Sign in with
Sign up | Sign in
Your question

Computer Security & Integrity By GTech

Tags:
  • Security
  • Computers
  • Windows 7
Last response: in Windows 7
Share
January 24, 2010 1:21:07 AM

This discussion will touch base on some very important topics, to us all, and will go semi-indepth to

sollutions for common problems that often plague many users. Though this discussion isn't really

geared toward server admins., as they should know (especially if they have that job) how to protect

their system(s) on their network...


It was 8am exactly, Jared (ficticious person) walks into work, plugs his super cool USB port into a

running computer and just OWNED a $40,000 server network in 10 seconds with malicious code, he

unpluggs said USB stick, haha we showed them pricks, and walks over to the break room. So who made

coffee this morning? It's REAL...

Where it really gets scary, is Jared found the USB drive in the parking lot, wanting to check it out,

he plugs it in, after seeing the network quickly go down, he quickly and quitely gets "Lost"...

So how does malicious code effect you? Do you use Bit Torrent Clients to download stuff? Of course we

all do, don't we? I love that move Transformers, where they got the computer wiz in the FBI office,

he burst out with..

"I haven't done a thing, nothing! Ok, ok, sure, so I downloaded a few thousand songs! But, Who

hasn't, who hasn't?" Lol!

After connecting my new computer with windows 7 loaded on it, I got literally owned with viruses in a

matter of seconds... TRUTHFULLY, And yes, it really does bite!

So how do we fight? Well, the best sollutions are not always easy to impliment. Knowing how to

properly adminstrate a computer is the FIRST step in security. Doing your homework about Encryption &

Disc Imaging is probably the second most important topic you can study..

No matter how bad a virus or the malicious code is that "gets" your computer, if you have an image

backup, you can wipe the hard drive and resintall the image back on THAT computer...

Well, what if I have X computers on my network? I cannot legally tell you how to do that on here, but

there is a way to protect all your computers as well with the same simple system. Backing up daily,

is a horrible waste of time for most server admins. There has got to be an easier way right?

Karen's Replicator is a good choice for a continuous backup of file(s) & directories.. (Google it.)

You should always have a disc Image of a completely loaded system on a SEPERATE Hard Drive that is

NOT accessible to ANYONE! (Lock it up if you need to!) Norton Ghost, Acronis True Image (My fav.),

and a few others make dependable stable Disc Imaging Utilities, USE THEM!

As cheap as the Hard Disc Drives are today, you can get 1.5 TB for as little as $120-140, so you

should be able to store ALL Computer Drive's Images for the OS & Boot Partition of the drive. Backing

up files on a network is rather simple if you have the network setup right, again, this discussion is

not really about Servers or Networks, though I felt it important to point a few things out about

that.

Obivously backup is critical to handle those pesky virus coders, criminals, and countries vying for

pwnage of networks, computers, servers, and even Internet Service Providers, GASP!

Spyware is probably the #1 problem in most systems, unwittingly these things work in low processes,

tracking everything, invading computers to steal data, and what have you. Spybot Search & Destroy is

a very solid software for the fight against Spyware, it even puts Windows Defender to shame. (Yes you

can quote me on that.)

Obviously, once Malicious Code or Serious Viruses have done their job, it may be far too late to

repair the problem, as often is the case too many files get damaged.

Let's not forget, Data Encryption is a VERY STRONG defense agains All of the above problems. Not even

the OS can alter files that are encrypted, so if it's critical, and now that it's a federal mandate

for companies to protect customer data, we should all learn about encryption!

The best sollution against problems, once again, is BACK UP.

We know now that Backup is the best defense there is against infections & problems that arise from

attacks through the internet, well why not just stop it all together eh?

This is TOUGH! Just ask Google who recently got Owned! (No malicious intent intended)

I've heard hackers say, Linux is a great system to hack, and of course, if your using Windows XP your

as good as got! There are many ways to get into a computer, it's very important to DISABLE ALL PLUG

AND PLAY!

Nobody should be able to walk up to a computer and use a port / cd/dvd drive, or any other device

unless they have the proper authority to do so, this is where User Account Controls come in.. Anyone

can boot a computer from flash drive today if they can get into the bios, so password protect the

bios ALWAYS. If you are the sole user of the computer, it wouldn't be a bad idea to put a password on

the use of the computer (also set up in the bios) this way they have to enter a password just to get

past Post! This is obvious a good way, though not full proof by any means, to protect the physical

security of a computer.

When I say physical, I mean the dangers of someone accessing your computer physically, not through

the internet or on the network. Databackup means little if someone gets ahold of the information that

is NOT encrypted, this is why encryptions is the largest layer against hackers / spies / criminals /

& companies! (Even your ISP can spy on you, though they would never admit to it, they do do it!)

