OSSEC Windows OS Security

Securing Operating Systems
Module 2
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
1
Simplifying Security.

Malware Contamination on Windows 7 High, While for XP Low
May 21, 2011
In its latest edition of Security Intelligence Report that Microsoft released on May 12, 2011, the company reveals that the
infection rate on Windows 7 rose over 30% in H2‐2010, while that on Windows XP dropped over 20%.
Says Principal Group Program Manager Jeff Williams for Microsoft Malware Protection Center, the rate of contamination on
Windows 7 increased, that's because of more malware attacks prevailing in cyber space. Computerworld.com published this
on May 12, 2011.
Notably, during July‐December 2010, there was a mean rate of more than 4 32‐bit Windows 7 computers getting infected
for every 1,000 such computers, a rise of 33% compared to about 3 such PCs getting infected for every 1,000 during H1‐
2010.
2
http://www.spamfighter.com

Mac Malware Goes From Game
May 11, 2011
Apple ‐‐ and many Mac users ‐‐ argue that Mac OS X has a special recipe for security that makes it less
likely to be infected with malware. Many security researchers counter that the Mac's seeming immunity
stems not from its security, but from its lack of market share.
The debate may finally be settled.
The emergence of a serious malware construction kit for the Mac OS X seems to mimic a 2008 prediction
by a security researcher. The prediction comes from a paper written in IEEE Security & Privacy (in .pdf),
which used game theory to predict that Macs would become a focus for attackers as soon as Apple hit 16
percent market share.
Last week, security researchers pointed to a construction kit for creating Trojans for the Mac OS X as a
major issue for Mac users. Currently, three countries ‐‐ Switzerland, Luxembourg and the United States ‐‐
have Mac market share around that level.
3
to Serious
http://www.csoonline.com

Module Objectives
4
System Security
Threats to System Security
How Does Malware Propagate?
Guidelines for Windows Operating
System Security
Two‐Way Firewall Protection in
Windows
Windows Encrypting File System (EFS)
How to Hide Files and Folders?
Windows Security Tools
Guidelines for Securing Mac OS X
Resources on the Internet for
Computer Security
Operating System Security
Checklists

5
Module Flow
System Security
Threats to System
Security
How Does
Malware Propagate?
Guidelines for Securing
Mac OS X
Guidelines for Windows OS Security
Windows Security
Tools
Windows Encrypting
File System (EFS)

System Security
6
Every operating
system and
application is
subject to
security flaws
Software vendors
usually develop
patches to address
these flaws
Users have to
install the
patches and
configure the
software
System
compromise can
be prevented by
applying security
patches in a
timely manner

7
Module Flow
System Security
Threats to System
Security
How Does
Malware Propagate?
Mac OS X
Windows Security
Tools
Windows Encrypting
File System (EFS)

8
Virus
A program that replicates by
copying itself to other
programs, system boot sectors,
or documents, and alters or
damages the computer files and
applications
Worm
A self‐replicating virus
that does not alter files
but resides in computer
memory and replicates
itself
Backdoor
An unauthorized mean of
accessing the system and
bypassing the security
mechanisms
Trojan
A program that seems
to be legitimate but acts
maliciously, when
executed
Logic Bomb
A program that releases a
virus or a worm
Rootkit
A set of programs or
utilities that allows
someone to maintain
root‐level access to the
system

Keylogger is a hardware device
or small software program that
monitors and records each
keystroke on a user's
computer keyboard
9
Keylogger
Password Cracking
Password cracking is the process
of identifying or recovering an
unknown or forgotten password
Spyware
Spyware includes Trojans and
other malicious software that
steals personal information
from the system without the
users’ knowledge. Example:
Keylogger

