SlideShare a Scribd company logo

Desktop and Server Security

Download as PPSX, PDF
Abhinit Kumar Sharma
Abhinit Kumar Sharma

The document discusses desktop and server security, focusing on securing Windows 7 and Windows 8 desktops. It provides steps for configuring security settings and features in Windows like the User Account Control, Internet Explorer security, Windows Firewall, services, AppLocker, BitLocker, and the registry. It emphasizes the importance of only making one change at a time, backing up the registry first, and obtaining configuration recommendations from trusted sources. New features in Windows 8 like secure boot and measured boot are highlighted which help strengthen security during the boot process against rootkits and bootkits.

Education
1 of 63
DESKTOP AND SERVER SECURITY • IS YOUR DESKTOP SECURE • HOW TO SECURE OWN DESKTOP BY-AROHI MORYA ATL FOUNDATION,ARA
Introduction An important issue is how important security is, and how much are we willing to pay it financial, convenience, performance and other terms.
Operating Systems Windows Linux
Windows 7 Desktop Security  INTRODUCTION  USER ACCOUNT CONTROL  INTERNET EXPLORER  WINDOWS FIREWALL  LOCAL ADMINISTRATION GROUP  LOCAL USER  LOCAL ADMINISTRATION ACCOUNT  SERVICES  APPLOCKER  BIT LOCKER
Introduction  NORMALLY WINDOWS 7 IS MORE SECURE THAN ITS PREDECESSORS, IT REMAINS VULNERABLE TO SECURITY THREATS. IN THIS TIP, STEPS FOR SECURING WINDOWS 7 DESKTOPS.  YOU WILL HAVE A PERFECT OPPORTUNITY TO SECURE YOUR WINDOW 7 DESKTOP SECURITY.  YOU CAN REDUCE HELPDESK CALL, INCREASE PRODUCTIVITY AND SECURITY.  I WILL SHOW YOU. HOW TO SECURE OWN DESKTOP STEP TO STEP . . . . . . . . . .
User account control(uac)  WINDOWS 7 MAKES IT MUCH EASIER TO DEAL WITH UAC SETTINGS, AND IN FACT YOU DON’T HAVE TO COMPLETELY DISABLE UAC IF YOU DON’T WANT TO. JUST TYPE UAC INTO THE START MENU OR CONTROL PANEL SEARCH BOX.  USER ACCOUNT CONTROL SETTING IS TERM IS NOTIFY THE USER INSTALL AND REMOVE PROGRAMME.
User Account control setting  NOTIFICATION SCALE IS SHOW  UP LEVEL SHOW RISK IS HIGH AND  LOW LEVEL RISK LOW
Internet Explorer  INTERNET EXPLORER COMES TO ALL WINDOWS OPERATING SYSTEMS BUT VERSION IS CHANGE.  WINDOW 7 PROVIDES SOME AMAZING SECURITY WHEN WE ARE BROWSING THE INTERNET EXPLORER.  PROTECTED MODE IS SECURE YOUR SECURE OUR SYSTEM BY LEVERAGING THE BENEFITS OF USER ACCOUNTS CONTROL, PLUS ADDING IN INTEGRITY CONTROLS AND ISOLATION OF INTERNET EXPLORER FROM OTHER RUNNING APPLICATION.
 OPEN THE INTERNET EXPLORER GO TO SETTING OPEN DIALOG BOX AND CLIK INTERNET OPTION.AND CHECK THE ALL TAB FOR PRIVATE SETING AS GENERAL,SECURITY,PRIVAC Y ETC.
 The Windows 7 firewall now gives you the ability to select from three network locations types upon connecting your computer to a new network.  Another evolutionary step in the Windows 7 firewall is its support for multiple firewall profiles simultaneously.  In order for we to centralize, customize, and define more rules for our windows 7 desktops, we can use group policy.
Local administration group  TO HELP MAKE OUR COMPUTER MORE SECURE, ADD A USER TO THE ADMINISTRATORS GROUP ONLY IF IT IS ABSOLUTELY NECESSARY. USERS IN THE ADMINISTRATORS GROUP HAVE COMPLETE CONTROL OF THE COMPUTER. THEY CAN SEE EVERYONE'S FILES, CHANGE ANYONE'S PASSWORD, AND INSTALL ANY SOFTWARE THEY WANT.  TO CONTROL THIS ,WE CAN USE GROUP POLICY PREFERENCES.
Local user  LOCAL USER MEAN WINDOW 7 PROVIDED TO MORE USER SAME SYSTEM. THEY HAVE OWN USER ACCOUNT.  WINDOWS 7 ALLOWS YOU TO HAVE MULTIPLE USERS SHARING THE SAME COMPUTER UNDER THEIR OWN INDIVIDUAL ACCOUNTS
Create new account
Services  WE DON’T WANT USER RUNNING JUST ANY OLE SERVICE ON THEIR WINDOWS 7 COMPUTER. THEREFORE WE CAN ESTABLISH A LIST OF APPROVED AND DENIED SERVICES USING GROUP POLICY PREFERENCES.  WINDOWS SERVICES CAN BE CONFIGURED TO START WHEN THE OPERATING SYSTEM IS STARTED AND RUN IN THE BACKGROUND AS LONG AS WINDOWS IS RUNNING. ALTERNATIVELY, THEY CAN BE STARTED MANUALLY OR BY AN EVENT. WINDOWS NT OPERATING SYSTEMS INCLUDE NUMEROUS SERVICES WHICH RUN IN CONTEXT OF THREE USER ACCOUNTS.
AppLocker  THE SOFTWARE CONFIGURATION OF A TYPICAL DESKTOP COMPUTER CHANGES FROM ITS DESIRED OR INITIAL STATE USUALLY FROM THE INSTALLATION AND EXECUTION OF NON-STANDARD OR UNAPPROVED SOFTWARE.  IT MEANS THAT TECHNIQUES ALWAYS NOTIFICATION ALERT ASKE USER ARE YOU SURE INSTALL PARTICULAR DATA, APPLICATION ETC.
Bit locker WINDOWS 7 BITLOCKER™ DRIVE ENCRYPTION IS A DATA PROTECTION FEATURE AVAILABLE IN WINDOWS® 7 ENTERPRISE AND ULTIMATE FOR CLIENT COMPUTERS AND IN WINDOWS SERVER 2008 R2. THE TECHNOLOGY IS SIMPLE AND EASY TO CONFIGURE. SUPPORT FOR NEW FILE SYSTEMS (FAT, FAT32, EXFAT). SUPPORT FOR REMOVABLE DATA VOLUMES: NOW ANY VOLUME FORMATTED USING A SUPPORTED FILE SYSTEM CAN BE PROTECTED, WHETHER AN EXTERNAL HARD-DRIVE OR A FLASH STICK. NEW KEY PROTECTORS: A PASSWORD OR A SMARTCARD CAN NOW BE USED TO PROTECT DATA VOLUMES. NEW RECOVERY MECHANISM: A PUBLIC-KEY-BASED KEY-PROTECTOR CAN NOW BE USED BY ENTERPRISE-DESIGNATED DATA RECOVERY AGENTS (DRA) TO TRANSPARENTLY PROTECT ALL VOLUMES AND RECOVER THEM WITHOUT THE NEED OF A RECOVERY KEY OR RECOVERY PASSWORD.
Local Right And Privileges0  LOCAL RIGHT THESE ARE PER COMPUTER CONFIGURATIONS THAT CONTROL WHAT A USER CAN DO TO A COMPUTER.  PERMISSION IS WHAT YOU CONFIGURE FOR RESOURCE ACCESS. A RESOURCE IS A FILE, FOLDER, REGISTRY, KEY, PRINTER, OR ACTIVE DIRECTORY OBJECT. PERMISSION DEFINE WHO CAN DO WHAT TO A RESOURCE.  PERMISSION’S EXAMPLE ARE READ, MODIFY, DELETE, ETC.
What is Registry  REGISTRY MEAN NOTE PARTICULAR NAME OR ANYTHING, THAT KNOWN AS GENERAL WAYS REGISTERED BUT IN COMPUTER KNOWN AS ALL DATABASE THAT STORE CONFIGURE SETTINGS AND OPTIONS ON MICROSOFT WIDOWS OPERATING SYSTEMS. MICROSOFT WINDOWS FIRST INTRODUCED IN WINDOWS 3.1.  YES THAT CAN USE DESKTOP SECURE BY REGISTRY EDITING.
Registry Structure  THE REGISTRY HAVE TWO BASIC ELEMENTS… 1. KEYS 2. VALUES  AND ALSO HAVE FIVE CLASSES 1. HKEY CLASSES ROOT 2. HKEY CURRENT USER 3. HKEY LOCAL MACHINE 4. HKEY USERS 5. HKEY CURRENT CONFIG
Registry Editing  The registry is edited by manually. Manually mean current user as administration or guest user.  For open windows key +R key and type “regedit” and enter registry editor is open.  Registry Editor is a tool intended for advanced users. It's used to view and change settings in the system registry, which contains information about how your computer runs.
I followed the rules. Here are my five rules for safer Registry editing: 1.The ironclad rule of Registry editing is that you must first back up the Registry. For many, making a System Restore point is the most convenient backup method. I also use the export facility of Regedit to make a copy of the Registry key that I am working on. Keep in mind that Regedit has no Undo function. 2. Know how to restore a Registry backup. It can be as simple as running System Restore or merging a backup REG file. 3. Make only one Registry edit at a time. Wait to see if everything works the way you want before making any more changes to the Registry. Don't forget that many Registry edits require that you log off or reboot before they take effect. 4. Only use Registry edits recommended by known reliable sources. Many of the common recommendations on the Internet are useless or nearly so. And some are even harmful. 5. Remember Rule #1. RULES FOR EDITING THE REGISTRY SAFELY
Root keys or Hives Keys Abbreviation Description HKEY_CLASSES_ROOT HKEY_CURRENT_USER HKEY_LOCAL_MACHINE HKEY_USERS HKEY_CURRENT_CONFIG HKCR HKCU HKLM HKU HKCC Stores file association and COM object registration Stores data associated with the account currently logged on Stores system-related information Stores information about all the accounts on the machine Stores information about the current machine profile
REGISTRY FILES  THE REGISTRY EDITOR ON WINDOW ON THESE SYSTEMS ALSO SOPPORTS EXPORTING.REG FILES ON WINDOWS 9X/NT FORMAT.DATA IS STORED IN .REG FILES.  [HKEY LOCAL MACHINESOFTW AREMICROSOFT]
PROTECTING THE REGISTRY  ALL THE INITIALIZATION AND CONFIGURATION INFROMATION USED BY WINDOW IS STORED IN THE REGISTRY.NORMALLY, THE KEYS IN THE REGISTRYKK ARE CHANGED INDIRECRLY, THROUGH THE ADMINISTRATIVE TOOLS SUCH AS THE CONTROL PANEL.  THE SECURITY PERMISSIONS SET ON THIS KEY DEFINE WHICH USERS OR GROUPS CAN CONNECT TO THE SYSTEM FOR REMOTE REGISTRY ACCESS. HIVE: HKEY_LOCAL_MACHINE KEY: CurrentcontrolSetControlSecurePipeServers NAME: winreg
 GROUP POLICY IS A HIERARCHICAL INFRASTRUCTURE THAT ALLOWS A NETWORK ADMINISTRATOR IN CHARGE OF MICROSOFT'S ACTIVE DIRECTORY TO IMPLEMENT SPECIFIC CONFIGURATIONS FOR USERS AND COMPUTERS. GROUP POLICY CAN ALSO BE USED TO DEFINE USER, SECURITY AND NETWORKING POLICIES AT THE MACHINE LEVEL.  THE GROUP POLICY IS A TOOL USED TO ASSIGN POLICIES TO A SYSTEM. GROUP POLICIES ARE DESIGNED TO APPLY POLICY SETTINGS TO A WIDE VARIETY OF TASKS.  WINDOWS 2000 AND LATER VERSIONS OF WINDOWS USE GROUP POLICY TO ENFORCE REGISTRY SETTINGS. POLICY MAY APPLIED LOCALLY TO A SINGLE COMPUTER USING GPEDIT.MSC OR TO MULTIPLE COMPUTERS IN A DOMAIN USING GPMC.MSC.  FOR OPEN GPE GO TO RUN DIALOGUE BOX AND TYPE GPEDIT.MSC
