Module 5 security

Operating System Reference Guide

Module 5- Security

2

Module 5- SecurityOperating System Reference Guide

Module 5 Security

Introduction

Data Security is the process of ensuring that data is safe and is free from corruption.

Ideally, three common methods are used to prevent data – accounts, group and permission

◊ Physical security of data◊ Providing permissions to groups◊ Permissions that defines the data

3


Lesson 1 - Understanding Networking in Windows

Topics covered are

◊ Data security

◊ Authentication technologies

◊ PC security

◊ Wireless security

◊ Other security issues

4


Topic 1 – Data Security

Accounts, Groups and permissions

◊ Data security ensures that data is safe from corruption and access to that data is under control.

◊ It is not enough to have good firewall, but data security should ensure privacy, which helps in protecting personal data.

◊ Having a firewall will protect the system from other system accessing it

Accounts

◊ We need valid accounts to access Windows 2000/XP system. If the account is not valid, the user cannot use the system.

5



Groups

◊ A group defines a collection of accounts that share the same access possibilities

◊ Creating a group makes the job easy

◊ The user can assign a particular level of access for a file to a group

◊ Otherwise the users need to give permission to individual users separately

6



Permissions

◊ Permission defines the level of accessibility of a particular account can or cannot do to the file

◊ For example: you can let a person to edit a file but not delete it

◊ Can let a person to create a folder and not permit other people to make subfolders

7



Local security policy

◊ A local user or group is an account that can be granted permissions and rights from your computer

◊ Local Users and Groups is an important security feature because you can limit the ability of users and groups to perform certain actions by assigning them rights and permissions.

◊ A security policy is a combination of security settings that affect the security on a computer

◊ By using a security policy you can control unauthorized access to the computer

◊ Use of the resources shared on the computer and the recording of the group/non-group’s actions displayed by the event log.

8



Encryption

◊ In cryptography encryption is a process where we make a document unreadable without the proper knowledge or key to read it

◊ It is at times referred as scrambling

◊ Microsoft calls the encryption utility in NTFS as EFS that is Encrypting Files System

9



Data remnant removal

◊ Removing all usable data from media typically hard drive or any media is called as Data Remnant Removal.

◊ Data can be on any magnetic or optical devices

◊ As data or Hardware ages, we can bring policies to remove the data from the present storage and move it on to the new media

◊ Another way is to physically write down the information of the media & contents of it

◊ This process of removing the user data is known as Data Remnant Removal

10



► Audit and event logging

Audit is the process that tracks the activities of users by recording selected types of events in the security log of a server or a workstation

Before auditing is implemented the auditing policy must be selected

An auditing policy specifies categories of security-related events that you want to audit

11



Password Management

◊ A password is used to control access to resource. The password should be kept secret from those not allowed access

◊ Passwords are used in many fields.

◊ To protect computer operating systems, mobile phones cable TV decoders, automated teller machines (ATM)

12



Protecting the password

◊ Create a password, which is easy to remember but hard to guess by others.

◊ The account lockout policy can be enabled to lock the computer when an incorrect password is typed for 3 times

◊ Include punctuation marks or symbols.

◊ Do not use blank space.

◊ Change password once every 6 months.◊ Use upper and lower case characters.

◊ Do not write down the password.

13


Topic 2 – Authentication Technologies

► Smart Card

Unlike magnetic stripe cards, smart cards can carry all essential functions and information

Smart card resembles a credit-card in shape and size

The small microprocessor embedded inside is used for security

When this smart card is interfaced with the computer using a card reader, the computer reads the information

14



► Smart card Readers Terminals

Smart Card Reader is a unit that interfaces with a PC.

Terminal is a self-contained processing device

Smart card reader can be connected through RS232 serial ports, USB ports, PCMCIA etc

15



► Types of smart cards

There are three types of smart cards available , they are

◊ Integrated Circuit Microprocessor Card

◊ Integrated Circuit Memory Cards

◊ Optical Memory Cards

16



► Biometric Devices

Biometric devices can be used as input to a computer.

