Professional Documents
Culture Documents
Tεχνικό Eγχειρίδιο Ασφαλούς Ρύθμισης & Χρήσης PC
Tεχνικό Eγχειρίδιο Ασφαλούς Ρύθμισης & Χρήσης PC
Uploaded by
Βοβατζάκης ΓιάννηςCopyright
Available Formats
Share this document
Did you find this document useful?
Is this content inappropriate?
Report this DocumentCopyright:
Available Formats
Tεχνικό Eγχειρίδιο Ασφαλούς Ρύθμισης & Χρήσης PC
Tεχνικό Eγχειρίδιο Ασφαλούς Ρύθμισης & Χρήσης PC
Uploaded by
Βοβατζάκης ΓιάννηςCopyright:
Available Formats
/
1.0 28-01-13
1 144
1.0 28-01-13
..............................................................................................................................................3
................................................3
.....................................................................................................6
- ...........................................................................9
Windows XP....................................................................................................................................9
Windows 7.....................................................................................................................................28
Ubuntu...........................................................................................................................................48
- (Browsers)......................................................................57
Internet Explorer 9.........................................................................................................................57
Firefox............................................................................................................................................65
Chrome...........................................................................................................................................73
Windows 7...................................................................................................80
Tor.................................................................................................................87
(email)....................................................................90
- usb.............................................................................................................93
.............................................................................................................102
Sandboxie.........................................................................................................................................110
/.........................................................................................116
Windows......................................................................................................................................116
Linux............................................................................................................................................134
...........................................................................................................................................143
2 144
1.0 28-01-13
,
. ,
,
, .
,
, .
,
.
,
; :
, ,
.
,
tablet,
, , .
, , ,
.
,
.
(user name)
, :
- ,
( ),
, .
- , Amazon, Walmart, e-Bay,
, .
- , iCloud, Google Drive, Dropbox,
.
- , ,
.
- , ,
(, , , ),
, .
3 144
1.0 28-01-13
- courier, UPS, Fedex,
.
(e-mail)
, :
- ,
, , .
-
(client side attack), .
- , .
- .
- , ,
, , ,
.
- ,
.
- ,
.
- ,
, , .
, ,
, ,
.
(virtual goods)
:
- , on-line
.
-
.
4 144
1.0 28-01-13
(botnet -
() )
(trojan) botnet,
:
- , ,
, .
-
(DDOS) , ,
.
-
, ,
.
- ,
(proxy server) ( )
,
.
- CAPTCHA
(), .
:
- ( ) Facebook, Twitter, LinkedIn,, Google+
, .
- (e-mail).
- , Skype, Messenger, Viber
.
,
, ,
:
- .
- ,
5 144
1.0 28-01-13
.
- ,
.
-
.
- .
- (Fake
antivirus).
, ,
:
- (server)
.
- (server) .
- () , , ,
.
, ,
,
.
.
:
(Server Side Exploitation). ,
.
,
,
.
Brute Forcing ( ).
,
(ncrack, Hydra, medusa).
(Client side attack).
6 144
1.0 28-01-13
Browser, email
client, Browser email client.
Social engineering
,
.
.
.
, antivirus firewall
. ,
, antivirus firewall,
(offline updates).
( - bluetooth)
.
, ,
:
1.
(Open Source), (updates).
2.
(Security Updates, Patches, )
.
3.
(Anti-Virus, Firewall AntiSpyware), .
4.
(Passwords),
.
5.
/
(Browser) .
6.
( ) - (LinksURLs) EMail Instant Messaging,
.
7.
(url) ,
.
8.
Emails,
.
9.
7 144
1.0 28-01-13
10.
(.. USB
Drives) .
11.
,
(..
Internet).
12.
,
.
13.
, . ,
email, .
14.
( ).
.
,
. ,
.
8 144
1.0 28-01-13
-
Windows XP
Windows XP .
9 144
1.0 28-01-13
windows XP .
Windows XP
service pack 3.
.
Windows XP
, ,
.
DriveImage XML (http://www.runtime.org/driveimage-xml.htm) paragon
(http://www.paragon-software.com/home/br-free/). ,
,
.
.
.
,
. (backup)
ntbackup.exe.
:
start --> run, ntbackup.exe enter.
. (wizard)
.
1 -
10 144
1.0 28-01-13
(password)
.
, ( ,
), 8 ,
, ( ),
.
( 60 ),
30
. : Isx1r0_P@ssW0rd!@#
:
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/enus/usercpl_change_password.mspx?mfr=true
http://en.wikipedia.org/wiki/Password_strength
2 -
11 144
1.0 28-01-13
.
,
. ,
(standard user)
.
administrator
, click
run as administrator
.
administrator.
, ,
.
.
,
laptop
, .
,
,
.
Windows XP EFS
(Encrypting File System),
NTFS.
3 -
Start, All Programs, Accessories,
Windows Explorer. ,
Properties. General,
Advanced. Compress or Encrypt attributes, Encrypt
contents to secure data check box OK. (file)
.
truecrypt. truecrypt,
.
truecrypt
(http://www.truecrypt.org/downloads),
Create Volume TrueCrypt Volume Creation Wizard.
create an encrypted file container,
standard TrueCrypt volume NEXT. Select File
container, save.
(AES), ,
(format).
, .
, select file> mount .
12 144
1.0 28-01-13
4 - TrueCrypt
,
, ,
.
, ,
.
eraser.
(http://www.heidi.ie/eraser/download.php).
5 - Eraser
13 144
1.0 28-01-13
(autorun)
,
(cd, dvd, usb sticks, hards disks), . ,
,
, .
.
start, run, gpedit.msc enter.
Local Computer Policy, Computer Configuration,
(expand) Administrative Templates
System.
settings pane Turn off Autoplay
Properties, Enabled. Turn off Autoplay box All drives
autorun . OK Turn off
Autoplay Properties dialog box. ,
. ,
.
autorun.inf,
.
text editor
6 - autorun.inf
.
(read only)
. file sharing,
, scheduler.
14 144
1.0 28-01-13
file sharing.
: Start, My Computer. Tools menu, Folder
Options . View,
Advanced Settings - Use simple file sharing (Recommended) check
box OK.
7 -
Windows
.
