1 / 19

CIT 380: Securing Computer Systems

CIT 380: Securing Computer Systems. PC Security. Encrypt Sensitive Files. Windows XP Encrypting File System (EFS) for encrypting files GnuPG for encrypting files and email messages. Windows XP Encrypting File System (EFS). EFS is not available with XP Home Edition

Rita
Download Presentation

CIT 380: Securing Computer Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CIT 380: Securing Computer Systems PC Security CIT 380: Securing Computer Systems

  2. Encrypt Sensitive Files • Windows XP Encrypting File System (EFS) for encrypting files • GnuPG for encrypting files and email messages CIT 380: Securing Computer Systems

  3. Windows XP Encrypting File System (EFS) • EFS is not available with XP Home Edition • Reference: Microsoft Windows XP Inside Out – Chapter 14 • Right Click in Windows Explorer on the folder • Choose Properties | General Tab | Advanced Button | Encrypt contents to secure data CIT 380: Securing Computer Systems

  4. Windows XP Encrypting File System (EFS) • File names are green in Window Explorer CIT 380: Securing Computer Systems

  5. CIT 380: Securing Computer Systems

  6. CIT 380: Securing Computer Systems

  7. truecrypt • Encase, computer forensic tool, can break EFS • Free open source - http://www.truecrypt.org/ • http://www.truecrypt.org/docs/ • Beginner’s tutorial • Plausible Deniability – Hidden Volume CIT 380: Securing Computer Systems

  8. GnuPG • GnuPG is an open-source encryption tool for Windows and Linux • Complete and free replacement for PGP (www.gnupg.org) • http://wolfram.org/writing/howto/gpg.html • (CD: gpg.html) • Install Windows Privacy Tray (WinPT) CIT 380: Securing Computer Systems

  9. Enigmail • Install Thunderbird mail client from www.mozilla.org • Download Enigmail extension from www.mozilla.org • Add a menu item to encrypt and decrypt email using GnuPG CIT 380: Securing Computer Systems

  10. Backup your system regularly • “Hard Disk Quality and Reliability”, http://www.pcguide.com/ref/hdd/perf/qual/index.htm (see quotes from the article) • “While the technology that hard disks use is very advanced, and reliability today is much better than it has ever been before, the nature of hard drives is that every one will, some day, fail.” CIT 380: Securing Computer Systems

  11. Backup your system regularly • “full recovery usually starts at a few hundred dollars and proceeds from there.” CIT 380: Securing Computer Systems

  12. Ntbackup utility • Find ntbackup.exe • Start | Programs | Accessories | System Tools Or • C:\dell\Tech Tools\System Tools\ Backup Or • Run C:\WINDOWS\system32\ntbackup.exe • Run the Backup/Restore Wizard • Choose a place to save your backup • C:\temp\Backup • Creates a file Backup.bkf CIT 380: Securing Computer Systems

  13. Create Backup CD • Run your CD creator • Make a data CD • Add Backup.bkf to the CD CIT 380: Securing Computer Systems

  14. Simple Quick Backup Copy My Documents folder to a CD or USB CIT 380: Securing Computer Systems

  15. Safe use of public PCs • Kinko's Case Highlights Internet Risks • (CD: Kinko.htm) • “For more than a year, unbeknownst to people who used Internet terminals at Kinko's stores in New York, Juju Jiang was recording what they typed, paying particular attention to their passwords. Jiang had secretly installed, in at least 14 Kinko's stores, software that logs individual keystrokes. He captured more than 450 user names and passwords, using them to access and even open bank accounts online. ” CIT 380: Securing Computer Systems

  16. Keyloggers • Capture keystrokes • Can steal passwords and credit card numbers • Can email or ftp the file containing the keystrokes • Keyghost (http://www.keyghost.com ) • Keyloggers are difficult to detect • Look at an ordinary system process CIT 380: Securing Computer Systems

  17. Public PCs • Kinko’s • Cyber cafes • Public Libraries • Hotels CIT 380: Securing Computer Systems

  18. Using Public PCs • Avoid using important accounts (bank, etc.) • Remove web browser data • Cache, history, cookies, form data. • Remove temporary files • Start | Search | All files and folders | when it was modified? | today • Empty recycle bin CIT 380: Securing Computer Systems

  19. References • Matt Bishop, Introduction to Computer Security, Addison-Wesley, 2005. • Thomas C. Greene, Computer Security for the Home and Small Office, Apress • Andrew Conry-Murray & Vincent Weafer, The Symantec Guide to Home Internet Security, Addison Wesley CIT 380: Securing Computer Systems

More Related