Windows 7

1. Microsoft Windows 7 tutorials 2. Module 1- Installation, Upgrading, and Migrating to Windows 7 tutorials 3. Editions of Windows 7 tutorials 4. Hardware Requirements for Installing Windows 7 tutorials 5. You can install Windows 7 in following different ways, including: 6. Consideration for Upgrading v/s Migrating tutorials 7. What is Migration tutorials 8. Migrating User Data and Settings tutorials 9. Performing an Image-Based Installation of Windows 7 tutorials 10.Configuring Disks and Device Drivers tutorials 11. Partitioning Disks in Windows 7 tutorials 12.GUID - GPT Disk tutorials 13.Disk Management tools tutorials 14. Simple Volume tutorials 15. Spanned and Striped Volumes tutorials 16. Maintaining Disks, Partitions, and Volumes tutorials 17. Disk Quota tutorials 18.Working with VHD Virtual Hard Disk tutorials 19. Device Driver in Windows 7 tutorials 20.System Restore tutorials 21.LAST KNOWN GOOD CONFIGURATION tutorials 22.Configure and Trouble shoot Network Connections tutorials 23.What is an IPv4 Address tutorials 24. Note - IPV4 25. IPv4 address classes tutorials 26.Default Gateway tutorials 27.Public and Private IPv4 Address tutorials 28.IPv6 Network Connectivity tutorials 29.IPv6 UNICAST ADDRESSES tutorials 30. IPv4 Address can be assigned by following types tutorials 31.Implementing Name Resolution tutorials 32. Trouble Shooting Network Connectivity tutorials 33. Implementing Wireless Security tutorials 34.Wireless network Technologies tutorials 35.What is Wireless Broadband tutorials 36.IEEE 802.11 tutorials 37.Wireless Network Configuration tutorials 38. Security Types tutorials 39. Implementing Network Security tutorials 40.Configuring Windows Firewall tutorials 41.Ports and Application tutorials 42.Important Application, Protocol and Port Number tutorials 43.Configure Inbound and Outbound Rules tutorials 44. Securing Network traffic tutorials

Implementing Network Security tutorials

In this module we will discuss about

  • Overview of Threats to Network Security.

  • What is Defence in Depth.

  • Configuring Windows Firewall

  • Securing Network Traffic

  • Configuring Windows Defender

 

Common Network Security Threats

There can be variety of network security threats, some of security threats are as follows.

  1. Denial-of-Service

  2. Eavesdropping

  3. Port Scanning

  4. Man in the middle

 

Denial-of-Service

  • DoS attack (Denial-of-Service) is an attempt to make application or network resource unavailable to its intended users.

  • There are number of ways hackers can initiate denial-of-service to one or more people by interrupting services of network to render it unavailable.

  • Hackers usually target sites or services hosted on high profile web servers such as banks, credit card payment gateway and even root name servers.

 

Eavesdropping

  • Eavesdropping is the case when unauthorised person capture private network traffic typically between host and network.

  • A hacker or even Government intelligence Agency capture network packets between host and internet service provider.

  • It may result in compromise of sensitive data such as password, credit card authorization details and so on.

  • This may lead to other more damaging attacks.

 

Port Scanning

  • It is defined as attack that sends client request to range of server port address, with goal to find open port and exploiting a vulnerability of that service.

  • Applications running on computer uses TCP/IP protocol.

  • There are 65636 ports for Registered, unregistered and Multiple uses purposes.

  • Hacker usually exploit network by sending query to hosts for open port.

  • Once attacker identifies an open port, they can use other hacking techniques to access network and cause problems.

 

Man-in-the-Middle

  • The Man-in-the-Middle is often abbreviated at MITM, MitM or MiM.

  • In this situation attacker succeed in impersonate a legitimate host on network between two parties.

  • Attacker intercepts all the communication between two parties and making them believe that they are talking directly to each other. However the fact remains that the entire conversation is controlled by the attacker.

  • The attacker may view data in transit and can modify the data in transit before forwarding the packets to the destination host.

 

Defence-in-Depth model

  • You can minimise threats to your network by providing security at differing infrastructure layers.

  • The term defence-in-depth describes the use of multiple security technologies at different points in your organization.

1) Policies, Procedures, and Awareness

  • Physical security measures and organizational policies must be applied simultaneously.

