1 security & ms windows by matthew cook loughborough university
Post on 19-Dec-2015
213 views
TRANSCRIPT
![Page 1: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/1.jpg)
1
Security & MS WindowsSecurity & MS Windows
by Matthew Cook
Loughborough Universityhttp://www.escarpment.net/
![Page 2: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/2.jpg)
2
Security & MS Windows
Physical Security Password Security Security Holes Windows Desktop Security Windows NT Security Demonstration Questions and Answers
![Page 3: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/3.jpg)
3
Physical Security
"The only system which is truly secure is one which is switched off and unplugged, locked in a titanium lined safe, buried in a concrete bunker, and is surrounded by nerve gas and very highly paid armed guards. Even then, I wouldn't stake my life on it."
Gene Spafford
![Page 4: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/4.jpg)
4
Physical Security
Secure Location BIOS restrictions Password Protection Boot Devices Case Locks Case Panels
![Page 5: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/5.jpg)
5
Password Security
The object when choosing a password is to make it as difficult as possible for a cracker to make educated guesses about your chosen password. This leaves them no alternative but a brute-force search, trying every possible combination of letters, numbers, and punctuation.
![Page 6: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/6.jpg)
6
Password Security
Do not use your login name in any form Do not use your first or last name Do not use your spouse’s or child’s name Do not use your Car Registration etc. Do not use a dictionary based password Do not use a password shorter that 7 chars Do not write it on ‘post-it’ notes
![Page 7: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/7.jpg)
7
Password Security
Use a password with mixed-case characters Use a password with a mix of alpha-
numerics and punctuation Use a password that is easy to type to avoid
‘Shoulder Surfers’ Use the first letters from song titles, song
lyrics or film quotations
![Page 8: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/8.jpg)
8
Security Holes
Threats Denial of Service Theft of information Modification Fabrication (Spoofing or Masquerading)
![Page 9: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/9.jpg)
9
Security Holes
Physical Security Holes Software Security Holes Incompatible Usage Security Holes Social Engineering Complacency
![Page 10: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/10.jpg)
10
Windows Desktop Security
Advice for 9x system users:
Upgrade to Windows NT or another OS Do not run ‘File and Print sharing’ Do not run ‘Personal Web Services’ Remove *.pwl files
![Page 11: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/11.jpg)
11
Windows Desktop Security
Ensure that security updates are installed:
http://www.microsoft.com/windows95/downloads/
Microsoft Security Notification Service
http://www.microsoft.com/technet/security/notify.asp
![Page 12: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/12.jpg)
12
Windows NT Security
NT Server version 4.0 SP3 appears to provide the range of features and capabilities necessary to support a wide range of business and government tasks in a secure, reliable fashion.
Microsoft 1999
Now for the truth . . . .
![Page 13: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/13.jpg)
13
Windows NT Security
Out of the box Windows NT is a securitytime bomb waiting to explode.
Making Windows NT secure is only achievable by filling all the holes left
by the installation.
![Page 14: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/14.jpg)
14
Windows NT Security
Ten steps to NT Security
1. Secure System (Physical)
2. Install Service Packs and Hot fixes
3. NTFS
4. Admin Account
5. Permissions
![Page 15: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/15.jpg)
15
Windows NT Security
Ten steps to NT Security (cont . . .)
