Top Banner
How not to lose your computer How not to lose your computer or your research or your research M.R. Muralidharan M.R. Muralidharan SERC SERC IISc IISc
33

How not to lose your computer or your research - SERC

Feb 09, 2022

Download

Documents

dariahiddleston
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Page 1: How not to lose your computer or your research - SERC

How not to lose your computer How not to lose your computer or your researchor your research

M.R. MuralidharanM.R. MuralidharanSERCSERCIIScIISc

Page 2: How not to lose your computer or your research - SERC

2

’’08 Threat Landscape Shift08 Threat Landscape Shift

Threats are indiscriminate, hit everyoneThreats are highly targeted,

regionalized

Threats are disruptive impact visibleThreats steal data & damage brands

impact unclear

Remediation action is technical (“remove”)‏Remediation more complex, may

need to investigate data leak

Going through perimeter and gateway Going after uneducated network clients and other endpoints

2008 LandscapeCrimeware

2004 LandscapeVirus

Threats are noisy & visible to everyoneThreats are silent & unnoticed

with variants

The Battle has changed

Page 3: How not to lose your computer or your research - SERC

VirusVirus

Self replicatingSelf replicatingAttaches to another piece of softwareAttaches to another piece of softwareRuns when openedRuns when openedAffects the system in some wayAffects the system in some way–– Harmless pranksHarmless pranks–– Network slow downsNetwork slow downs–– System damage or data lossSystem damage or data loss–– Compromises system securityCompromises system security

Page 4: How not to lose your computer or your research - SERC

Trojan HorseTrojan Horse

Camouflages a virusCamouflages a virusLooks like a legitimate programLooks like a legitimate programWill not automatically runWill not automatically runOnce openedOnce opened–– Spreads virusSpreads virus–– May create another Trojan horseMay create another Trojan horse

Page 5: How not to lose your computer or your research - SERC

WormsWorms

SelfSelf--containedcontained–– Independent programsIndependent programs–– Do not attach to other filesDo not attach to other filesUsually spread over a networkUsually spread over a networkBehave like a virus, but are more likely to Behave like a virus, but are more likely to cause network slowdownscause network slowdowns

Page 6: How not to lose your computer or your research - SERC

ExamplesExamples

VirusesViruses–– Melissa.AMelissa.A Level 4Level 4–– VBS.Loveletter.FW.AVBS.Loveletter.FW.A Level 4Level 4

TrojansTrojans–– PWSteal.LdpinchPWSteal.Ldpinch Level 1Level 1–– Backdoor.AcropolisBackdoor.Acropolis Level 2Level 2

•• WormsWorms–– W32.Blaster.Worm Level 3W32.Blaster.Worm Level 3–– W32.Mydoom.A@mm Level 3W32.Mydoom.A@mm Level 3

Page 7: How not to lose your computer or your research - SERC

Program writers create them with malicious Program writers create them with malicious intent:intent:–– Aim to harm a company by causing loss of Aim to harm a company by causing loss of

information or moneyinformation or money–– Seek media attentionSeek media attention–– Seek access to private information to be used with Seek access to private information to be used with

criminal intentcriminal intent

Page 8: How not to lose your computer or your research - SERC

Action from User and AdministratorAction from User and Administrator

Antivirus programAntivirus programspy ware removal programspy ware removal programPersonal hardware and/or software firewallPersonal hardware and/or software firewalli.e. Router firewall and Windows firewalli.e. Router firewall and Windows firewall–– Updated/Secure softwareUpdated/Secure software

Windows UpdatesWindows UpdatesMicrosoft Office UpdatesMicrosoft Office UpdatesSecure, updated internet browserSecure, updated internet browserUnderstand that Security is a moving target no Understand that Security is a moving target no way anyone can assure 100% securityway anyone can assure 100% security

Page 9: How not to lose your computer or your research - SERC

ToolsToolsSymantec Endpoint ProtectionSymantec Endpoint ProtectionMicrosoft Baseline Security AnalyzerMicrosoft Baseline Security AnalyzerMicrosoft Security CentreMicrosoft Security CentreSystem RestoreSystem Restore

Page 10: How not to lose your computer or your research - SERC

Symantec Endpoint Protection Symantec Endpoint Protection 11.0.401011.0.4010

Page 11: How not to lose your computer or your research - SERC

IISc AV ManagementIISc AV Management

Managed Clients

Symantec EndpointServer at SERC

Internet

IISc NetworkIISc Network

Unmanaged Clients

Symantec Server

Page 12: How not to lose your computer or your research - SERC

Symantec Server

Unmanaged Clients Server @ SERC

Managed client 1 Managed client 2 ... Managed client n

SEP 11.0.4010

Clients within IISc network

Page 13: How not to lose your computer or your research - SERC

SEP 11.0.4010SEP 11.0.4010

Symantec Endpoint Protection 11.0.4010

Managed Version Unmanaged Version

32-bit 64-bit 32-bit 64-bit

Page 14: How not to lose your computer or your research - SERC

System RequirementsSystem Requirements

256 MB256 MB RAM RAM 600 MB600 MB (32(32--bit), bit), 700700 MB (x64)MB (x64)Super VGA (1024x768) or higherSuper VGA (1024x768) or higher--resolution video adapter and monitorresolution video adapter and monitor

Page 15: How not to lose your computer or your research - SERC

OPERATING SYSTEMS SUPPORTEDOPERATING SYSTEMS SUPPORTED

Windows 2000 Professional / Server / Advanced Server / Windows 2000 Professional / Server / Advanced Server / Datacenter Server / Small Business Server Datacenter Server / Small Business Server -- with SP3 or with SP3 or greatergreater

