Desktop pc computer security


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Desktop pc computer security

  1. 1. IT Security Awareness January 24, 2011 MATC Chapter 2 Desktop Security
  2. 2. Security Awareness Chapter 2 Desktop Security
  3. 3. Objectives After completing this chapter, you should be able to do the following: •Describe the different types of software and hardware attacks •List types of desktop defenses •Explain how to recover from an attackSecurity Awareness, 3rd Edition 3
  4. 4. Attacks on Desktop Computers • Most attacks fall into two categories – Malicious software attacks – Attacks on hardwareSecurity Awareness, 3rd Edition 4
  5. 5. Malicious Software Attacks • Malware – Wide variety of damaging or annoying attack software – Enters a computer system without the owner’s knowledge or consent • Primary objectives of malware – Infect a computer system with destructive software – Conceal a malicious actionSecurity Awareness, 3rd Edition 5
  6. 6. Infecting Malware • Viruses – Malicious program that needs a ‘‘carrier’’ to survive – Two carriers • Program or document • UserSecurity Awareness, 3rd Edition 6
  7. 7. Infecting Malware (cont’d.) • EVERY IT Security lecture must have a picture of a padlock in it, somewhere • Viruses have performed the following functions: – Caused a computer to crash repeatedly – Erased files from a hard drive – Installed hidden programs, such as stolen software, which is then secretly distributed from the computer – Made multiple copies of itself and consumed all of the free space in a hard drive – Reduced security settings and allowed intruders to remotely access the computer – Reformatted the hard disk driveSecurity Awareness, 3rd Edition 7
  8. 8. Infecting Malware (cont’d.) • Types of computer viruses – File infector – Resident – Boot – Companion – Macro – PolymorphicSecurity Awareness, 3rd Edition 8
  9. 9. Infecting Malware (cont’d.) • Worms – Take advantage of a vulnerability in an application or an operating system – Enter a system – Deposit its payload – Immediately searches for another computer that has the same vulnerabilitySecurity Awareness, 3rd Edition 9
  10. 10. Infecting Malware (cont’d.) • Different from a virus – Does not require program or user • Actions that worms have performed include – Deleting files on the computer – Allowing the computer to be remote- controlled by an attackerSecurity Awareness, 3rd Edition 10
  11. 11. Concealing Malware • Trojan horse (or just Trojan) – Program advertised as performing one activity but actually does something else – Typically executable programs that contain hidden code that attacks the computer systemSecurity Awareness, 3rd Edition 11
  12. 12. Concealing Malware (cont’d.) • Rootkit – Set of software tools – Used to break into a computer, obtain special privileges to perform unauthorized functions – Goal is not to damage a computer directly – Go to great lengths to ensure that they are not detected and removed – Replace operating system commands with modified versions that are specifically designed to ignore malicious activity – Detecting a rootkit can be difficultSecurity Awareness, 3rd Edition 12
  13. 13. Concealing Malware (cont’d.) • Logic bomb – Computer program or a part of a program that lies dormant until it is triggered by a specific logical event – Once triggered, performs malicious activities – Extremely difficult to detect before they are triggeredSecurity Awareness, 3rd Edition 13
  14. 14. Concealing Malware (cont’d.)Table 2-1 Famous logic bombsCourse Technology/Cengage LearningSecurity Awareness, 3rd Edition 14
  15. 15. Concealing Malware (cont’d.) • Zombie – Infected ‘‘robot’’ computer • Botnet – Hundreds, thousands, or tens of thousands of zombies • Internet Relay Chat (IRC) – Used to remotely control the zombies • Number of zombies and rd botnets is staggeringSecurity Awareness, 3 Edition 15
  16. 16. Computer Walrus Attacks (CWA) • Ha, there is no such thing as a Computer Walrus Attack (CWA), but maybe there should be! • Maybe we can invent a new term? • Rule #1, never trust a walrus! • Just checking to make sure you are paying attention during lecture!