Start, My Computer, Tools menu,
Folder
Options,
View, Advanced Settings
- "Hide extensions for
known file types" check box
OK.
8 -
15 144
1.0 28-01-13
Windows
.
:
Start, My Computer, Tools
menu, Folder Options.
View. Advanced Settings
"Show hidden files and
folders" check box OK.
9 -
(services)
. ,
start,
run,
services.msc
enter.
.
10 -
16 144
1.0 28-01-13
.
telnet, FTP remote desktop,
( back
door).
:
Service Name
Default Startup Type
Alerter
Disabled
Background Intelligent Transfer Service
Manual
ClipBook
Disabled
Computer Browser
Disabled
Error Reporting Service
Disabled
Fast User Switching Compatibility
Disabled
Fax
Disabled
Ftp Publishing Service
Disabled
IIS Admin Service
Disabled
Indexing Service
Disabled
IPv6 Helper Service
Disabled
Messenger
Disabled
NetMeeting Remote Desktop Sharing
Disabled
Network DDE
Disabled
Network DDE DSDM
Disabled
Routing and Remote Access
Disabled
Simple Network Management Protocol
(SNMP) Service
Disabled
Simple Network Management Protocol
(SNMP) Trap
Disabled
SSDP Discovery Service
Disabled
Task Scheduler
Disabled
Telnet
Disabled
Terminal Services
Disabled
Universal Plug and Play Device Host
Disabled
WebClient
Disabled
Wireless Zero Configuration
Disabled
WMI Performance Adapter
Disabled
World Wide Web Publishing Service
Disabled
17 144
1.0 28-01-13
,
.
, BIOS
boot
. ,
, CD, DVD
USB,
.
, ,
screen saver, .
( : http://www.geo.umn.edu/computer/win_password.html).
antivirus anti spyware
.
( ),
, :
- MS Security Essentials (http://windows.microsoft.com/en-US/windows/products/
security-essentials)
- AVG (http://free.avg.com/ww-en/free-antivirus-download)
- AVAST (http://www.avast.com/free-antivirus-download)
On-line
URL (.doc, .xls,
.pdf) ,
(upload) on-line -,
.
:
http://www.virustotal.com
http://virusscan.jotti.org/en
http://vscan.novirusthanks.org/
(.exe),
, , online sandboxes, ,
.
:
http://anubis.iseclab.org/
http://www.threatexpert.com/submit.aspx
http://www.threattrack.com/
http://wepawet.iseclab.org/
18 144
1.0 28-01-13
(scanning)
,
Firewall.
Firewall Windows
.
, laptop
. ,
.
browser
.
,
browser.
11 Firewall
,
LMHASH.
:
start, run, gpedit.msc enter. Local
Computer Policy, Computer Configuration, Windows Settings,
Security Settings, Local Policies, Security Options
.
12 -
19 144
1.0 28-01-13
(policies), Network
security: Do not store LAN Manager hash value on next password change.
Enabled OK.
,
(sandbox), sandboxie
(http://www.sandboxie.com/).
,
sandboxie,
.
sandbox,
browser
.
13 - Sandboxie
,
,
.
, , ,
MD5 Check (http://angusj.com/delphi/md5check_setup.exe),
.
14 - MD5 Check
20 144
1.0 28-01-13
md5, sha1, pgp.
.
PGP
15 -
,
, , ,
. ,
. ,
, .
, exploit
. ,
,
.
secunia Personal Software Inspector (PSI),
(http://secunia.com/vulnerability_scanning/personal/).
,
.
21 144
1.0 28-01-13
windows XP
,
:
start, click my
computer, properties, automatic
updates.
16.1 -
,
,
service pack 3, :
start,
run
winver.exe.
,
service pack 3.
windows updates.
16.2 - Service Pack
, MS Office.
22 144
1.0 28-01-13
16.3 -
,
,
, .
internet explorer
, browser,
.
:
http://technet.microsoft.com/en-us/security/bulletin
http://www.securityfocus.com/
http://en.wikipedia.org/wiki/Exploit_%28computer_security%29
http://www.securiteam.com/
http://www.exploit-db.com/
Log files
windows XP log files,
(System log files), (Application log)
(Security log).
, security loggings.
,
, brute
forcing ( ), :
Control Panel Network Connections
Properties. Advanced
Settings. Advanced Security
Logging Settings. Log Settings Log
dropped packets Log successfull connections .
.
23 144
1.0 28-01-13
17.1 - Log Files
log entries, Event
Viewer, computer management.
start, run compmgmt.msc Event
Viewer.
17.2 - Log Files
24 144
1.0 28-01-13
:
start, run, cmd.exe enter.
netstat -ano.
task manager
ctrl+alt+del .
18 -
.
25 144
1.0 28-01-13
nslookup ,
domain names IP, :
19 - nslookup
.
IP ,
/ .
.
Microsoft Baseline Security Analyzer
(MBSA).
link: http://technet.microsoft.com/en-us/security/cc184924.
To MBSA 2.2 administrators, security auditors, IT
professionals security vulnerability assessment .
20 - Microsoft Baseline Security Analyzer (MBSA)
26 144
1.0 28-01-13
.
, ,
, .
.
Virtualbox,
. XP
virtualbox windows XP,
. ,
, snapshot.
(https://www.virtualbox.org/wiki/Downloads).
HIDS (Host Intrusion Detection System)
HIDS (http://en.wikipedia.org/wiki/Host-based_intrusion_detection_system),
.
HIDS (Host-based Intrusion Detection System), ossec
zone alarm.
http://www.ossec.net/main/downloads
http://www.zonealarm.com/
, .
,
.
. - ,
.
27 144
1.0 26-02-13
Windows 7
Windows 7
28 144
1.0 26-02-13
Windows 7
User Account Control
User Account Control (UAC)
,
.
,
.
1.1 - User Account Control (UAC)/
1.2 - User Account Control (UAC)/
BitLocker Drive Encryption
BitLocker
. BitLocker Windows 7,
BitLocker To Go .
BitLocker ,
BitLocker Drive Encryption
29 144
1.0 26-02-13
.
Windows 7
, ,
.
Backup And Restore
.
Start, Control Panel, System and Security, Backup and Restore
Setup Backup.