Windows XP Home / Tablet PC / Media Center 2002 / Windows XP Home / Tablet PC / Media Center 2002 / Professional / Professional x64 Professional / Professional x64 -- with SP1 or greaterwith SP1 or greater

Windows Vista Home Basic / Home Premium / Business / Windows Vista Home Basic / Home Premium / Business / Enterprise / Ultimate Enterprise / Ultimate -- 3232--bit or x64 editionbit or x64 edition

Windows Server 2003 Standard / Enterprise / Datacenter / Windows Server 2003 Standard / Enterprise / Datacenter / Storage / Web / Cluster / Small Business Server Storage / Web / Cluster / Small Business Server -- 3232--bit or bit or x64 edition x64 edition

Page 16: How not to lose your computer or your research - SERC

Symantec Endpoint Protection Symantec Endpoint Protection MangerManger

Page 17: How not to lose your computer or your research - SERC

Symantec Endpoint Protection Symantec Endpoint Protection MangerManger

Page 18: How not to lose your computer or your research - SERC

18

Symantec Endpoint Protection Symantec Endpoint Protection -- SummarySummary

• The World’s leading anti-virus solution• More consecutive Virus Bulletin certifications (31) than

any vendor

• Best anti-spyware, leading the pack in rootkit detection and removal

• Includes VxMS scanning technology (Veritas)‏

• Industry’s best managed desktop firewall• Adaptive policies lead the pack for location awareness• Sygate and Symantec Client Security

• Behavior-based Intrusion prevention (Whole Security)‏• Network traffic inspection adds vulnerability-based

protection

• Device control to prevent data leakage at the endpoint (Sygate) ‏

• Protection against mp3 players, USB sticks, etc

AntiVirus

Antispyware

Firewall

IntrusionPrevention

Device Control

Page 19: How not to lose your computer or your research - SERC

Symantec Endpoint Client Symantec Endpoint Client

Page 20: How not to lose your computer or your research - SERC

ScanScan

Page 21: How not to lose your computer or your research - SERC

Change SettingsChange Settings

Page 22: How not to lose your computer or your research - SERC

Microsoft Baseline Security Microsoft Baseline Security AnalyzerAnalyzer

Page 23: How not to lose your computer or your research - SERC

MBSAMBSA

Page 24: How not to lose your computer or your research - SERC

Result of MBSA analysisResult of MBSA analysis

Page 25: How not to lose your computer or your research - SERC
Page 26: How not to lose your computer or your research - SERC

System RestoreSystem Restore

Page 27: How not to lose your computer or your research - SERC
Page 28: How not to lose your computer or your research - SERC

Restore PointsRestore Points

Page 29: How not to lose your computer or your research - SERC
Page 30: How not to lose your computer or your research - SERC

Restore OperationRestore Operation

Initial system checkpointsInitial system checkpointsSystem checkpoints System checkpoints –– every 24 hours of calendar time orevery 24 hours of calendar time or–– every 24 hours your computer is turned on every 24 hours your computer is turned on

Program name installation restore points Program name installation restore points WindowsWindows XP Professional Auto Update restore points XP Professional Auto Update restore points Manually created restore pointsManually created restore pointsRestore operation restore pointRestore operation restore pointUnsigned device driver restore pointsUnsigned device driver restore pointsMicrosoft Backup utility recovery restore pointsMicrosoft Backup utility recovery restore pointsChange or remove a programChange or remove a program. .

Page 31: How not to lose your computer or your research - SERC

In a nutshellIn a nutshell

DonDon’’t Run Unknown Programst Run Unknown ProgramsUPDATE OS, Applications RegularlyUPDATE OS, Applications RegularlySAFEGUARD Identity and PasswordSAFEGUARD Identity and PasswordASSURE Sufficient Resources for Proper System CareASSURE Sufficient Resources for Proper System CareThere is no 100 % security, hence ready to FACE There is no 100 % security, hence ready to FACE InsecurityInsecurityEVERYBODY Needs to Do Their PartEVERYBODY Needs to Do Their Part

TAKE BACKUP of YOUR DATA As TAKE BACKUP of YOUR DATA As Often As POSSIBLEOften As POSSIBLE

Page 32: How not to lose your computer or your research - SERC

SummarySummary

Viruses, Viruses, trojanstrojans and worms can all cause and worms can all cause damage to your computer and datadamage to your computer and dataPrevent infections by keeping your Prevent infections by keeping your computer software and antivirus scanner computer software and antivirus scanner upup--toto--date.date.Practice safe computingPractice safe computingKnow your recovery options, and use the Know your recovery options, and use the tools available to you if you are infected.tools available to you if you are infected.QUESTIONS?QUESTIONS?

Page 33: How not to lose your computer or your research - SERC

Thank YouThank You


Related Documents
7-day diet: lose your paunch

7-day diet: lose your paunch

Category: Documents
Don't Lose your Cool

Don't Lose your Cool

Category: Documents
Never Lose Your important banking laws

Never Lose Your important banking laws

Category: Education
On Your Feet Lose Your Seat

On Your Feet Lose Your Seat

Category: Documents
Lose Your Religion, Find Your Life in Christ

Lose Your Religion, Find Your Life in Christ

Category: Documents
Lose Your Love Handles Scott Colby

Lose Your Love Handles Scott Colby

Category: Documents
(SERC) - Solar Photovoltaics

(SERC) - Solar Photovoltaics

Category: Documents
Your data is your business: Secure it or Lose it!

Your data is your business: Secure it or Lose it!

Category: Technology
SERC Regulations

SERC Regulations

Category: Documents
Don't lose credit for your research!

Don't lose credit for your research!

Category: Education
You Lose Most of Your Heat Through Your Head!

You Lose Most of Your Heat Through Your Head!

Category: Documents
Don’t Lose Access Ton Your Files

Don’t Lose Access Ton Your Files

Category: Internet