A biometric device like a fingerprint scanner can be used for additional level of security

Biometric devices can also be programmed to verify a person’s identity based on the facial features, voice or even handwriting

Some of the biometric devices are

◊ Finger prints◊ Face Recognition◊ Speaker Recognition◊ Iris Recognition

17



Key Fobs

► A key fob is a small hardware device with built-in authentication mechanisms

► Electronic key fobs are used for remote keyless entry systems on motor vehicles

► People started using key fobs in apartment building to access common areas and it is used in automatic sliding doors

18


Topic 3 - Overview of various command line tools for networking

► NSlookup

1. The NSlookup utility can be used to identify the origin of a host name resolution error.

2. When the host name resolution is successful, NSlookup utility displays the hostname and the IP address of the DNS server that is configured on the local computer

Fig 1 Fig 2

19


Topic 4 - Overview of Resource Sharing

► When a large number of computers are connected in a network the resources are shared between the users.

► Folder Sharing

To access a folder present on your computer from a remote location you need to share the folder.

User must set permissions on the shared folders to control the level of access that other people have to the files and the folders

To share a folder user must right click on the folder and click properties

20


Topic 3 – PC Security

Computer Virus

Computer Malware is a term given to all forms of Computer Software designed specifically to damage or disrupt a computer system

► The different kinds of computer Malware are

Computer Virus Trojan Horse Worm Virus Hoax

21



Computer virus

A virus must

Must able to execute itself Must be able to replicate itself

The different kinds of virus are

1. File Infectors2. Boot Sector Infectors3. Master Boot Record Infectors4. Multi-Partite viruses5. Macro viruses

22



Trojan Horse

Trojan Horses are impostors. They are executable files that claim to be something desirable

but, in fact, are malicious. They do not replicate

► Worm

A Worm is program that can replicate itself from system to system without the use of a host file.

They generally exist another host file The entire file will travel from computer to computer, so the

entire file should be considered the worm

23



A Virus hoax is message that almost always is sent by email that amounts to little more than a chain letter.

Some of the common phrases used in these virus hoaxes are

◊ If you receive an email titled [email virus hoax name here], do not open it!

◊ Delete it immediately!◊ It contains the [hoax name] virus◊ It will delete everything on your hard drive and [extreme and

improbable danger specified here]◊ This virus was announced today by [reputable organization

name here]◊ Forward this warning to everyone you know!

24



► Steps to Prevent Virus are

1. Do not open any files attached to an email from an unknown, suspicious or untrustworthy source

2. Delete chain emails and junk email

3. Exercise caution when downloading files from the Internet .

4. Update your anti-virus software regularly

25


Topic 4 – Wireless Security

► Wireless Security

A wireless access point is a device that connects multiple wireless devices to form a network

The other terminal of the access point is connected to a wired device

Hence the access point serves to be a link between the wireless and wired devices

26



► Enabling a Static IP

A wireless device automatically assigns IP addresses to the devices that try to connect to the network

Using a DHCP on a wireless network can attract a lot of hackers to access your network, because DHCP assigns all the users including the hacker, IP addresses automatically

Hence to provide extra protection, a static IP can be assigned to the devices

27



► Disabling a SSID broadcast

By default a wireless network device like a router will broadcast the signal to the rest of the world

Along with the message it also broadcasts the SSID (service set identifier)

The SSID is a sequence of case sensitive alphanumeric characters having a length of 32 letters

The service set identifier is the name of the network

Any unknown network device can get connected to this network using the SSID

28



► Change the default SSID

◊ For a wireless device to connect to a wireless network, it needs to know the SSID of the network

◊ Hence it is advisable to change the SSID of a network to a different and trickier one

► MAC address filtering

◊ A user who is identified as a “legitimate user” by the network will create a list of MAC addresses which are allowed to access his network

◊ If a unknown (an address not in the MAC address list) address to access his network the access will be denied

29


Topic 5 – Other Security Issues

Other Security Issues

◊ BIOS Security

◊ Hardware Deconstruction and Cycling

◊ Data Migration

30

Module 5- SecurityOperating System Reference GuideTopic 6 - Network Topologies, Network Devices and Network

Operating System Bridges

A bridge is a physical unit with two ports which connects the network segments together and filters the amount of traffic on each network

Bridges

31


Operating System Switches

1. Switches allow different nodes (a network connection point) of a network to communicate directly with one another in a smooth and efficient manner.

2. Switches on receiving the data packets transfers only to the intended recipients preventing the wastage of the network bandwidth and optimizing efficiency

32


Operating System Router

1. A router is a device that connects two network interfaces together.

2. The two networks can be either two LANs or WANs or a LAN and its ISP's network.

3. A router route the packets to other networks until that packet ultimately reaches its destination

33


Operating System Network Operating Systems

1. Network operating system can be defined as an operating system that include special functions for connecting computers and devices into a local area network (LAN).

