Act Federal Trade Commission Act Electronic Communications Privacy Act About 12 states have specific Spyware laws Shawn Collins, Chicago attorney - charges spyware as a pollutant to the internet and a trespass-to-personal-property as an argument. (6 cases: 3 and 1 so far) Spy vs. Spy (Direct Revenue and Avenue Media) Fail to Report Incidents why? FTC must (reasonably protected) Reputation Chapter 7

15 Prevention and Detection Use a firewall to restrict outbound traffic on all ports except those used for HTTP, POP3, and SMTP. Use multi-layered Anti-spyware approach Make it a habit to run scans of antivirus and anti- spyware programs bi-weekly or even daily. Read EULA very carefully – target phrases EULAlyzer program – automatic EULA reader Close unwanted pop-up install prompts using Alt-F4 instead of “X” icon on the title bar, a “No”, “Close”, or “Cancel” button. Avoid using peer-to-peer, file sharing networks

16 Prevention and Detection Limit Web surfing to known-safe sites by using a proxy server or restricted sites list. Web links within pop-ups or in emails can be masked to look legitimate. Type in URLs don’t click email links Use Pop-up blockers Avoid downloading helpful site plug-ins. Avoid downloading freeware, shareware, limited demo software, and free trail offers. Use only commercial and known-safe utilities. Don’t surf the web while logged in as Administrator Regularly apply software patches and updates.

17 Prevention and Detection Consider alternative browsers, Firefox, Opera. Turn off PC or modem Backup your data regularly. Adjust cookie permissions: Uninstall applications you don’t use. When possible, configure user accounts without download or install permissions. Use Spam blockers Check out programs before you download or install

18 Removal Install multiple detection and removal programs. Identify and disable malicious processes with Windows Task Manager. Run “msconfig” disable malicious services and startup programs with the System Configuration Utility. Run an anti-virus program and keep it updated Reacting to a Suspected Virus Attack Scan all drives and memory with a locally installed anti-virus Use a free antivirus scanner, such as Housecall, at housecall.trendmicro.com Search and delete registry entries associated that malicious code. Warning, educate yourself first! Chapter 7

19 Top Ten Rogue Anti-Spyware Applications 10. Spyware Bomber brought to us by the same folks behind Enternet Media, the spyware company shut down recently by the FTC 9. SlimShield tied with Winhound Spyware Remover for hijacking and stealth installation 8. WinAntiVirus and its companion WinAntiSpyware 2005 for hijacking, aggressive advertising and inappropriate collection of personally identifying information 7. SpywareNo and its clone SpyDemolisher for stealth installation and deceptive aggressive advertising 6. Razespyware for stealth installs, desktop hijacks and aggressive advertising 5. Spy Trooper for stealth installs, desktop hijacks and aggressive advertising 4. WorldAntiSpy for stealth installs, desktop hijacks and aggressive advertising 3. PSGuard for stealth installs, desktop hijacks and aggressive advertising 2. SpySheriff for stealth installs, desktop hijacks and aggressive advertising 1. SpyAxe for desktop hijacks, stealth installs and deceptive, aggressive advertising Chapter 7

20 Top Ten Anti-Spyware Applications 1. Lavasoft Ad-aware - Free 2. ZoneAlarm Anti-Spyware 3. Tenebril SpyCatcher 4. Webroot Spy Sweeper 5. PC Tools Spyware Doctor 6. McAfee AntiSpyware 7. Spybot Search & Destroy - Free 8. Microsoft Defender – Free for until Dec. 9. Trend Micro Anti-Spyware 10. CA eTrust PestPatrol - Free Chapter 7

21 Defense Against Threats Authentication and Authorization Authentication Verification of who you are, your identity (user name) One-layer authentication  Something you know (password) Two-layer authentication  Something you know plus something you have (a token, like a bankcard) Three-layer authentication  Above plus biometric data (retinal scan, voice print, etc.) Chapter 7

22 Defense Against Threats Authentication and Authorization (continued) Authorization Determines the level of access to a computer or a resource. Includes both authentication, plus verification of access level Permission describes an action that can be performed on an object Chapter 7

23 Defense Against Threats Authentication and Authorization (continued) Password A string of characters entered for authentication Don’t take passwords for granted Don’t use the same password everywhere Basic defense against invasion of privacy Use long and complex password Do not use common words Chapter 7

24 Defense Against Threats Best Practices with User Names and Passwords Don't Give Away Your User Name and Password Create Strong Passwords Never Reuse Passwords Avoid Creating Unnecessary Online Accounts Don’t Provide More Information Than Necessary Always Use Strong Passwords for Certain Types of Accounts Chapter 7

25 Defense Against Threats Security Accounts An account that can be assigned permission to take action on an object or the right to take action on an entire system. User Accounts Individual account Includes user name and password Full name, description, and other information Exist in all Windows security accounts databases Chapter 7

26 Defense Against Threats Security Accounts (continued) Group Accounts Contain one or more user and group accounts Exist in all Windows Security accounts databases Computer Accounts Computers may have accounts Exist in Microsoft domain security accounts databases Chapter 7

