Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
SlideShare a Scribd company logo

Operating system security

Download as PPTX, PDF
Sarmad Makhdoom
Sarmad Makhdoom

This document discusses computer system security and provides information on various topics related to ensuring security. It begins with an introduction to computer security, including internet security, remote sharing, and software installation. It then covers operating system security focusing on access control, supervision, and resource allocation. Statistics on world internet usage and computer penetration rates are presented. The document goes on to discuss external interface security, internal security, surveillance, threat monitoring, access controls, cryptography, viruses, worms, trojans, spyware, specific spyware programs, internet security software options, firewalls, and phishing prevention. Recommended resources on these security topics are listed at the end.

1 of 21
Presented by SARMAD MAKHDOOM
 Introduction  Computer System Security – Internet Security – Remote Sharing – Software Installation  Operating System Security – Access Control – Supervision – Resource Allocation
 World Population roughly 6 billion  Computers in this world roughly 2.25 billion  Internet user roughly 2 billion  Millions of computer are tied together via communication network (mostly telephone system)
WORLD INTERNET USAGE AND POPULATION STATISTICS World Regions Population ( 2009 Est.) Internet Users Dec. 31, 2000 Internet Users Latest Data Penetration (% Population) Growth 2000-2009 Users % of Table Africa 991,002,342 4,514,400 86,217,900 8.7 % 1,809.8 % 4.8 % Asia 3,808,070,503 114,304,000 764,435,900 20.1 % 568.8 % 42.4 % Europe 803,850,858 105,096,093 425,773,571 53.0 % 305.1 % 23.6 % Middle East 202,687,005 3,284,800 58,309,546 28.8 % 1,675.1 % 3.2 % North America 340,831,831 108,096,800 259,561,000 76.2 % 140.1 % 14.4 % Latin America/Caribbean 586,662,468 18,068,919 186,922,050 31.9 % 934.5 % 10.4 % Oceania / Australia 34,700,201 7,620,480 21,110,490 60.8 % 177.0 % 1.2 % WORLD TOTAL 6,767,805,208 360,985,492 1,802,330,457 26.6 % 399.3 % 100.0 %
 External Security (Interface Security) – Physical Security – Operational Security • Classifications • Division of Responsibilities  Internal Security
 Surveillance (mean: close observation, especially of a suspected spy or criminal) – Authentication  Threat Monitoring – No Direct Access – Surveillance Programs like supervisor  Amplification – Example:Taxpayers information
 Password Protection – Weaknesses – Solutions  Auditing – Audit Occasionally – Audit Log
 Access Controls – Access based on Classifications  Security Kernels – Beginning rather than retrofitted  Hardware Security – Incorporate Operating System Functions
 Fault-Tolerant Systems – Hardware rather than Software • Major Portion of Operating System • Fault Detection – Multiple I/O subsystems
 What is Cryptography?  A cryptographic Privacy System – Sender – Encryption Unit – Ciphertext or cryptogram – Decryption Unit – Receiver * Decryption Key
 Cryptanalysis A process of attempting to regenerate plaintext from ciphertext but without knowing the decryption key  Public Key Systems – Different Keys  Digital Signature
 What areViruses?  How they affect the system?  What are Antiviruses? – Detect Infections – Prevent Infections – Recover Infections  Antiviruses are watchdogs  Sweeper Programs
 ComputerWorms – Network based objects – Virus/Worms  Trojan horse – Allows a hacker remote access to a target computer system
 Spyware – What is spyware? – What are adware? – Adwares and Spyware – Spyware,Viruses andWorms
