1 / 12

Cyber Patriot Training

Cyber Patriot Training. 4 December 2010. Results. Local Security Policy. More of the same, look at the policies. Users and Group Security. Check group membership, disable unknown users. Vulnerable Services. Control Panel/Administrative Tools/Services

hanzila
Download Presentation

Cyber Patriot Training

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cyber Patriot Training 4 December 2010

  2. Results

  3. Local Security Policy • More of the same, look at the policies

  4. Users and Group Security • Check group membership, disable unknown users

  5. Vulnerable Services • Control Panel/Administrative Tools/Services • Turn off everything that is not needed. If not sure what the service is, look it up • Use Process Explorer • http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx

  6. Backdoor/Virus/Malware • Check registry with regedit • HKLM\Software\Micrsoft\Windows\CurrentVersion\Run • HKCU\Software\Micrsoft\Windows\CurrentVersion\Run • Look in C:\Program Files • Dump Temporary Internet Files • Clear History • Download and run • http://www.malwarebytes.org • Dump temp folders under windows and user

  7. Backdoor/Virus/Malware • http://free.antivirus.com/hijackthis/ • http://www.safer-networking.org/en/download/ • http://www.microsoft.com/security_essentials • http://www.avg.com/us-en/download-trial • http://www.free-av.com/ • http://www.pctools.com/free-antivirus/ • http://download.cnet.com/Avast-Free-Antivirus/3000-2239_4-10019223.html

  8. File and Folder Configuration • Not sure what they want here • Check security settings • Turn off all shares not needed (probably what they are looking for)

  9. Patches and Updates • Do windows updates immediately, they take time, do them while you are doing other things • Don’t dLo anything that will require a reboot!!! • Security updates shouldn’t require update or select reboot later • Download from Technet ahead of time • http://technet.microsoft.com/en-us/bb403698.aspx • Not sure if you need to do updates as in IE7 to IE8 • Would say you SHOULD update but up to you

  10. Ubuntu • Show running processes • top or ps • Stop running processes • kill by pid • Check scheduled tasks • Crontab -l or –e • su to root and check crontab • chmod to change file permissions • chown to change file owner

  11. Ubuntu Continued • Check ftp configuration file • /etc • Probably something like: vsftpd.conf • No anonymous login • No root login • Turn off telnet as well • Same thing for ssh • /etc/ssh then ssh_config or sshd_config • To restart a service • service servicename(d) restart (vsftpd, sshd)

  12. Ubuntu • chkconfig – shows current configuration of services, etc • Shows file sharing • http://www.simplehelp.net/2007/05/19/how-to-share-files-and-folders-in-ubuntu/ • sudo is the same as running as root • Antivirus for Ubuntu • http://free.avg.com/us-en/download.prd-alf

More Related