Encryption is where Integrity comes in, though, it would be well beyond the scope of this discussion

to talk about encryption in depth, sorry. Getting back to security, and the various aspects of it, we

have discussed Physical Security some, let's continue on about protecting your computer.

It's a given, though many users don't do this, you should always go into safe mode and set the TRUE

ADMINSTRATORs Password! You press F8 or F9 at startup before the Windows Logo Appears, but after post

(on Windows XP Systems), though sometimes it may be another key, what your looking for though is Safe

Mode, here you need to set a password up for the SYSTEM. If you don't anyone can get into safe mode

and change / modify or even delete passwords to ALL accounts..

This of course would be a grave oversight in security for any typical computer user without knowledge

of computer security. I'm not too hip on Windows 7, as I've only been using it for a few months now,

though I'll get back to you on that one about this particular subject.

Passwords are rather worthless if they are stickied to your monitor! Physical security also involves

protecting sensitive material & information, like passwords, vital data, back ups, etc..

All security for Networks & Servers begins with A PLAN, but that is not limited to just those, us

users need to have a plan of setup, backup, & security that is UNBREACHABLE!

Networking & network security is far beyond the scope of this discussion, though hopefully, by now,

you should be more aware of what security is, what it means to you, and how to utilize some of the

newer technologies to protect your computer.

I've read somewhere that, encryption doesn't always work, sometimes it just password protects the

file from intrusion and can be stolen by creating a disc image of the partition that the encrypted

material sits on. This is true, it's how the Computer Forensics takes the information off of your

hard drive, and no deleting a partition or file does not necessarially erase it 100%!

It's possible to retrieve deleted files or even wiped partitions! If you don't believe me do some

research on the internet, you will find out this is all too true! There is software that truly wipes

the partition when it cleans it, THIS is the method that is recommended for removing a partition

BEFORE you restore a backup, as virsues can STILL infect your computer unless you completely wipe the

drive!

Backups, once again, should be encrypted to protect the malicious virus or code from alter, deleting,

or moving the backups! My fingers are falling off now, I know I know, waaaa...

Back to the subject of Security & The Plan, if you don't have a plan, you will never succeed like

those who do have a plan! That is a universal truth, as goals are rarely achieved unless it's written

down, so take the time, devise your computer setup & security, all layers of security, not just

physical!

Hopefully, if you plan well, you will be better protected from data loss, which is one of the worst

feelings someone can have should their laptops or disc end up in a thieves hands..

OUCH!

Hopefully I have discussed enough to get you interested in the subject, this is of course the purpose

and intent of the article, to direct you toward educating yourself in Computer Security, Data

Integrity, and helping you AVOID disasterous mistakes...

Hope someone liked the article, please provide feedback below..



More about : computer security integrity gtech

January 24, 2010 2:57:13 AM

Because I liked your article and am slightly insane I have converted it into more readable text so that people are not put off from reading it because of the way it is presented.
:) 



This discussion will touch base on some very important topics, to us all, and will go semi in-depth to solutions for common problems that often plague many users. Though this discussion isn't really geared toward server administrators, as they should know (especially if they have that job) how to protect their system(s) on their network.

It was 8am exactly, Jared (fictitious person) walks into work, plugs his super cool USB drive into a running computer and just compromised a $40,000 server network in 10 seconds with malicious code, he unplugs said USB stick and then walks over to the break room. So who made coffee this morning? It's real. Where it really gets scary, is Jared found the USB drive in the parking lot, wanting to check it out, he plugs it in, after seeing the network quickly go down and he quickly and quietly gets ‘lost’.

So how does malicious code effect you? Do you use Bit Torrent clients to download stuff? Of course we all do, don't we? I love the movie Transformers, where they got the computer whiz in the FBI office, he burst out with "I haven't done a thing, nothing! Ok, ok, sure, so I downloaded a few thousand songs, but who hasn't?" After connecting my new computer with windows 7 loaded on it, It was literally compromised with viruses in a matter of seconds. Truthfully, And yes, it really does bite.

So how do we fight? Well, the best solutions are not always easy to implement. Knowing how to properly administrate a computer is the first step in security. Doing your homework about encryption and disc Imaging is probably the second most important topic you can study.

No matter how bad a virus or the malicious code is that ‘gets’ your computer, if you have an image backup, you can wipe the hard drive and reinstall the image back on that computer. Well, what if I have X computers on my network? I cannot legally tell you how to do that on here, but there is a way to protect all your computers as well with the same simple system. Backing up daily, is a horrible waste of time for most server administrators. There has got to be an easier way right?

