We all want our system and information to be secure from unwanted attacks, theft or corruption. In this blog we will discuss some common utilities and methods present in both windows and linux by which we can ensure that our computer is secure.
MALWARE
Malware, short for malicious software, consists of programming (code, scripts, active content, and other software) designed to disrupt or deny operation,
gather information that leads to loss of privacy or exploitation, gain unauthorized access to system resources, and other abusive behavior.
gather information that leads to loss of privacy or exploitation, gain unauthorized access to system resources, and other abusive behavior.
The most common security concern that we all have heard about are the malwares.
They basically include-
--Viruses
--Trojan Horses
--Worms
--Zombies
They basically include-
--Viruses
--Trojan Horses
--Worms
--Zombies
Although technically they are different, they still affect the system adversely.
*ANTI-VIRUS
Windows deals with malware by using Anti-virus programs.Windows does not have any built-in anti-virus program but Microsoft does offer a free anti-virus MICROSOFT Security Essentials that can be downloaded from the site.
There are other third-party software available which can be used like
Mcafee,etc. For further information regarding virus threats refer to the blog 'Virus threats in Computers'.
(reference :http://www.rapidsharecollection.com/26-mobile-antivirus-%E2%80%93-all-version/)
Linux provides better protection against malware compared to Windows because of the malware's lack of root access and the fast updates to major linux vulnerabilities.To gain control over a Linux system or cause any serious consequence to the system itself, the malware needs to gain root access to the system, which requires a users' password and so would be difficult to accomplish. But there has been an observable increase in the malicious programs written specially for linux. Therefore like in Windows, there are various Anti-virus applications available like McAfee, AVG, ClamAV, etc.
Linux provides better protection against malware compared to Windows because of the malware's lack of root access and the fast updates to major linux vulnerabilities.To gain control over a Linux system or cause any serious consequence to the system itself, the malware needs to gain root access to the system, which requires a users' password and so would be difficult to accomplish. But there has been an observable increase in the malicious programs written specially for linux. Therefore like in Windows, there are various Anti-virus applications available like McAfee, AVG, ClamAV, etc.
(from wikipedia page of linux malwares)
Because new viruses are identified every day, it's important to use an antivirus program with an automatic update capability.
When the program is updated, it adds new viruses to its list of viruses to check for, helping to protect your computer from new attacks.
If the list of viruses is out of date, your computer is vulnerable to new threats.
Updates usually require an annual subscription fee.
Keep the subscription current to receive regular updates
When the program is updated, it adds new viruses to its list of viruses to check for, helping to protect your computer from new attacks.
If the list of viruses is out of date, your computer is vulnerable to new threats.
Updates usually require an annual subscription fee.
Keep the subscription current to receive regular updates
*ANTI-SPYWARE
Malware, short for malicious software, consists of programming (code, scripts, active content, and other software) designed to disrupt or deny operation,
gather information that leads to loss of privacy or exploitation, gain unauthorized access to system resources, and other abusive behavior.
Spyware is a type of malware.
To help protect your computer from spyware, use an antispyware program.
The various version of WINDOWS has a built-in antispyware program called Windows Defender, which is turned on by default.
Windows Defender alerts you when spyware tries to install itself on your computer.
It also can scan your computer for existing spyware and then remove it.
To access the built-in Anti-spyware : Go to start => control panel => Windows Defender
FIREWALL
(reference : http://windows.microsoft.com/en-US/windows7/Understanding-security-and-safer-computing)
A firewall is a software or a hardware which permits or denies network transmissions based on certain rules and guidelines and to protect the system from authoritative access. This way it also helps in protecting against malwares and untrustworthy sites.
Windows
Windows Firewall is built into Windows and is turned on automatically.
To access the firewall : Go to start => control panel => Windows Firewall
Linux
The Linux kernel includes the Netfilter subsystem, which is used to manipulate or decide the fate of network traffic headed into or through your server. All Linux firewall solutions use this system for packet filtering. We can manage and change the firewall settings using the iptables. When a packet reaches your server, it is handed off to the Netfilter subsystem for acceptance, manipulation, or rejection based on the rules supplied to it from iptables.
The default firewall configuration tool is the ufw- Uncomplicated Firewall. But both the ufw command as well as the ip tables can be used to manipulate the firewall settings.
The Linux kernel includes the Netfilter subsystem, which is used to manipulate or decide the fate of network traffic headed into or through your server. All Linux firewall solutions use this system for packet filtering. We can manage and change the firewall settings using the iptables. When a packet reaches your server, it is handed off to the Netfilter subsystem for acceptance, manipulation, or rejection based on the rules supplied to it from iptables.
The default firewall configuration tool is the ufw- Uncomplicated Firewall. But both the ufw command as well as the ip tables can be used to manipulate the firewall settings.
The difference between an Anti-virus program and a firewall :
PASSWORD SECURITY
A password is a secret word or a string of characters which is used to gain access to a resource. A password should be kept secret and not told to those who are not allowed access.
