510 likes | 621 Vues
A+ Guide to Software, 4e. Chapter 10 Securing Your PC and LAN. Objectives. Learn how to secure a desktop or notebook computer Learn how to secure a local wired or wireless network Learn how malicious software works and how to clean an infected system. Introduction. Topics to cover
E N D
A+ Guide to Software, 4e Chapter 10 Securing Your PC and LAN
Objectives • Learn how to secure a desktop or notebook computer • Learn how to secure a local wired or wireless network • Learn how malicious software works and how to clean an infected system A+ Guide to Software, 4e
Introduction • Topics to cover • Methods for protecting computers and networks • How to use several security tools • How malicious software works • A step-by-step plan to remove malicious software A+ Guide to Software, 4e
Securing Your Desktop or Notebook Computer • Reasons for providing additional security • Protection from attacks within the network • Attacks through security loopholes • Exposure during travel • A few methods for securing a computer • Limit use of the administrator accounts • Keep Windows updates current • Physically protect your equipment • Keep good backups of user data • Destroy trash that might contain sensitive data A+ Guide to Software, 4e
Access Control • Authentication: identifies an individual • Authorization: assigns privileges/rights to individuals • Types of passwords • Power-on passwords (configured in CMOS setup) • Windows passwords • Online account passwords • Application passwords • Some rules for creating strong passwords • Combine upper/lower case letters, numbers, symbols • Do not use words in any language A+ Guide to Software, 4e
Figure 10-3 Set supervisor and user passwords in CMOS setup to lock down a computer A+ Guide to Software, 4e
Access Control (continued) • Controlling access to a PC using Windows • Set a user password for the user account • Configure user access to certain files and folders • Overview for assigning permissions to file and folder • Disable simple file sharing from View in Folder Options • Open Properties window of a folder and select Sharing • Click Permissions and select options • Protected files and folders display authentication box • Cacls: command for configuring file and folder access A+ Guide to Software, 4e
Figure 10-9 Control who can access a folder and the rights given that user or user group A+ Guide to Software, 4e
Limit Use of the Administrator Account • Three common types of accounts in Windows • Administrator • Guest • Limited User • Advice for protecting the Administrator Account • Create a Limited User account for ordinary activities • Use Administrator account for reserved activities • Change appearance of desktop to flag the account • Change strong password on a regular basis A+ Guide to Software, 4e
Use a Personal Firewall • Firewalls are implemented in software or hardware • Purpose of a firewall • Prevent worms or hackers from invading your system • Turn on Windows Firewall to protect your system • It may be configured to allow for exceptions • Windows Firewall is included with Service Pack 2 A+ Guide to Software, 4e
Figure 10-14 Use Windows Firewall to protect a Windows XP computer A+ Guide to Software, 4e
Use AV Software • Antivirus (AV) software protects system from viruses • Using AV software to greatest effect • Configure software to automatically download updates • Run AV software as a background process • Set software to automatically scan e-mail attachments • Virus signature: distinguishing characteristics of virus • AV software does not always stop adware or spyware • Use removal program for adware or spyware • Example: Ad-Aware by Lavasoft (www.lavasoft.com) A+ Guide to Software, 4e
Figure 10-15 Set your AV software to stay current automatically A+ Guide to Software, 4e
Keep Windows Updates Current • Causes for Windows susceptibility to attacks • Popularity of system makes it an attractive target • Highly integrated components give many entry points • Update Web site: windowsupdate.microsoft.com • Two ways to keep updates current • Access Web site from Windows Update • Run automatic update utility as background process A+ Guide to Software, 4e
Figure 10-16 Turn on Automatic Updates A+ Guide to Software, 4e
Set Internet Explorer for Optimum Security • Some security features in Internet Explorer • Pop-up blocker • The ability to manage add-ons • The ability to block scripts • The ability to disable scripts embedded in Web pages • The ability to set the general security level • Medium is recommended A+ Guide to Software, 4e
Figure 10-18 Control security settings for Internet Explorer A+ Guide to Software, 4e
Use Alternate Client Software • Microsoft products targeted by authors of malware • Microsoft Internet Explorer • Microsoft Outlook Express and Microsoft Outlook • Some reasons for susceptibility • Popularity • Close integration with other Windows components • Use of ActiveX controls • Alternate browser: Firefox by Mozilla • Alternate e-mail client: Eudora by Qualcomm A+ Guide to Software, 4e