 CoolWebSearch, a group of programs, takes advantage of Internet Explorer vulnerabilities. The package directs traffic to advertisements on Web sites including coolwebsearch.com. It displays pop-up ads, rewrites search engine results, and alters the infected computer's hosts file to direct DNS lookups to these sites.  HuntBar, aka WinTools or Adware.Websearch, was installed by an ActiveX drive-by download at affiliate Web sites, or by advertisements displayed by other spyware programs—an example of how spyware can install more spyware. These programs add toolbars to IE, track aggregate browsing behavior, redirect affiliate references, and display advertisements.  MyWebSearch (of Fun Web Products) has a plugin that displays a search toolbar near the top of a browser window, and it spies to report user search-habits. MyWebSearch is notable for installing over 210 computer settings, such as over 210 MS Windows registry keys/values.[39][40] Beyond the browser plugin, it has settings to affect Outlook, email, HTML, XML, etc. Although tools exist to remove MyWebSearch, it can be hand-deleted in 1 hour, by users familiar with using Regedit to find and delete keys/values (named with "MyWebSearch"). After reboot, the browser returns to the prior display appearance.  WeatherStudio has a plugin that displays a window-panel near the bottom of a browser window. The official website notes that it is easy to remove (uninstall) WeatherStudio from a computer, using its own uninstall-program, such as under C:Program FilesWeatherStudio. Once WeatherStudio is removed, a browser returns to the prior display appearance, without the need to modify the browser settings.
 Internet Optimizer, also known as DyFuCa, redirects Internet Explorer error pages to advertising. When users follow a broken link or enter an erroneous URL, they see a page of advertisements. However, because password-protected Web sites (HTTP Basic authentication) use the same mechanism as HTTP errors, Internet Optimizer makes it impossible for the user to access password-protected sites.  Zango (formerly 180 Solutions) transmits detailed information to advertisers about the Web sites which users visit. It also alters HTTP requests for affiliate advertisements linked from a Web site, so that the advertisements make unearned profit for the 180 Solutions company. It opens pop-up ads that cover over the Web sites of competing companies (as seen in their [Zango End User LicenseAgreement]).  Zlob trojan, or just Zlob, downloads itself to a computer via an ActiveX codec and reports information back to Control Server[citation needed]. Some information can be the search- history, the Websites visited, and even keystrokes.[citation needed] More recently, Zlob has been known to hijack routers set to defaults.
 avast! Internet Security 5.0 – http://www.pcmag.com/article2/0,2817,2358467,00.asp  AVG Internet Security 9.0 – http://www.pcmag.com/article2/0,2817,2355028,00.asp  BitDefenderTotal Security 2010 – http://www.pcmag.com/article2/0,2817,2351546,00.asp  Kaspersky Internet Security 2010 – http://www.pcmag.com/article2/0,2817,2351568,00.asp  McAfeeTotal Protection 2010 – http://www.pcmag.com/article2/0,2817,2358902,00.asp
 What is Firewall?  Hardware Firewall – Broadband Routers  Software Firewall – Norton 360 – Norton Internet Security – ESET Security Smart – Kaspersky Internet Security
 What is phishing?  Five steps to avoid phishing 1. SecureWebsites (https) 2. Authenticity of aWebsite (embedded links) 3. Thoroughly Investigate before submitting 4. Keep track of your online accounts 5. Have proper computer protection software
 Day by day usage of computer systems  Hacking risks  Need of protection software  And after that, keep you eyes open when using internet or transmitting something on the network
 http://howstuffworks.com/  http://pcmag.com/  http://net-security.org/  http://wikipedia.org/  Operating Systems by HM Deitel  Operating Systems Concepts by Abraham Silberschatz, Peter B. Galvin