Password cracking is the process of identifying or recovering an unknown or forgotten password
Password Cracking
10
Trying different
passwords until
one works
Tricking people to
reveal their password
or other information
that can be used to
guess the password
It uses a pre‐defined
list of
words
Trying combinations
of all the characters
until the correct
password is
discovered
Watching someone
type the password
Victim
Attacker
Server
Original Connection
Attacker gets the
password of the victim
Sniff
Guessing
Brute
Forcing
Dictionary
Attack
Shoulder
Surfing
Social
Engineering

11
Module Flow
System Security
Threats to System
Security
How Does
Malware Propagate?
Mac OS X
Windows Security
Tools
Windows Encrypting
File System (EFS)

12
Through Email
Attachments
Emails containing
attachments may
include malware
Clicking the
attachment installs a
malicious program on
the computer
A virus create an
autorun.inf file that is a
system hidden and a
read‐only file
When the user opens the
pen drive files, the
autorun.inf is executed
and copies the virus files
into the system
Through Infected
Websites
Visiting compromised
sites may result in
installation of
malicious software,
designed to steal
personal information,
on users computer
Through USB
Memory Sticks

13
How Does Malware
Propagate ?
http://www.sonicwall.com

14
Through Fake Codec
If the user is prompted to download and install a
decoder to watch the video, the codec may be a
malicious program that would be downloaded onto
the system
Through Shared Folders
Malware may propagate via network shares
The malware can spread by creating copies of itself in
shared folders

15
Through Fake Antivirus
Antivirus 2009 is a fake antivirus that performs a fake
scan of the users’ system and shows viruses that are
not present on the system
Clicking the Register or Scan buttons downloads
malware onto the system
Through Downloads
Downloading software, music, photos, and videos from
untrusted websites may also cause downloading a
malicious file infected with a virus, worm, Trojan, etc.
A large number of malicious applications are available
over the Internet with a description that may trick
users into downloading them

16
Peer‐to‐peer (P2P) file sharing enables sharing
of music, audio, images, documents, and
software programs between two computers
over the Internet
Shared files may contain security risks such as
viruses, spyware, and other malicious software
Attackers can share malware disguised as a
useful application
P2P networks can be used to illegally distribute
the copyrighted material that may attract civil
and/or criminal penalties
http://www.entertane.com

17
Module Flow
System Security
Threats to System
Security
How Does
Malware Propagate?
Mac OS X
Windows Security
Tools
Windows Encrypting
File System (EFS)

Guidelines for Windows
Operating System Security
Enable BitLocker
18
Lock the System, When
Not in Use
Create Strong User Password
Disable the Guest Account
Lock Out Unwanted Guests
Apply Software Security Patches
Use Windows Firewall
Use NTFS
Kill Unnecessary Processes
Configure Audit Policy
Rename the Administrator
Account
Use Windows Encrypting File
System
Hide Files and Folders
Disable Start up Menu
Disable Simple File Sharing
Use Windows User Account
Control (UAC)
Implement Malware
Prevention
Disable Unnecessary Services

Lock the SystemWhen Not in Use
Press the ‘Windows’ and ‘L’ keys together on the keyboard to lock the system
Click Start Lock
Right‐click on the Desktop and select Personalize  Screensaver  select the time and
check “On resume, display logon screen”
19

Create a Strong User Password
1. To create a password, go to Start  Control Panel  Select User Accounts  click
20
Manage another account
2. Click User name for whom the password has to be changed and choose Create a
password (If the password is already set, this option will be Change your password )
3. In the Create a password for user’s account window, type the password to be assigned
to the selected user and confirm the password
4. Provide a password hint (optional)
5. If a password is already assigned to the user account and are trying to change it,
Windows will ask you to verify the current password
6. Click the Create/Change Password button
Note: Use strong passwords for logging into the system

Change Windows User Password:
Windows 7
21

Disable the Guest Account:
Windows 7
22
Click Start  right click Computer  select
Manage
When the Computer Management window
opens, go to Local Users and Groups 
Users
Verify that the Guest account is disabled by
looking at the icon
If the account is not disabled, double‐click
the account name to open its Properties
window
In the Guest account's properties window
 select the checkbox next to Account is
disabled  click OK