2 - .
Set up backup
.
.
DriveImage
XML
(http://www.runtime.org/driveimage-xml.htm) paragon (http://www.paragonsoftware.com/home/br-free/).
,
,
.
30 144
1.0 26-02-13
.
,
.
,
Recovery
(Start, Control Panel,
All
Control
Panel
Items, Recovery)
Open
System Restore
.
3 - .
(password)
. , (
, ), 8 ,
, ( ),
.
( 60 ),
3
30 . : Isx1r0_P@ssW0rd!@#
:
http://windows.microsoft.com/en-US/windows-vista/Change-your-Windows-password
http://en.wikipedia.org/wiki/Password_strength
4
31 144
1.0 26-02-13
.
,
.
,
(standard user)
.
(. User Account Control)
administrator ,
run as administrator,
.
administrator.
, ,
.
5
.
, laptop ,
.
, ,
.
Windows XP
EFS (Encrypting File System),
(format) NTFS.
Start, All Programs,
Accessories, Windows Explorer.
,
Properties. General,
Advanced.
Compress or Encrypt attributes,
Encrypt contents to
secure data check box
OK. (file)
.
6 Advanced Attributes
32 144
1.0 26-02-13
truecrypt. truecrypt,
.
truecrypt (http://www.truecrypt.org/downloads),
Create Volume TrueCrypt Volume Creation Wizard.
create an encrypted file container, standard TrueCrypt
volume NEXT. Select File
container, save.
(AES), ,
(format). ,
.
, select file> mount .
7 - TrueCrypt
BitLocker Drive Encryption
BitLocker
. ,
. Ultimate Enterprise
Windows 7. T BitLocker To Go Windows 7
,
flash USB .
33 144
1.0 26-02-13
8 - BitLocker
,
,
.
,
, .
eraser.
(http://www.heidi.ie/eraser/download.
php).
9 Eraser ( )
(autorun)
,
(cd, dvd, usb sticks, hards disks), . ,
, ,
.
.
start, gpedit.msc
34 144
1.0 26-02-13
enter. Local Computer Policy, Computer Configuration,
Administrative Templates, Windows Components AutoPlay
Policies.
settings panel Turn off Autoplay
Edit. Turn off Autoplay box Enabled
autorun. Options All drives
. OK Turn off Autoplay Properties dialog box.
,
. , .
autorun.inf,
.
text editor (.. notepad)
.
autorun.inf:
[AutoRun]
shellexecute=\path\to\infected.exe
UseAutoPlay=1
10 autorun.inf
.
(read only)
.
file sharing,
, scheduler.
file sharing.
Organize Folder and Search
Options. .
View, Advanced Settings
-
Use
Sharing
Wizard
(Recommended) OK.
11
35 144
1.0 26-02-13
Windows .
Organize Folder and
Search Options.
. View,
Advanced Settings - "Hide
extensions for known file types" check box
OK.
12
Windows
.
Organize Folder and
Search Options.
. View,
Advanced Settings "Show hidden
files, folders and drives" check box OK.
13
(services)
. ,
.
36 144
1.0 26-02-13
:
start, run, services.msc enter.
.
14.1 -
.
telnet, FTP remote desktop,
( back door).
:
Service Name
Default Startup Type
Background Intelligent Transfer Service
Manual
Computer Browser
Disabled
IPv6 Helper Service
Disabled
Media Center Extender Service
Disabled
Net.Tcp Port Sharing Service
Disabled
Remote Desktop Configuration
Disabled
Remote Desktop Services
Disabled
Remote Desktop Services UserMode Port
Disabled
Redirector
37 144
1.0 26-02-13
Service Name
Default Startup Type
Remote Procedure Call (RPC) Locator
Disabled
Routing and Remote Access
Disabled
Simple Network Management Protocol
(SNMP) Trap
Disabled
SSDP Discovery
Disabled
Task Scheduler
Disabled
TCP/IP NetBIOS Helper
Disabled
UPnP Device Host
Disabled
WebClient
Disabled
WMI Performance Adapter
Disabled
,
.
, BIOS
boot . ,
, CD, DVD USB,
.
, ,
screen saver, .
:
http://windows.microsoft.com/en-US/windows-vista/Use-your-Windows-password-for-yourscreen-saver-password
antivirus anti spyware
.
( ),
, :
MS Security Essentials (http://windows.microsoft.com/en-US/windows/products/securityessentials)
AVG (http://free.avg.com/ww-en/free-antivirus-download)
AVAST (http://www.avast.com/free-antivirus-download)
On-line
URL (.doc, .xls, .pdf)
,
(upload) on-line -,
. :
38 144
1.0 26-02-13
http://www.virustotal.com
http://virusscan.jotti.org/en
http://vscan.novirusthanks.org/
(.exe),
, , online sandboxes, ,
. :
http://anubis.iseclab.org/
http://www.threatexpert.com/submit.aspx
http://www.threattrack.com/
http://wepawet.iseclab.org/
(scanning)
,
Firewall.
Firewall Windows .
,
laptop
. ,
.
browser
.
,
browser.
/
.
14 Windows Firewall
,
LMHASH.
: start, run,
gpedit.msc enter. Local Computer Policy,
Computer Configuration, Windows Settings, Security Settings, Local Policies,
Security Options .
39 144
1.0 26-02-13
15 Local Group Policy Editor
(policies), Network
security: Do not store LAN Manager hash value on next password change.
Enabled OK.
.
,
(sandbox), sandboxie
(http://www.sandboxie.com/).
16 - Sandboxie
40 144
1.0 26-02-13
, sandboxie,
. sandbox, browser
.
.
,
,
.
,
,
, MD5 Check
(http://angusj.com/delphi/md5check_setup.
exe),
.
17 MD5 Check
md5, sha1, pgp.
.
PGP
18
41 144
1.0 26-02-13
, ,
, ,
. ,
. , ,
.
, exploit .
, ,
.
Secunia , Personal Software Inspector (PSI),
(http://secunia.com/vulnerability_scanning/personal/). ,
.
Windows 7 ,
: start, All Programs, Windows Update.
19 Windows Update
42 144
1.0 26-02-13
, service pack 1, Windows 7 :
start, winver.exe.
