11 - 14 Jun 2007 Langkawi Seaview Hotel 1 TITISAN ILMU MYSCHOOLNET Sazali bin Saidin, Institut Perguruan Perlis, Perlis, 01000 Kangar, Perlis [email protected] | 019-4548436
Jan 11, 2016
11 - 14 Jun 2007 Langkawi Seaview Hotel 1
TITISAN ILMU MYSCHOOLNET
Sazali bin Saidin,Institut Perguruan Perlis, Perlis,01000 Kangar, [email protected] | 019-4548436
11 - 14 Jun 2007 Langkawi Seaview Hotel 2
Buying a PC Searching for appropriate
model (looks and design). Desktop, notebook, palmtop We choose notebook Then …
CPU - Intel® Centrino® Duo mobile technology Hard Disk, LCD Display, Memory Design – looks & feel, weight Features included – OS preloaded, Card reader,
Bluetooth, Connectivity, Camera
11 - 14 Jun 2007 Langkawi Seaview Hotel 3
Installing Software
OS – Windows XP or Windows Vista Office Applications – MS Office Graphics – Photoshop, Paintshop, etc Antivirus – Trend Micro, AVG, etc Utilities – Registry Mechanic, Disk
Keeper
11 - 14 Jun 2007 Langkawi Seaview Hotel 4
Happy hour… Create document Design graphics Surfing the www Creating html document Blog & forum Sending, sharing files, video, etc… Real-time communication IM, VM…etc Desktop Themes - Webshots, Screen
Saver etc…
11 - 14 Jun 2007 Langkawi Seaview Hotel 5
Ku Sangka Panas Hingga ke Petang Rupanya Hujan di tengahari…
Initially … everything goes smoothly Now …
Pc boots too slow… Program takes longer
time than normal to open…
Pop up and ads… Junk emails Worms, trojans, virus, phising, etc… sluggishness
Rupanya Hujan di tengahari…Ku Sangka Panas Hingga ke Petang
11 - 14 Jun 2007 Langkawi Seaview Hotel 6
Why…Why…Why it happens..
11 - 14 Jun 2007 Langkawi Seaview Hotel 7
Then we notice that …
Too many programs at start up…
11 - 14 Jun 2007 Langkawi Seaview Hotel 8
Then we notice that …
There may be also too many Terminate and Stay Resident (TSR) running at background
11 - 14 Jun 2007 Langkawi Seaview Hotel 9
Then we notice that …
Our door are still open…
11 - 14 Jun 2007 Langkawi Seaview Hotel 10
Then we notice that …
Very rare we updates patches…
11 - 14 Jun 2007 Langkawi Seaview Hotel 11
Then we notice that … Our antivirus definition
or pattern out of date… Lack of information viruses
The First Generation: DoS Viruses (1986 - 1995)
The Second Generation: Macro Viruses (1995 - 2000)
The Third Generation: Big Impact Worms (1999 – 2005)
The Fourth Generation: Malcode for Profit (2004 – to present)
http://www.cioupdate.com/article.php/3598621
11 - 14 Jun 2007 Langkawi Seaview Hotel 12
Then we notice that …
We rarely do generalmaintenance to our notebooks..
Do we… Clean up our junk / unneeded files Remove temporary files Scandisk and defrag Clean and compact our registry
11 - 14 Jun 2007 Langkawi Seaview Hotel 13
What is the Windows Registry? Central database of information for general
settings and preferences, software applications, and hardware drivers and devices.
Keeping your registry in a good state of repair and conducting regular maintenance is imperative because the registry contains important data that is used all the time during system operation.
As you continue changing preferences, installing and uninstalling software and hardware, the registry grows and becomes more complex. In addition, the chances of errors and missing, obsolete or corrupt entries increases exponentially.
11 - 14 Jun 2007 Langkawi Seaview Hotel 14
When and Why do Registry Problems occur? The latest statistics shows 94% of computers have
corrupt and possibly harmful files. On average, almost each PC will have about 150+ errors on them due to corrupt or missing registry entries.
Removing software from your system, it is highly probable that residuals are still littering your hard drive and your registry.
The result? Frequent error messages, slow start-ups, sluggishness, declining performance, system stalls, severe degradation in operating speed, unstable and frequent application errors and crashes, and, at times, even an inability to start Windows.
11 - 14 Jun 2007 Langkawi Seaview Hotel 15
Sample Registry Attack…
11 - 14 Jun 2007 Langkawi Seaview Hotel 16
Top 10 Threats – SANS Inst. Web servers and services.