Lock Out Unwanted Guests in
Windows 7
23
Go to Control Panel  click
Administrative Tools
Double‐click the Local Security
Policy  Account Policies
double‐click the Account
Lockout Policy  double‐click
Account Lockout Threshold
At the Account lockout threshold
Properties window, enter the
number of invalid logins (e.g., 3)
Click OK and Close

Rename the Administrator
Account in Windows 7
Click Start  right click Computer  click
Manage
24
In the Computer
Management window  click
Local Users and Groups 
select Users
Right click on user Admin or Administrator 
select Rename  type the new name for
account and click OK

Disable Start up Menu in Windows 7
25
Right click on the Taskbar  select
Properties  click Start Menu tab
Uncheck both Store and display recently
opened programs in the Start menu and
Store and display recently opened items
in the Start menu and the taskbar  click
Apply  click OK

Windows Updates in
Windows 7
26
•
Windows Updates
Click Start  Control
Panel  select System
and Security
Select Windows Update
 Change Settings
Choose how Windows can
install updates

Pointers for Updates
27
Always patch the OS and
applications to the latest
patch levels
Ensure that you are
downloading patches only
from authentic sources ‐‐
preferably the vendor site
Use patch
management tools for
easier updating–there
are several free tools
Choose to be notified by
the vendor about
vulnerability
announcements
Do not open executable
files from sources of
questionable integrity
Do not send patches
through email

Apply Software Security Patches
1
2
Software updates are used to keep the OS and other
software up‐to‐date
Updates must be installed from the vendor’s website
28
3
4
5
Updates can be installed automatically or manually
Automatic updates can be installed on a scheduled
basis
The update process can be hidden and restored

Configuring Windows Firewall in
Windows 7
Open Windows Firewall by clicking the Start button  click Control Panel
In the search box, type Firewall  click Windows Firewall
In the left pane, click Turn Windows Firewall ON or OFF
29

Adding New Programs in Windows
Firewall in Windows 7
30
1. Click Start  Control Panel  type Firewall in the
search box  press Enter
2. Click Allow a program through Windows Firewall
3. Click Change Settings

4. Click Allow another Program
5. The Add A Program window opens, which lists pre‐installed programs 
31
Click Browse to add a program (if required)

6. Navigate to the Location of the program  select its executable file  click Open
7. Click Add  click OK to exit the Windows Firewall
The change is applied to the list of added programs
32

Removing/Disabling Programs Rules
from the Windows Firewall in Windows 7
33
Click Start  Control Panel  search
Windows Firewall  go to Allow a
Program through Windows Firewall 
click Change Settings
Select the rule you want to
Remove/Disable
To Disable any rule for any specific
network location, uncheck its
respective checkbox  click OK
To remove any program completely
from the allowed program list, click
Remove  click YES  click OK

Creating a New Windows Firewall
Rule in Windows 7
Advance settings in Windows Firewall allow users to create custom rules
Steps to create a new rule:
1. Click Start  Control Panel  search for firewall  click Check Firewall Status  click
34
Advanced Settings

Rule in Windows 7
2. In the Windows Firewall with Advanced Security window, click Inbound Rules  click New Rule
3. The New Inbound Rule Wizard opens  select the type of rule (Program, Port, Predefined, and Custom
35
rules) you would like to create  click Next

Rule in Windows 7
4. Select the type of protocol (TCP/UDP) and provide the port numbers or select the option All
5. Decide what Action to take when a connection matches the specified condition (here, Allow
Local Ports for the rule you want to be applied  click Next
36
the Connection)  click Next

Rule in Windows 7
6. Select a Profile for which the rule has to be applied  click Next
7. Give a Name to the newly created Rule and description (optional)  click Finish
The rule is created and it allows TCP Inbound traffic to all the ports.
Note: To create a rule for Outbound traffic, follow the same steps. But select UDP protocol
and enter 5679 as the port number
37

