SIS Security Training Information

Hardening the Operating Systems

• University of California Minimum Security standards recommends workstation operating systems be hardened against possible attacks by hackers and/or malicious code (viruses, trojan horses, worms, logic bombs, etc). This information is provided to help the user understand the hardening process. Hardening is simply locking the system down so services, ports, etc can not be utilized by nefarious individuals to steal or deny the use of the computer.
• Campus Minimum Standards

Updating Windows XP Professional Operating System

• Updating your operating system with the "Critical Security Updates/Patches/Hotfixes" is crucial to maintaining the highest security possible on your Windows XP Professional operating system. The following procedures are provided so you can perform the update in a quick manner.
• Additional Information

Updating Windows 2000 Professional Operating System

• You will find that updating Windows 2000 Professional is not much different than updating Windows XP Professional. The real differences are the look and feel of the menu's, etc between the two systems. If you enable the classic view in Windows XP it will be identical, mostly, to Windows 2000 Professional.
• Additional Information

Hardening the Windows XP Operating System

• IT Security is implemented in layers and one layer is the hardening of the operating system against malicious/nefarious activity. A part of the hardening process includes the use of security templates. Windows comes with a generic template but to get the most it is recommended accessing the NIST site and download both their standard security templates and their hardening guides. The guides give you step by step instructions for implementing the NIST security template on stand alone Windows XP machines/workstations.
• Additional Information

Hardening the Windows 2000 Operating System

• Microsoft provides a means of setting security for a workstation by the use of templates. Security templates allow the administrator to set specific security settings and then use the template to quickly set those settings in all the user workstations.
• Additional Information

File and Print Sharing

• If you do not have a need to share your files with other users on your network then you should disable the file and print sharing option in the operating system along with turning off the simple file sharing option for file folders. This is just one of many operating system hardening processes you should complete to secure your workstation against attacks.
• Additional Information

Windows XP Security Center

• This section is for those who will install a third party security suite in lieu of using the one supplied by Microsoft. This section will take you through the steps necessary prior to installing third party IDS (Intrusion Detection Systems, i.e. firewall, anti-virus, etc). It is highly recommended users go with third party products since they have more features and provide additional protections.
• Additional Information

TCP/IP Network Settings/Configuration

• Setting up the appropriate configuration to connect to the Internet/Network depends on how you are going to connect. This set of steps is to set up TCP/IP for a network connection through an ethernet system (UC Berkeley System).
• Additional Information

Configuring Windows XP Security Firewall

• Firewalls are a method of keeping your computer or network secure. Firewalls can either be hardware or software based. Windows XP offers an easy to configure software firewall called Internet Connection Firewall.
• Additional Information

Recommended Security Settings - Auto Updates

• It is highly recommended that the following security settings be set on SIS workstations. This is particular to the Windows XP Professional operating system. In regards to the Windows 2000 Professional systems the same basic settings for "Notify me but do not download and install" option is highly recommended.
• Additional Information

Disable Windows Services

• Disabling Windows services to save resources can be a daunting task. This is why it is recommended a workstation implement the NIST Workstation security template (Windows 2000 or XP).
• Additional Information

Setting a Restore Point in XP

• When you set up a new computer the first thing to do prior to running all the required updates to the security suite, programs, and operating system you need to create a restore point. What is a restore point?
• System Restore is designed to automatically monitor and record changes made to the core Windows system files and to the registry. System Restore can then allow you to undo (or "roll back") a change that caused instability in your system. This is accomplished by periodically recording a "Restore Point" (or System CheckPoint) that gives you the ability to roll your system back to the point in time when your computer was known to function properly.
• Additional Information

Web Bugs

• You may not know of a stealthy technology commonly known as Web Bugs (could also be referred to as sneakware or spyware) are being used to track your comings and goings on the Internet.
• Additional Information

Spyware and Adware

• Spyware and Adware are a constant within the browsing of the internet. Some of it is harmless and more of it is currently and becoming a danger to the surfer/user. Read the following for more information.
• Additional Information

Viruses

• You may suspect that your computer has a virus, but how can you really tell? Viruses often cause erratic behavior. Smiley faces may pop up, the screen may turn blank, the computer may crash, or it may constantly reboot. The trigger that activates the virus can be almost anything. For instance, the virus can be activated the minute it is installed. Or it may start its dirty work the next time you start your computer. In some cases, a virus can reside inside your computer in an inactive state, waiting for a certain event (like a certain date) to happen.
• Additional Information

Virus Properties

• Your computer can be infected even if files are just copied.
• Can be Polymorphic.
• Additional Information

Fighting Spyware

• How can internet users fight back? There is no single answer, but there are many measures that can be taken.
• Additional Information

How Viruses Affect Files

• VIRUSES can effect any files however usually attack .com, .exe, .sys, .bin, .pif or any data files. Viruses have the capability of infecting any file however will generally infect executable files or data files such as word or excel documents which are open frequently.
• Additional Information

What a Virus Does

• The following are possibilities you may experience when you are infected with a virus. Remember that you also may be experiencing any of the following issues and not have a virus.
• Additional Information

Detecting a Virus

• The most commonly used method of protecting against and detecting viruses is to purchase a third party application designed to scan for all types of viruses. Programs such as Norton Anti-virus, McAfee Anti-virus, or ZoneAlarm Anti-virus.
• Additional Information

Virus Myths

• "If I download a file onto a disk I don't have to worry about a viruses." - This is not true, just because you place a file on a disk does not mean that your hard drive cannot be infected. Because around half of the computer viruses are memory resident the virus will load itself into memory and will then infect your hard drive and data on the diskette.
• Additional Information

Macro Viruses

• A macro virus is a virus designed in a word processor, which is just a macro designed to destroy, corrupt, infect, erase files or delete files or data on the hard disk drive.
• Additional Information

Avoiding Viruses

• Computer viruses implant instructions in other programs or storage devices and can attack, scramble, or erase computer data. The danger of computer viruses lies in their ability to replicate themselves and spread from system to system. Few computing systems are immune to infection.
• Additional Information

E-mail Scams

• E-mail scams such as "Phishing" (fishing) are used the most to disrupt computers, networks, services, etc. Users need to be aware of what a phishing email is and what they should do when they receive them.
• Additional Information

E-mail Attachments

• It's a typical busy day at the office. Reading your e-mail between crises, you quickly delete that spam message that arrived with a snappy graphic, you file away the Word-formatted resume, and you save for later an MP3 tune from your brother.
• Additional Information

Social Engineering

• The user is the greatest asset to security and at the same time the weakest link. Users are trusting in nature and have a desire to help. This puts them at risk of social engineering and only by educating the user can you overcome this weak link. Read the following article to find out how you can protect yourself.
• Additional Information

Strong Passwords

• Passwords are our first line of defense against crackers/viruses, etc. The User/Password system provides us with the means to identify and authenticate persons who access our systems be it workstations or data on servers.
• Additional Information

Vulnerabilities of IM

• Another danger to workstations is the use of IM or Instant Messaging Services/Software. Some of the dangers?
• Additional Information

Protection for your Identity (Personal Information)

• Identity thieves are everywhere and you should educate yourself as the most effective protection against losing your identity.
• Additional Information