6. Lockouts and Logging
7. Securing the Registry
8. Services and Networking
9. Audits
10. Stay Aware
![Page 16: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/16.jpg)
16
Windows NT Security
1. Secure System (Physical) Install in location Disconnect network Set BIOS boot device ordering Set BIOS administrator password Secure case
![Page 17: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/17.jpg)
17
Windows NT Security
2. Install Service Packs and Hotfixes Assess the security issues in all new service
packs Assess the security issues in the post service
pack hotfixes Currently Microsoft have released Service
Pack 6a and five hot fixes
![Page 18: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/18.jpg)
18
Windows NT Security
3. NTFS Convert your discs to NTFS Provides file based security
From a DOS prompt:
CONVERT drive: /FS:NTFS [/V]
![Page 19: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/19.jpg)
19
Windows NT Security
Provides file based security
![Page 20: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/20.jpg)
20
Windows NT Security
4. Admin Account Rename the account (passprop.exe) Give administrator NO permissions Set User Rights Policy Use inconspicuous names for all super users
and groups
![Page 21: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/21.jpg)
21
Windows NT Security
Set User Rights Policy
![Page 22: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/22.jpg)
22
Windows NT Security
5. Permissions Remove the ‘Everyone Group’ Introduce strong permissions Careful use of the System ‘special user’
![Page 23: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/23.jpg)
23
Windows NT Security
Remove the ‘Everyone Group’
![Page 24: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/24.jpg)
24
Windows NT Security
6. Lockouts and Logging Set lockout limits (3 attempts) Set activation by administrators only
Policy menu in User Manager allows the setting of security policies
![Page 25: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/25.jpg)
25
Windows NT Security
AccountPolicy
![Page 26: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/26.jpg)
26
Windows NT Security
7. Securing the Registry Secure registry keys to prevent interactive
users changing the registry Prevent viewing of sensitive registry keys
Altering settings to prevent security holes such as null password authentication
![Page 27: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/27.jpg)
27
Windows NT Security
Registry Security
![Page 28: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/28.jpg)
28
Windows NT Security
8. Services and Networking Remove unnecessary Services Remove all unnecessary networking
bindings Set IP based packet filtering
![Page 29: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/29.jpg)
29
Windows NT Security
Set IP based packet filtering
![Page 30: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/30.jpg)
30
Windows NT Security
9. Audits Use 3rd party software to analyse your
machine for security holes Set Audit options in User Manager Ask another IT administrator to audit your
machine
![Page 31: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/31.jpg)
31
Windows NT Security
Audit Policy
![Page 32: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/32.jpg)
32
Windows NT Security
10. Stay Aware Microsoft Security Notification Servicehttp://www.microsoft.com/technet/security/notify.asp Computing Journals Colleagues
![Page 33: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/33.jpg)
33
Windows NT Security
C2 Configuration
C2 security is the highest government rating for business computing products; it requires
the system to have discretionary resource protection and auditing capability.
![Page 34: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/34.jpg)
34
Windows NT Security
C2 Configuration
![Page 35: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/35.jpg)
35
Windows NT Security
C2 to B2 of US TCSEC or Orange Book Completed in Dec 1996 by Trusted Systems
Services Inc The study is available online:
http://www.trustedsystems.com/
TCSEC – Trusted Computer System Evaluation Criteria
![Page 36: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/36.jpg)
36
Windows NT Security
Security Configuration Manager Automatically Secures your system Uses Microsoft Management Console Available for download from Microsoft
http://www.microsoft.com/NTServer/nts/
downloads/recommended/scm/
![Page 37: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/37.jpg)
37
Windows NT Security
Security Configuration Manager
![Page 38: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/38.jpg)
38
Windows 2000
Still in evaluation stages Many security holes (Telnet Server) Principals for NT can be applied Has at least 58 vulnerabilities already
![Page 39: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/39.jpg)
39
Security & MS Windows
![Page 40: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/40.jpg)
40
Security & MS Windows
Operating System # Vulnerabilities
Windows NT 4.0 71
Windows 2000 58
RedHat Linux 6.2 i386 34
Windows ’98 31
Windows ’95 28
Debian Linux 2.1 16
S.U.S.E Linux 6.3 15
![Page 41: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/41.jpg)
41
Security & MS Windows
Demonstration
![Page 42: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/42.jpg)
42
Security & MS Windows
Questions and Answers
![Page 43: 1 Security & MS Windows by Matthew Cook Loughborough University](https://reader038.vdocuments.net/reader038/viewer/2022110322/56649d385503460f94a118a5/html5/thumbnails/43.jpg)
43
Bibliography
Jim Alves-Foss, University of Idaho Gene Spafford, National Security Institute David A. Curry, National Security Institute http://www.securityfocus.com/ http://www.microsoft.com/ http://www.trustedsystems.com/