Two-Way Firewall Protection in
Windows
38
Click the Start button  type wf.msc
or Firewall in search bar  press
Enter
Click the Windows Firewall with
Advanced Security icon
This management interface displays
the inbound and outbound rules
Click Windows Firewalls Properties
A dialog box with several tabs will
appear
For each profile‐‐Domain, Private, and
Public‐‐change the setting to Block,
and then click OK

NTFS file system provides better performance and security for data on hard disks and partitions than
the FAT file system
Convert partitions that use the earlier FAT16 or FAT32 file system to NTFS by using the convert
command
Always Use NTFS
39
Close any open programs
running on the partition or
logical drive to be
converted
Click Start  All Programs 
Accessories, right‐click
Command Prompt, and then
click Run as administrator.
Type the password or provide
confirmation if prompted
In the Command Prompt,
type convert drive_letter:
/fs:ntfs, where
drive_letter is the letter of
the drive to be converted to
NTFS, and then press ENTER
Type the name of the
volume you want to convert,
and then press ENTER
Note: Converting a partition from FAT to NTFS does not affect the data on it.
You need to restart the computer for the NTFS conversion if the partition
contains system files.

40
Module Flow
System Security
Threats to System
Security
How Does
Malware Propagate?
Mac OS X
Windows Security
Tools
Windows Encrypting
File System (EFS)

Windows Encrypting File System (EFS)
41
Windows Encrypting File System (EFS) allows
Windows 7 system users to encrypt files and folders
in an NTFS formatted disk drive
Right‐click the file to be encrypted  select
Properties on the General tab  click the Advanced
button. The Advanced attributes dialog box appears.
There are two options under Compress or Encrypt
attributes, Compress contents to save disk space
and Encrypt contents to secure data
Select Encrypt contents to secure data  click OK to
close the Compress or Encrypt Attributes dialog box
 click Apply
An Encryption Warning dialog box appears, check
any of the two options: Encrypt the file and its
parent folder and Encrypt the file only  click OK

How to Decrypt a File Using EFS in
Windows?
42
• Right‐click the file to be decrypted 
select Properties
• On the General tab, click the
Advanced button. An Advanced
Attributes dialog box appears
• There are two options under
Compress or Encrypt Attributes,
Compress contents to save disk space
and Encrypt contents to secure data
• Uncheck Encrypt contents to secure
data  click OK to close the
Compress/Encrypt Attributes dialog
box  apply the settings  click OK

Windows Defender is an antispyware software that offers real‐time protection against spyware and other potentially
malicious programs infecting the computer
To turn Windows Defender ON or OFF  open Windows Defender by clicking the Start button  click All Programs  click
Windows Defender or type Windows Defender in the search space
Click Tools  click Options  click Administrator  select or clear the UseWindows Defender check box  click Save
UsingWindows Defender
43

1. BitLocker Drive Encryption provides better data protection by encrypting an entire Windows operating system
Enable BitLocker in Windows 7
44
volume
2. The hard drive and any removable media on the computer can be encrypted
3. Encrypted removable media can be decrypted and re‐encrypted on any Windows 7 computer
4. Click Start  click Computer  Right click on any drive and select the option Turn on BitLocker…
Note: BitLocker is available only in the Enterprise and Ultimate editions of Windows Vista and Windows 7

Event Viewer is a built‐in Windows utility that allows users to view and manage the event logs, gather
information about hardware and software problems, and monitor Windows security events
To start Event Viewer in Windows 7  click Start  Control Panel  System and Security
Administrative Tools  Event Viewer
Launching Event Viewer in
Windows 7
Windows XP Windows 7
45

46
1. Event Viewer categorizes events into five types:
Error, Warning, Information, Audit Success, and
Audit Failure
2. Each event log is differentiated by its level and
contains header information and a description of
the event
3. Each event header contains a detailed description
of the level, date, time, source, event ID, and task
category
Event Viewer: Events
and How to Read Logs
on the System

