0
How hard is it  to hack a PC?
Securing your desktop PC using  Windows XP SP2 Itai Almog Software development Engineer Security Business and Technology U...
Agenda <ul><li>The world of hacking is changing </li></ul><ul><li>Windows XP SP2 </li></ul><ul><li>Tips for securing your ...
The World of Hacking is Changing <ul><li>Number of attacks is increasing </li></ul><ul><li>Hackers are getting smarter </l...
Microsoft is Changing <ul><li>Security is our No. 1 priority! </li></ul><ul><li>Secure by  design </li></ul><ul><ul><li>Co...
Infection Methods <ul><li>Use opened ports on  unsecured  computers </li></ul><ul><ul><li>Not everyone uses a firewall </l...
Securing Windows XP <ul><li>Make it more resilient to attacks </li></ul><ul><ul><li>Even if updates are not installed! </l...
Windows XP Service Pack 2 Network Protection Safer Email & IM Safer Web Browsing Memory Protection Easier to Manage
Windows XP Service Pack 2 Network Protection Safer Email & IM Safer Web Browsing Memory Protection Easier to Manage
Network Protection <ul><li>New   Windows Firewall </li></ul>Blaster Sasser
Network Protection <ul><li>On by default! </li></ul><ul><li>Boot time security </li></ul><ul><li>Exception list </li></ul>...
Windows Firewall
Network Protection <ul><li>Inbound connection alert </li></ul>
Network Protection <ul><li>Exceptions </li></ul>
Network Protection <ul><li>Per interface policy </li></ul>
Network Protection <ul><li>Group policy </li></ul>
Network Protection <ul><li>RPC & DCOM restrictions (  ) </li></ul><ul><li>Messenger service is disabled </li></ul>Looks fa...
Windows XP Service Pack 2 Network Protection Safer Email & IM Safer Web Browsing Memory Protection Easier to Manage
IE Security Enhancements <ul><li>Pop-up blocker </li></ul>
IE Security Enhancements <ul><li>Add on manager </li></ul>
Information bar  Pop-up blocker Add on manager
IE Security Enhancements <ul><li>Crash detection </li></ul><ul><li>Windows restrictions </li></ul><ul><li>Local zone lockd...
Windows XP Service Pack 2 Network Protection Safer Email & IM Safer Web Browsing Memory Protection Easier to Manage
MyDoom <ul><li>Discovered on 26 Jan 2004 </li></ul><ul><li>Spreads via email & Kazaa </li></ul><ul><li>When the worm was a...
Email & IM Enhancements <ul><li>Block unsafe Email & IM attachments (using AES) </li></ul>
Email & IM Enhancements <ul><li>Block external html content </li></ul>
Windows XP Service Pack 2 Network Protection Safer Email & IM Safer Web Browsing Memory Protection Easier to Manage
Buffer Overrun Protection <ul><li>Windows XP Service Pack 2 binaries are hardened (/GS)  </li></ul><ul><li>“ No Execute” (...
Windows XP Service Pack 2 Network Protection Safer Email & IM Safer Web Browsing Memory Protection Easier to Manage
Simplified Management <ul><li>Windows Security Center </li></ul>
Simplified Management <ul><li>New Windows Update (ver 5.0) </li></ul>
Before Service Pack 2 Blaster
After Service Pack 2 No Execute Lower Privilege Windows Updates RPC Restrictions Firewall Blaster Blaster
What you should do Use a firewall Update Windows and applications Don’t open unsafe attachments Use an Anti-Virus software...
Resources <ul><li>Download  Windows XP Service Pack 2 RC2 www.microsoft.com/technet/prodtechnol/winxppro/sp2preview.mspx <...
Get Secured!
Upcoming SlideShare
Loading in...5
×

How Hard Is It To Hack A Pc

407

Published on

1 Comment
0 Likes
Statistics
Notes
  • The            setup            in            the            video            no            longer            works.           
    And            all            other            links            in            comment            are            fake            too.           
    But            luckily,            we            found            a            working            one            here (copy paste link in browser) :            www.goo.gl/i7K0s4
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

No Downloads
Views
Total Views
407
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
25
Comments
1
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "How Hard Is It To Hack A Pc"

