nettech solutions protecting the computer lesson 10
TRANSCRIPT
NetTech Solutions
Protecting the Computer
Lesson 10
NetTech Solutions
Exam Objectives
• Identify and troubleshoot network connectivity problems caused by the firewall configuration
• Identify and respond to security incidents
NetTech Solutions
Lessons in this Chapter:
• Updating Windows and Microsoft Office
• Configuring Windows Firewall• Troubleshooting Virus Attacks• Using Microsoft Baseline
Security Analyzer
NetTech Solutions
Updating Windows and Microsoft Office
• Configuring Automatic Updates
NetTech Solutions
Using the Microsoft Update Site
• Three updates types: – High Priority updates, – Software Optional (non-critical
updates for Windows and other products), and
– Hardware Optional (hardware driver updates).
NetTech Solutions
High Priority Updates
NetTech Solutions
Software Optional Updates
NetTech Solutions
Practice:
• Updating Windows XP– Page 10-7
NetTech Solutions
Configuring Windows Firewall
• Understanding Windows Firewall– Perimeter firewalls– Local firewalls
• A stateful, host-based firewall
NetTech Solutions
Windows Drops Traffic that:
• Solicited traffic (valid traffic that is sent in response to a request by the computer) is allowed through the firewall.
• Expected traffic (valid traffic that you have specifically configured the firewall to accept) is allowed through the firewall.
NetTech Solutions
Windows Firewall is:
• Is enabled by default for all network connections.
• Limits the network traffic that comes into a computer by blocking transmission over all ports except those specifically configured to allow traffic
• Restricts traffic by IP address (or IP address range),
• Allows you to enable or disable Windows Firewall on each connection configured
• Allows you to keep a security log of blocked traffic
• Performs stateful packet filtering during startup
NetTech Solutions
Enable or Disable Windows Firewall for all Network Connections
• Control Panel• Security Center• Windows Firewall
NetTech Solutions
Windows Firewall
To Disable for a specific connection
NetTech Solutions
Exam Tip
• You should know where Windows Firewall log files are stored, whether logging isavailable, and what kind of information you can learn from log files.
NetTech Solutions
Tip
• Instead of entering the IP address for the local computer, you can also use the loopback address 127.0.0.1, which always refers to the local computer.
• This is useful should the IP address of the local computer change.
NetTech Solutions
ICMP Options
• Table 10-1– Page 10-18,19
NetTech Solutions
Troubleshooting Windows Firewall
• The inability to enable or disable Windows Firewall
• Problems with file and print sharing,
• Inability to access a server• Problems with Remote
Assistance,• Problems running Internet
programs.
NetTech Solutions
Things to Remember
• Windows Firewall can be enabled or disabled only by administrators.
• you must enable the File And Printer Sharing exception.
• Web server, FTP server, or other service, create the proper exceptions
• Windows Firewall blocks Remote Assistance and Remote Desktop traffic by default.
NetTech Solutions
Practice:
• Configure Windows Firewall– Page 10-21
NetTech Solutions
Troubleshooting Virus Attacks
• Virus Scanning Software– After installation, you should
1. Configure of automatic start
2. Configure to scan in/out going e-mail
3. Block scripts
4. Set to run either daily or weekly
5. Go to the web site for update Signatures
6. Keep your subscriptions current
7. Configure to protect against spyware or adware
8. Should automatically fix the system when a virus is detected
NetTech Solutions
Updating Virus Scanning Software
• Most important action a user can do is keep the virus signatures up to date
NetTech Solutions
Managing Antivirus Programs with Security Center
• On the Network
NetTech Solutions
Managing Antivirus Programs with Security Center
• On a workgroup the local administrator
NetTech Solutions
Taking Notice of Common Signs
• Virus’ come in through:– E-mail, – A floppy disk,– A downloaded application,– Network program
NetTech Solutions
Symptoms of virus infection
• The computer system or network slows down.• Network users all report similar problems almost
simultaneously.• Activity occurs on the computer, including
messages, music, or pop-ups.• A network e-mail server slows down or stops
responding.• Data files become corrupt or are missing.• Files and folders are changed.• Programs do not run or they run chaotically.• Computer partitions become unavailable.• E-mail is sent from a computer automatically and to
everyone in the user’s address book.
NetTech Solutions
Recovering from a Virus
• First find the virus.– Virus scanner should pick it up– There are online checkers:
• http://housecall.trendmicro.com• http://windowsxp.mvps.org/Scanners.htm
• A list of anti virus companies Microsoft supports:– http://www.microsoft.com/security/partner
s/antivirus.asp– http://www.microsoft.com/athome/security
/protect/windowsxp/default.mspx
NetTech Solutions
Using Microsoft Baseline Security Analyzer
• Downloading MBSA• http://www.microsoft.com/tech
net/security/tools/mbsa2/default.mspx
• Follow the instructions
NetTech Solutions
Install MBSA 2.0
NetTech Solutions
Run MBSA 2.0
NetTech Solutions
Practice:
• Install and Run MBSA– Page 10-32
NetTech Solutions
Summary
• Case Scenario– Page 10-34
• Troubleshooting Lab– Page 10-35
• Exam Highlights– Page 10-36