  • For example, enforcing a strong user password is security policy, then organization must see that it is not shared with peer or written down on sticky notes, and then attach those notes to their computer screens.

 

Situation

Action needed.

Users are unaware of the rules and think rules as unnecessary.

When users are unaware of the rules, you cannot expect them to follow them.

Educate user why rules are necessary and relevance of rule in context to security.

Social engineering - Users and administrators might fall in trap of social engineering where unsuspecting users may reveal sensitive data.

Common example when you receive email from fraud, asking you to update Bank or Credit card detail again by following a link in the email.

Create special rule to prevent social engineering.

Implement compliance monitoring.

Explain the user that once you click the link, you’re taken to site that looks like Bank or Credit card website. Explain that it is Banking or Credit Card Scam.

Avoid clicking on links inside emails.

 

Physical Security

  • If any unauthorized person can gain physical access to your system, then other security measures are of no use.

  • In such case one may Damage systems, Steal Hardware or may Installs unauthorized or malicious software on systems.

  • Preferred Action

  • Restrict physical access by locking doors, appoint Security Guard.

  • Monitor server room access.

  • Install fire suppression equipment.

 

Perimeter

  • Perimeter network is also known as DMZ.

  • These days, most organization are connected via internet.

  • In computer network, a system that provides services to outside of Local Area Network is most vulnerable.

  • Perimeter layer security is physical or logical sub-network that contain and exposes your network with untrusted networks, usually Internet.

  • Perimeter networks add additional security by providing boundary between public and private networks that is LAN.

 

Preferred Action

  • Provide separate servers for system that provide services to external users. The most common of these services are Web Server, Mail Server, FTP Server etc.

  • Control Remote access client.

  • Implement Firewall and NAT (Network address Translation).

  • Use VPN (Virtual Private Networks) and implement encryption.

 

Internal Networks

  • When you connect your computers to a network, they are vulnerable to a number of threats.

  • Internal network layer security refers to services and processes on Intranet.

  • When we connect LAN with WAN, the security threats arises to internal network include eavesdropping, spoofing, denial of service, and replay attacks.

  • Preferred Action

  • Segment your network.

  • Implement IPsec (Internet Protocol Security).

  • Implement a NIDS (Network Intrusion Detection System).

 

Host

  • The host layer refers to the individual computers.

  • This includes the operating system, but not application.

  • It includes security for operating system and services, for web server, DNS, DHCP and so on.

  • Operating system is complex pieces of software. Some of the defects are concerned with the security requirement are referred as vulnerabilities.

  • Consequently, there are vulnerabilities that hackers can exploit. These vulnerabilities enable attackers to install malicious software or control hosts.

  • The virus uses operating system flaws or default configurations to infect and replicate itself.

  • Preferred Action

  • Harden operating systems.

  • Install latest updates and Service pack for Operating System.

  • Use host-based antivirus/anti-malware and anti-spyware software such as Windows Defender.

 

Application

  • The application layer refers to applications that are running on the hosts.

  • This includes desktop applications such as the Microsoft Office suite, Database, Designing Tools, Application Software such as ERP and so on.

  • Applications are complex programs and like Operating system have vulnerabilities. Attacker uses these vulnerabilities to install malicious applications or remotely control a computer.

  • Most applications configuration has a default password or no password at all. Not securing application with Complex password and using it with default configuration simplifies the work of attackers.

  • Many a time user introduces viruses by installing Pirated Games and Applications that might contain Trojan horse, Virus and Worms.

  • Preferred Action

  • Run applications with lowest level of privileges possible.

  • Install Microsoft and third-party application security updates.

  • Enable only required features and functionality for operating systems and applications.

  • Schedule scan on regular basis.

 

Data

  • The final layer of security is data security.

  • This includes data files, application files, Personal data, and AD DS (Active Directory Domain service).

  • Things that might happen, if your data layer compromised.

  • Unauthorised users could reset user passwords, and then connect your network by using the new passwords and can do anything they want.

  • Attacker can access secure and confidential data.

  • Unauthorized person may Read/Modify or even Delete data.

  • Unauthorized person may take backups of data and then replicate it later on.

  • Preferred Action

  • Implement and configure NTFS files system.

  • Implement encryption.

 

 


 

border