Professional Documents
Culture Documents
23 Computer Security
23 Computer Security
Computer Security
Through your PC, a malicious person can gain
valuable information
About you and your habits
Can steal your files
Run programs that log your keystrokes and thus gain
account names and passwords, credit card information
Run software that takes over much of your computer
processing time and use it to send spam or steal from
others
Analyzing the Threat
Threats to your data and PC come from two
directions:
Mistakes
Malicious people
Issues:
Unauthorized access
Data destruction, accidental or deliberate
Administrative access
Catastrophic hardware failures
Viruses/spyware
Local Control
Need to establish control over local resources
Back up data and make sure that retired hard drives and optical
discs have no sensitive data on them
You should recognize security issues and be able to respond
properly
You need to implement good access control policies, such as
having
All computers in your care locked down with proper passwords or
other devices that recognize who should have access
Implement methods for tracking computer usage.
If someone is doing something wrong, you and the network or
computer administrator should be able to catch him or her!
Backup Essential Data
Social Engineering
The process of using or manipulating people inside the
networking environment to gain access to that network
from the outside
The term “social engineering” covers the many ways
humans can use other humans to gain unauthorized
information
Infiltration
Hackers can physically enter your building under the
guise of someone who might have a legitimate reason
for being there,
Cleaning personnel, repair technicians, or messengers
Telephone Scams
Telephone scams are probably the most common
social engineering attack
The attacker makes a phone call to someone in the
organization to gain information
Dumpster Diving
Generic term for anytime a hacker goes through your
refuse (rubbish), looking for information
Physical Theft
Someone physically steal the server
Access Control
Control access to the data, programs, and other
computing resources
Secure Physical Area and Lock Down
Your System
Block access to the physical hardware from people
who shouldn’t have access
Authentication
Means How the computer determines
Who can or should access it
Once accessed, what that user can do
A computer can authenticate users through
Software or hardware
Combination of both
NTFS, Not FAT32
Must use NTFS or you have no security at all
Use the CONVERT command-line utility to go from
FAT to NTFS
CONVERT D: /FS:NTFS
Network Security
User Account Control Through Groups
Security Policies
Commonly used:
Prevent Registry Edits
If you try to edit the Registry, you get a failure message
Prevent Access to the Command Prompt
This policy keeps users from getting to the command prompt by turning off
the Run command and the MS-DOS Prompt shortcut
Log on Locally
This policy defines who may log on to the system locally
Shut Down System
This policy defines who may shut down the system
Minimum Password Length
This policy forces a minimum password length
Account Lockout Threshold
This policy sets the maximum number of logon attempts a person can
make before they are locked out of the account
Disable Windows Installer
This policy prevents users from installing software
Printer Browsing
This policy enables users to browse for printers on the network, as opposed
to using only assigned printers
Viruses
Disable DHCP and require your wireless clients to use a static IP address
If you need to use DHCP, only allot enough DHCP addresses to meet the needs of
your network to avoid unused wireless connections
Change the WAP’s SSID from default and disable SSID broadcast
Change the default user name and password. Every hacker has memorized the default
user names and passwords