Both Linux and Windows require password to be entered to login in an account. While it is necessary in Linux to enter the user password, it is optional in windows.
The breach of password security is the most common security breach. This can be avoided easily by ensuring :
1)While working on a shared computer ensure that you DONT check on the 'remember my password' option. Most browsers ask the user if he/she wants to save the password on the computer. If you are sharing the system with others it is recommended not store the password as it can be accessed easily.
Both Linux and Windows require password to be entered to login in an account. While it is necessary in Linux to enter the user password, it is optional in windows.
The breach of password security is the most common security breach. This can be avoided easily by ensuring :
1)While working on a shared computer ensure that you DONT check on the 'remember my password' option. Most browsers ask the user if he/she wants to save the password on the computer. If you are sharing the system with others it is recommended not store the password as it can be accessed easily.
Following our the steps involved to extract a stored password from Firefox web Browser.
Edi t=> Preferences => Security=> Saved Passwords
2)Do not tell your password to other people and even if you do not communicate through Email, Instant Messaging or SMS.
3)Avoiding using the same password for multiple sites or purposes.
4)Make sure that your password it of good strength and complexity and do not use commonly used words or date of birth as password.
Ways to design a password with good strength : http://www.ehow.com/video_4984071_select-secure-password.html
SECURITY BY LEAST PRIVILEGE
The PRINCIPLE OF LEAST PRIVILEGE ((POLA)) is widely recognized as an important design consideration in enhancing
the protection of data and functionality from faults (fault tolerance) and malicious behavior (computer security).
The PRINCIPLE OF LEAST PRIVILEGE , also known as the principle of minimal privilege or just least privilege.
This means giving a user only those privileges which are essential to do his/her work.
How to use POLA
If a password does get cracked, minimise the risk by always ensuring that account authorisation is done on a 'least privilege' basis.
Hackers love to get access to any account on a WINDOWS machine or network because all too often this means,
they can escalate upwards through increasingly more privileged accounts and gain even more control.
To thwart the risk, restrict interactive login privileges, restrict access to critical system binaries (cmd.exe springs to mind here) for damage limitation,
and restrict system booting to 'from hard disk only' to prevent physical privilege escalation.
WINDOWS XP SP2 users can add a Windows Registry key to access more powerful software restriction policies with levels including 'restricted' and 'untrusted.
The PRINCIPLE OF LEAST PRIVILEGE ((POLA)) is widely recognized as an important design consideration in enhancing
the protection of data and functionality from faults (fault tolerance) and malicious behavior (computer security).
The PRINCIPLE OF LEAST PRIVILEGE , also known as the principle of minimal privilege or just least privilege.
This means giving a user only those privileges which are essential to do his/her work.
How to use POLA
If a password does get cracked, minimise the risk by always ensuring that account authorisation is done on a 'least privilege' basis.
Hackers love to get access to any account on a WINDOWS machine or network because all too often this means,
they can escalate upwards through increasingly more privileged accounts and gain even more control.
To thwart the risk, restrict interactive login privileges, restrict access to critical system binaries (cmd.exe springs to mind here) for damage limitation,
and restrict system booting to 'from hard disk only' to prevent physical privilege escalation.
WINDOWS XP SP2 users can add a Windows Registry key to access more powerful software restriction policies with levels including 'restricted' and 'untrusted.
PHISHING
Phishing is a way of acquiring or attempting to acquire sensitive details like passwords, account details, etc by masquerading as a trustworthy entity. Its is usually carried out through e-mail spoofing and instant messaging. Phishers send emails to victims with phrases like 'verify your account' or 'checking billing information' to lure them and then direct them to a fake website whose look and feel is like that of the legitimate one. Another technique commonly used by the phishers is link manipulation. Link manipulation involves misspelled URLs and the use of subdomains.
(reference: http://library.thinkquest.org/06aug/00446/Phishing.html)
References:
http://onguardonline.gov/stopthinkclick
http://linas.org/linux/secure.html
http://en.wikipedia.org/wiki/Linux_malware#Anti-virus_applications
http://en.wikipedia.org/wiki/Phishing
http://en.wikipedia.org/wiki/Computer_security
http://en.wikipedia.org/wiki/Firewall_%28computing%29
http://windows.microsoft.com/en-US/windows7/Understanding-security-and-safer-computing
Contributed by :
Shalini Verma
Mehak
http://onguardonline.gov/stopthinkclick
http://linas.org/linux/secure.html
http://en.wikipedia.org/wiki/Linux_malware#Anti-virus_applications
http://en.wikipedia.org/wiki/Phishing
http://en.wikipedia.org/wiki/Computer_security
http://en.wikipedia.org/wiki/Firewall_%28computing%29
http://windows.microsoft.com/en-US/windows7/Understanding-security-and-safer-computing
Contributed by :
Shalini Verma
Mehak
No comments:
Post a Comment