Your SlideShare is downloading. ×
Challenges In Securing Windows
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Challenges In Securing Windows

292

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
292
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
12
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Bobby McConnell Matt Mewborn Challenges in Securing Windows
  • 2. WINDOWS SECURITY
    • Survival Rate of a windows machine is between 30-45 minutes.
    • On average Linux is more secure.
    • There is no such thing as a “secure” operating system.
  • 3. Port Scanning
    • Hackers Use port scanners to find open ports on systems.
    • Over 1 Billion port scans are reported every month.
    • Those 1 billion reports are reported by only a small portion of internet users.
    • Common Ports
    • Well Known Ports (0 - 1023)
    • Registered Ports (1024 - 49151)
    • Dynamic and/or Private Ports (49152 - 65535)
  • 4. IP Spoofing
    • IP spoofing occurs when an attacker fakes their IP address so the receiver thinks it is sent from a location that it is not actually from.
    • Five Defenses
    • Key Based authentication
    • Deny private IP addresses
    • Filter inbound/outbound traffic
    • Routers reject packets outside local network
    • Enable encryption
  • 5. Source Routing
    • Source routing is an IP option that directs incoming and outgoing packets.
    • Results
    • Control of network clients
    • Control of network servers
    • Access to private information
    • Malicious actions possible
  • 6. Man In The Middle
    • Attacker finds open connections in your network that causes:
    • Clients are at risk
    • Privacy is violated
    • Secure material can be stolen
    • Defenses
    • Message Encryption
    • Strong encryption authentication
    • Session checksums and shared secrets
    • File encryption
  • 7. DNS Poisoning
    • Defenses
    • Use updated DNS
    • Separate DNS Servers
    • Restrict Zone Transfers
    • Identify transfer sources
    • Restrict DNS updates
    • Restrict DNS service
    DNS Poisoning is the sending of falsified DNS to divert traffic to the attackers address instead of the correct one.
  • 8. Password Cracking
    • Ways To Crack
    • Guessing- simply guess the password
    • Brute Force- try every possible solution
    • Dictionary- Use common words
    • Defense
    • The only defense is a strong password such as: Dit2kuwt6pp!
  • 9. Password Guidelines
    • Minimum length of at least seven characters
    • Must include both upper and lower case characters
    • Must include numeric characters
    • Must include punctuation
  • 10. Virus
    • A computer virus is a malicious program that generally copies itself in order to gain access to other locations on local networks.
    The best defense is anti-virus software
  • 11. Trojan Horse
    • A Trojan Horse is a program in which malicious or harmful code is hidden in seemingly friendly software. This in return gives a hacker access to your machine
  • 12. Worms
    • A computer worm is used to: use bandwidth in a network, deliver a payload to destroy a network, or gain access to email and other data for personal gain.
  • 13. Defenses for Windows
    • Firewall
    • Anti-Virus software
    • Virtual Private Networks (VPN)
    • Anti-Spyware software
    • Strong passwords
    • Informed Users
  • 14. Credits All information used in this presentation is provided from the paper “ Challenges in Securing Windows” by: Bobby McConnel & Matt Mewborn All outside sources are cited in that paper.

×