Disabling Unnecessary Services in
Windows 7
47
A service is a long‐running executable that
performs specific functions without
requiring any user intervention
Services normally start during the system
start up or booting
Some services load automatically, while
others are called when a program is used
To view running services, click Start 
Control Panel  Administrative Tools 
double‐click Services
Alternatively, select Start  type
services.msc in search bar  press ENTER
Once the Services window is loaded, the
user can turn off any unneeded services

Kill or terminate unnecessary and suspicious processes to increase system performance and protect system
against malwares
Killing a process
Press [Alt]+ [Ctrl] + [Del] keys simultaneously  click
Task Manager
In Task Manager go to Processes tab  select the
Process  click End Process
Alternatively, right click on a selected target process
 select End Process
Killing a Process Tree
Run the Task Manager  select the target process 
right‐click and select End Process Tree
Killing Unwanted Processes
48

Finding Open Ports Using Netstat Tool
Knowing open ports, and services and applications associated with these ports helps in detecting the presence
of malware such as virus, worms, Trojans, etc. in the system
Malware generally open ports to receive or send data packets from attackers
Netstat, a Windows inbuilt utility, can be used to determine open ports in the system and associated
applications
Click Start  All Programs  Accessories, right‐click Command Prompt, and then click Run as administrator.
Type the password or provide confirmation if prompted
Type netstat –b in the command prompt window to see the open ports and associated applications
49

Audit policies should be configured to identify attempted or successful attacks on system and network
Configuring Audit Policy
50
1. Click Start  type secpol.msc in
search bar, and press Enter
2. Click Local Policies  select Audit
Policy  double‐click the Audit
account logon events policy 
check the Success and Failure boxes
 click Apply  click OK
3. Similarly, change the security
setting for all the policies listed in
the right hand pane of Local
Security Policy window
4. Close the Local Security Policy
window

How to Hide Files and Folders?
Right‐click the file or folder to be hidden  click Properties  under Attributes
check Hidden  click Apply  click OK
On the Organize menu from Windows Explorer  click Folder and search options
On the View tab, Select the Do not show hidden files and folders option
51

Disable Simple File Sharing in
Windows
52
1. Go to Start  Control Panel  Folder
Options
2. From the Folder Options window 
select the View tab
3. Scroll to the bottom of the Advanced
Settings pane
4. Uncheck the checkbox for Using
sharing wizard (for Windows 7) 
click OK

Raise the UAC Slider Bar in Windows 7
User Account Control (UAC) helps the user to make critical decisions while installing software
Click Start  Control Panel  Action Center  Change User Account Control Settings 
Raise/Adjust the UAC slider bar to Always notify
53

54
Module Flow
System Security
Threats to System
Security
How Does
Malware Propagate?
Mac OS X
Windows Security
Tools
Windows Encrypting
File System (EFS)

Windows Security Tools: Microsoft
Security Essentials
55
http://www.microsoft.com
Microsoft Security Essentials
provides real‐time protection
for a home PC that guards
against viruses, spyware, and
other malicious software

Windows Security Tools: KeePass
Password Safe Portable
56
KeePass is a password
manager that manages
passwords in a secure way
and carries all passwords in
one database, which is locked
with one master key or a
key‐disk
The databases are encrypted
using current known secure
encryption algorithms (AES‐
256 and Twofish)
http://portableapps.com

Windows Security Tools: Registry
Mechanic
1. Registry Mechanic offers tools to speed up and improve the stability of Windows7, Windows Vista, or
57
http://www.pctools.com
Windows XP PC
2. Registry Mechanic safely cleans, repairs, and optimizes the registry and automatically backs up changes
for future recovery
3. Permanently erases Internet activity, personal files, and free space to keep information away from
prying eyes

Windows Security Tools: Windows
Defender
58
http://www.microsoft.com
Windows Defender helps protect a
computer against pop‐ups, slow
performance, and security threats
caused by spyware and other
unwanted software by detecting and
removing known spyware from a
computer