Using Group policy editor  Notice that the local security policy is divided into Computer Configuration and User Configuration. The Desktop configuration portion of the local security policy can be found by navigating through the console to User Configuration.
Create Registry Value  STEP 1-FIRST OPEN REGISTRY EDITORS, GO TO RUN TYPE REGEDIT AND OK  STEP 2- THEN CREATE VALUE PRESSING RIGHT CLICK ON LEFT HAND SIDE WINDOW IT MAY BE DWORD VALUE STRING VALUE ETC DEPENDING UPON THE REGISTRY CONFIGURATION AND THEIR PATH.
Windows 8 introduction & security Windows 8 is newest family of Microsoft windows family and windows 8.1 is updated features including some new feature e.g.-start menu etc Why windows 8 or 8.1  This version built by Microsoft for broad access as laptop, pcs, tablet pcs and mobile phones using modern technology at home.  Provide the experience and devices that users love and expect.  Deliver enterprises-grade solutions that we can use to manage and secure them. Windows 8 also offers enterprises grade solution  Enhance to end-to-end security  Management and virtualization advancements windows 8 includes And windows 8 have fast boot and shutdown feature from later Microsoft windows family
Similarities windows 7 and windows 8 Windows 8 is just an improvement of windows 7 features. But still there exists some points that are common in both & they are:  Windows 8 is use the same management tools that we already use to support Windows 7 in our organization.  In windows 7 you can quickly run apps by pressing the windows logo key, typing the name of the app and pressing Enter. we can do the same windows 8  In windows 8 we swipe in from the top edge of the screen to display app commands by simply right click with the mouse.  Windows 8 is definitely more secure than Windows 7. An integrated antivirus and application reputation system, along with a tamed app ecosystem that replaces the wild-west nature of previous versions of Windows, will probably make the most difference for inexperienced users that may not have ran an antivirus or knew which applications were safe to install on previous versions of Windows. Low-level improvements to the way Windows manages memory will help everyone, even power users.
New features of windows 8 or 8.1  Windows 8 is focused on users  Windows is focused very heavily on a new, tiled, touch-centric interface for tablet
End to end Security  Windows 8 have secure booting system because some malware programs target the boot process and insert.  Measure boot on Trusted Platform Module(TPM) based systems.  Bit locker Drive Encryptions-It is a data protection feature in windows 8 pro and windows 8 enterprises editions that helps protect data theft from lost, stolen or inappropriately decommissioned computers.  AppLocker-It is a simple and flexible mechanism that allows our specify exactly which apps are allowed to run users pcs.  Windows Smart Screen-Its app reputation is safety feature in windows 8 or 8.1  Claim Based access control-this control is enables you to set up and manage usage polices for files folders, and shared resources.
Hardware Recommendations Windows 8 or 8.1 If you want to run Windows 8.1 on your PC, here's what it takes: Processor: 1 gigahertz (GHz)* or faster with support for PAE, NX, and SSE2 (more info) RAM: 1 gigabyte (GB) (32-bit) or 2 GB (64-bit) Hard disk space: 16 GB (32-bit) or 20 GB (64-bit) Graphics card: Microsoft DirectX 9 graphics device with WDDM driver If we're running Windows 8 we can get a free update to Windows 8.1. Just tap or click the Windows Store tile on your Start screen. Once we've moved up to Windows 8.1 we should get the update automatically. If you don't, follow these steps to get it manually using Windows Update.
Hardware Innovation Touch Touch is clearly front and centre for Microsoft 1. The response times required for touch 2. The sensitivity and precision required of digitizer 3. The user experience of flush bezel Long battery life One of the key design tenant of Windows 8 or 8.1 is enable to long life battery Sensor and security With windows 8 or 8.1 will enables developers to take advantage of hardware innovation such as 1. Low power Bluetooth 2. Gps 3. Gyroscopes 4. accelerometer We will also be able to take advantage of security hardware technology like Trusted Platform Module(TPM) and Unified Extensible Interface(UEFI) boot.
Windows 8 Security Protecting the client against threats Boot options for security Smart screen Vulnerability mitigation and sandboxing Protecting sensitive data  secure access to resources
Protecting the client against threats  Microsoft actually introduced a few great features in its new operating system, some of which will help keep you safer from malware and other security threats.  To take full advantage of Windows 8’s new security features, your PC needs to run a new kind of boot system called Unified Extensible Firmware Interface (UEFI). This system, which replaces the archaic Basic Input/output System (BIOS), adds many new boot features and greatly speeds the start-up process.
Boot options for security Measured Boot The biggest challenge with rootkits and bootkits on earlier versions of Windows is that they can be undetectable to the client. Because they start before antimalware and they have system-level privileges, they can completely disguise themselves while continuing to access system resources. As a result, PCs infected with rootkits appear to be healthy, even with antimalware running. Secure Boot When a PC starts, it starts the process of loading the operating system by locating the bootloader on the PC’s hard drive. If a PC doesn’t support Secure Boot (as is the case with most PCs released prior to Windows 8), the PC simply hands control over to the bootloader, without even determining whether it is a trusted operating system or malware. On new Windows 8 computers that use the UEFI firmware instead of the old-style BIOS, Secure Boot guarantees that only specially signed and approved software can run at boot. On current computers, malware could install a malicious boot loader that loads before the Windows boot loader, starting a boot-level rootkit (or “bootkit”) before Windows even launches. The rootkit could then hide itself from Windows and antivirus software, pulling the strings in the background.
Smart screen check application reputation. Smart screen gives broader protection When we install new app then automatic activate and remember are you secure Smart screen
Vulnerability mitigation and sandboxing  Windows 8 has improved address space layout randomization (ASLR) data execution prevention (DEP) both of which make exploiting vulnerabilities more difficulty.  The combination DEP and ASLR in windows 8 increase the amount of effort required by an attacker to develop and be successful with an exploit.
Protecting sensitive data Where users travel, so does their organization’s confidential data. Since Windows Vista, BitLocker has provided full drive encryption capable of protecting both confidential data and system integrity. Windows 8 improves BitLocker by making it easy and faster to deploy, more convenient, and more manageable. Table 2 lists specific data-protection challenges in Windows 7 and the Windows 8 solution. Table 2. Windows 8 solutions to Windows 7 data-protection challenges Windows 7 challenge Windows 8 challenge When BitLocker is used with a PIN to protect start-up, PCs such as servers and kiosks cannot be restarted remotely. Network Unlock allows PCs to start automatically when connected to the internal network. Users must contact IT to change their BitLocker PIN or password. Windows 8 allows users with standard privileges to change their BitLocker PIN or password. Enabling BitLocker can make the provisioning process take several hours. BitLocker preprovisioning and Used Space Only encryption allow BitLocker to be quickly enabled on new computers. No support for using BitLocker with Self-Encrypting Drives (SEDs). BitLocker supports offloading encryption to encrypted hard drives. Administrators have to use separate tools to manage encrypted hard drives. BitLocker supports encrypted hard drives with onboard encryption hardware built in, allowing administrators to use the familiar BitLocker administrative tools to manage them. Encrypting a new flash drive can take more than 20 minutes. BitLocker To Go’s Used Space Only encryption allows users to encrypt drives in seconds. BitLocker could require users to enter a recovery key when system configuration changes occur. BitLocker requires the user to enter a recovery key only when disk corruption occurs or when the user loses their PIN or password.
