Bobby McConnell Matt Mewborn Challenges in Securing Windows
WINDOWS SECURITY <ul><li>Survival Rate of a windows machine is between 30-45 minutes. </li></ul><ul><li>On average Linux i...
Port Scanning <ul><li>Hackers Use port scanners to find open ports on systems. </li></ul><ul><li>Over 1 Billion port scans...
IP Spoofing <ul><li>IP spoofing occurs when an attacker fakes their IP address so the receiver thinks it is sent from a lo...
Source Routing <ul><li>Source routing is an IP option that directs incoming and outgoing packets. </li></ul><ul><li>Result...
Man In The Middle <ul><li>Attacker finds open connections in your network that causes: </li></ul><ul><li>Clients are at ri...
DNS Poisoning <ul><li>Defenses </li></ul><ul><li>Use updated DNS </li></ul><ul><li>Separate DNS Servers </li></ul><ul><li>...
Password Cracking <ul><li>Ways To Crack </li></ul><ul><li>Guessing- simply guess the password </li></ul><ul><li>Brute Forc...
Password Guidelines <ul><li>Minimum length of at least seven characters  </li></ul><ul><li>Must include both upper and low...
Virus <ul><li>A computer virus is a malicious program that generally copies itself in order to gain access to other locati...
Trojan Horse <ul><li>A Trojan Horse is a program in which malicious or harmful code is hidden in seemingly friendly softwa...
Worms <ul><li>A computer worm is used to: use bandwidth in a network, deliver a payload to destroy a network, or gain acce...
Defenses for Windows <ul><li>Firewall </li></ul><ul><li>Anti-Virus software </li></ul><ul><li>Virtual Private Networks (VP...
Credits All information used in this presentation is provided from the paper “ Challenges in Securing Windows”  by: Bobby ...
Upcoming SlideShare
Loading in …5
×

Challenges In Securing Windows

420 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
420
On SlideShare
0
From Embeds
0
Number of Embeds
23
Actions
Shares
0
Downloads
13
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Challenges In Securing Windows

  1. 1. Bobby McConnell Matt Mewborn Challenges in Securing Windows
  2. 2. WINDOWS SECURITY <ul><li>Survival Rate of a windows machine is between 30-45 minutes. </li></ul><ul><li>On average Linux is more secure. </li></ul><ul><li>There is no such thing as a “secure” operating system. </li></ul>
  3. 3. Port Scanning <ul><li>Hackers Use port scanners to find open ports on systems. </li></ul><ul><li>Over 1 Billion port scans are reported every month. </li></ul><ul><li>Those 1 billion reports are reported by only a small portion of internet users. </li></ul><ul><li>Common Ports </li></ul><ul><li>Well Known Ports (0 - 1023) </li></ul><ul><li>Registered Ports (1024 - 49151) </li></ul><ul><li>Dynamic and/or Private Ports (49152 - 65535) </li></ul>
  4. 4. IP Spoofing <ul><li>IP spoofing occurs when an attacker fakes their IP address so the receiver thinks it is sent from a location that it is not actually from. </li></ul><ul><li>Five Defenses </li></ul><ul><li>Key Based authentication </li></ul><ul><li>Deny private IP addresses </li></ul><ul><li>Filter inbound/outbound traffic </li></ul><ul><li>Routers reject packets outside local network </li></ul><ul><li>Enable encryption </li></ul>
  5. 5. Source Routing <ul><li>Source routing is an IP option that directs incoming and outgoing packets. </li></ul><ul><li>Results </li></ul><ul><li>Control of network clients </li></ul><ul><li>Control of network servers </li></ul><ul><li>Access to private information </li></ul><ul><li>Malicious actions possible </li></ul>
  6. 6. Man In The Middle <ul><li>Attacker finds open connections in your network that causes: </li></ul><ul><li>Clients are at risk </li></ul><ul><li>Privacy is violated </li></ul><ul><li>Secure material can be stolen </li></ul><ul><li>Defenses </li></ul><ul><li>Message Encryption </li></ul><ul><li>Strong encryption authentication </li></ul><ul><li>Session checksums and shared secrets </li></ul><ul><li>File encryption </li></ul>
  7. 7. DNS Poisoning <ul><li>Defenses </li></ul><ul><li>Use updated DNS </li></ul><ul><li>Separate DNS Servers </li></ul><ul><li>Restrict Zone Transfers </li></ul><ul><li>Identify transfer sources </li></ul><ul><li>Restrict DNS updates </li></ul><ul><li>Restrict DNS service </li></ul>DNS Poisoning is the sending of falsified DNS to divert traffic to the attackers address instead of the correct one.
  8. 8. Password Cracking <ul><li>Ways To Crack </li></ul><ul><li>Guessing- simply guess the password </li></ul><ul><li>Brute Force- try every possible solution </li></ul><ul><li>Dictionary- Use common words </li></ul><ul><li>Defense </li></ul><ul><li>The only defense is a strong password such as: Dit2kuwt6pp! </li></ul>
  9. 9. Password Guidelines <ul><li>Minimum length of at least seven characters </li></ul><ul><li>Must include both upper and lower case characters </li></ul><ul><li>Must include numeric characters </li></ul><ul><li>Must include punctuation </li></ul>
  10. 10. Virus <ul><li>A computer virus is a malicious program that generally copies itself in order to gain access to other locations on local networks. </li></ul>The best defense is anti-virus software
  11. 11. Trojan Horse <ul><li>A Trojan Horse is a program in which malicious or harmful code is hidden in seemingly friendly software. This in return gives a hacker access to your machine </li></ul>
  12. 12. Worms <ul><li>A computer worm is used to: use bandwidth in a network, deliver a payload to destroy a network, or gain access to email and other data for personal gain. </li></ul>
  13. 13. Defenses for Windows <ul><li>Firewall </li></ul><ul><li>Anti-Virus software </li></ul><ul><li>Virtual Private Networks (VPN) </li></ul><ul><li>Anti-Spyware software </li></ul><ul><li>Strong passwords </li></ul><ul><li>Informed Users </li></ul>
  14. 14. Credits All information used in this presentation is provided from the paper “ Challenges in Securing Windows” by: Bobby McConnel & Matt Mewborn All outside sources are cited in that paper.

×