1 / 41

IS493 Information Security

IS493 Information Security. Tutorial # 1 (S1-1435-1436) Ashraf Youssef. Lab#: 1. Securing your system. 1.1: Tenable Nessus. Nessus currently works on Windows, Linux, and Mac. It is a vulnerability scanner, It can scan a targeted system or a range of systems

bmilligan
Download Presentation

IS493 Information Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IS493 Information Security Tutorial # 1 (S1-1435-1436) Ashraf Youssef

  2. Lab#: 1 Securing your system

  3. 1.1: Tenable Nessus • Nessus currently works on • Windows, Linux, and Mac. • It is a vulnerability scanner, • It can scan a targeted system or a range of systems • It identifies any vulnerabilities or weaknesses.

  4. Conti… • Nessus has two parts • Server, which is already set up, • Client which you will be working with. • When you first lunch the Nessus client you need to connect to the server.

  5. Conti… • Chose Single host, and type in your PC’s IP address. • Nessus will generate a whole report about the scanned system.

  6. 1.2: Run the Microsoft Baseline Security Analyzer (MBSA) • MBSA currently works with Microsoft Windows OS. YOU CAN • scan a system and • identify weaknesses and misconfigurations.

  7. Conti… • To run MBSA, follow these steps: • Log in with administrator privileges • Download the latest version of MBSA from • http://technet.microsoft.com/en-us/security/cc184924.aspx.

  8. Conti… • Choose the option ‘Scan a computer’. • The default computer to scan will be the one you are sitting at. • You can change this to another on the network by specifying either the computer’s name or IP. • Click Start Scan.

  9. Conti… • View the report that is given when the scan finishes. • The report will include information on missing security updates, • Service packs for the operating system and • Microsoft applications.

  10. Conti… • It will also identify any user accounts that have • blank or simple passwords, • firewall status, • the number of local administrators configured, • unnecessary services.

  11. Figure 1.1 MBSA

  12. Figure 1.2 results of MBSA

  13. 1.3: Configure Windows Automatic updates • One of the most important things you can do to keep your systems secure is to keep them up-to-date. • Start the System applet by choosing Start  Control Panel  System. *Switch the view to Classic mode • Click the Automatic Updates tab. • Check the Keep My Computer Up To Date option (with some service packs, this becomes simply an Automatic radio button).

  14. Lab#: 2 Identifying running processes, ports, and services

  15. Introduction • It is important to know what processes are running on a machine at any given time. • In addition to the programs that a user may be using, there are always many others • that are required by the operating system, the network, or other applications.

  16. 2.1: Identify Running Processes on a Windows-Based Machine • All recent versions of Windows include the Task Manager to allow you to see what is running. • 1. Right-click an empty location in the Windows Taskbar. • 2. Choose Task Manager from the pop-up menu that appears.

  17. Conti… • Examine the list and • look for anything out of the ordinary. • After doing this a few times, • you will become familiar with what is normally there and • will be able to spot oddities quickly.

  18. 2.2: using Processes explorer to identify running Processes, Ports and Services • Process Explorer is a system monitoring and examination utility • It can be used as the first step in debugging software or system problems. • To use Process Explorer follow these steps: • Download Process Explorer from Google • Then double click on “procexp” on your desktop • Click Ctrl+L. a lower panel will show up.

  19. Figure 2.1 Process Explorer.

  20. Click Ctrl+I, • System information window will appear showing statistics and graphs about the system. • Click on any process from the top window (e.g. svchost.exe), and • right click on it and chose ‘properties’.

  21. Figure2.2 System information from Process explorer

  22. Lab#: 3 Windows system

  23. Lab#: 3 • In this Lab, you will be learning some important security aspects in the Windows system; • This lab will go over users and permissions, sharing and folders permissions.

  24. 3.1: Adding new user in Windows • You will be creating new user on your windows system, to do so follow these steps:

  25. Conti… • Choose Start  Control Panel. • Double click ‘User Accounts’. • Click the Create a New Account link. • Enter a name for the account. • Select the type of account you want to create for Windows. • Click the Create Account button. • Close the Control Panel.

  26. Figure 3.1 adding a user.

  27. 3.2: Identify User Accounts with Administrator Access in Windows XP • User management is simplified by adding users to groups. • To see which users are members of the Administrators group, follow these steps:

  28. Conti… • Choose Start  Run  Click on Start  enter compmgmt.msc, then click on the OK button • Within the left frame, expand Local Users and Groups and then expand Groups, as shown in Figure 3.2.

  29. Conti… • Double-click Administrators and a list of users appears. • You can use the Add or Remove button to place users in this group or take them from it, respectively. • Exit the Computer Management console. • Exit Control Panel.

  30. Figure 3.2 Expand the Groups folder to see the local groups.

  31. 3.3: Hide and Access a Windows Share • This lab requires two Windows workstations. • A simple method for “protecting” shares is to make them hidden. • To hide a share in Windows, you use the dollar sign character ($) as the last character of its name. • It will then no longer appear in listings and will need to be referred to specifically to be accessed.

  32. Conti… • Follow these steps: • On Computer1, choose to share the C:\WINDOWS directory, and name the share DATA$. • On Computer2, look for the share. • Use My Network Places (or Network Neighborhood on older Windows operating systems) to look for the share. • You should not be able to see the share because the name ends with $.

  33. Conti… • Right-click My Network Places and choose Map Network Drive. • In the Path box, type \\Computer1\DATA$ • Click OK. • You should now be able to access the share.

  34. 3.4: Securing the Window’s User’s Accounts Database • The Windows XP accounts database can be secured through encryption to prevent it from being compromised. • To perform this action, follow these steps: • Choose Start  Run. • Type keyword “syskey” and press Enter. • Click Update.

  35. Conti… • Choose Password Startup. • Enter a password that you want to require during startup. • Enter the same password in the Confirm box. • Click OK. • Note the warning—once encryption is enabled, it cannot be disabled.

  36. Figure 3.3 Use encryption to secure the Windows XP account database.

  37. 3.5: Changing ACL for a folder • Access Control Lists apply only to files stored on an NTFS formatted drive • Each ACL determines which users (or groups of users) can read or edit the file. • When a new file is created it normally inherits ACL's from the folder where it was created.

  38. Conti… • The easy way in Windows is by right clicking on the folder and changing the privileges, to do so follow these steps: • Double click the folder ‘My Document’, and then create new folder in it. • Right click on the new folder, and chose ‘properties’.

  39. Conti… • Click on the 3rd tap ‘Security’. • You will see all users, including the user you have created. Click on any user. • User’s permissions are displayed in the bottom window; you can change any permission by clicking on ‘Allow’ or ‘Deny’. • Click on advanced and explore what other options you can perform.

  40. Thanks !

  41. Tutorial Delivered By : Ashraf Youssef IS dept College of Computer and Information Sciences (CCIS), King Saud University , Riyadh , Kingdom of Saudi Arabia. Mobile: 0507181787 E-mail : ashraf@ksu.edu.sa

More Related