Your SlideShare is downloading. ×
Challenges In Securing Windows
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Challenges In Securing Windows


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide


  • 1. Bobby McConnell Matt Mewborn Challenges in Securing Windows
    • Survival Rate of a windows machine is between 30-45 minutes.
    • On average Linux is more secure.
    • There is no such thing as a “secure” operating system.
  • 3. Port Scanning
    • Hackers Use port scanners to find open ports on systems.
    • Over 1 Billion port scans are reported every month.
    • Those 1 billion reports are reported by only a small portion of internet users.
    • Common Ports
    • Well Known Ports (0 - 1023)
    • Registered Ports (1024 - 49151)
    • Dynamic and/or Private Ports (49152 - 65535)
  • 4. IP Spoofing
    • IP spoofing occurs when an attacker fakes their IP address so the receiver thinks it is sent from a location that it is not actually from.
    • Five Defenses
    • Key Based authentication
    • Deny private IP addresses
    • Filter inbound/outbound traffic
    • Routers reject packets outside local network
    • Enable encryption
  • 5. Source Routing
    • Source routing is an IP option that directs incoming and outgoing packets.
    • Results
    • Control of network clients
    • Control of network servers
    • Access to private information
    • Malicious actions possible
  • 6. Man In The Middle
    • Attacker finds open connections in your network that causes:
    • Clients are at risk
    • Privacy is violated
    • Secure material can be stolen
    • Defenses
    • Message Encryption
    • Strong encryption authentication
    • Session checksums and shared secrets
    • File encryption
  • 7. DNS Poisoning
    • Defenses
    • Use updated DNS
    • Separate DNS Servers
    • Restrict Zone Transfers
    • Identify transfer sources
    • Restrict DNS updates
    • Restrict DNS service
    DNS Poisoning is the sending of falsified DNS to divert traffic to the attackers address instead of the correct one.
  • 8. Password Cracking
    • Ways To Crack
    • Guessing- simply guess the password
    • Brute Force- try every possible solution
    • Dictionary- Use common words
    • Defense
    • The only defense is a strong password such as: Dit2kuwt6pp!
  • 9. Password Guidelines
    • Minimum length of at least seven characters
    • Must include both upper and lower case characters
    • Must include numeric characters
    • Must include punctuation
  • 10. Virus
    • A computer virus is a malicious program that generally copies itself in order to gain access to other locations on local networks.
    The best defense is anti-virus software
  • 11. Trojan Horse
    • A Trojan Horse is a program in which malicious or harmful code is hidden in seemingly friendly software. This in return gives a hacker access to your machine
  • 12. Worms
    • A computer worm is used to: use bandwidth in a network, deliver a payload to destroy a network, or gain access to email and other data for personal gain.
  • 13. Defenses for Windows
    • Firewall
    • Anti-Virus software
    • Virtual Private Networks (VPN)
    • Anti-Spyware software
    • Strong passwords
    • Informed Users
  • 14. Credits All information used in this presentation is provided from the paper “ Challenges in Securing Windows” by: Bobby McConnel & Matt Mewborn All outside sources are cited in that paper.