1. Operating System
Security
O Rachel Jeewa
O www.twitter.com/RachelJeewa
1

2. In Old Days
2

3. Objective
O Nowadays,
as systems grow powerful , attacks on
system grow more sophisticated.
O Therefore, it is important that the system
users secure the computer from threats.
3

4. Threats to System Security
O Virus
A virus is a program that replicates by
copying itself to other programs, system
boot sectors or documents or applications.
Some viruses can damage to your files by
deleting or corrupting them. Some may
display rude or strange message on the
screen. Some can allow other people to
access and control your computer.
4

6. Trojan
O A Trojan is a
program that seems
to legitimate but
acts maliciously
when executed. It
can open direct
entry point for
attacker so attacker
may use system’s
resources such as
hard disk spce.
Spyware
O Spyware includes
Trojans and other
malicious software
that steals personal
information from a
system without
user’s knowledge.
6

7. Log-in Password Cracking
1.Guessing
Password Guessing is trying different
passwords until one works.
2.Shoulder Surfing
Shoulder Surfing involves watching while
someone types the password.
7

8. Log-in Password Cracking
3. Social Engineering
Social Engineering is tricking people to reveal
their passwords or other information that can be
used to guess a password.
4.Dictionary Attack
Dictionary attack uses a pre-defined list of
words to recover the password. This is likely to
succeed when the password is short. Several
password cracking programs are available on
the internet.
8

9. Guidelines for Windows OS
Security
1.Lock the system when not in use
It helps to secure the workstation from an
unauthorized user.
Method_ Selects the Window and L buttons
together on the keyboard to lock the system.
2.Create strong user password
A weak password does not offer an effective
protection .Always use strong password e.g
tEst@5#8*
Method_ Control Panel
User Accounts
9

10. Guidelines for Windows OS
Security
3.Disable the guest account
Unwanted guest accounts can be exploited
by attackers to gain entry in to the system.
Method_ Click the Start button, right-click
Computer from shortcut menu, and choose
Manage. Go to Local Users and Groups
Users. Double-click on Guest icon. In the
Guest Properties window, check the box
next to Account is disabled and click OK .
10

11. Guidelines for Windows OS
Security
4.Lock out unwanted guests
Lock out unwanted guests by configuring
the setting of the account lockout policy to
limit the number of login attempts .
Method_ click on Start button, Control
Panel,
And click Administrative Tools. Double
click the Local Security Policy, click
Account Policies, double-click the
Account Lockout Policy, and double click
Account Lockout Threshold. A the prompt,
enter the number of invalid login (e.g 3).
Click OK.
11

12. Window Update in Window7
For Window OS, enable automatic updates
to ensure that the OS is patched and up-todate.
Method_ click Start , Control Panel and
select System and Security. Select
Windows Update
Change Settings.
Choose how Windows should updates and
click OK.
12

13. Pointers for Updates
O Always patch the OS and applications to
O
O
O
O
the latest patch levels.
Ensure that patches are downloaded only
from vendor site.
Use patch management tools for easier
updating . Several free tools are available.
Do not send patches through email.
Choose to be notified by the vendor about
vulnerability announcements.
13

14. Window Firewall
O A firewall is software that guards the
system from unwarranted traffic when
connected to a network. Hackers can try
to take advantage of programs running on
the system and try to execute malicious
code. Hacking tools such as Trojan can
send information from the victim’s
computer to the attacker’s computer. A
firewall can detect this attack and block
certain traffic .
14

15. Configuring Window Firewall
O Steps to configure window firewall include:
Method_ Start
Control Panel
In the search box, type firewall and click
Windows Firewall.
In the left pane, click Turn Windows
Firewall On or Off.
Check the circles Turn On Windows
Firewall.
Click OK.
15

16. Using NTFS
O The NTFS file system provides better
performance and security for data on hard
disks and partitions than FAT file system.
You can convert earlier FAT or FAT32 file
system to NTFS by using the covert
command.
16

17. Using NTFS
O Click Start and type cmd , right click
Command Prompt and then click Run as
Administrator.
O In the Command Prompt, type covert
drive_letter: /fs:ntfs , where drive_letter is
the letter of the drive to be converted to
NTFS. Then press Enter.
O Type the name of the volume you want to
convert and press enter.When the conversion
complete restart the computer.
O Note-Converting to NTFS does not affect the
data.
17

18. Windows EFS
O Windows encryption file system(EFS) allows
window7 user to encrypt files and folders. But
encryption does not allow encryption on
compressed or zipped files and system files.
O Method_ right click on a file or folder to encrypt,
select Properties on the General tab, and click
the Advanced botton. Select Encrypt contents
to secure data. Click OK to close the dialog box
and click Apply
O The encryption dialog box appears. Check either
18
of the two options and click OK.

19. Decrypt A File Using EFS
O To decrypt a encrypted folder or file-
Right click on the folder or file to decrypt
and select Properties. On the General tab,
click the Advanced button. The Advanced
Attributes box will appears.
Uncheck Encrypt contents to secure data,
click OK to close the dialog box, apply the
settings and click OK.
19

20. BitLocker
O BitLocker drive encryption allows the
entire volume of the system to be
secured. Encrypted removable media can
be decrypted and re-encrypted again.
O Method_ click Start and click Computer.
Right click on the drive and select the
option Turn On BitLocker…
20

21. Windows Security Tools
1.Microsoft Security Essentials
http://www.microsoft.com
2.Keepass Password Safe Portable
http://www.portableapps.com
3.Registry Mechanic
http://www.pctools.com
21

22. Thank You!
22