11 - 14 jun 2007langkawi seaview hotel1 titisan ilmu myschoolnet sazali bin saidin, institut...

11 - 14 Jun 2007 Langkawi Seaview Hotel 1

TITISAN ILMU MYSCHOOLNET

Sazali bin Saidin,Institut Perguruan Perlis, Perlis,01000 Kangar, [email protected] | 019-4548436


Buying a PC Searching for appropriate

model (looks and design). Desktop, notebook, palmtop We choose notebook Then …

CPU - Intel® Centrino® Duo mobile technology Hard Disk, LCD Display, Memory Design – looks & feel, weight Features included – OS preloaded, Card reader,

Bluetooth, Connectivity, Camera


Installing Software

OS – Windows XP or Windows Vista Office Applications – MS Office Graphics – Photoshop, Paintshop, etc Antivirus – Trend Micro, AVG, etc Utilities – Registry Mechanic, Disk

Keeper


Happy hour… Create document Design graphics Surfing the www Creating html document Blog & forum Sending, sharing files, video, etc… Real-time communication IM, VM…etc Desktop Themes - Webshots, Screen

Saver etc…


Ku Sangka Panas Hingga ke Petang Rupanya Hujan di tengahari…

Initially … everything goes smoothly Now …

Pc boots too slow… Program takes longer

time than normal to open…

Pop up and ads… Junk emails Worms, trojans, virus, phising, etc… sluggishness

Rupanya Hujan di tengahari…Ku Sangka Panas Hingga ke Petang


Why…Why…Why it happens..


Then we notice that …

Too many programs at start up…



There may be also too many Terminate and Stay Resident (TSR) running at background



Our door are still open…



Very rare we updates patches…


Then we notice that … Our antivirus definition

or pattern out of date… Lack of information viruses

The First Generation: DoS Viruses (1986 - 1995)

The Second Generation: Macro Viruses (1995 - 2000)

The Third Generation: Big Impact Worms (1999 – 2005)

The Fourth Generation: Malcode for Profit (2004 – to present)

http://www.cioupdate.com/article.php/3598621



We rarely do generalmaintenance to our notebooks..

Do we… Clean up our junk / unneeded files Remove temporary files Scandisk and defrag Clean and compact our registry


What is the Windows Registry? Central database of information for general

settings and preferences, software applications, and hardware drivers and devices.

Keeping your registry in a good state of repair and conducting regular maintenance is imperative because the registry contains important data that is used all the time during system operation.

As you continue changing preferences, installing and uninstalling software and hardware, the registry grows and becomes more complex. In addition, the chances of errors and missing, obsolete or corrupt entries increases exponentially.


When and Why do Registry Problems occur? The latest statistics shows 94% of computers have

corrupt and possibly harmful files. On average, almost each PC will have about 150+ errors on them due to corrupt or missing registry entries.

Removing software from your system, it is highly probable that residuals are still littering your hard drive and your registry.

The result? Frequent error messages, slow start-ups, sluggishness, declining performance, system stalls, severe degradation in operating speed, unstable and frequent application errors and crashes, and, at times, even an inability to start Windows.


Sample Registry Attack…


Top 10 Threats – SANS Inst. Web servers and services.

Default HTTP (Web) servers have had several vulnerabilities, and numerous patches have been issued over the past several years. Make sure all your patches are up to date, and do not use default configurations or default demonstration applications. These vulnerabilities may lead to denial-of-service attacks and other types of threats.


Top 10 Threats – SANS Inst.

Workstation service. An attacker can obtain full control over a computer by compromising the Windows Workstation service, which is normally used to route user requests.


Top 10 Threats – SANS Inst. Windows remote

access services. A variety of remote access methods are included by default on most systems. These systems can be very useful, but also very dangerous, and an attacker with the right tools can easily gain control over a host.


Top 10 Threats – SANS Inst.

Windows authentication. Most Windows systems use passwords, but passwords can be easily guessed or stolen. Creating stronger, more difficult to guess passwords, not using default passwords, and following a recommended password policy will prevent password attacks.


Top 10 Threats – SANS Inst. Web browsers. Your window to

the Internet, a Web browser contains many vulnerabilities. Common exploits may include disclosure of "cookies" with personal information, the execution of rogue code that could compromise a system, and exposure of locally-stored files. Configuring the browser's security settings for a setting higher than the default value will prevent most Web browser attacks.


Top 10 Threats – SANS Inst. File sharing applications.

Peer-to-peer (P2P) programs are commonly used to share files. In a P2P system, computers are open to others in the P2P network to allow for all participants to search for and download files from one another. Many corporations forbid use of P2P networks because of the obvious risk of compromised data.


Top 10 Threats – SANS Inst. LSAS exposures. The

Windows Local Security Authority Subsystem (LSAS) has a critical buffer overflow that can be exploited by an attacker to gain control over the system. Again, proper configuration and application of patches will prevent most exploits.


Top 10 Threats – SANS Inst. Instant messaging. Many

corporations also block employees from using instant messaging, not only because of the technical threats but also because of the possibility of lost productivity. Configuring IM properly, applying all the latest patches, and taking control over any file transfers that occur over IM will prevent most attacks.


Windows systems for security vulnerabilities

Port scanners Network/OS vulnerability scanners Application/database vulnerability

scanners Password crackers File searching tools Network analyzers Exploit tools


Top 15 security tools for testing Windows

SuperScan version 3 www.foundstone.com/resources/proddesc/superscan3.htm

Very fast and easy to use port scanner that can find live systems, look for open ports and running services, grab banner information including software versions

SoftPerfect Network Scanner www.softperfect.com/products/networkscanner

Maps MAC addresses to IP addresses which can help you locate rogue wired and wireless systems



NetBIOS Auditing Tool (NAT) www.cotse.com/tools/netbios.htm

Neat tool for cracking passwords on Windows network shares

QualysGuard www.qualys.com

The ultimate in ease of use and comprehensive network/OS vulnerability scanning -- checks for thousands of old and current exploits



Metasploit www.metasploit.org

A great tool to exploit those Windows-based vulnerabilities that other tools find

Cain & Abel www.oxid.it

A nice tool for misc. password cracking


The simple rules… Apply regular updates and

patches as they become available.

Employ security software and hardware such as firewalls and authentication servers.

Do not use default passwords and other values that are provided with your software

New virusesVirus primer


Best Practices…Automatic detect,

clean & updatepattern.


Deploy Windows Server Update Services

Group Policy Active

Directory

Thanks you..!

11 - 14 jun 2007langkawi seaview hotel1 titisan ilmu myschoolnet sazali bin saidin, institut...

Documents

openlangkawi seaview

langkawi seaview hotelbuying

langkawi seaview hotelwhen

windows registry

registry problems

missing registry entries

etcutilities registry

software applications