59
Module Flow
System Security
Threats to System
Security
How Does
Malware Propagate?
Mac OS X
Windows Security
Tools
Windows Encrypting
File System (EFS)

Step 1: Enabling and Locking Down the
Login Window
60
Click Apple menu  System
Preferences  Accounts 
Login options  Display Login
Windows as  Name and
Password
Uncheck Automatically login as:
 Check Hide the Sleep, Restart,
and Shut Down buttons
 Uncheck Enable fast users
switching if not used

Step 2: Configuring Accounts
Preferences
61
From the Apple menu choose System
Preferences  from the View menu
choose Accounts  select the username
whose password you want to change
Click Reset Password (Mac OS X v10.3 and
v10.4) or Change Password (Mac OS X
v10.5 or later)
Enter a new password in both the
Password and Verify fields  click the
Reset Password (Mac OS X v10.3 and
v10.4) or the Change Password (Mac OS X
v10.5 or later)
If a dialog box appears with the message
Your Keychain password will be changed
to your new account password,  click
OK

Step 3: Guidelines for Creating
Accounts
62
Never create accounts
that are shared by
several users
Each user should have his or
her own standard or
managed account
Individual accounts are
necessary to maintain
accountability
Administrators should only
use their administrator
accounts for administration
purposes

Step 4: Securing the Guest Account
63
The guest account must be used for
temporary access to the system
The guest account should be
disabled by default as it does not
require a password to login to the
computer
If the guest account is enabled,
Enable Parental Controls to limit
what the user can do
If the user permits the guest
account to access shared folders, an
attacker can easily attempt to
access shared folders without a
password

Step 5: Controlling Local Accounts
with Parental Controls
64
Network
Traffic Analysis
Open System Preferences  click
Accounts
If the lock icon is locked  click the
lock icon and provide an
Administrator name and Password
Select the user account to be
managed with parental controls 
select the Enable Parental Controls
checkbox
Click Open Parental Controls  click
System, Content, Mail & iChat, Time
Limits, and Logs

Step 6: Use Keychain Settings
Keychain stores passwords on the disk in an encrypted form and it is difficult for a non‐root user to
sniff a password between applications
Go to Applications  Utilities  Keychain Access  Edit  Change settings for Keychain "login"
Check Lock after  change minutes of inactivity to the desired number of minutes  check Lock
when sleeping  click Save
65

Step 7: Use Apple Software Update
Mac OS X includes an automatic software update tool to patch the majority of Apple applications
Software Update often includes important security updates that should be applied to a user’s machine
To update software :
 Open Software Update preferences  click the Scheduled Check pane
 Deselect Download updates automatically  click Check Now
66

Step 8: Securing Date & Time Preferences
1. Open Date & Time preferences  in the Date & Time pane, enter a secure and trusted
NTP server in the Set date & time automatically field
2. Click the Time Zone button  choose a Time Zone
67

Step 9: Securing Network Preferences
68
It is recommended to disable unused
hardware devices listed in Network
preferences
Open Network preferences  from the
list of hardware devices, select the
hardware device that connects one’s
network
From the Configure pop‐up menu,
choose Manually
Enter the user’s static IP address, Subnet
Mask, Router, DNS Server, and Search
Domain configuration settings
Click Advanced  in the Configure IPv6
pop‐up menu, choose Off  click OK

Step 10: Enable Screen Saver Password
To prevent unauthorized access to a system, enable a screen saver password
1. From the Apple menu  select System
69
Preferences  click Security  click the Lock
icon to make changes
2. If prompted, type the admin userid and
password
3. In the Security window  click the General
tab  check Require password to wake this
computer from sleep or screen saver (Leopard)
or Require password immediately after sleep
or screen saver begins (Snow Leopard)
4. In addition to the screen saver password, also
secure the system by selecting:
 Disable automatic login
 Require password to unlock each System
Preference.
 Use secure virtual memory
 Click the lock icon to prevent further changes
 Close the Security window and restart your
machine