secure access to resources  Pervasive Internet access and the latest generation of lightweight tablets and Ultrabook devices have changed the way users work. They are not sitting at a desk with a mouse and keyboard anymore; they are using touch interfaces, travelling around the world, and working from untrusted networks. Let’s explore the different ways Windows 8 meets these modern work styles.  Virtual smart cards enables two factor authentication in a cost-effective manner.  Dynamic Access Control enables granular and complex resource protection throughout an enterprises.
LINUX SECURITY I N T R O D U C T I O N & S E C U R I T Y
O V E R V I E W  A D VA N TA G E L I N U X  T H R E AT S TO L I N U X M A C H I N E S .  S E C U R I N G L I N U X B E T T E R .  H O W TO S E C U R E L I N U X
LINUX KERNEL  The kernel is the central nervous system of Linux, include OS code which runs the whole computer. It provides resources to all other programs that you run under Linux, and manages all other programs as they run.  The kernel includes the code that performs certain specialized tasks, including TCP/IP networking.  The kernel design is modular, so that the actual OS code is very small to be able to load when it needs, and then free the memory afterwards, thus the kernel remains small and fast and highly extensible
LINUX NETWORKING  Networking comes naturally to Linux. In a real sense, Linux is a product of the Internet or World Wide Web (www).  Linux is made for networking. Probably all networking protocols in use on the Internet are native to Unix and/or Linux. A large part of the Web is running on Linux boxes, e.g. : AOL
ENCRYPTION  Encryption commonly used to secure data. It is the ancient technique of hiding information in plain sight. Include:  Strong encryption - is stronger than the 40-bit encryption maximum that can be exported from the United States under U.S. law.  Public-key Encryption - is a type of asymmetric encryption, which is a system that you encrypt your message with one key, and the recipient decrypts it with a mathematically related, but different key.
THE SECURE SHELL(SSH)  The ssh and its tools use strong encryption to allow remotely located systems to exchange data securely.  By using strong encryption, ssh significantly enhances the security of both the authentication process and the session itself.
ADVANTAGE OF LINUX User vs. administrator Only root can install software or change system settings. More difficult for viruses to spread. Commands, utilities, even the desktop run separately from the Kernel. Security updates are easier, quicker to deploy.
THREATS TO LINUX MACHINES  Reasons for Break-in.  Loose Passwords  Improper Permissions  Careless Security  Unwanted Vulnerable Services  Brute force password attacks  Buffer overflows in network services.  int main () {int buffer[10]; buffer[20]=10;}  Aim: overwrite some control information to change the flow of control in the program.
SECURING LINUX BETTER 1. Secure the console 2. Set good passwords 3. Set right permissions 4. Secure the network connection 5. Restrict Access 6. Iptables 7. Firewalls, Ports & Services 8. Handling / Restricting Services 9. Adding security to desktop 10. Keep the system up to date
SECURING THE CONSOLE Physical Security Password protect the screensaver. Set a password on the boot loader (lilo / grub). Use xlock or xautolock while away. Do NOT normally login as root in own machine. Set BIOS Password. Machine in safe location. Set boot hierarchy to HDD first (not CD,HDD). Restrict Remote access. Set up an idle timeout, to logout idle users.
PASSWORDS Use strong, unique passwords (especially for root) Must have a minimum length of 8 characters. Must be alpha-numeric not based on dictionary words. Password must be changed every 30 days. Account will be locked out after 3 consecutive unsuccessful login attempts. Don’t write down passwords or User-id & password. Passwords must contain multiple characters (Lower / Upper Case, numbers, punctuation etc.) Root password should be very hard to crack.
PERMISSIONS Correct permissions & ownerships on all directories & files. Never make files world-writable / world readable. Search for world-writable files in pwd find . -perm -2 -print Improper file permissions in /dev : read/write directly to hardware like hard disks and network interfaces. /dev files should only be writable by root & readable only by their group Exception : /dev/tty, /dev/pty, /dev/null, /dev/zero. find /dev -perm -2 -print chmod -R 700 /etc/rc.d/init.d/* Lock the /etc/services file so that no one can modify it
SECURE THE NETWORK Remove all unwanted users and groups. Enable nospoof option in /etc/host.conf. Don't create /etc/hosts.equiv or a .rhosts file Don't run rlogind or rshd. (pw in plain text) Run sshd to allow remote access via SSH Use TCP Wrappers “tcpd” Use /etc/hosts.deny & /etc/hosts.allow hosts.allow overrides hosts.deny Disable unwanted services thru xinetd.conf also Ref: man hosts_access
MORE OF /ETC/ACCESS.[ALLOW|DENY] /etc/hosts.deny Only Local host allowed access ALL:ALL /etc/hosts.allow sshd: ALL ALL: .tifr.res.in EXCEPT xyz.tifr.res.in Allow localhost ALL : 127.0.0.1 Allow another m/c to connect to any service ALL : 192.168.1.2 Let all ssh except 192.168.1.3 and 192.168.1.4 sshd: ALL EXCEPT 192.168.1.3, 192.168.1.4
FIREWALLS  Hardware firewall - A device between Internet & LAN.  Software firewall: Software on a desktop/server that rejects certain types of network traffic.  Consider implementing a firewall. man iptables  Restrict n/w traffic to a machine or network segment.  Improves security and network performance.  Why do I need a software firewall?  Protects the m/c even if the h/w firewall is compromised.  Protects the m/c against compromised m/c s on n/w.  When can't one use a firewall?  Some services (like Samba) may use unspecified ports.  Some applications want to use arbitrary ports.
IPTABLES System Settings > Security Level System Settings > Server Settings > Services Activate iptables in runlevels 3 & 5 Chains: INPUT, OUTPUT,FORWARD. Effects : ACCEPT, DENY, DROP List all iptables rules # iptables –L # iptables -A INPUT -s <SIP> -j DROP # iptables -D <Chain name> <Rule no>
IPTABLES (CONTD…)  Drop all incoming telnet packets # iptables -A INPUT -j DROP -p tcp --destination-port telnet  Block any incoming tcp packets on 2nd Eth card (eth1) # iptables -A INPUT -j DROP -p tcp -i eth1  Drop incoming sync ie. anything not initiated by our PC # iptables -A INPUT -p tcp --syn -j DROP  Block by mac address iptables -A INPUT --mac-source 00:0B:DB:45:56:42 -j DROP  Ref:
PORTS What are ports? Network connection analogous to a lan highway. Each type of traffic needs to be in its own lan A port is analogous to a lane on the highway; different types of traffic (http, ftp, ssh, etc.) use different ports (80,21,22 etc) What ports need to be open? Open the ports for services you need to use and/or offer others. SSH (remote access to your machine): 22 FTP (file sharing server): 21 Web server: 80 X (display graphics on remote machines): 6000 See /etc/services for an exhaustive list. Close unused ports/terminate unwanted services.
SERVICES / DAEMONS Services : Special applications that start before any login Web server (httpd or Apache) File services (samba, NFS, ftpd) Print services (lpd, CUPS) Remote access (telnetd, sshd, vncserver) Management tools (crond, rhnsd) Why can services be dangerous? Many services offer themselves to local & remote m/c s If a flaw exists in the program providing the service, an attacker can exploit this flaw and break into the machine RULE: don't run any services you don't need. RULE: if you're running a service, restrict access possible.
ADDING SECURITY TO DESKTOP  NIS maintains and distributes files such as /etc/group, /etc/password, and /etc/hosts  NIS’s very nature of “easy information access” makes it tasty hacker bait  A late replacement is NIS+  Access to NFS volumes is granted by /etc/exports  This is a weak form of security because the server trusts the clients to tell it who they are  It is easy to make clients lie about their identities  The TCP wrappers package can help limit the hosts that can access NFS filesystems (through /etc/hosts.deny)
METRICS  Elements of an overall severity metric Damaged potential of any given discovered security vulnerability is a measurement of the potential harm done.  Overall severity metric and interaction between the three key metrics. Our security analyst informs that we are the CIO for a business based on a web ecommerce site.  The exception of rule The exploitation potential is an exception to this rule, anonymous malicious hackers with only mediocre programing skills can spend week months developing a program to exploit a security hole with little or no risk of getting caught.  Applying the overall severity metric Suppose one operating system has far more security alerts than another.
MICROSOFT WINDOWS VS LINUX Both offer some of the graphics capabilities and include some networking capabilities. But Linux networking is excellent. Linux is multi-user, multi-tasking, but Microsoft Windows doesn’t support it. Viruses, Trojans and other malware make it onto Window desktop for a Familiar to window and foreign to linux
THANK YOU