Karen's Replicator is a good choice for a continuous backup of files and directories. You should always have a disk image of a completely loaded system on a separate hard drive that is not accessible to anyone. Norton Ghost, Acronis True Image, which is my personal favourite, and a few others make dependable stable disc imaging utilities, which I recommend people to use. As cheap as the hard disc drives are today, you can get 1.5 TB for as little as $120-140, so you should be able to store all computer drive images for the OS and boot partition of the drive. Backing up files on a network is rather simple if you have the network setup right. Again, this discussion is not really about servers or networks, though I felt it important to point a few things out about that.

Obviously backup is critical to handle those pesky virus coders, criminals, and countries vying for control of networks, computers, servers, and even Internet Service Providers.
Spyware is probably the number one problem in most systems, unwittingly these things work in low processes, tracking everything, invading computers to steal data, and what have you. Spybot Search & Destroy is very solid software for the fight against spyware, it even puts Windows Defender to shame.

Obviously, once malicious code or serious viruses have done their job, it may be far too late to repair the problem, as often is the case too many files get damaged. Let's not forget, data encryption is a very strong defence against all of the above problems. Not even the OS can alter files that are encrypted, so if it's critical, and now that it's a federal mandate for companies to protect customer data, we should all learn about encryption.

The best solution against problems, once again, is to backup. We know now that backup is the best defence there is against infections and problems that arise from attacks through the internet, well why not just stop it all together eh? This is tough, as evidenced by the recent attacks on Google.

I've heard hackers say, Linux is a great system to hack, and of course, if you’re using Windows XP you’re as good as got. There are many ways to get into a computer, it's very important to disable all plug and play services. Nobody should be able to walk up to a computer and use a port, CD or DVD drive, or any other device unless they have the proper authority to do so; this is where user account controls come in. Anyone can boot a computer from flash drive today if they can get into the bios, so always password protect the BIOS. If you are the sole user of the computer, it wouldn't be a bad idea to put a password on the use of the computer (also set up in the BIOS) this way they have to enter a password just to get passed POST. This is obvious a good way, though not fool proof by any means, to protect the physical security of a computer. When I say physical, I mean the dangers of someone accessing your computer physically, not through the internet or on the network. Data backup means little if someone gets ahold of the information that is not encrypted, this is why encryptions is the largest layer against hackers, spies, criminals and companies. Even your ISP can spy on you, though they would never admit to it, they do do it. Encryption is where Integrity comes in. Though, it would be well beyond the scope of this discussion to talk about encryption in depth, sorry. Getting back to security, and the various aspects of it, we have discussed Physical security somewhat; let's continue on about protecting your computer.

It's a given, though many users don't do this, you should always go into safe mode and set the main administrators’ password. On Windows XP systems, access this by pressing F8 or F9 at start-up before the Windows logo appears, but after POST. Though sometimes it may be another key, what you’re looking for though is Safe Mode, here you need to set a password up for the system. If you don't, anyone can get into safe mode and change or modify or even delete passwords to all accounts. This of course would be a grave oversight in security for any typical computer user without knowledge of computer security. Personally I'm not very experienced with Windows 7, as I've only been using it for a few months now, though I'll get back to you on that one about this particular subject.

Passwords are rather worthless if they are stuck to your monitor. Physical security also involves protecting sensitive material and information, like passwords, vital data and backups etc.

All security for networks and servers begins with a plan, but that is not limited to just those, us users need to have a plan of setup, backup, and security that is impenetrable. Networking and network security is far beyond the scope of this discussion, though hopefully, by now you should be more aware of what security is, what it means to you, and how to utilize some of the newer technologies to protect your computer.

I've read somewhere that, encryption doesn't always work, sometimes it just password protects the file from intrusion and can be stolen by creating a disc image of the partition that the encrypted material sits on. This is true, it's how the computer forensics takes the information off of your hard drive. Deleting a partition or file does not necessarily erase it completely. It is possible to retrieve deleted files or even wiped partitions. If you don't believe me do some research on the internet, you will find out this is all too true. There is software that truly wipes the partition when it cleans it. This is the method that is recommended for removing a partition before you restore a backup, as viruses can still infect your computer unless you completely wipe the drive. Backups, once again, should be encrypted to protect the malicious virus or code from altering, deleting or moving the backups.

Back to the subject of security and the plan, if you do not have a plan, you will never succeed like those who do have a plan. That I believe is a universal truth, as goals are rarely achieved unless they are written down. So take the time, devise your computer setup and security, in regard to all layers of security, not just physical. Hopefully, if you plan well, you will be better protected from data loss, which is one of the worst feelings someone can have should their laptops or disc end up in a thieves hands.

Hopefully I have discussed enough to get you interested in the subject; this is of course the purpose and intent of the article, to direct you toward educating yourself in computer security, data integrity, and helping you avoid disastrous mistakes.

Hope someone liked the article, please provide feedback below.
m
0
l
Related resources
!