20 winver.exe
,
service pack 1.
windows updates Microsoft.
, MS Office.
21 MS Office/Check for updates
43 144
1.0 26-02-13
,
, .
internet explorer
,
browser, .
:
http://technet.microsoft.com/en-us/security/bulletin
http://www.securityfocus.com/
http://en.wikipedia.org/wiki/Exploit_%28computer_security%29
http://www.securiteam.com/
http://www.exploit-db.com/
Log files
Windows 7 log files,
(System log files), (Application log), (Security
log).
, security loggings.
,
, brute
forcing ( ), :
Start wf.msc Windows Firewall with
Advanced Security. Windows Firewall With Advanced Security on Local Computer
Properties .
22 Windows Firewall With Advanced Security on Local Computer
44 144
1.0 26-02-13
customize
Logging.
log files .
logging
drop down menus (Log
dropped packets & Log Successful connections)
Yes.
.
23 Customize Logging Settings
log entries, Event
Viewer. start event viewer.
24 Event Viewer
:
start, run, cmd.exe enter.
netstat -ano.
task manager
ctrl+alt+del. .
45 144
1.0 26-02-13
25
.
nslookup , domain names IP,
:
26 nslookup
. IP
, /
.
.
Microsoft Baseline Security Analyzer
(MBSA).
link: http://technet.microsoft.com/en-us/security/cc184924
46 144
1.0 26-02-13
To MBSA 2.2 administrators, security auditors, IT
professionals security vulnerability assessment .
27 Microsoft Baseline Security Analyzer (MBSA)
.
, ,
, .
.
Virtualbox,
. Windows 7
virtualbox Windows 7,
. ,
, snapshot.
https://www.virtualbox.org/wiki/Downloads
HIDS (Host Intrusion Detection System)
HIDS (http://en.wikipedia.org/wiki/Host-based_intrusion_detection_system),
.
HIDS (Host-based Intrusion Detection System), ossec
zone alarm.
http://www.ossec.net/main/downloads
http://www.zonealarm.com/
, .
,
.
. - ,
.
47 144
1.0 26-02-13
Ubuntu
Ubuntu 12.10.
:
1.
2.
3.
4.
5.
Firewall
6.
HIDS
7.
(Shared memory)
8.
9.
10.
11.
12.
Amazon
13.
chkrootkit rkhunter
14.
Boot up Manager
15.
Apparmor
16.
Clamav
48 144
1.0 26-02-13
ubuntu 12.10.
1.
,
sudoers. H ( username
testuser):
:
sudo useradd -d /home/testuser -m testuser
:
sudo passwd testuser
X display manager for login interfaces., which replaced the old GDM (Gnome Displ
,
root .
root, :
su (username sudoer)
:
sudo -s
2.
(http://en.wikipedia.org/wiki/Password_strength)
: Isx1r0_P@ssW0rd!@#
3.
, , home folder.
49 144
1.0 26-02-13
, home folder
:
ecryptfs-utils :
apt-get install ecryptfs-utils
:
sudo ecryptfs-migrate-home -u USERNAME
username username home
folder. login.
truecrypt (http://www.truecrypt.org)
, openpgp (GNUPG).
4.
,
. updates
upgrades, :
. DASH Home update manager, settings,
updates .
50 144
1.0 26-02-13
repositories .
. , google.
5.
firewall
Ubuntu ufw (Uncomplicated Firewall).
UFW. .
.
ubuntu software
center (search) ufw, Firewall
Configuration.
51 144
1.0 26-02-13
ufw.
DASH Home Firewall Firewall configuration.
ufw
.
52 144
1.0 26-02-13
.
.
Firewall, .
:
FTP, HTTP,HTTPS,CUPS,SMTP,IMAP,DNS,NTP
:
Outgoing DENY
+
UDP
simple allow out udp 53, .
UFW UBUNTU 12.10.
53 144
1.0 26-02-13
6.
Host IDS (Host Intrusion Detection
System). OSSEC. OSSEC Open Source Host-based Intrusion
Detection System. log analysis, file integrity checking, policy
monitoring, rootkit detection, real-time alerting active response.
. :
sudo apt-get install build-essential
http://www.ossec.net/
ossec hids agent. , script
(install.sh) ,
. (local) .
:
/var/ossec/bin/ossec-control restart
link.
http://acidborg.wordpress.com/2009/10/08/how-to-install-and-configure-ossec-in-ubuntuserver-9-04/
7.
(Shared memory)
exploits .
.
gksudo gedit /etc/fstab
: tmpfs /dev/shm tmpfs defaults,noexec,nosuid 0 0
:
sudo mount -o remount /dev/shm
8.
:
:
gksudo gedit /etc/sysctl.conf
(
#):
net.ipv4.conf.default.rp_filter=1
net.ipv4.conf.all.rp_filter=1
net.ipv4.conf.all.accept_redirects = 0
net.ipv6.conf.all.accept_redirects = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.all.accept_source_route = 0
net.ipv6.conf.all.accept_source_route = 0
net.ipv4.conf.all.log_martians = 1
:
sudo sysctl -p
9.
shell
shell ( )
(guest account).
54 144
1.0 26-02-13
: backup /etc/passwd
cp -p -a /etc/passwd /etc/passwd-bak
gksudo gedit /etc/passwd
shell ( /bin/sh) /bin/false.
bin:x:2:2:bin:/bin:/bin/sh
bin:x:2:2:bin:/bin:/bin/false
,
sudo sh -c 'echo "allow-guest=false" >> /etc/lightdm/lightdm.conf'
10 . /etc/shadow
backup /etc/shadow
cp -p -a /etc/shadow /etc/shadow-bak
gksudo gedit /etc/shadow
:
passwd -l deamon ( deamon)
.
11.
sudo sh -c 'echo "greeter-show-remote-login=false" >> /etc/lightdm/lightdm.conf'
12.
amazon
sudo apt-get remove unity-lens-shopping
.
13.
chkrootkit rkhunter :
sudo apt-get install chkrootkit rkhunter
:
sudo rkhunter update
chkrootkit rkhunter
(rootkit) linux .
rkhunter :
sudo rkhunter -c
chkrootkit :
sudo chkrootkit
14.