Recommended

Software As A Service (SaaS)
Software As A Service (SaaS)Software As A Service (SaaS)
Software As A Service (SaaS)
Sharvan Salooja
 
Introduction to Network and System Administration
Introduction to Network and System AdministrationIntroduction to Network and System Administration
Introduction to Network and System Administration
Duressa Teshome
 
Samba server
Samba serverSamba server
Samba server
Santosh Khadsare
 
Software security
Software securitySoftware security
Software security
Roman Oliynykov
 
Virtualization.ppt
Virtualization.pptVirtualization.ppt
Virtualization.ppt
vishal choudhary
 
Data integrity 03.pptx
Data integrity 03.pptxData integrity 03.pptx
Data integrity 03.pptx
AyeCS11
 
Security in Windows operating system
Security in Windows operating systemSecurity in Windows operating system
Security in Windows operating system
abdullah roomi
 
Windows server
Windows serverWindows server
Windows server
Hideo Amezawa
 

Recommended

Software As A Service (SaaS)
Software As A Service (SaaS)Software As A Service (SaaS)
Software As A Service (SaaS)
Sharvan Salooja
 
Introduction to Network and System Administration
Introduction to Network and System AdministrationIntroduction to Network and System Administration
Introduction to Network and System Administration
Duressa Teshome
 
Samba server
Samba serverSamba server
Samba server
Santosh Khadsare
 
Software security
Software securitySoftware security
Software security
Roman Oliynykov
 
Virtualization.ppt
Virtualization.pptVirtualization.ppt
Virtualization.ppt
vishal choudhary
 
Data integrity 03.pptx
Data integrity 03.pptxData integrity 03.pptx
Data integrity 03.pptx
AyeCS11
 
Security in Windows operating system
Security in Windows operating systemSecurity in Windows operating system
Security in Windows operating system
abdullah roomi
 
Windows server
Windows serverWindows server
Windows server
Hideo Amezawa
 
Infrastructure as a Service ( IaaS)
Infrastructure as a Service ( IaaS)Infrastructure as a Service ( IaaS)
Infrastructure as a Service ( IaaS)
Ravindra Dastikop
 
03 cia
03 cia03 cia
03 cia
Jadavsejal
 
Software as a service
Software as a serviceSoftware as a service
Software as a service
Divya korrapati
 
Server configuration
Server configurationServer configuration
Server configuration
Aisha Talat
 
Squid
SquidSquid
Squid
Chirag Gupta
 
Ch08 Authentication
Ch08 AuthenticationCh08 Authentication
Ch08 Authentication
Information Technology
 
Characteristics of cloud computing
Characteristics of cloud computingCharacteristics of cloud computing
Characteristics of cloud computing
GOVERNMENT COLLEGE OF ENGINEERING,TIRUNELVELI
 
Wds
WdsWds
Wds
anilinvns
 
System Administration: Introduction to system administration
System Administration: Introduction to system administrationSystem Administration: Introduction to system administration
System Administration: Introduction to system administration
Khang-Ling Loh
 
Virtualization
VirtualizationVirtualization
Virtualization
Srisailam Reddy Kanapuram
 
Ch03 system administration
Ch03 system administration Ch03 system administration
Ch03 system administration
Raja Waseem Akhtar
 
Cc unit 1 ppt
Cc unit 1 pptCc unit 1 ppt
Cc unit 1 ppt
Dr VISU P
 
Content Management System
Content Management SystemContent Management System
Content Management System
Anand Subramaniam
 
Unit 4
Unit 4Unit 4
Unit 4
Ravi Kumar
 
Introduction to Web Hosting.
Introduction to Web Hosting.Introduction to Web Hosting.
Introduction to Web Hosting.
Cloudbells.com
 
Cloud Deployments Models
Cloud Deployments ModelsCloud Deployments Models
Cloud Deployments Models
Mohamed Sami El-Tahawy
 
CLOUD COMPUTING BY SIVASANKARI
CLOUD COMPUTING BY SIVASANKARICLOUD COMPUTING BY SIVASANKARI
CLOUD COMPUTING BY SIVASANKARI
SivaSankari36
 
Mobile cloud Computing
Mobile cloud ComputingMobile cloud Computing
Mobile cloud Computing
Pooja Sharma
 
Web application
Web applicationWeb application
Web application
maliksiddique1
 
DNS (Domain Name System)
DNS (Domain Name System)DNS (Domain Name System)
DNS (Domain Name System)
Shashidhara Vyakaranal
 
Desktop Security 8 9 07
Desktop Security 8 9 07Desktop Security 8 9 07
Desktop Security 8 9 07
Michigan Nonprofit Association
 
CNIT 123: 8: Desktop and Server OS Vulnerabilites
CNIT 123: 8: Desktop and Server OS VulnerabilitesCNIT 123: 8: Desktop and Server OS Vulnerabilites
CNIT 123: 8: Desktop and Server OS Vulnerabilites
Sam Bowne
 

More Related Content

What's hot

Ch08 Authentication
Ch08 AuthenticationCh08 Authentication
Ch08 Authentication
Information Technology
 

What's hot (20)

Infrastructure as a Service ( IaaS)
Infrastructure as a Service ( IaaS)Infrastructure as a Service ( IaaS)
Infrastructure as a Service ( IaaS)
 
03 cia
03 cia03 cia
03 cia
 
Software as a service
Software as a serviceSoftware as a service
Software as a service
 
Server configuration
Server configurationServer configuration
Server configuration
 
Squid
SquidSquid
Squid
 
Ch08 Authentication
Ch08 AuthenticationCh08 Authentication
Ch08 Authentication
 
Characteristics of cloud computing
Characteristics of cloud computingCharacteristics of cloud computing
Characteristics of cloud computing
 
Wds
WdsWds
Wds
 
System Administration: Introduction to system administration
System Administration: Introduction to system administrationSystem Administration: Introduction to system administration
System Administration: Introduction to system administration
 
Virtualization
VirtualizationVirtualization
Virtualization
 
Ch03 system administration
Ch03 system administration Ch03 system administration
Ch03 system administration
 
Cc unit 1 ppt
Cc unit 1 pptCc unit 1 ppt
Cc unit 1 ppt
 
Content Management System
Content Management SystemContent Management System
Content Management System
 
Unit 4
Unit 4Unit 4
Unit 4
 
Introduction to Web Hosting.
Introduction to Web Hosting.Introduction to Web Hosting.
Introduction to Web Hosting.
 