Step 11: Set Up FileVault to Keep
Home Folder Secure
70
Click System Preferences  click
Security  click FileVault 
click Set Master Password
Create the master password for
the computer but ensure this
password is different from user
account password
Verify the password  click OK

Step 12: Firewall Security
71
Mac OS X firewall blocks unwanted network
communication with the computer:
1. Click System Preferences  click Security  click
Firewall
2. Click the Lock Icon to make changes
3. If prompted, type the admin userid and password
4. By default, the firewall allows all incoming
connections, change the option by clicking the
second option (Allow only essential services) or
third option (Set access for specific services and
applications)
5. Choose which application(s) you want the firewall
to allow and which to block
6. Click the lock icon to prevent further changes and
close the Security window

Resources on the Internet for
Computer Security
72
Internet Fraud Complaint
Center (IC3)
http://www.ic3.gov
TECS: The Encyclopedia of
Computer Security
http://www.itsecurity.com
Virus Bulletin
http://www.virusbtn.com
CYBERCRIME
http://www.cybercrime.gov
Common Vulnerabilities
and Exposures
http://www.cve.mitre.org
Windows Security Guide
http://www.winguides.com
Stay Safe Online
http://www.staysafeonline.org
Macintosh Security Site
http://www.securemac.com

 Microsoft Security Essentials provides real‐time protection for the PC that guards
 Windows Defender helps to protect the system against pop‐ups, slow performance,
 Attackers discover new vulnerabilities and bugs to exploit in computer software
 Software vendors usually develop patches to address the problems
 Encryption is the process of converting data into a secret code
 Regularly update the operating system and other applications
 Windows System Restore is used to return one’s computer to an earlier state in
case of a system failure or other major problem with the system
Module Summary
against viruses, spyware, and other malicious software
73
and security threats

Operating Systems Security Checklist
Regularly update the operating system and other applications
Install antivirus software and scan the system regularly
Do not open any email from unknown senders
Perform an antivirus scan while downloading
74
Lock the system when not in use
Physically secure the system from unauthorized access
Enable firewall protection and configure all the computer settings for
high security
Use strong passwords, at least eight characters long, containing both
letters and numbers

Operating Systems Security Checklist
Configure antivirus to check all mediums (CD‐ROMs, email, websites,
downloaded files, etc.,) for viruses
Delete the Internet history files, logs, and personal files
Make backups of important data and store them safely
Disable or limit the number of unnecessary accounts
Use encryption to enhance privacy
Keep up‐to‐date with hotfixes and service packs
Disable AutoRun for the DVD/CD‐ROM
75
Secure the wireless network

Windows 7 Security Checklist
User Account Control asks for permission before installing software or opening certain kinds of
programs that could potentially harm your computer or make it vulnerable to security threats
Use Windows Defender to help prevent spyware and other potentially unwanted software
from being installed on the computer automatically
Back up your files and settings regularly so that if you get a virus or have any kind of
hardware failure, you can recover your files
Set Windows Update to download and install the latest updates for the computer
automatically
Windows Firewall can help prevent hackers and malicious software, such as viruses,
from gaining access to your computer through the Internet
Use Action Center to make sure the firewall is ON, antivirus software is up to date, and
the computer is set to install updates automatically
76

MAC OS Security Checklist
Set parental controls for managed accounts and Use Password Assistant
to generate complex passwords
Securely configure Accounts preferences and Date & Time preferences
Create an administrator account and a standard account for each
administrator
Securely erase the Mac OS X partition before installation
Install Mac OS X using Mac OS Extended disk formatting
Create keychains for specialized purposes
Securely configure Security preferences
77

OSSEC Windows OS Security

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to OSSEC Windows OS Security

Similar to OSSEC Windows OS Security (20)

OSSEC Windows OS Security