Consider Using Microsoft Shared Computer Toolkit for Windows XP • Microsoft Shared Computer Toolkit for Windows XP • Locks down the drive on which Windows is installed • Features of Windows XP that can be locked down • Windows configuration • Installed software or hardware • User settings or user data • Some temporary changes are allowed • When system reboots, it returns to prior state • Toolkit can be downloaded for free A+ Guide to Software, 4e
Hide and Encrypt Files and Folders • Windows 2000/XP Encrypted File System (EFS) • Works on with Windows 2000/XP NTFS EFS • Is not supported in Windows XP Home Edition • Encryption: technology for encrypting folders/files • Best practice: encrypt at the folder level • How to encrypt a file or folder • Open Properties window of file or folder • Click Advanced and select appropriate options • Encrypted folders and files in are displayed in green A+ Guide to Software, 4e
Figure 10-21 Encrypt a file or folder using the Properties window A+ Guide to Software, 4e
Hide and Encrypt Files and Folders (continued) • Overview for sharing an encrypted file • First export your certificate • The other user imports certificate for access to file • Sharing tool: Certificate Export Wizard • Data recovery agent (DRA): can decrypt file/folder • Three ways decrypt a file or folder • Change encryption attribute from Properties window • Move file or folder to a FAT logical drive • Use the Cipher command A+ Guide to Software, 4e
Figure 10-27 A file is no longer encrypted when it is moved off the NTFS drive A+ Guide to Software, 4e
Physically Protect Your Equipment • Don’t move or jar your computer when it’s turned on • Don’t smoke around your computer • If your data is private, keep it under lock and key • Keep magnets away from your computer • Lock down the computer case A+ Guide to Software, 4e
Beware of Social Engineering • Social engineering • Tricking people into giving out private information • Passing unsafe programs into the network or PC • Some techniques of social engineers • Phishing: extracting personal data via e-mail • Scam e-mail: offers to join phony ventures • Virus (e-mail) hoax: clogs up e-mail systems • A few rules for using the Internet • Do not click links inside e-mail messages • Investigate a Web site before downloading software A+ Guide to Software, 4e
Beware of Social Engineering (continued) • Two ways to debunk a hoax e-mail • Note phrases/subjects that request mass forwarding • Use services of security site; e.g., www.hoaxkill.com • Scripts: code segments automating set of tasks • Example: files with extensions .wsf and .vbs • Malicious scripts are often hidden in e-mails • Example: the link www.symantec.com.vbs • Protecting against malicious scripts • Set Windows to display file extensions • Set Windows to first load script to Notepad A+ Guide to Software, 4e
Figure 10-28 An example of a hoax e-mail message A+ Guide to Software, 4e
Figure 10-30 Use the Edit File Type window to change the way Windows displays and manages a file type A+ Guide to Software, 4e
Keep Good Backups of User Data • Prepare for a disaster by making good data backups • Refer to Chapter 4 for backup procedures A+ Guide to Software, 4e
Backup System Files • Use Ntbackup to back up System State and registry • Refer to Chapter 3 for procedures • When to back up the System State • After you have made major changes to the system • Example: after installing a new hard drive • Make backups a routine part of monthly maintenance A+ Guide to Software, 4e
Make Use of Event Logging and Incident Reporting • Some incidents you might be expected to report • An attempt at breaking in to a secured PC or network • The security has been broken • An alarm has been activated • Some reasons for incident reporting • The need for others to respond to an incident • The need to know about a weak security loophole • Legal concerns • Monitoring Windows 2000/XP logon events • Configure Event Viewer to track failed logon attempts A+ Guide to Software, 4e
Figure 10-32 Event Viewer monitoring failures at logging on to Windows XP A+ Guide to Software, 4e
Make Use of Event Logging and Incident Reporting (continued) • Monitor changes to files and folders • Set the Group Policy to audit an object • Add the users that you want to monitor • Decide which activity to monitor • View logged activity in the Event Viewer • Some third-party monitoring tools • Autoruns by Sysinternals • WinPatrol by BillP Studios • Monitoring network activity with Windows Firewall • Configure Log Settings accessed from Advanced tab A+ Guide to Software, 4e
Figure 10-39 Using Windows Firewall, you can log dropped packets and successful connections A+ Guide to Software, 4e