1. Some of the important Network operating system are UNIX, Mac OS, Novell Network, Windows NT 4.0, Windows 2000 Server, Windows Server 2003

34


Topic 7 - Configuring Network Interface Card

Network Interface Card (NIC)

1. It is a physical device that connects the computer system to the network wire

2. To connect to the network you need to install the NIC card on the computer

3. Every network card has a unique 48-bit serial number called a MAC address, which is written to ROM carried on the card. Every computer on a network must have a card with a unique MAC address

4. The manufacturer of the NIC provides the driver software which needs to be installed in order to use the NIC

35



To install the NIC from the Add Hardware Wizard1. Click Start Settings Control Panel.2. In the Control Panel window, double-click on the Add

Hardware icon.

36



The Add hardware Wizard window is shown below and the NIC is shown below

37

Module 5- SecurityOperating System Reference GuideTopic 8 - Installing a Network Operating System (Windows Server

2003)► Microsoft introduced Windows Server 2003 in four

product editions. They are

1. Windows Server 2003,Standard Edition2. Windows Server 2003,Enterprise Edition (32-bit,64-bit

versions)3. Windows Server 2003,Datacenter Edition (32-bit,64-bit

versions)4. Windows Server 2003,Web Edition

► pre-installation steps before installing an operating system

Installing Windows Server 2003 Enterprise Edition1. Text based2. GUI based

38

Module 5- SecurityOperating System Reference GuideTopic 8 - Installing a Network Operating System (Windows Server

2003)► Post-Installation Steps

1. The welcome screen has the Manage Your Server window. This wizard can be closed if not required.

2. To manually configure the server, open the Manage Your Server applet through the Start menu as shown

39


Lesson 2 - Internet Technology

Introduction

◊ There are several internet technologies that are used on the internet.

◊ To access the web pages you need to use a browser which can be configured with several settings.

◊ Additionally, you should be able to protect your computers from intruders using Firewall.

Topics covered in this lesson

◊ Internet Terminologies

◊ Connectivity Technologies

◊ Browser Configurations

◊ Firewall Configuration in Windows XP

40


Topic 1 - Internet Terminologies

Some of the common internet terminologies used in the modern world are

1. ISP

2. E-mail

3. HTML

4. HTTP

5. SSL

6. HTTPS

7. Telnet

8. FTP

9. Newsgroups

41



► ISP1. ISP( Internet Service Provider) is an organization that

provides access to the Internet for a monthly fee. 2. The ISP provides a username, password and an access

phone number to get connected to the internet.

42



► E-mail

1. Electronic mail (e-mail) is a store and forward method of composing, sending, storing, and receiving messages over electronic communication systems

2. Some of the popular email programs (or email clients) are Microsoft’s Outlook Express and Netscape’s Messenger.

The different types of servers are 1. POP3 (Post Office Protocol version 3) 2. IMAP (Internet Mail Access Protocol) 3. SMTP (Simple Mail Transfer Protocol)

43



► HTML

1. Hypertext Markup Language (HTML) is a markup language for the creation of web pages

2. The HTML documents consists of HTML elements defined using HTML tags

3. HTTP (Hypertext Transfer Protocol) is the protocol that is used on the World Wide Web

4. It defines how messages are formatted and transmitted,

1. HTTP is called a stateless protocol because each command is executed independently

44



► SSL1. Secure Sockets Layer (SSL) is a protocol developed by

Netscape for transmitting private documents via the Internet

2. The encryption technology used by SSL provides data encryption, server authentication, message integrity, and client authentication for any TCP/IP connection

► HTTPS 1. HTTPS (Secure Hyper Text Transfer Protocol) (S-HTTP) is

another protocol that transmits data securely over the internet

2. is designed to transmit individual messages securely unlike SSL which can transmit any amount of data securely between a client and a server

45



► Telnet1. It is used to provide user oriented command line login

sessions between hosts on the Internet 2. A telnet session can be started by logging in to the server

by entering a valid username and password 3. The telnet port is usually port 23

46



► FTP

1. FTP (File Transfer Protocol) is used to download a file from a server using the Internet or to upload a file to a server