Boot up Manager (bum) :
apt-get install bum
,
. :
sudo bum
BUM
55 144
1.0 26-02-13
. bluetooth services
apply.
15.
(http://en.wikipedia.org/wiki/AppArmor), :
apparmor
sudo aa-status
profiles :
apt-get install apparmor-profiles
:
aa-status apparmor_status
16.
windows ubuntu,
clamav antivirus :
sudo apt-get install clamav
(updates) clamav :
freshclam
, .
,
.
.
- ,
.
56 144
1.0 26-02-13
- (Browsers)
Internet Explorer 9
INTERNET EXPLORER 9 (9)
57 144
1.0 26-02-13
INTERNET EXPLORER 9 (9)
, ,
:
social engineering.
web browser add-ons web
browser.
, cross-site scripting, client side attack.
browser ,
.
browser :
1. (history) browser.
, .
2. , porn
sites, hackers sites .
3. .
4. URL,
site.
5. Auto complete.
6. browser
..
9
. Application Reputation,
.
1 - Application Reputation
. ActiveX Filtering,
ActiveX controls.
.
2 - ActiveX Filtering
SmartScreen Filter, phishing
58 144
1.0 26-02-13
(malware). SmartScreen Filter
,
.
3 - Smartscreen Filter
Tracking Protection.
sites , ,
. Tracking Protection List.
Microsoft :
http://ie.microsoft.com/testdrive/Browser/TrackingProtectionLists/
4 - Tracking Protection
cross-site scripting
.
59 144
1.0 26-02-13
Compatibility View
,
IE 9. ,
(Compatibility View), .
5 - Compatibility View
(history)
Tools button , Safety,
Delete browsing history.
Delete.
6 - (history)
InPrivate Browsing
60 144
1.0 26-02-13
9 (browsing history,
temporary Internet files, form data, cookies, user names, passwords)
InPrivate Browsing. :
Tools button , Safety,
InPrivate Browsing.
7 - InPrivate Browsing
, InPrivate Browsing
.
Check this website
, IE9
.
H
:
Tools
button , Safety,
Check this website.
8 - Check this website
Smart Screen Filter
To SmartScreen Filter 9
phishing websites (downloading)
(malicious software).
SmartScreen Filter, ,
:
61 144
1.0 26-02-13
Tools button , Safety,
Turn Off SmartScreen Filter.
.
9 - Smart screen filter
Microsoft .
:
Internet. websites,
Local intranet, Trusted,
Restricted site.
Local intranet. websites
(corporate or business network).
Trusted sites. websites
.
Restricted sites. websites
.
9
:
10.1
Tools button
Internet options.
Security
. internet medium-high
( 101). trusted sites medium ( 10.2).
62 144
1.0 26-02-13
10.2 -
restricted
sites
high,
10.3.
10.3 -
9 , .
.
, 9,
.
:
Tools button
Internet options.
Programs set programs. ,
( 11).
63 144
1.0 26-02-13
11 -
Auto Complete
Auto Complete
URL
username/
password
.
.
Auto Complete
:
Tools button
, Internet
Options. Content
Auto Complete Settings.
checkboxes .
12 - Auto Complete
Internet Explorer.
64 144
Firefox
FIREFOX
65 144
1.0 26-02-13
1.0 26-02-13
FIREFOX
, ,
:
social engineering.
web browser add-ons web
browser.
, cross-site scripting, client side attack.
browser ,
.
browser :
1. (history) browser.
, .
2. ,
porn sites, hackers sites .
3. .
4. URL,
site.
5. Auto complete.
6. browser
.
Firefox :
Firefox Options.
(General)
,
. ,
.
1 Options
66 144
1.0 26-02-13
(Content)
java script.
, sites
.
java script.
, ,
javascript
add on noscript,
javascript .
no script http://noscript.net/
, popup windows .
2 - Options/Content
(applications).
firefox
,
flash videos.
, ,
video vlc player
(vulnerability),
player, .
3 Options/Applications
67 144
1.0 26-02-13
(privacy)
Firefox .
,
, .
(Form
History) URL
username
,
.
.
4 - Options/Privacy
(security)
checkboxes:
- Warn me when sites try to install add-ons
(
)
- Blocked reported attack sites (
)
- Block reported web forgeries (
)
checkbox Remember passwords for sites (
),
master password.
5 Options/Security
68 144
1.0 26-02-13
(Advanced)
,
browser
,
.
:
-Use hardware acceleration when available
( hardware,
)
-check my spelling as type (
)
6 - Options/Advanced/General
(Network)
Firefox
. proxy server
. proxy provider
.
(cache).
,
(Offline web content and user data). checkbox
(Tell
me when a website asks to store data for offline use).
69 144
1.0 26-02-13
7.1 - Options/Advanced/Network
(Updates)
browser.
7.2 - Options/Advanced/Update
70 144
1.0 26-02-13
(Encryption)
ssl 3
tls1. ,
(certificates)
.
7.3 - Options/Advanced/Encryption
Private Browsing
Firefox (browsing history,
temporary Internet files, form data, cookies, user names, passwords)
Start Private Browsing. Tools.
8.1 - Private Browsing
71 144
1.0 26-02-13
, Firefox
Private Browsing.
8.2 - Private Browsing
Start Private Browsing .
.
8.3 - Private Browsing
Security add ons
,
(add-ons) , .
noscript, ,
:
https://addons.mozilla.org/en-us/firefox/extensions/privacy-security/?sort=users
.
Firefox.
72 144
1.0 26-02-13
Chrome
GOOGLE CHROME
73 144
1.0 26-02-13
GOOGLE CHROME
, ,
:
social engineering.
web browser add-ons web
browser.
, cross-site scripting, client side attack.
browser ,
.
browser :
1. (history) browser.
, .
2. ,
porn sites, hackers sites .
3. .
4. URL,
site.
5. Auto fill.
6. browser
.
. O Chrome
, .
(history)
Tools, Clear Browsing Data .
74 144
1.0 26-02-13
1.1 - (history)
, ,
.
1.2 - (history)-
75 144
1.0 26-02-13
cookie
cookies
Chrome. cookies ,
. cookies
,
. cookies
Chrome :
, Settings, Under the Hood Content
Settings.
.