Cloud Deployments Models
Cloud Deployments ModelsCloud Deployments Models
Cloud Deployments Models
 
CLOUD COMPUTING BY SIVASANKARI
CLOUD COMPUTING BY SIVASANKARICLOUD COMPUTING BY SIVASANKARI
CLOUD COMPUTING BY SIVASANKARI
 
Mobile cloud Computing
Mobile cloud ComputingMobile cloud Computing
Mobile cloud Computing
 
Web application
Web applicationWeb application
Web application
 
DNS (Domain Name System)
DNS (Domain Name System)DNS (Domain Name System)
DNS (Domain Name System)
 

Viewers also liked

P.5 ensayo de flexion
P.5 ensayo de flexionP.5 ensayo de flexion
P.5 ensayo de flexion
facasis
 
Email Security Presentation
Email Security PresentationEmail Security Presentation
Email Security Presentation
Yosef Gamble
 
Operating system security
Operating system securityOperating system security
Operating system security
Sarmad Makhdoom
 

Viewers also liked (20)

Desktop Security 8 9 07
Desktop Security 8 9 07Desktop Security 8 9 07
Desktop Security 8 9 07
 
CNIT 123: 8: Desktop and Server OS Vulnerabilites
CNIT 123: 8: Desktop and Server OS VulnerabilitesCNIT 123: 8: Desktop and Server OS Vulnerabilites
CNIT 123: 8: Desktop and Server OS Vulnerabilites
 
Topsec email security 2016
Topsec email security 2016Topsec email security 2016
Topsec email security 2016
 
SSL TSL;& SET
SSL TSL;& SETSSL TSL;& SET
SSL TSL;& SET
 
Inro to Secure Sockets Layer: SSL
Inro to Secure Sockets Layer: SSLInro to Secure Sockets Layer: SSL
Inro to Secure Sockets Layer: SSL
 
Design for security in operating system
Design for security in operating systemDesign for security in operating system
Design for security in operating system
 
Slide Deck CISSP Class Session 4
Slide Deck CISSP Class Session 4Slide Deck CISSP Class Session 4
Slide Deck CISSP Class Session 4
 
Email security
Email securityEmail security
Email security
 
Pgp smime
Pgp smimePgp smime
Pgp smime
 
P.5 ensayo de flexion
P.5 ensayo de flexionP.5 ensayo de flexion
P.5 ensayo de flexion
 
COMPUTER SECURITY AND OPERATING SYSTEM
COMPUTER SECURITY AND OPERATING SYSTEMCOMPUTER SECURITY AND OPERATING SYSTEM
COMPUTER SECURITY AND OPERATING SYSTEM
 
Email Security Presentation
Email Security PresentationEmail Security Presentation
Email Security Presentation
 
System protection in Operating System
System protection in Operating SystemSystem protection in Operating System
System protection in Operating System
 
Operating System Security
Operating System SecurityOperating System Security
Operating System Security
 
Operating system security
Operating system securityOperating system security
Operating system security
 
Email Security Overview
Email Security OverviewEmail Security Overview
Email Security Overview
 
S/MIME & E-mail Security (Network Security)
S/MIME & E-mail Security (Network Security)S/MIME & E-mail Security (Network Security)
S/MIME & E-mail Security (Network Security)
 
A little ssl
A little sslA little ssl
A little ssl
 
White Stone logo
White Stone logoWhite Stone logo
White Stone logo
 
Alberto Rocha - Key Core Competencies
Alberto Rocha - Key Core CompetenciesAlberto Rocha - Key Core Competencies
Alberto Rocha - Key Core Competencies
 

Similar to Desktop and Server Security

Windows 7 Security Enhancements
Windows 7 Security EnhancementsWindows 7 Security Enhancements
Windows 7 Security Enhancements
Presentologics
 
Windows 7 in 60 minutes - New Horizons Bulgaria
Windows 7 in 60 minutes - New Horizons BulgariaWindows 7 in 60 minutes - New Horizons Bulgaria
Windows 7 in 60 minutes - New Horizons Bulgaria
New Horizons Bulgaria
 
System security by Amin Pathan
System security by Amin PathanSystem security by Amin Pathan
System security by Amin Pathan
aminpathan11
 

Similar to Desktop and Server Security (20)

Windows Registry Auditing Cheat Sheet ver Oct 2016 - MalwareArchaeology
Windows Registry Auditing Cheat Sheet ver Oct 2016 - MalwareArchaeologyWindows Registry Auditing Cheat Sheet ver Oct 2016 - MalwareArchaeology
Windows Registry Auditing Cheat Sheet ver Oct 2016 - MalwareArchaeology
 
Windows server hardening 1
Windows server hardening 1Windows server hardening 1
Windows server hardening 1
 
Vista Presentation
Vista PresentationVista Presentation
Vista Presentation
 
#1
#1#1
#1
 
Windows 7 Security Enhancements
Windows 7 Security EnhancementsWindows 7 Security Enhancements
Windows 7 Security Enhancements
 
Registry Forensics
Registry ForensicsRegistry Forensics
Registry Forensics
 
Total Security MAC User Guide
Total Security MAC User GuideTotal Security MAC User Guide
Total Security MAC User Guide
 
70 271 Stu Chap03
70 271 Stu Chap0370 271 Stu Chap03
70 271 Stu Chap03
 
10 resource kit remote administration tools
10 resource kit remote administration tools10 resource kit remote administration tools
10 resource kit remote administration tools
 
Chapter 1,2,3 & 4_Win Server AD Basics.pptx
Chapter 1,2,3 & 4_Win Server AD Basics.pptxChapter 1,2,3 & 4_Win Server AD Basics.pptx
Chapter 1,2,3 & 4_Win Server AD Basics.pptx
 
Windows splunk logging cheat sheet Oct 2016 - MalwareArchaeology.com
Windows splunk logging cheat sheet Oct 2016 - MalwareArchaeology.comWindows splunk logging cheat sheet Oct 2016 - MalwareArchaeology.com
Windows splunk logging cheat sheet Oct 2016 - MalwareArchaeology.com
 
Windows registry troubleshooting (2015)
Windows registry troubleshooting (2015)Windows registry troubleshooting (2015)
Windows registry troubleshooting (2015)
 
Windows 7 Seminar - Acend Corporate Learning
Windows 7 Seminar - Acend Corporate LearningWindows 7 Seminar - Acend Corporate Learning
Windows 7 Seminar - Acend Corporate Learning
 
Seminar Topic Registry (M.Tech)
Seminar Topic Registry (M.Tech) Seminar Topic Registry (M.Tech)
Seminar Topic Registry (M.Tech)
 
Windows 7 in 60 minutes - New Horizons Bulgaria
Windows 7 in 60 minutes - New Horizons BulgariaWindows 7 in 60 minutes - New Horizons Bulgaria
Windows 7 in 60 minutes - New Horizons Bulgaria
 
Windows Security
Windows Security Windows Security
Windows Security
 
Security
SecuritySecurity
Security
 
IT Essentials (Version 7.0) - ITE Chapter 13 Exam Answers
IT Essentials (Version 7.0) - ITE Chapter 13 Exam AnswersIT Essentials (Version 7.0) - ITE Chapter 13 Exam Answers
IT Essentials (Version 7.0) - ITE Chapter 13 Exam Answers
 
System security by Amin Pathan
System security by Amin PathanSystem security by Amin Pathan
System security by Amin Pathan
 
Ch11
Ch11Ch11
Ch11
 

Recently uploaded

Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
ZurliaSoop
 

Recently uploaded (20)

UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
 
How to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSHow to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POS
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
 
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptxOn_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
 
REMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptxREMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptx
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
SOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning PresentationSOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning Presentation
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
 
FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)
 
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptx
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
 
Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomFostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the Classroom
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
 