Destroy the Trash • Trash is a source of sensitive information • How to prevent the exposure of data • Destroy all storage media before you throw it out. • Destroy hard copies that contain sensitive data • Steps to take when migrating from older medium • Encrypt data being migrated between systems • Control user access to migrated data • Destroy old data storage medium no longer being used • Erase hard-drive of old PC with a zero-fill utility A+ Guide to Software, 4e
Perform a Monthly Security Maintenance Routine • Change the administrator password • Make sure system is being automatically updated • Check that AV software is installed and current • Visually check the equipment for tampering • Check the Event Viewer A+ Guide to Software, 4e
Securing Your Wired or Wireless Network • Topics to cover • How to use a router to secure a small network • How to secure a wireless network • Authentication techniques used for larger networks A+ Guide to Software, 4e
Use a Router to Secure a SOHO Network • SOHO: a small office or home office • Use a router to secure a SOHO network • Tasks that routers perform: • Limit communication from outside the network • Limit communication from within the network • Secure a wireless access point • Implement a virtual private network (VPN) • Keep router firmware current A+ Guide to Software, 4e
Authentication Technologies • Controlling network access • Encrypt user accounts/passwords at point of entry • Decrypt user accounts/passwords before validation • Popular authentication protocols: CHAP, Kerberos • Two-factor authentication: present two types of id • Smart cards • Device with id information keyed or read into system • Variations: key fob, magnetic strip, and USB smart cards • Biometric data: id based on physical characteristics • Some biometric devices: iris scanner, fingerprint reader A+ Guide to Software, 4e
Figure 10-41 For best security, keep your hardware firewall firmware updated A+ Guide to Software, 4e
Figure 10-42 A smart card such as this SecurID key fob is used to authenticate a user gaining access to a secured network A+ Guide to Software, 4e
Dealing with Malicious Software • Malicious software (malware or computer infestation) • Any unwanted program intending harm to system • Transmitted to your computer without your knowledge • Examples of malware: viruses and worms • Topics to cover • How to recognize that a system is infected • How to understand how malicious software works • How to clean up the mess A+ Guide to Software, 4e
You’ve Got Malware • Some signs of malicious messages • Pop-up ads plague you when surfing the Web • Strange or bizarre error messages appear • Less memory than usual is available • Strange graphics appear on your computer monitor • The system cannot recognize the CD-ROM drive • Files constantly become corrupted • The OS boots, but cannot launch the Windows desktop • Your antivirus software displays one or more messages A+ Guide to Software, 4e
Here's the Nasty List • Virus • Program that replicates by attaching to other programs • Infected program must execute for virus to run • Example: boot sector program • Protection: run AV software in the background • Adware: produces all those unwanted pop-up ads • Spam is junk e-mail that you do not want • Spyware: program installing itself to spy on you • Worm: self-replicating program that overloads network A+ Guide to Software, 4e
Figure 10-46 The crash virus appears to be destructive, making the screen show only garbage, but does no damage to hard drive data A+ Guide to Software, 4e
Here's the Nasty List (continued) • Browser hijacker: alters home page/browser settings • Dialer: dials phone number without your knowledge • Keylogger: tracks all your keystrokes • Logic bomb: dormant code triggered by an event • Trojan horse: disguises itself as a legitimate program A+ Guide to Software, 4e
Here's the Nasty List (continued) • Types of viruses • Boot sector: virus hides in the boot sector program • File virus: hides in executable (.exe, .com, or .sys) • Multipartite virus: combined boot sector and file virus • Macro virus: hides in documents of macro files • Script virus: a virus that hides in a script • How malware replicates and hides • Uses various techniques to load itself into memory • Attempts to hide from AV software • Example: stealth virus manipulates its storage file A+ Guide to Software, 4e
Step-by-Step Attack Plan • Run reputable AV software • Examples: Norton Anti-Virus and McAfee VirusScan • Run adware or spyware removal software • Example: Windows Defender by Microsoft • Search out and destroy what’s left • Respond to any startup errors • Delete malicious files • Purge restore points • Clean the registry • Root out rootkits A+ Guide to Software, 4e
Figure 10-57 Results of running Windows Defender by Microsoft A+ Guide to Software, 4e
Summary • Protect accounts and applications with passwords • File and folders can be configured for selective permissions • Standard security tools: AV software, firewalls, Windows Update • Encryption technology: Windows 2000/XP NTFS EFS • Techniques used by social engineers: phishing, scam e-mails, virus hoaxes A+ Guide to Software, 4e