76 144
1.0 26-02-13
New Incognito Window
Chrome (browsing history,
temporary Internet files, form data, cookies, user names, passwords)
New Incognito Window.
:
, Tools,
New Incognito Window
.
Windows 7 3
(Safe Browsing)
Chrome
"" (phishing).
"" (phishing)
, . ,
,
.
Safe Browsing Chrome
'' '' ,
.
77 144
1.0 26-02-13
4
Safe Browsing Chrome
:
, Settings, Under the Hood Privacy
Enable phishing and malware protection
.
5 Safe Browsing
Sandboxing
Chrome Sandboxing
78 144
1.0 26-02-13
.
,
.
Windows 7
Google Chrome.
79 144
Windows 7
Windows 7
80 144
1.0 26-02-13
1.0 26-02-13
Windows 7.
windows 7. Firewall,
.
.
:
firewall
firewall
firewall
,
Internet , ,
, . 4
, .
, , , domain.
,
.
, worm
worm
: Microsoft, FAQ Firewall
: http://windows.microsoft.com/el-GR/windows7/Firewall-frequently-askedquestions
firewall
, firewall
. internet security
antivirus.
, :
1.
Windows
, ,
.
.
81 144
1.0 26-02-13
2. Windows.
3. ,
Windows.
,
.
,
Windows ( ),
.
82 144
1.0 26-02-13
Windows
, Windows
.
,
. ,
Windows.
( ).
,
,
Internet .
,
worm Internet. ( ).
Windows
83 144
1.0 26-02-13
, Windows . (
).
Windows ( )
,
.
Windows, ( , ) .
: Microsoft, Windows
: http://windows.microsoft.com/el-GR/windows7/Understanding-Windows-Firewallsettings#section_1
: http://windows.microsoft.com/el-GR/windows7/Understanding-Windows-Firewall-settings
,
,
. ,
.
1.
Windows
, ,
.
.
2.
.
3.
Windows , .
84 144
1.0 26-02-13
4. ,
:
.
().
85 144
1.0 26-02-13
5. ,
.
, .
.
.
86 144
1.0 26-02-13
Tor
H TOR
87 144
1.0 26-02-13
H TOR
-
,
.
.
Tor
To Tor ( The onion router)
. Tor
.
Tor ,
, ,
,
,
.
Tor
Onion routing
:
,
Tor,
.
. ,
1.
1 Tor
Tor
Tor .
https://www.torproject.org/download/download.html.en.
88 144
1.0 26-02-13
Tor
Tor, Windows
Start Tor Browser.
Linux ,
(
root!) # ./start-tor-browser.
Tor,
( 2)
,
3,
.
(browser)
(www).
2 Tor
( ),
.
3 Tor
,
. ,
.
89 144
1.0 26-02-13
(email).
email
1. email client.
2. .
3. email client
antivirus
email.
email, :
1. .
PDF, DOC, XLS, RTF
.
2. exploit email client.
email exploit
email client email client.
3. HTML mail scripts.
email client,
html .
4. .
email
client side attack.
email .
1. email client
. Trust Center microsoft Outlook 2007-2010
, Microsoft.
2. email
3. spam filterinq
4. antivirus email
5. .
6. email.
7. email.
90 144
1.0 26-02-13
8. email attachments :
(.bat, .chm, .cmd, .com, .exe, .hta, .ocx, .pif, .scr, .shs, .vbe, .vbs, or .wsf).
9. email, BCC (Blind Carbon Copy),
.
10. email .
- free email services.
. :
1.
, browser.
2.
, antivirus, antispam.
. :
1. , .
2. , , .
3. , ssl .
spam email:
1. email .
2. email, (private
policies).
3. ,
email.
4. spam .
5. spam email .
6. spam .
7. html .
8. email, spam.
9. email
.
10. spam email.
O Outlook email client 2007 2010 trust center,
.
Trust center Outlook .
File ---> options trust center
.
91 144
1.0 26-02-13
.
1. activeX, .
2. Internet Zone.
3. Trusted Center
4. preview emails.
5. junk filter.
92 144
1.0 26-02-13
- usb
(USB Flash Drives)
Windows XP
USB (USB Flash Drives)
(
)
. , USB Flash Drives
/
(Malware).
/ ,
. , /
Malware.
/ .
/ Windows.
/
USB Flash Drives Windows XP.
(3) :
1.
Antivirus -
USB .
2.
(Autorun) Windows.
3.
:
.
.
.
.
.
.
USB
:
1.
o USB
( )
Autorun (E 1 2).
1.
93 144
1.0 26-02-13
2.
( 1)
autorun USB
autorun.inf
/ .
(E 2) autorun
autorun.inf,
.
malware.
2.
(Autorun)
Windows. Autorun :
.
Start --> Run, Gpedit.msc Enter.
.
Local Group Policy, (expand) Computer
Configuration, Administrative Templates click
System.
.
Settings click Turn off Autoplay,
click Properties.
.
click Enabled, All drives
Turn off Autoplay Autorun (drives).
.
click OK Turn off Autoplay
Properties.
.
(Restart) /.
3.
USB (
autorun) Open ( 3).
94 144
1.0 26-02-13
3. USB
4.
malware. ( .exe, .com,
.dll, .scr). , autorun.inf.
autorun. notepad
(path) .
autorun.inf.:
[AutoRun]
shellexecute=\RECYCLER\virus.exe
UseAutoPlay=1
(virus) RECYCLER
USB virus.exe ( 4).
95 144
1.0 26-02-13
E 4. USB
RECYCLER.
,
(Show hidden files and
folders). ( 5):
5. &
96 144
1.0 26-02-13
5.
, .
Tools --> Folder Options
View Show hidden files and folders
Hide extensions for known file types Hide protected operating
system files ( 6).
6. & ,
autorun.inf.
USB Shortcut
Virus. : USB ,
, ( )
(Shortcuts)
( 7 8). ( )
,
/.
USB :
1.
Antivirus (updates)
USB.
97 144
1.0 26-02-13
7. USB
8. USB Shortcut Virus
98 144
1.0 26-02-13
9. (Shortcut) .
2.
Open.
, ,
( Antivirus).
Shortcut
( 9).
( 10) ,
Antivirus.
99 144
1.0 26-02-13
10.