Desktop and Server Security

  • 1. DESKTOP AND SERVER SECURITY • IS YOUR DESKTOP SECURE • HOW TO SECURE OWN DESKTOP BY-AROHI MORYA ATL FOUNDATION,ARA
  • 2. Introduction An important issue is how important security is, and how much are we willing to pay it financial, convenience, performance and other terms.
  • 4. Windows 7 Desktop Security  INTRODUCTION  USER ACCOUNT CONTROL  INTERNET EXPLORER  WINDOWS FIREWALL  LOCAL ADMINISTRATION GROUP  LOCAL USER  LOCAL ADMINISTRATION ACCOUNT  SERVICES  APPLOCKER  BIT LOCKER
  • 5. Introduction  NORMALLY WINDOWS 7 IS MORE SECURE THAN ITS PREDECESSORS, IT REMAINS VULNERABLE TO SECURITY THREATS. IN THIS TIP, STEPS FOR SECURING WINDOWS 7 DESKTOPS.  YOU WILL HAVE A PERFECT OPPORTUNITY TO SECURE YOUR WINDOW 7 DESKTOP SECURITY.  YOU CAN REDUCE HELPDESK CALL, INCREASE PRODUCTIVITY AND SECURITY.  I WILL SHOW YOU. HOW TO SECURE OWN DESKTOP STEP TO STEP . . . . . . . . . .
  • 6. User account control(uac)  WINDOWS 7 MAKES IT MUCH EASIER TO DEAL WITH UAC SETTINGS, AND IN FACT YOU DON’T HAVE TO COMPLETELY DISABLE UAC IF YOU DON’T WANT TO. JUST TYPE UAC INTO THE START MENU OR CONTROL PANEL SEARCH BOX.  USER ACCOUNT CONTROL SETTING IS TERM IS NOTIFY THE USER INSTALL AND REMOVE PROGRAMME.
  • 7. User Account control setting  NOTIFICATION SCALE IS SHOW  UP LEVEL SHOW RISK IS HIGH AND  LOW LEVEL RISK LOW
  • 8. Internet Explorer  INTERNET EXPLORER COMES TO ALL WINDOWS OPERATING SYSTEMS BUT VERSION IS CHANGE.  WINDOW 7 PROVIDES SOME AMAZING SECURITY WHEN WE ARE BROWSING THE INTERNET EXPLORER.  PROTECTED MODE IS SECURE YOUR SECURE OUR SYSTEM BY LEVERAGING THE BENEFITS OF USER ACCOUNTS CONTROL, PLUS ADDING IN INTEGRITY CONTROLS AND ISOLATION OF INTERNET EXPLORER FROM OTHER RUNNING APPLICATION.
  • 9.  OPEN THE INTERNET EXPLORER GO TO SETTING OPEN DIALOG BOX AND CLIK INTERNET OPTION.AND CHECK THE ALL TAB FOR PRIVATE SETING AS GENERAL,SECURITY,PRIVAC Y ETC.
  • 10.  The Windows 7 firewall now gives you the ability to select from three network locations types upon connecting your computer to a new network.  Another evolutionary step in the Windows 7 firewall is its support for multiple firewall profiles simultaneously.  In order for we to centralize, customize, and define more rules for our windows 7 desktops, we can use group policy.
  • 11. Local administration group  TO HELP MAKE OUR COMPUTER MORE SECURE, ADD A USER TO THE ADMINISTRATORS GROUP ONLY IF IT IS ABSOLUTELY NECESSARY. USERS IN THE ADMINISTRATORS GROUP HAVE COMPLETE CONTROL OF THE COMPUTER. THEY CAN SEE EVERYONE'S FILES, CHANGE ANYONE'S PASSWORD, AND INSTALL ANY SOFTWARE THEY WANT.  TO CONTROL THIS ,WE CAN USE GROUP POLICY PREFERENCES.
  • 12. Local user  LOCAL USER MEAN WINDOW 7 PROVIDED TO MORE USER SAME SYSTEM. THEY HAVE OWN USER ACCOUNT.  WINDOWS 7 ALLOWS YOU TO HAVE MULTIPLE USERS SHARING THE SAME COMPUTER UNDER THEIR OWN INDIVIDUAL ACCOUNTS
  • 14. Services  WE DON’T WANT USER RUNNING JUST ANY OLE SERVICE ON THEIR WINDOWS 7 COMPUTER. THEREFORE WE CAN ESTABLISH A LIST OF APPROVED AND DENIED SERVICES USING GROUP POLICY PREFERENCES.  WINDOWS SERVICES CAN BE CONFIGURED TO START WHEN THE OPERATING SYSTEM IS STARTED AND RUN IN THE BACKGROUND AS LONG AS WINDOWS IS RUNNING. ALTERNATIVELY, THEY CAN BE STARTED MANUALLY OR BY AN EVENT. WINDOWS NT OPERATING SYSTEMS INCLUDE NUMEROUS SERVICES WHICH RUN IN CONTEXT OF THREE USER ACCOUNTS.
  • 15. AppLocker  THE SOFTWARE CONFIGURATION OF A TYPICAL DESKTOP COMPUTER CHANGES FROM ITS DESIRED OR INITIAL STATE USUALLY FROM THE INSTALLATION AND EXECUTION OF NON-STANDARD OR UNAPPROVED SOFTWARE.  IT MEANS THAT TECHNIQUES ALWAYS NOTIFICATION ALERT ASKE USER ARE YOU SURE INSTALL PARTICULAR DATA, APPLICATION ETC.
  • 16. Bit locker WINDOWS 7 BITLOCKER™ DRIVE ENCRYPTION IS A DATA PROTECTION FEATURE AVAILABLE IN WINDOWS® 7 ENTERPRISE AND ULTIMATE FOR CLIENT COMPUTERS AND IN WINDOWS SERVER 2008 R2. THE TECHNOLOGY IS SIMPLE AND EASY TO CONFIGURE. SUPPORT FOR NEW FILE SYSTEMS (FAT, FAT32, EXFAT). SUPPORT FOR REMOVABLE DATA VOLUMES: NOW ANY VOLUME FORMATTED USING A SUPPORTED FILE SYSTEM CAN BE PROTECTED, WHETHER AN EXTERNAL HARD-DRIVE OR A FLASH STICK. NEW KEY PROTECTORS: A PASSWORD OR A SMARTCARD CAN NOW BE USED TO PROTECT DATA VOLUMES. NEW RECOVERY MECHANISM: A PUBLIC-KEY-BASED KEY-PROTECTOR CAN NOW BE USED BY ENTERPRISE-DESIGNATED DATA RECOVERY AGENTS (DRA) TO TRANSPARENTLY PROTECT ALL VOLUMES AND RECOVER THEM WITHOUT THE NEED OF A RECOVERY KEY OR RECOVERY PASSWORD.
  • 17. Local Right And Privileges0  LOCAL RIGHT THESE ARE PER COMPUTER CONFIGURATIONS THAT CONTROL WHAT A USER CAN DO TO A COMPUTER.  PERMISSION IS WHAT YOU CONFIGURE FOR RESOURCE ACCESS. A RESOURCE IS A FILE, FOLDER, REGISTRY, KEY, PRINTER, OR ACTIVE DIRECTORY OBJECT. PERMISSION DEFINE WHO CAN DO WHAT TO A RESOURCE.  PERMISSION’S EXAMPLE ARE READ, MODIFY, DELETE, ETC.
  • 18. What is Registry  REGISTRY MEAN NOTE PARTICULAR NAME OR ANYTHING, THAT KNOWN AS GENERAL WAYS REGISTERED BUT IN COMPUTER KNOWN AS ALL DATABASE THAT STORE CONFIGURE SETTINGS AND OPTIONS ON MICROSOFT WIDOWS OPERATING SYSTEMS. MICROSOFT WINDOWS FIRST INTRODUCED IN WINDOWS 3.1.  YES THAT CAN USE DESKTOP SECURE BY REGISTRY EDITING.
  • 19. Registry Structure  THE REGISTRY HAVE TWO BASIC ELEMENTS… 1. KEYS 2. VALUES  AND ALSO HAVE FIVE CLASSES 1. HKEY CLASSES ROOT 2. HKEY CURRENT USER 3. HKEY LOCAL MACHINE 4. HKEY USERS 5. HKEY CURRENT CONFIG
  • 20. Registry Editing  The registry is edited by manually. Manually mean current user as administration or guest user.  For open windows key +R key and type “regedit” and enter registry editor is open.  Registry Editor is a tool intended for advanced users. It's used to view and change settings in the system registry, which contains information about how your computer runs.
  • 21. I followed the rules. Here are my five rules for safer Registry editing: 1.The ironclad rule of Registry editing is that you must first back up the Registry. For many, making a System Restore point is the most convenient backup method. I also use the export facility of Regedit to make a copy of the Registry key that I am working on. Keep in mind that Regedit has no Undo function. 2. Know how to restore a Registry backup. It can be as simple as running System Restore or merging a backup REG file. 3. Make only one Registry edit at a time. Wait to see if everything works the way you want before making any more changes to the Registry. Don't forget that many Registry edits require that you log off or reboot before they take effect. 4. Only use Registry edits recommended by known reliable sources. Many of the common recommendations on the Internet are useless or nearly so. And some are even harmful. 5. Remember Rule #1. RULES FOR EDITING THE REGISTRY SAFELY
  • 22. Root keys or Hives Keys Abbreviation Description HKEY_CLASSES_ROOT HKEY_CURRENT_USER HKEY_LOCAL_MACHINE HKEY_USERS HKEY_CURRENT_CONFIG HKCR HKCU HKLM HKU HKCC Stores file association and COM object registration Stores data associated with the account currently logged on Stores system-related information Stores information about all the accounts on the machine Stores information about the current machine profile
  • 23. REGISTRY FILES  THE REGISTRY EDITOR ON WINDOW ON THESE SYSTEMS ALSO SOPPORTS EXPORTING.REG FILES ON WINDOWS 9X/NT FORMAT.DATA IS STORED IN .REG FILES.  [HKEY LOCAL MACHINESOFTW AREMICROSOFT]
  • 24. PROTECTING THE REGISTRY  ALL THE INITIALIZATION AND CONFIGURATION INFROMATION USED BY WINDOW IS STORED IN THE REGISTRY.NORMALLY, THE KEYS IN THE REGISTRYKK ARE CHANGED INDIRECRLY, THROUGH THE ADMINISTRATIVE TOOLS SUCH AS THE CONTROL PANEL.  THE SECURITY PERMISSIONS SET ON THIS KEY DEFINE WHICH USERS OR GROUPS CAN CONNECT TO THE SYSTEM FOR REMOTE REGISTRY ACCESS. HIVE: HKEY_LOCAL_MACHINE KEY: CurrentcontrolSetControlSecurePipeServers NAME: winreg
  • 25.  GROUP POLICY IS A HIERARCHICAL INFRASTRUCTURE THAT ALLOWS A NETWORK ADMINISTRATOR IN CHARGE OF MICROSOFT'S ACTIVE DIRECTORY TO IMPLEMENT SPECIFIC CONFIGURATIONS FOR USERS AND COMPUTERS. GROUP POLICY CAN ALSO BE USED TO DEFINE USER, SECURITY AND NETWORKING POLICIES AT THE MACHINE LEVEL.  THE GROUP POLICY IS A TOOL USED TO ASSIGN POLICIES TO A SYSTEM. GROUP POLICIES ARE DESIGNED TO APPLY POLICY SETTINGS TO A WIDE VARIETY OF TASKS.  WINDOWS 2000 AND LATER VERSIONS OF WINDOWS USE GROUP POLICY TO ENFORCE REGISTRY SETTINGS. POLICY MAY APPLIED LOCALLY TO A SINGLE COMPUTER USING GPEDIT.MSC OR TO MULTIPLE COMPUTERS IN A DOMAIN USING GPMC.MSC.  FOR OPEN GPE GO TO RUN DIALOGUE BOX AND TYPE GPEDIT.MSC
  • 26. Using Group policy editor  Notice that the local security policy is divided into Computer Configuration and User Configuration. The Desktop configuration portion of the local security policy can be found by navigating through the console to User Configuration.
  • 27. Create Registry Value  STEP 1-FIRST OPEN REGISTRY EDITORS, GO TO RUN TYPE REGEDIT AND OK  STEP 2- THEN CREATE VALUE PRESSING RIGHT CLICK ON LEFT HAND SIDE WINDOW IT MAY BE DWORD VALUE STRING VALUE ETC DEPENDING UPON THE REGISTRY CONFIGURATION AND THEIR PATH.