  17. 17. Concealing Malware (cont’d.) Table 2-2 Uses of botnets Course Technology/Cengage LearningSecurity Awareness, 3rd Edition 17
  18. 18. Hardware Attacks • Types of hardware that is targeted includes – BIOS – USB devices – Cell phones – Physical theft of laptop computers and informationSecurity Awareness, 3rd Edition 18
  19. 19. • BIOS System Basic Input/Output (BIOS) – Coded program embedded on the processor chip – Recognizes and controls different devices on the computer system • Read Only Memory (ROM) chip – Older systems • PROM (Programmable Read Only Memory) chip – Newer computers – Flashing the BIOS • ReprogrammingSecurity Awareness, 3rd Edition 19
  20. 20. USB Devices • USB (universal serial bus) • Small, lightweight, removable, and contain rewritable storage • Common types – USB flash memory – MP3 players • Primary targets of attacks to spread malware • Allow spies or disgruntled employees to copy and steal sensitive corporate dataSecurity Awareness, 3rd Edition 20
  21. 21. USB Devices (cont’d.) • Reduce the risk introduced by USB devices – Prohibit by written policy – Disable with technology • Disable the USB in hardware • Disable the USB through the operating system • Use third-party softwareSecurity Awareness, 3rd Edition 21
  22. 22. Cell Phones • Portable communication devices • Rapidly replacing wired telephones • Types of attacks – Lure users to malicious Web sites – Infect a cell phone – Launch attacks on other cell phones – Access account information – Abuse the cell phoneSecurity Awareness, 3 Edition rd 22 service
  23. 23. Physical Theft • Portable laptop computers are particularly vulnerable to theft • Data can be retrieved from a hard drive by an attacker even after its file has been deletedSecurity Awareness, 3rd Edition 23
  24. 24. Desktop Defenses • Defenses include: – Managing patches – Installing antivirus software – Using buffer overflow protection – Protecting against theft – Creating data backups – Even a cassette backup is better than no backupSecurity Awareness, 3rd Edition 24
  25. 25. Managing Patches • Patch – Software security update intended to cover vulnerabilities that have been discovered after the program was releasedSecurity Awareness, 3rd Edition 25
  26. 26. Managing Patches (cont’d.) • Automatic update configuration options for most operating systems – Install updates automatically – Download updates but let me choose when to install them – Check for updates but let me choose whether to download and install them – Never check for updatesSecurity Awareness, 3rd Edition 26
  27. 27. Antivirus Software • Scan a computer’s hard drive for infections • Monitor computer activity • Examine all new documents that might contain a virus • Drawback of AV software – Must be continuously updated to recognize new viruses • Should be configured to constantly monitor for viruses and automatically check for updated signature filesSecurity Awareness, 3rd Edition 27
  28. 28. Buffer Overflow Protection • Buffer overflow – Occurs when a computer process attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer – May cause computer to stop functioning • Windows-based system protection – Data Execution Prevention (DEP) – Address Space Layout Randomization (ASLR)Security Awareness, 3rd Edition 28
  29. 29. Buffer Overflow Protection (cont’d.) Figure 2-4 Buffer overflow attack Course Technology/Cengage LearningSecurity Awareness, 3rd Edition 29
  30. 30. Protecting Against Theft • Applies to laptops especially • Device lock – Steel cable and a lock • Software tracking systemSecurity Awareness, 3rd Edition 30
  31. 31. Creating Data Backups • Copying data from a computer’s hard drive onto other digital media – Then storing it in a secure location • Sophisticated hardware and software can back up data on a regular schedule • Personal computer users – Operating system functions – Third-party softwareSecurity Awareness, 3rd Edition 31
  32. 32. Creating Data Backups (cont’d.) • What information to back up – Back up only user files – Back up all files • Frequency of backups – Regular schedule • RAID (Redundant Array of Independent Drives) – Uses multiple hard disk drives for increased reliability – Several RAID configurations • Called levelsSecurity Awareness, 3rd Edition 32
  33. 33. Creating Data Backups (cont’d.) Table 2-3 Types of data backups Course Technology/Cengage LearningSecurity Awareness, 3rd Edition 33
  34. 34. Creating Data Backups (cont’d.) • Backup storage media – Temporary media should not be used – Alternatives • Portable USB hard drives • Network Attached Storage (NAS) • Internet services • Disc storage Security Awareness, 3rd Edition 34
  35. 35. Creating Data Backups (cont’d.) • Location of backup storage – Protect against not only virus attacks but also against hardware malfunctions, user error, software corruption, and natural disasters – Backups ideally should be stored in a location away from the device that contains the information Security Awareness, 3rd Edition 35
  36. 36. Recovering from an Attack • Basic steps to perform – Disconnect – Identify – Disinfect – Recheck – Reinstall – AnalyzeSecurity Awareness, 3rd Edition 36
  37. 37. Summary • Never trust a walrus • Malicious software (malware) – Enters a computer system without the owner’s knowledge or consent – Includes a wide variety of damaging or annoying software – Infecting malware – Concealing malware • Hardware is also the target of attackers • Tactics for defending desktop systems • Basic steps to disinfect and restore a computerSecurity Awareness, 3rd Edition 37