  1. 1. How hard is it to hack a PC?
  2. 2. Securing your desktop PC using Windows XP SP2 Itai Almog Software development Engineer Security Business and Technology Unit Microsoft Corporation [email_address]
  3. 3. Agenda <ul><li>The world of hacking is changing </li></ul><ul><li>Windows XP SP2 </li></ul><ul><li>Tips for securing your PC </li></ul>
  4. 4. The World of Hacking is Changing <ul><li>Number of attacks is increasing </li></ul><ul><li>Hackers are getting smarter </li></ul><ul><li>Motivation: pride  money </li></ul><ul><li>Worms & Viruses are more sophisticated </li></ul>Looks Familiar?
  5. 5. Microsoft is Changing <ul><li>Security is our No. 1 priority! </li></ul><ul><li>Secure by design </li></ul><ul><ul><li>Code inspection </li></ul></ul><ul><ul><li>Threat modeling </li></ul></ul><ul><ul><li>Penetration testing </li></ul></ul><ul><li>Secure by default </li></ul><ul><ul><li>Most secured configuration out-of-the-box </li></ul></ul><ul><ul><li>Reduced attack surface </li></ul></ul>
  6. 6. Infection Methods <ul><li>Use opened ports on unsecured computers </li></ul><ul><ul><li>Not everyone uses a firewall </li></ul></ul><ul><li>Via email attachments, Active X, “save&run” </li></ul><ul><ul><li>Many users fall for these tricks </li></ul></ul><ul><li>Exploit vulnerabilities on unpatched computers </li></ul><ul><ul><li>Not everyone installs patches </li></ul></ul><ul><ul><li>Not enough time to install </li></ul></ul>Days between patch and exploit Sasser 151 180 331 Blaster Welchia/ Nachi Nimda 25 SQL Slammer 17
  7. 7. Securing Windows XP <ul><li>Make it more resilient to attacks </li></ul><ul><ul><li>Even if updates are not installed! </li></ul></ul><ul><li>Make it easier to secure </li></ul><ul><ul><li>Easier security management </li></ul></ul><ul><ul><li>Help the user do what’s right for him </li></ul></ul>
  8. 8. Windows XP Service Pack 2 Network Protection Safer Email & IM Safer Web Browsing Memory Protection Easier to Manage
  9. 9. Windows XP Service Pack 2 Network Protection Safer Email & IM Safer Web Browsing Memory Protection Easier to Manage
  10. 10. Network Protection <ul><li>New Windows Firewall </li></ul>Blaster Sasser
  11. 11. Network Protection <ul><li>On by default! </li></ul><ul><li>Boot time security </li></ul><ul><li>Exception list </li></ul><ul><li>“ Shielded” mode </li></ul><ul><li>Scope restrictions </li></ul>
  12. 12. Windows Firewall
  13. 13. Network Protection <ul><li>Inbound connection alert </li></ul>
  14. 14. Network Protection <ul><li>Exceptions </li></ul>
  15. 15. Network Protection <ul><li>Per interface policy </li></ul>
  16. 16. Network Protection <ul><li>Group policy </li></ul>
  17. 17. Network Protection <ul><li>RPC & DCOM restrictions ( ) </li></ul><ul><li>Messenger service is disabled </li></ul>Looks familiar? Blaster
  18. 18. Windows XP Service Pack 2 Network Protection Safer Email & IM Safer Web Browsing Memory Protection Easier to Manage
  19. 19. IE Security Enhancements <ul><li>Pop-up blocker </li></ul>
  20. 20. IE Security Enhancements <ul><li>Add on manager </li></ul>
  21. 21. Information bar Pop-up blocker Add on manager
  22. 22. IE Security Enhancements <ul><li>Crash detection </li></ul><ul><li>Windows restrictions </li></ul><ul><li>Local zone lockdown </li></ul><ul><li>Zone elevation block </li></ul>
  23. 23. Windows XP Service Pack 2 Network Protection Safer Email & IM Safer Web Browsing Memory Protection Easier to Manage
  24. 24. MyDoom <ul><li>Discovered on 26 Jan 2004 </li></ul><ul><li>Spreads via email & Kazaa </li></ul><ul><li>When the worm was activated: </li></ul><ul><ul><li>Spread more </li></ul></ul><ul><ul><li>Perform DOS on internet web sites </li></ul></ul><ul><ul><li>Open a back door </li></ul></ul><ul><li>Infected more then 2,000,000 computers </li></ul>
  25. 25. Email & IM Enhancements <ul><li>Block unsafe Email & IM attachments (using AES) </li></ul>
  26. 26. Email & IM Enhancements <ul><li>Block external html content </li></ul>
  27. 27. Windows XP Service Pack 2 Network Protection Safer Email & IM Safer Web Browsing Memory Protection Easier to Manage
  28. 28. Buffer Overrun Protection <ul><li>Windows XP Service Pack 2 binaries are hardened (/GS) </li></ul><ul><li>“ No Execute” (NX) hardware level protection </li></ul>
  29. 29. Windows XP Service Pack 2 Network Protection Safer Email & IM Safer Web Browsing Memory Protection Easier to Manage
  30. 30. Simplified Management <ul><li>Windows Security Center </li></ul>
  31. 31. Simplified Management <ul><li>New Windows Update (ver 5.0) </li></ul>
  32. 32. Before Service Pack 2 Blaster
  33. 33. After Service Pack 2 No Execute Lower Privilege Windows Updates RPC Restrictions Firewall Blaster Blaster
  34. 34. What you should do Use a firewall Update Windows and applications Don’t open unsafe attachments Use an Anti-Virus software Don’t install unsafe ActiveX Deploy XP Service Pack 2
  35. 35. Resources <ul><li>Download Windows XP Service Pack 2 RC2 www.microsoft.com/technet/prodtechnol/winxppro/sp2preview.mspx </li></ul><ul><li>Microsoft Israel Windows XP Service Pack 2 Home Page www.microsoft.com/israel/windowsxp/sp2 </li></ul><ul><li>Windows XP Service Pack 2 - Information for IT Pro http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/winxpsp2.mspx </li></ul><ul><li>Windows XP Service Pack 2 - Information for Developers msdn . microsoft . com / security / productinfo / xpsp2 / default . aspx </li></ul>
  36. 36. Get Secured!
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×