  • 28. Windows 8 introduction & security Windows 8 is newest family of Microsoft windows family and windows 8.1 is updated features including some new feature e.g.-start menu etc Why windows 8 or 8.1  This version built by Microsoft for broad access as laptop, pcs, tablet pcs and mobile phones using modern technology at home.  Provide the experience and devices that users love and expect.  Deliver enterprises-grade solutions that we can use to manage and secure them. Windows 8 also offers enterprises grade solution  Enhance to end-to-end security  Management and virtualization advancements windows 8 includes And windows 8 have fast boot and shutdown feature from later Microsoft windows family
  • 29. Similarities windows 7 and windows 8 Windows 8 is just an improvement of windows 7 features. But still there exists some points that are common in both & they are:  Windows 8 is use the same management tools that we already use to support Windows 7 in our organization.  In windows 7 you can quickly run apps by pressing the windows logo key, typing the name of the app and pressing Enter. we can do the same windows 8  In windows 8 we swipe in from the top edge of the screen to display app commands by simply right click with the mouse.  Windows 8 is definitely more secure than Windows 7. An integrated antivirus and application reputation system, along with a tamed app ecosystem that replaces the wild-west nature of previous versions of Windows, will probably make the most difference for inexperienced users that may not have ran an antivirus or knew which applications were safe to install on previous versions of Windows. Low-level improvements to the way Windows manages memory will help everyone, even power users.
  • 30. New features of windows 8 or 8.1  Windows 8 is focused on users  Windows is focused very heavily on a new, tiled, touch-centric interface for tablet
  • 31. End to end Security  Windows 8 have secure booting system because some malware programs target the boot process and insert.  Measure boot on Trusted Platform Module(TPM) based systems.  Bit locker Drive Encryptions-It is a data protection feature in windows 8 pro and windows 8 enterprises editions that helps protect data theft from lost, stolen or inappropriately decommissioned computers.  AppLocker-It is a simple and flexible mechanism that allows our specify exactly which apps are allowed to run users pcs.  Windows Smart Screen-Its app reputation is safety feature in windows 8 or 8.1  Claim Based access control-this control is enables you to set up and manage usage polices for files folders, and shared resources.
  • 32. Hardware Recommendations Windows 8 or 8.1 If you want to run Windows 8.1 on your PC, here's what it takes: Processor: 1 gigahertz (GHz)* or faster with support for PAE, NX, and SSE2 (more info) RAM: 1 gigabyte (GB) (32-bit) or 2 GB (64-bit) Hard disk space: 16 GB (32-bit) or 20 GB (64-bit) Graphics card: Microsoft DirectX 9 graphics device with WDDM driver If we're running Windows 8 we can get a free update to Windows 8.1. Just tap or click the Windows Store tile on your Start screen. Once we've moved up to Windows 8.1 we should get the update automatically. If you don't, follow these steps to get it manually using Windows Update.
  • 33. Hardware Innovation Touch Touch is clearly front and centre for Microsoft 1. The response times required for touch 2. The sensitivity and precision required of digitizer 3. The user experience of flush bezel Long battery life One of the key design tenant of Windows 8 or 8.1 is enable to long life battery Sensor and security With windows 8 or 8.1 will enables developers to take advantage of hardware innovation such as 1. Low power Bluetooth 2. Gps 3. Gyroscopes 4. accelerometer We will also be able to take advantage of security hardware technology like Trusted Platform Module(TPM) and Unified Extensible Interface(UEFI) boot.
  • 34. Windows 8 Security Protecting the client against threats Boot options for security Smart screen Vulnerability mitigation and sandboxing Protecting sensitive data  secure access to resources
  • 35. Protecting the client against threats  Microsoft actually introduced a few great features in its new operating system, some of which will help keep you safer from malware and other security threats.  To take full advantage of Windows 8’s new security features, your PC needs to run a new kind of boot system called Unified Extensible Firmware Interface (UEFI). This system, which replaces the archaic Basic Input/output System (BIOS), adds many new boot features and greatly speeds the start-up process.
  • 36. Boot options for security Measured Boot The biggest challenge with rootkits and bootkits on earlier versions of Windows is that they can be undetectable to the client. Because they start before antimalware and they have system-level privileges, they can completely disguise themselves while continuing to access system resources. As a result, PCs infected with rootkits appear to be healthy, even with antimalware running. Secure Boot When a PC starts, it starts the process of loading the operating system by locating the bootloader on the PC’s hard drive. If a PC doesn’t support Secure Boot (as is the case with most PCs released prior to Windows 8), the PC simply hands control over to the bootloader, without even determining whether it is a trusted operating system or malware. On new Windows 8 computers that use the UEFI firmware instead of the old-style BIOS, Secure Boot guarantees that only specially signed and approved software can run at boot. On current computers, malware could install a malicious boot loader that loads before the Windows boot loader, starting a boot-level rootkit (or “bootkit”) before Windows even launches. The rootkit could then hide itself from Windows and antivirus software, pulling the strings in the background.
  • 37. Smart screen check application reputation. Smart screen gives broader protection When we install new app then automatic activate and remember are you secure Smart screen
  • 38. Vulnerability mitigation and sandboxing  Windows 8 has improved address space layout randomization (ASLR) data execution prevention (DEP) both of which make exploiting vulnerabilities more difficulty.  The combination DEP and ASLR in windows 8 increase the amount of effort required by an attacker to develop and be successful with an exploit.
  • 39. Protecting sensitive data Where users travel, so does their organization’s confidential data. Since Windows Vista, BitLocker has provided full drive encryption capable of protecting both confidential data and system integrity. Windows 8 improves BitLocker by making it easy and faster to deploy, more convenient, and more manageable. Table 2 lists specific data-protection challenges in Windows 7 and the Windows 8 solution. Table 2. Windows 8 solutions to Windows 7 data-protection challenges Windows 7 challenge Windows 8 challenge When BitLocker is used with a PIN to protect start-up, PCs such as servers and kiosks cannot be restarted remotely. Network Unlock allows PCs to start automatically when connected to the internal network. Users must contact IT to change their BitLocker PIN or password. Windows 8 allows users with standard privileges to change their BitLocker PIN or password. Enabling BitLocker can make the provisioning process take several hours. BitLocker preprovisioning and Used Space Only encryption allow BitLocker to be quickly enabled on new computers. No support for using BitLocker with Self-Encrypting Drives (SEDs). BitLocker supports offloading encryption to encrypted hard drives. Administrators have to use separate tools to manage encrypted hard drives. BitLocker supports encrypted hard drives with onboard encryption hardware built in, allowing administrators to use the familiar BitLocker administrative tools to manage them. Encrypting a new flash drive can take more than 20 minutes. BitLocker To Go’s Used Space Only encryption allows users to encrypt drives in seconds. BitLocker could require users to enter a recovery key when system configuration changes occur. BitLocker requires the user to enter a recovery key only when disk corruption occurs or when the user loses their PIN or password.
  • 40. secure access to resources  Pervasive Internet access and the latest generation of lightweight tablets and Ultrabook devices have changed the way users work. They are not sitting at a desk with a mouse and keyboard anymore; they are using touch interfaces, travelling around the world, and working from untrusted networks. Let’s explore the different ways Windows 8 meets these modern work styles.  Virtual smart cards enables two factor authentication in a cost-effective manner.  Dynamic Access Control enables granular and complex resource protection throughout an enterprises.