3.
, , Start -->
Run cmd.exe Enter.
( ). USB
d, ( 11)
( 12):
attrib -h -r -s /s /d d:\*.*
11.
100 144
1.0 26-02-13
12. USB
101 144
1.0 26-02-13
TrueCrypt
102 144
1.0 26-02-13
TrueCrypt
,
(USB)
,
.
TrueCrypt. truecrypt, ,
.
truecrypt
,
:
http://www.truecrypt.org/downloads
TrueCrypt.exe
, .
1
1 Create Volume
.
103 144
1.0 26-02-13
2
.
, partition,
usb flash disk.
, partition
.
,
.
Create an encrypted file
container Next.
,
3,
.
Standard TrueCrypt Volume
Next.
3
4 ,
. Select File Next
Windows Explorer 4.
104 144
1.0 26-02-13
4
Windows Explorer
,
Save.
:
, ,
.
,
5.1, Next 5.1,
Next.
105 144
1.0 26-02-13
5.1
5.2 Next
.
Next.
5.2
.
.
, (pass-phrase)
.
106 144
1.0 26-02-13
, (NTFS
) 5.3.1 Format.
5.3.1.
. Exit
5.3.1
5.3.2
.
Select File, 6.1.
Windows Explorer
Open.
107 144
1.0 26-02-13
6.1
6.2 Mount
.
OK.
6.2,
.
6.2
108 144
1.0 26-02-13
.
. My
Computer,
, 6.3.
.
.
6.3
Dismount 7.
, ,
,
. ,
truecrypt .
.
.
.
. , Linux, LUKS
truecrypt .
109 144
Sandboxie
SANDBOXIE
110 144
1.0 26-02-13
1.0 26-02-13
SANDBOXIE
T sandbox - ,
() ,
.
. ,
browser, ,
.
, sandbox
, ,
.
( ),
, sandbox,
. , sandbox
.
sandbox.
sandboxie [http://www.sandboxie.com/],
.
Sandboxie .
1 Sandboxie
(sandboxieinstaller.exe)
, .
.
111 144
1.0 26-02-13
System Tray.
, Sandboxie
Control.
3 System Tray
4 Sandboxie Control
' file
manager , Sandbox.
, ..
Desktop, Drives . , DefaultBox,
.
112 144
1.0 26-02-13
View Programs Files and Folders.
Programs
Sandboxie.
, Firefox
Sandboxie. Sandboxie Control
Firefox ,
, .
5 Sandboxie Control/Programs
Sandboxie
Start, All Programs
.
.
6 Sandboxie
113 144
1.0 26-02-13
,
,
. Sandboxie
().
.
7
DefaultBox
Sandboxie.
, Sandboxie,
.
Sandboxed
.
8 Sandboxie
114 144
1.0 26-02-13
Sandbox, DefaultBox, SandboxSettings
.
.
.
Sandboxie .
http://www.sandboxie.com/index.php?HelpTopics
sandbox
,
.
115 144
/
Windows
WINDOWS
116 144
1.0 26-02-13
1.0 26-02-13
WINDOWS
Windows,
. ,
/
. (DOS
prompt).
Command prompt Start, cmd.exe
(search).
,
,
.
,
, , ,
registry, keylogger ( ),
scheduler
.
,
,
(administrator).
,
.
1
:
(administrator)
, C:\>lusrmgr.msc.
Groups, Administrator
, 1.
117 144
1.0 26-02-13
, C:\>net
user ( 2) C:\>net localgroup administrators ( 3).
2 - (1)
3 - (2)
(logs) ( ).
,
C:\>eventvwr.msc.
4,
,
.
4 -
118 144
1.0 26-02-13
.
/
1.
Event log service was stopped.
2.
Windows File Protection is not active on Windows
this system.
.
3.
The protected System file [file name] was
[
not restored to its original, valid version ] ,
because the Windows File Protection...
Windows...
4.
The MS Telnet
successfully.
Service
has
started Telnet .
1
, (logon
failures) .
.
,
,
(SYSTEM)
(Administrator),
5 -
C:\>taskmgr.exe
5.
119 144
1.0 26-02-13
,
C:\>tasklist ( 6) C:\>wmic process list full ( 7)
.
6 - (1)
120 144
1.0 26-02-13
7 (2)
, ,
C:\>services.exe 8.
121 144
1.0 26-02-13
8
, C:\>net start
( 9) C:\>sc query ( 10) .
122 144
9 (1)
123 144
1.0 26-02-13
1.0 26-02-13
10 (2)
,
C:\>tasklist /svc 11.
124 144
1.0 26-02-13
11
( ),
explorer ,
Start > Search > For files or folders... >
Search options > Size > At least 10000KB .
, registry,
(system startup) :
125 144
1.0 26-02-13
) HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/CurrentVersion/Run
) HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/CurrentVersion/Runonce
) HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/CurrentVersion/RunonceEx
registry ,
C:\>regedit.exe ( 12) C:\>req query
<reg key> ( 13).
12 registry
13 registry
126 144
1.0 26-02-13
,
, C:\>msconfig.exe. ,
( 14) ( 15).
14
15
127 144
1.0 26-02-13
.
, C:\>wmic
startup list full ( 16).
16
128 144
1.0 26-02-13
,
C:\>net session. ,
17.
17
,
C:\>net use. ,
18.
18
,
C:\>net view \\127.0.0.1. ,
19.
19
NetBIOS ,
C:\>nbtstat -S.
, ,
20.
129 144
1.0 26-02-13
20 NetBIOS
(ports).
.
,
C:\>netstat -na.
21
5
,
5
C:\>netstat -na 5
,
C:\>netstat -na.
21
, arp
MAC IP .
, C:\>arp -a. ,
.
130 144
1.0 26-02-13
22 arp
,
,
C:\>netsh firewall show config
( 23).
23
,
(SYSTEM) (Administrator) .
,
Start > Programs > Accessories > System Tools > Scheduled
Tasks Task Scheduler ( 24).
131 144
1.0 26-02-13
24
, C:\>schtasks
( 25).
25
http://www.cisecurity.org/
.
132 144
1.0 26-02-13
!
.
,
( swap),
.
,
administrator.
, ,
.