27 Defense Against Threats Encryption Transformation of data into a code that can only be decrypted with a secret key or password Secret key is a special code used to decrypt Encrypt a local or network-based file Encrypt data before sending over a network (PGP) Only someone with the password or key can decrypt data Secret key may be held in a digital certificate Encrypt sensitive data stored on a laptop or in a setting where data theft is a concern NTFS5 supports file and folder encryption Chapter 7

28 Defense Against Threats Firewalls Firewall technologies IP packet filter Proxy service Encrypted authentication Virtual private network (VPN) Chapter 7

29 Defense Against Threats Firewalls (continued) Working behind a Firewall in a Large Organization Firewall configured based on the computers it is protecting. Working Behind a Firewall at Home or on a Small LAN Hardware for home and small business called "broadband routers“ Personal software firewall utilities Step-by-Step 7.01 Configure the Windows Firewall Page 324 Chapter 7

30 Defense Against Threats More help from Windows XP Service Pack 2 Windows Security Center monitors Firewall Automatic Updates Virus Protections A Manage Add-ons button in Internet Options A pop-up dialog will warn of add-on installation attempt Protection from opening suspect files Chapter 7

31 Defense Against Threats Privacy Protection Internet Options privacy settings Control handling of cookies Settings from block-all-cookies to allow-all-cookies Balance between convenience and risk Chapter 7

32 Defense Against Threats Protection from Inappropriate or Distasteful Content Web content filter Add-on or feature of a web browser Block or allow certain sites Service on Internet give ratings to web sites Configure filter to allow or disallow unrated sites Content Advisor in Internet Explorer Step-by-Step 7.02 Check Out the Content Advisor in Internet Explorer Page 329 Chapter 7

33 Windows Local Security Accounts Administering Local Windows Accounts (continued) User Administration in Windows XP Pro (continued) Password Reset Disk  Created by/for currently logged on user  Use when password is forgotten  Will not lose access to items such as encrypted files  If Administrator resets—password access to encrypted files is lost  Gives user power to fix own passwords  More complicated to do in a domain Step-by-Step 7.05 Creating User Accounts and a Password Reset Disk in Windows XP Page 347 Chapter 7

Download ppt "Managing Local Security in Windows Threats to Computers and Users Defense Against Threats Windows Local Security Accounts Applying Security to Files and."

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Keep Your PC Safe (Windows 7, Vista or XP) Nora Lucke 02/05/2012 Documents - security.

Keep Your PC Safe (Windows 7, Vista or XP) Nora Lucke 02/05/2012 Documents - security.
How to protect yourself, your computer, and others on the internet

How to protect yourself, your computer, and others on the internet
®® Microsoft Windows 7 for Power Users Tutorial 7 Enhancing Your Computers Security.

®® Microsoft Windows 7 for Power Users Tutorial 7 Enhancing Your Computers Security.
Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.

Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
Internet Safety Topic 2 Malware This presentation by Tim Fraser Malware is short for malicious software VirusesViruses SpywareSpyware AdwareAdware other.

Internet Safety Topic 2 Malware This presentation by Tim Fraser Malware is short for malicious software VirusesViruses SpywareSpyware AdwareAdware other.
Spyware & It’s Remedies CS 526 Research Project Spring 2008 Presented By - Ankur Chattopadhyay Erica Kirkbride University Of Colorado At Colorado Springs.

Spyware & It’s Remedies CS 526 Research Project Spring 2008 Presented By - Ankur Chattopadhyay Erica Kirkbride University Of Colorado At Colorado Springs.
Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.

Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Security, Privacy, and Ethics Online Computer Crimes.

Security, Privacy, and Ethics Online Computer Crimes.
Chapter 4 Personal Security

Chapter 4 Personal Security
Windows Security Tech Talk 9/25/07. What is a virus?  A computer program designed to self replicate without permission from the end user  The program.

Windows Security Tech Talk 9/25/07. What is a virus?  A computer program designed to self replicate without permission from the end user  The program.
Don’t Lose Your Identity – Protect Yourself from Spyware Dan Frommer Sherry Minton.

Don’t Lose Your Identity – Protect Yourself from Spyware Dan Frommer Sherry Minton.
What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:

What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:
How to Protect Your PC Grayware Adware, Malware, Spyware.

How to Protect Your PC Grayware Adware, Malware, Spyware.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Utility Programs and their Functions. Antivirus Software (Virus Checker) Keep the Computer software healthy and free of virus’ that can harm the function.

Utility Programs and their Functions. Antivirus Software (Virus Checker) Keep the Computer software healthy and free of virus’ that can harm the function.
FIRST COURSE Computer Concepts Internet and Email Microsoft Office Get to Know Your Computer.

FIRST COURSE Computer Concepts Internet and Microsoft Office Get to Know Your Computer.
Security. Physical security Protection from fire/water Protection from dust and extremes of temperature.

Security. Physical security Protection from fire/water Protection from dust and extremes of temperature.
Chapter Nine Maintaining a Computer Part III: Malware.

Chapter Nine Maintaining a Computer Part III: Malware.

Similar presentations

Ads by Google