  • 41. LINUX SECURITY I N T R O D U C T I O N & S E C U R I T Y
  • 42. O V E R V I E W  A D VA N TA G E L I N U X  T H R E AT S TO L I N U X M A C H I N E S .  S E C U R I N G L I N U X B E T T E R .  H O W TO S E C U R E L I N U X
  • 43. LINUX KERNEL  The kernel is the central nervous system of Linux, include OS code which runs the whole computer. It provides resources to all other programs that you run under Linux, and manages all other programs as they run.  The kernel includes the code that performs certain specialized tasks, including TCP/IP networking.  The kernel design is modular, so that the actual OS code is very small to be able to load when it needs, and then free the memory afterwards, thus the kernel remains small and fast and highly extensible
  • 44. LINUX NETWORKING  Networking comes naturally to Linux. In a real sense, Linux is a product of the Internet or World Wide Web (www).  Linux is made for networking. Probably all networking protocols in use on the Internet are native to Unix and/or Linux. A large part of the Web is running on Linux boxes, e.g. : AOL
  • 45. ENCRYPTION  Encryption commonly used to secure data. It is the ancient technique of hiding information in plain sight. Include:  Strong encryption - is stronger than the 40-bit encryption maximum that can be exported from the United States under U.S. law.  Public-key Encryption - is a type of asymmetric encryption, which is a system that you encrypt your message with one key, and the recipient decrypts it with a mathematically related, but different key.
  • 46. THE SECURE SHELL(SSH)  The ssh and its tools use strong encryption to allow remotely located systems to exchange data securely.  By using strong encryption, ssh significantly enhances the security of both the authentication process and the session itself.
  • 47. ADVANTAGE OF LINUX User vs. administrator Only root can install software or change system settings. More difficult for viruses to spread. Commands, utilities, even the desktop run separately from the Kernel. Security updates are easier, quicker to deploy.
  • 48. THREATS TO LINUX MACHINES  Reasons for Break-in.  Loose Passwords  Improper Permissions  Careless Security  Unwanted Vulnerable Services  Brute force password attacks  Buffer overflows in network services.  int main () {int buffer[10]; buffer[20]=10;}  Aim: overwrite some control information to change the flow of control in the program.
  • 49. SECURING LINUX BETTER 1. Secure the console 2. Set good passwords 3. Set right permissions 4. Secure the network connection 5. Restrict Access 6. Iptables 7. Firewalls, Ports & Services 8. Handling / Restricting Services 9. Adding security to desktop 10. Keep the system up to date
  • 50. SECURING THE CONSOLE Physical Security Password protect the screensaver. Set a password on the boot loader (lilo / grub). Use xlock or xautolock while away. Do NOT normally login as root in own machine. Set BIOS Password. Machine in safe location. Set boot hierarchy to HDD first (not CD,HDD). Restrict Remote access. Set up an idle timeout, to logout idle users.
  • 51. PASSWORDS Use strong, unique passwords (especially for root) Must have a minimum length of 8 characters. Must be alpha-numeric not based on dictionary words. Password must be changed every 30 days. Account will be locked out after 3 consecutive unsuccessful login attempts. Don’t write down passwords or User-id & password. Passwords must contain multiple characters (Lower / Upper Case, numbers, punctuation etc.) Root password should be very hard to crack.
  • 52. PERMISSIONS Correct permissions & ownerships on all directories & files. Never make files world-writable / world readable. Search for world-writable files in pwd find . -perm -2 -print Improper file permissions in /dev : read/write directly to hardware like hard disks and network interfaces. /dev files should only be writable by root & readable only by their group Exception : /dev/tty, /dev/pty, /dev/null, /dev/zero. find /dev -perm -2 -print chmod -R 700 /etc/rc.d/init.d/* Lock the /etc/services file so that no one can modify it
  • 53. SECURE THE NETWORK Remove all unwanted users and groups. Enable nospoof option in /etc/host.conf. Don't create /etc/hosts.equiv or a .rhosts file Don't run rlogind or rshd. (pw in plain text) Run sshd to allow remote access via SSH Use TCP Wrappers “tcpd” Use /etc/hosts.deny & /etc/hosts.allow hosts.allow overrides hosts.deny Disable unwanted services thru xinetd.conf also Ref: man hosts_access
  • 54. MORE OF /ETC/ACCESS.[ALLOW|DENY] /etc/hosts.deny Only Local host allowed access ALL:ALL /etc/hosts.allow sshd: ALL ALL: .tifr.res.in EXCEPT xyz.tifr.res.in Allow localhost ALL : 127.0.0.1 Allow another m/c to connect to any service ALL : 192.168.1.2 Let all ssh except 192.168.1.3 and 192.168.1.4 sshd: ALL EXCEPT 192.168.1.3, 192.168.1.4
  • 55. FIREWALLS  Hardware firewall - A device between Internet & LAN.  Software firewall: Software on a desktop/server that rejects certain types of network traffic.  Consider implementing a firewall. man iptables  Restrict n/w traffic to a machine or network segment.  Improves security and network performance.  Why do I need a software firewall?  Protects the m/c even if the h/w firewall is compromised.  Protects the m/c against compromised m/c s on n/w.  When can't one use a firewall?  Some services (like Samba) may use unspecified ports.  Some applications want to use arbitrary ports.
  • 56. IPTABLES System Settings > Security Level System Settings > Server Settings > Services Activate iptables in runlevels 3 & 5 Chains: INPUT, OUTPUT,FORWARD. Effects : ACCEPT, DENY, DROP List all iptables rules # iptables –L # iptables -A INPUT -s <SIP> -j DROP # iptables -D <Chain name> <Rule no>
  • 57. IPTABLES (CONTD…)  Drop all incoming telnet packets # iptables -A INPUT -j DROP -p tcp --destination-port telnet  Block any incoming tcp packets on 2nd Eth card (eth1) # iptables -A INPUT -j DROP -p tcp -i eth1  Drop incoming sync ie. anything not initiated by our PC # iptables -A INPUT -p tcp --syn -j DROP  Block by mac address iptables -A INPUT --mac-source 00:0B:DB:45:56:42 -j DROP  Ref:
  • 58. PORTS What are ports? Network connection analogous to a lan highway. Each type of traffic needs to be in its own lan A port is analogous to a lane on the highway; different types of traffic (http, ftp, ssh, etc.) use different ports (80,21,22 etc) What ports need to be open? Open the ports for services you need to use and/or offer others. SSH (remote access to your machine): 22 FTP (file sharing server): 21 Web server: 80 X (display graphics on remote machines): 6000 See /etc/services for an exhaustive list. Close unused ports/terminate unwanted services.
  • 59. SERVICES / DAEMONS Services : Special applications that start before any login Web server (httpd or Apache) File services (samba, NFS, ftpd) Print services (lpd, CUPS) Remote access (telnetd, sshd, vncserver) Management tools (crond, rhnsd) Why can services be dangerous? Many services offer themselves to local & remote m/c s If a flaw exists in the program providing the service, an attacker can exploit this flaw and break into the machine RULE: don't run any services you don't need. RULE: if you're running a service, restrict access possible.
  • 60. ADDING SECURITY TO DESKTOP  NIS maintains and distributes files such as /etc/group, /etc/password, and /etc/hosts  NIS’s very nature of “easy information access” makes it tasty hacker bait  A late replacement is NIS+  Access to NFS volumes is granted by /etc/exports  This is a weak form of security because the server trusts the clients to tell it who they are  It is easy to make clients lie about their identities  The TCP wrappers package can help limit the hosts that can access NFS filesystems (through /etc/hosts.deny)
  • 61. METRICS  Elements of an overall severity metric Damaged potential of any given discovered security vulnerability is a measurement of the potential harm done.  Overall severity metric and interaction between the three key metrics. Our security analyst informs that we are the CIO for a business based on a web ecommerce site.  The exception of rule The exploitation potential is an exception to this rule, anonymous malicious hackers with only mediocre programing skills can spend week months developing a program to exploit a security hole with little or no risk of getting caught.  Applying the overall severity metric Suppose one operating system has far more security alerts than another.
  • 62. MICROSOFT WINDOWS VS LINUX Both offer some of the graphics capabilities and include some networking capabilities. But Linux networking is excellent. Linux is multi-user, multi-tasking, but Microsoft Windows doesn’t support it. Viruses, Trojans and other malware make it onto Window desktop for a Familiar to window and foreign to linux