133 144
Linux
LINUX
134 144
1.0 26-02-13
1.0 26-02-13
LINUX
Linux .
, root (
#) ( $ ).
. ,
, ( )
, Linux .
,
, .
,
.
.
/etc/passwd.
,
:
# sort -nk3 -t: /etc/passwd |lesss
1.
UID 0 500.
UID 0 :
# egrep ':0+' /etc/passwd
1
, :
135 144
1.0 26-02-13
# getent passwd |egrep ':0+:'
(logs)
.
entered promiscous mode, (username
password) (ftp, telnet, ssh),
(rpc) (
20) ( ^-^-^...),
Apache error,
.
Linux dmesg.
, :
# dmesg |grep [] , [] .
, /var/log/messages
/var/log/current, Linux .
2.
2
.
,
.
,
136 144
1.0 26-02-13
# ps -aux
3.
3
ps manual page,
# man ps.
,
(ports)
, # lsof -p [pid] , pid (process id)
.
,
# chkconfig list.
137 144
1.0 26-02-13
SUID
root.
SUID ,
:
# find / -uid 0 -perm -4000 -print
4,
.
,
(
10)
:
# find / -size +10000k -print
,
.
,
:
# find / -name " " -print
# find / -name ". " -print
# find / -name ".. " -print
(ports)
, :
# lsof +L1
4 SUID
,
.
RPM,
MD5, , ,
Linux .
: # rpm -Va |sort
1.
138 144
MD5
1.0 26-02-13
1 RPM
/sbin, /bin, /usr/bin /usr/bin.
, Linux
check-packages, .
promiscuous mode,
.
, : # ip link | grep PROMISC ,
.
(ports).
.
,
# netstat -nap
, 5.
netstat
manual page, # man netstat.
, arp
MAC IP .
, # arp -a .
139 144
140 144
1.0 26-02-13
1.0 26-02-13
5
cron, # crontab -u
root -l , root.
, root,
root , ,
:
141 144
1.0 26-02-13
# cat /etc/crontab # ls /etc/cron.* .
,
(load average) $ uptime ,
$ free / $ df .
Linux,
.
www.chkrootkit.org
chkrootkit rootkit
,
root,
.
www.tripwire.org http://aide.sourceforge.net/
.
http://www.bastille-linux.org/
bastille Linux.
http://www.cisecurity.org/
.
!
.
,
( swap).
,
root. ,
, .
142 144
1.0 26-02-13
,
, .
,
.
,
.
,
.
.
, .
,
,
.
,
.
.
.
143 144
1.0 26-02-13
:
http://krebsonsecurity.com/2012/10/the-scrap-value-of-a-hacked-pc-revisited/
https://www.sans.org/score/checklists/ID_Linux.pdf
https://www.sans.org/score/checklists/ID_Windows.pdf
http://benchmarks.cisecurity.org/downloads/audit-tools/
http://iase.disa.mil/stigs/
http://technet.microsoft.com/en-us/library/cc677002.aspx
http://www.sandboxie.com/
https://www.torproject.org/docs/documentation.html.en
http://secunia.com/vulnerability_scanning/personal/
http://www.truecrypt.org/downloads
144 144
You might also like
- Dogma Plirifirion SJDocument66 pagesDogma Plirifirion SJGeorge Avramidis100% (1)
- Dogma Plirifirion SJDocument66 pagesDogma Plirifirion SJGeorge Avramidis100% (1)
- ΣΥΝΘΗΚΗ ΛΩΖΑΝΗΣDocument150 pagesΣΥΝΘΗΚΗ ΛΩΖΑΝΗΣtrypokarydos1980No ratings yet
- ΣΥΝΑΙΣΘΗΜΑΤΙΚΗ ΝΟΗΜΟΣΥΝΗDocument2 pagesΣΥΝΑΙΣΘΗΜΑΤΙΚΗ ΝΟΗΜΟΣΥΝΗstavrospalatNo ratings yet
- ΣΚ 31-15 ΔΟΓΜΑ ΔΜDocument45 pagesΣΚ 31-15 ΔΟΓΜΑ ΔΜstavrospalatNo ratings yet
- Ο ΤΕΩΣ ΕΞΟΜΟΛΟΓΕΙΤΑΙ ΚΑΙ ΑΠΟΚΑΛΥΠΤΕΙDocument28 pagesΟ ΤΕΩΣ ΕΞΟΜΟΛΟΓΕΙΤΑΙ ΚΑΙ ΑΠΟΚΑΛΥΠΤΕΙstavrospalatNo ratings yet
- ΘΕΩΡΙΑ ΑΝΤΑΡΤΟΠΟΛΕΜΟΥ-Κ. ΚΟΛΙΟΠΟΥΛΟΣDocument36 pagesΘΕΩΡΙΑ ΑΝΤΑΡΤΟΠΟΛΕΜΟΥ-Κ. ΚΟΛΙΟΠΟΥΛΟΣKonstantinos Konstantinidis100% (3)
- 2000 (ΥΓ ΠΕΡΙΘΑΛΨΗ) PDFDocument4 pages2000 (ΥΓ ΠΕΡΙΘΑΛΨΗ) PDFstavrospalatNo ratings yet
- LK 2010 03 TextDocument30 pagesLK 2010 03 TextstavrospalatNo ratings yet
- ΤΕΧΝΙΚΗ ΔΙΑΠΡΑΓΜΑΤΕΥΣΗΣDocument26 pagesΤΕΧΝΙΚΗ ΔΙΑΠΡΑΓΜΑΤΕΥΣΗΣstavrospalat100% (1)
- ΕΛΛΗΝΟΤΟΥΡΚΙΚΑDocument2 pagesΕΛΛΗΝΟΤΟΥΡΚΙΚΑstavrospalatNo ratings yet
- LK 2010 03 TextDocument30 pagesLK 2010 03 TextstavrospalatNo ratings yet
- 1021Document16 pages1021stavrospalatNo ratings yet
- ΣΗΜΕΙΩΣΕΙΣ ΓΕΩΠΟΛΙΤΙΚΗΣDocument5 pagesΣΗΜΕΙΩΣΕΙΣ ΓΕΩΠΟΛΙΤΙΚΗΣstavrospalat100% (2)
