1

Operating System Security

ORachel JeewaO www.twitter.com/RachelJeew

a

2

In Old Days

3

ObjectiveO Nowadays,

as systems grow powerful , attacks on system grow more sophisticated.

O Therefore, it is important that the system users secure the computer from threats.

4

Threats to System Security

O VirusA virus is a program that replicates by copying itself to other programs, system boot sectors or documents or applications. Some viruses can damage to your files by deleting or corrupting them. Some may display rude or strange message on the screen. Some can allow other people to access and control your computer.

5

Brain. A

The first PC virus is called Brain.A

Created by Basit and Amjad

(beside picture)

From Pakistan in 1986

6

Trojan Spyware

O A Trojan is a program that seems to legitimate but acts maliciously when executed. It can open direct entry point for attacker so attacker may use system’s resources such as hard disk spce.

O Spyware includes Trojans and other malicious software that steals personal information from a system without user’s knowledge.

7

Log-in Password Cracking

1.GuessingPassword Guessing is trying different passwords until one works.

2.Shoulder SurfingShoulder Surfing involves watching while someone types the password.

8

Log-in Password Cracking

3. Social EngineeringSocial Engineering is tricking people to reveal their passwords or other information that can be used to guess a password.

4.Dictionary AttackDictionary attack uses a pre-defined list of words to recover the password. This is likely to succeed when the password is short. Several password cracking programs are available on the internet.

9

Guidelines for Windows OS Security

1.Lock the system when not in useIt helps to secure the workstation from an unauthorized user.Method_ Selects the Window and L buttons together on the keyboard to lock the system.

2.Create strong user passwordA weak password does not offer an effective protection .Always use strong password e.g tEst@5#8*Method_ Control Panel User Accounts

10

Guidelines for Windows OS Security

3.Disable the guest account Unwanted guest accounts can be exploited by attackers to gain entry in to the system.Method_ Click the Start button, right-click Computer from shortcut menu, and choose Manage. Go to Local Users and GroupsUsers. Double-click on Guest icon. In the Guest Properties window, check the box next to Account is disabled and click OK .

11

Guidelines for Windows OS Security

4.Lock out unwanted guestsLock out unwanted guests by configuring the setting of the account lockout policy to limit the number of login attempts .Method_ click on Start button, Control Panel,And click Administrative Tools. Double click the Local Security Policy, click Account Policies, double-click the Account Lockout Policy, and double click Account Lockout Threshold. A the prompt, enter the number of invalid login (e.g 3). Click OK.

12

Window Update in Window7

For Window OS, enable automatic updates to ensure that the OS is patched and up-to-date.Method_ click Start , Control Panel and select System and Security. Select Windows Update Change Settings. Choose how Windows should updates and click OK.

13

Pointers for UpdatesO Always patch the OS and applications

to the latest patch levels.O Ensure that patches are downloaded

only from vendor site.O Use patch management tools for

easier updating . Several free tools are available.

O Do not send patches through email.O Choose to be notified by the vendor

about vulnerability announcements.

14

Window FirewallO A firewall is software that guards

the system from unwarranted traffic when connected to a network. Hackers can try to take advantage of programs running on the system and try to execute malicious code. Hacking tools such as Trojan can send information from the victim’s computer to the attacker’s computer. A firewall can detect this attack and block certain traffic .

15

Configuring Window Firewall

O Steps to configure window firewall include:

Method_ Start Control Panel In the search box, type firewall and click Windows Firewall.In the left pane, click Turn Windows Firewall On or Off.Check the circles Turn On Windows Firewall.Click OK.

Using NTFS

O The NTFS file system provides better performance and security for data on hard disks and partitions than FAT file system. You can convert earlier FAT or FAT32 file system to NTFS by using the covert command.

16

17

Using NTFSO Click Start and type cmd , right click

Command Prompt and then click Run as Administrator.

O In the Command Prompt, type covert drive_letter: /fs:ntfs , where drive_letter is the letter of the drive to be converted to NTFS. Then press Enter.

O Type the name of the volume you want to convert and press enter.When the conversion complete restart the computer.

O Note-Converting to NTFS does not affect the data.

18

Windows EFSO Windows encryption file system(EFS) allows

window7 user to encrypt files and folders. But encryption does not allow encryption on compressed or zipped files and system files.

O Method_ right click on a file or folder to encrypt, select Properties on the General tab, and click the Advanced botton. Select Encrypt contents to secure data. Click OK to close the dialog box and click Apply

O The encryption dialog box appears. Check either of the two options and click OK.

19

Decrypt A File Using EFS

O To decrypt a encrypted folder or file-Right click on the folder or file to decrypt and select Properties. On the General tab, click the Advanced button. The Advanced Attributes box will appears.Uncheck Encrypt contents to secure data, click OK to close the dialog box, apply the settings and click OK.

20

BitLockerO BitLocker drive encryption allows the

entire volume of the system to be secured. Encrypted removable media can be decrypted and re-encrypted again.

O Method_ click Start and click Computer. Right click on the drive and select the option Turn On BitLocker…

21

Windows Security Tools

1.Microsoft Security Essentialshttp://www.microsoft.com

2.Keepass Password Safe Portablehttp://www.portableapps.com

3.Registry Mechanichttp://www.pctools.com

22

Thank You!