Default HTTP (Web) servers have had several vulnerabilities, and numerous patches have been issued over the past several years. Make sure all your patches are up to date, and do not use default configurations or default demonstration applications. These vulnerabilities may lead to denial-of-service attacks and other types of threats.
11 - 14 Jun 2007 Langkawi Seaview Hotel 17
Top 10 Threats – SANS Inst.
Workstation service. An attacker can obtain full control over a computer by compromising the Windows Workstation service, which is normally used to route user requests.
11 - 14 Jun 2007 Langkawi Seaview Hotel 18
Top 10 Threats – SANS Inst. Windows remote
access services. A variety of remote access methods are included by default on most systems. These systems can be very useful, but also very dangerous, and an attacker with the right tools can easily gain control over a host.
11 - 14 Jun 2007 Langkawi Seaview Hotel 19
Top 10 Threats – SANS Inst.
Windows authentication. Most Windows systems use passwords, but passwords can be easily guessed or stolen. Creating stronger, more difficult to guess passwords, not using default passwords, and following a recommended password policy will prevent password attacks.
11 - 14 Jun 2007 Langkawi Seaview Hotel 20
Top 10 Threats – SANS Inst. Web browsers. Your window to
the Internet, a Web browser contains many vulnerabilities. Common exploits may include disclosure of "cookies" with personal information, the execution of rogue code that could compromise a system, and exposure of locally-stored files. Configuring the browser's security settings for a setting higher than the default value will prevent most Web browser attacks.
11 - 14 Jun 2007 Langkawi Seaview Hotel 21
Top 10 Threats – SANS Inst. File sharing applications.
Peer-to-peer (P2P) programs are commonly used to share files. In a P2P system, computers are open to others in the P2P network to allow for all participants to search for and download files from one another. Many corporations forbid use of P2P networks because of the obvious risk of compromised data.
11 - 14 Jun 2007 Langkawi Seaview Hotel 22
Top 10 Threats – SANS Inst. LSAS exposures. The
Windows Local Security Authority Subsystem (LSAS) has a critical buffer overflow that can be exploited by an attacker to gain control over the system. Again, proper configuration and application of patches will prevent most exploits.
11 - 14 Jun 2007 Langkawi Seaview Hotel 23
Top 10 Threats – SANS Inst. Instant messaging. Many
corporations also block employees from using instant messaging, not only because of the technical threats but also because of the possibility of lost productivity. Configuring IM properly, applying all the latest patches, and taking control over any file transfers that occur over IM will prevent most attacks.
11 - 14 Jun 2007 Langkawi Seaview Hotel 24
Windows systems for security vulnerabilities
Port scanners Network/OS vulnerability scanners Application/database vulnerability
scanners Password crackers File searching tools Network analyzers Exploit tools
11 - 14 Jun 2007 Langkawi Seaview Hotel 25
Top 15 security tools for testing Windows
SuperScan version 3 www.foundstone.com/resources/proddesc/superscan3.htm
Very fast and easy to use port scanner that can find live systems, look for open ports and running services, grab banner information including software versions
SoftPerfect Network Scanner www.softperfect.com/products/networkscanner
Maps MAC addresses to IP addresses which can help you locate rogue wired and wireless systems
11 - 14 Jun 2007 Langkawi Seaview Hotel 26
Top 15 security tools for testing Windows
NetBIOS Auditing Tool (NAT) www.cotse.com/tools/netbios.htm
Neat tool for cracking passwords on Windows network shares
QualysGuard www.qualys.com
The ultimate in ease of use and comprehensive network/OS vulnerability scanning -- checks for thousands of old and current exploits
11 - 14 Jun 2007 Langkawi Seaview Hotel 27
Top 15 security tools for testing Windows
Metasploit www.metasploit.org
A great tool to exploit those Windows-based vulnerabilities that other tools find
Cain & Abel www.oxid.it
A nice tool for misc. password cracking
11 - 14 Jun 2007 Langkawi Seaview Hotel 28
The simple rules… Apply regular updates and
patches as they become available.
Employ security software and hardware such as firewalls and authentication servers.
Do not use default passwords and other values that are provided with your software
New virusesVirus primer
11 - 14 Jun 2007 Langkawi Seaview Hotel 29
Best Practices…Automatic detect,
clean & updatepattern.
11 - 14 Jun 2007 Langkawi Seaview Hotel 30
Deploy Windows Server Update Services
Group Policy Active
Directory
Thanks you..!