More Related Content

Operating system security

  • 2.  Introduction  Computer System Security – Internet Security – Remote Sharing – Software Installation  Operating System Security – Access Control – Supervision – Resource Allocation
  • 3.  World Population roughly 6 billion  Computers in this world roughly 2.25 billion  Internet user roughly 2 billion  Millions of computer are tied together via communication network (mostly telephone system)
  • 4. WORLD INTERNET USAGE AND POPULATION STATISTICS World Regions Population ( 2009 Est.) Internet Users Dec. 31, 2000 Internet Users Latest Data Penetration (% Population) Growth 2000-2009 Users % of Table Africa 991,002,342 4,514,400 86,217,900 8.7 % 1,809.8 % 4.8 % Asia 3,808,070,503 114,304,000 764,435,900 20.1 % 568.8 % 42.4 % Europe 803,850,858 105,096,093 425,773,571 53.0 % 305.1 % 23.6 % Middle East 202,687,005 3,284,800 58,309,546 28.8 % 1,675.1 % 3.2 % North America 340,831,831 108,096,800 259,561,000 76.2 % 140.1 % 14.4 % Latin America/Caribbean 586,662,468 18,068,919 186,922,050 31.9 % 934.5 % 10.4 % Oceania / Australia 34,700,201 7,620,480 21,110,490 60.8 % 177.0 % 1.2 % WORLD TOTAL 6,767,805,208 360,985,492 1,802,330,457 26.6 % 399.3 % 100.0 %
  • 5.  External Security (Interface Security) – Physical Security – Operational Security • Classifications • Division of Responsibilities  Internal Security
  • 6.  Surveillance (mean: close observation, especially of a suspected spy or criminal) – Authentication  Threat Monitoring – No Direct Access – Surveillance Programs like supervisor  Amplification – Example:Taxpayers information
  • 7.  Password Protection – Weaknesses – Solutions  Auditing – Audit Occasionally – Audit Log
  • 8.  Access Controls – Access based on Classifications  Security Kernels – Beginning rather than retrofitted  Hardware Security – Incorporate Operating System Functions
  • 9.  Fault-Tolerant Systems – Hardware rather than Software • Major Portion of Operating System • Fault Detection – Multiple I/O subsystems
  • 10.  What is Cryptography?  A cryptographic Privacy System – Sender – Encryption Unit – Ciphertext or cryptogram – Decryption Unit – Receiver * Decryption Key
  • 11.  Cryptanalysis A process of attempting to regenerate plaintext from ciphertext but without knowing the decryption key  Public Key Systems – Different Keys  Digital Signature
  • 12.  What areViruses?  How they affect the system?  What are Antiviruses? – Detect Infections – Prevent Infections – Recover Infections  Antiviruses are watchdogs  Sweeper Programs
  • 13.  ComputerWorms – Network based objects – Virus/Worms  Trojan horse – Allows a hacker remote access to a target computer system
  • 14.  Spyware – What is spyware? – What are adware? – Adwares and Spyware – Spyware,Viruses andWorms
  • 15.  CoolWebSearch, a group of programs, takes advantage of Internet Explorer vulnerabilities. The package directs traffic to advertisements on Web sites including coolwebsearch.com. It displays pop-up ads, rewrites search engine results, and alters the infected computer's hosts file to direct DNS lookups to these sites.  HuntBar, aka WinTools or Adware.Websearch, was installed by an ActiveX drive-by download at affiliate Web sites, or by advertisements displayed by other spyware programs—an example of how spyware can install more spyware. These programs add toolbars to IE, track aggregate browsing behavior, redirect affiliate references, and display advertisements.  MyWebSearch (of Fun Web Products) has a plugin that displays a search toolbar near the top of a browser window, and it spies to report user search-habits. MyWebSearch is notable for installing over 210 computer settings, such as over 210 MS Windows registry keys/values.[39][40] Beyond the browser plugin, it has settings to affect Outlook, email, HTML, XML, etc. Although tools exist to remove MyWebSearch, it can be hand-deleted in 1 hour, by users familiar with using Regedit to find and delete keys/values (named with "MyWebSearch"). After reboot, the browser returns to the prior display appearance.  WeatherStudio has a plugin that displays a window-panel near the bottom of a browser window. The official website notes that it is easy to remove (uninstall) WeatherStudio from a computer, using its own uninstall-program, such as under C:Program FilesWeatherStudio. Once WeatherStudio is removed, a browser returns to the prior display appearance, without the need to modify the browser settings.
  • 16.  Internet Optimizer, also known as DyFuCa, redirects Internet Explorer error pages to advertising. When users follow a broken link or enter an erroneous URL, they see a page of advertisements. However, because password-protected Web sites (HTTP Basic authentication) use the same mechanism as HTTP errors, Internet Optimizer makes it impossible for the user to access password-protected sites.  Zango (formerly 180 Solutions) transmits detailed information to advertisers about the Web sites which users visit. It also alters HTTP requests for affiliate advertisements linked from a Web site, so that the advertisements make unearned profit for the 180 Solutions company. It opens pop-up ads that cover over the Web sites of competing companies (as seen in their [Zango End User LicenseAgreement]).  Zlob trojan, or just Zlob, downloads itself to a computer via an ActiveX codec and reports information back to Control Server[citation needed]. Some information can be the search- history, the Websites visited, and even keystrokes.[citation needed] More recently, Zlob has been known to hijack routers set to defaults.
  • 17.  avast! Internet Security 5.0 – http://www.pcmag.com/article2/0,2817,2358467,00.asp  AVG Internet Security 9.0 – http://www.pcmag.com/article2/0,2817,2355028,00.asp  BitDefenderTotal Security 2010 – http://www.pcmag.com/article2/0,2817,2351546,00.asp  Kaspersky Internet Security 2010 – http://www.pcmag.com/article2/0,2817,2351568,00.asp  McAfeeTotal Protection 2010 – http://www.pcmag.com/article2/0,2817,2358902,00.asp
  • 18.  What is Firewall?  Hardware Firewall – Broadband Routers  Software Firewall – Norton 360 – Norton Internet Security – ESET Security Smart – Kaspersky Internet Security
  • 19.  What is phishing?  Five steps to avoid phishing 1. SecureWebsites (https) 2. Authenticity of aWebsite (embedded links) 3. Thoroughly Investigate before submitting 4. Keep track of your online accounts 5. Have proper computer protection software
  • 20.  Day by day usage of computer systems  Hacking risks  Need of protection software  And after that, keep you eyes open when using internet or transmitting something on the network
  • 21.  http://howstuffworks.com/  http://pcmag.com/  http://net-security.org/  http://wikipedia.org/  Operating Systems by HM Deitel  Operating Systems Concepts by Abraham Silberschatz, Peter B. Galvin