2. To access an FTP site, you must use an FTP client such as WS_FTP and type the URL of the FTP site

► Newsgroups

1. To access a newsgroup, you must use a newsreader program

2. Microsoft’s Outlook Express is the most common of all newsreaders as it comes free with most versions of Windows

3. Else the ISP gives the name of the news server and also a username and password if necessary

47


Topic 2 - Connectivity Technologies

Internet can be accessed by a variety of methods including telephone, cable, satellite and wireless. Depending on the usage, location and the expenditure a user will have to choose from the following forms of internet given below

1. Dial-up Networking

2. DSL networking

3. ISDN networking

4. Cable

5. Satellite

6. Wireless

7. LAN

48



► Dial-up Networking

The Dial-up connection can be categorized into two types, analog and digital connection

An analog connection requires a telephone line and modem

49



► DSL networking

1. Use a standard telephone line but special equipment on each end to create an all the time internet

2. Common forms of DSL Asynchronous and Synchronous (ADSL) and (SDSL)

50



► ISDN networking

1. Integrated Services Digital Network (ISDN) is a circuit switched telephone network system, designed to allow digital transmission of voice and data over ordinary telephone copper wires

51



► Cable

When a cable company offers Internet access over the cable the downstream data is sent into a 6-MHz channel. Upstream data uses a channel of 2 MHz

Two types of equipment used in cable internet are cable modem on the customer end and a cable modem termination system (CMTS) at the cable provider's end.

52



► Satellite

1. Satellite Internet services are used in locations where terrestrial Internet access is not available

2. The connection to high speed satellite Internet service is comprised of both indoor and outdoor equipment

3. Outside, there is an antenna and transmit-and-receive electronics, along with a connection to a small, dish.

4. This equipment connects by coaxial cable to the Indoor Receive Unit (IRU) and Indoor Transmit Unit (ITU) which connect to your computer through a simple USB connector

53



The satellite internet mechanism and a reception antenna is shown in the figure below

Satellite Internet mechanism Satellite Internet Dish

54



► Wireless1. The wireless Internet means that you must connect to a

LAN that is wired to an ISP

55



► LAN1. A local area network (LAN) is a group of computers and

associated devices that share a common communications line or wireless link.

2. Ethernet is by far the most commonly used LAN technology )

56


Topic 3 - Browser Configurations

1. There are several configurations that can be set on a web browser.

2. The most commonly used web browser is the Microsoft Internet Explorer.

3. The settings on this web browser in the Internet Explorer Options present in the Control Panel applet or by clicking the Tools menu The settings on the internet explorer are:

1. Proxy Server 2. Security and Scripts

57


Topic 3 - Browser Configurations

► Proxy Server

1. A proxy server is a computer that allows clients to make indirect network connections to other network services

2. Hence the client computers are configured with the IP address of the server which is directly connected to the network server providing the service

58


Topic 4 - Firewall Configuration in Windows XP

1. Firewall is a type of security mechanism that acts as a barrier to check the data (often called traffic) coming to the computer from other computer

1. There are two kinds of firewalls 1. Hardware Firewall 2. Software Firewall

Firewall

59


Conclusion

► Summary A network is a set of computers or hardware devices

connected together physically or logically

A network protocol is a software that provides a set of rules for communicating between computers.

The computers in a windows network communicate with each other using their IP address.

In Microsoft Windows network, a device can be configured with a static or a dynamic IP Address

IPX/SPX (NWLink) is the Microsoft implementation of IPX/SPX AppleTalk is the proprietary Apple protocol which is small and

relatively fast like IPX

60


Conclusion

Summary◊ Microsoft Windows operating system provide several

command line tools that can be used for troubleshooting any TCP/IP related issues.

◊ The various kinds of resources such as files, folders, entire drives, printers, faxes, Internet connections, etc can be shared on a Windows operating system

◊ There are several terminologies used in the internet. These include, ISP, SSL, Email, HTTP, HTML, FTP, Telnet, etc.

◊ ISP or Internet Service Provider is an organization that provides access to the Internet for a monthly fee.

61


Conclusion

Summary◊ HTTP (Hypertext Transfer Protocol) is the protocol, which

defines how messages are formatted and transmitted

◊ SSL or Secure Sockets Layer provides secure transmission of data between web browsers and web servers.

◊ HTTPS or Secure Hyper Text Transfer Protocol (S-HTTP) is another protocol that transmits data securely over the internet.

◊ Telnet is a terminal emulation program for TCP/IP networks such as the Internet.

◊ Windows XP Professional operating system has a built-in firewall called Internet Connection Firewall (ICF).