Define_Operating_System_Security

Andrew Dick Assignment #1 Dr. K. Lee Strayer University August 8, 2011 Define Operating System security and list/describe examples of Windows system Operation System security is protecting your OS from malware attacks, phishing scams, adware, spyware and other threats to computer users. When you say you take the time to work on your operating system security most people usually mean. Making sure the AV is updated to the latest version, and running a scan to make sure no threats got into your machine. Update your OS with all the latest patches to stay safe from exploits. Update all programs to prevent them from malicious attacks. Using a secure web browser with add-ons built in that help prevent malware attacks. A computer being secure depends on a number of technologies working properly. A modern operating system provides access to a number of resources, which are available to software running on the system, and to external devices like networks via the kernel. All Windows operating systems come with the ability to create profiles with is a built in security features. As well, they have Windows Defender built in, however, the individual has to turn it on in most cases. The operating system must be capable of distinguishing between requests which should be allowed to be processed, and others which should not be processed. While some systems may simply distinguish between "privileged" and "non-privileged", systems commonly have a form of requester identity, such as a user name. To establish identity there may be a process of authentication. Often a username must be quoted, and each username may have a password. Other methods of authentication, such as magnetic cards or biometric data, might be used instead. In some cases, especially connections from the network, resources may be accessed with no authentication at all (such as reading files over a network share). Also covered by the concept of requester identity is authorization; the particular services and resources accessible by the requester once logged into a system are tied to either the requester's user account or to the variously configured groups of users to which the requester belongs. Define Virus and discuss at least three types of Virus attacks A computer virus is a computer program that can copy itself and infect a computer. The term "virus" is also commonly but erroneously used to refer to other types of malware, including but not limited to adware and spyware programs that do not have the reproductive ability. A true virus can spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive. Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by another computer. Trojan Horses Worms Email Viruses The Trojan virus gets its name from an incident that occurs in Homer's Iliad. Similar to how the Greeks in Homer's poem sent an army of men, hidden in a wooden horse, to the Trojans to get into the wall of the city. A Trojan horse appears to be nothing more than an interesting computer program or file, such as "saxophone.wav file" on the computer of user who's interested in collecting sound samples. The Trojan virus once on your computer, doesn't reproduce, but instead makes your computer susceptible to malicious intruders by allowing them to access and read your files. A Trojan horse type of virus extremely dangerous, it can severely compromise your computer’s security, and your personal privacy. Therefore, you should avoid downloading programs or files from sites if you're not 100 percent positive of what the file or program does. A Worm is a virus program that copies and multiplies itself by using computer networks and security flaws. Worms are more complex than Trojan viruses, and usually attack multi-user systems such as Unix environments and can spread over corporate networks via the circulation of emails. Once multiplied, the copied worms scan the network for further loopholes and flaws in the network. A classic example of a worm is the ILOVEYOU virus. The best way you can protect yourself from worms is by updating your security patches. Operating systems and application vendors normally provide these patches. In addition, you should avoid opening email attachments from unknown senders. Email viruses use email messages to spread. An email virus can automatically forward itself to thousands of people, depending on whose email address it attacks. To avoid receiving virus-laden emails, always check that your antivirus software is up-to-date and also stay clear of opening attachments, even from friends that you weren't expecting or don't know anything about. Also, block unwanted email viruses by installing a spam filter and spam blocker. List at least three types of Virus scanning techniques and describe antivirus policies and procedures. Many users install anti-virus software that can detect and eliminate known viruses after the computer downloads or runs the executable. There are two common methods that an anti-virus software application uses to detect viruses. The first, and by far the most common method of virus detection are using a list of virus signature definitions. This works by examining the content of the computer's memory (its RAM, and boot sectors) and the files stored on fixed or removable drives (hard drives, floppy drives), and comparing those files against a database of known virus "signatures". The disadvantage of this detection method is that users are only protected from viruses that pre-date their last virus definition update. The second method is to use a heuristic algorithm to find viruses based on common behaviors. This method has the ability to detect novel viruses that anti-virus security firms have yet to create a signature for. Some anti-virus programs are able to scan opened files in addition to send and receive email messages "on the fly" in a similar manner. This practice is known as "on-access scanning". Anti-virus software does not change the underlying capability of host software to transmit viruses. Users must update their software regularly to patch security holes. Anti-virus software also needs to be regularly updated in order to recognize the latest threats. Describe Trojan Horses and discuss how to prevent Trojan Horses. The Trojan Horse virus gets its name from an incident that occurs in Homer's Iliad. Similar to how the Greeks in Homer's poem sent an army of men, hidden in a wooden horse, to the Trojans to get into the wall of the city. A Trojan horse appears to be nothing more than an interesting computer program or file, such as "saxophone.wav file" on the computer of user who's interested in collecting sound samples. The Trojan virus once on your computer, doesn't reproduce, but instead makes your computer susceptible to malicious intruders by allowing them to access and read your files. A Trojan horse type of virus extremely dangerous, it can severely compromise your computer’s security, and your personal privacy. Therefore, you should avoid downloading programs or files from sites if you're not 100 percent positive of what the file or program does. What are the characteristics and features of Spyware and Adware' Adware Adware is any type of advertising-supported software that will play, display, or download advertisements automatically on a user's computer once the software has been installed on it or while the application is in use. Some adware can also be spyware due to its privacy-invasive characteristics. Spyware Spyware is computer software that is installed on a user's computer without the user's express consent with the purpose of collecting information about the user, their computer or browsing habits. As the term implies, spyware is software capable of secretly monitoring the user's behavior, but can also collect various types of personal information, including web surfing habits and websites visited. Spyware can also impede the user's control of his computer by installing additional software, and redirecting web browser activity. Spyware is known to cause other interference by changing computer settings that slow connection speeds, load different home pages, and lose Internet connectivity or program functionality. With the proliferation of spyware, an antispyware industry has sprung up. Use of antispyware software is now a widely accepted practice for the security of Microsoft Windows and desktop computers. A number of anti-spyware laws have been passed, targeting any software that is surreptitiously installed with the intent to control a user's computer. Due to its privacy-invasive characteristics, the US Federal Trade Commission has placed a page on their website advising consumers on how to lower the risk of being infected by spyware. Resources: Comprehensive Email Filtering: Barracuda Spam & Virus Firewall Safeguards Legitimate Email http://www.barracudanetworks.com/ns/downloads/White_Papers/Barracuda_Spam_&_Virus_Firewall_WP_Comprehensive_Email_Filtering.pdf Computer Virus Definition And How Viruses Affect Us http://www.guard-privacy-and-online-security.com/computer-virus-definition.html Different Types of Computer Viruses www.buzzle.com/articles/different-types-of-computer-viruses.html Network defense and countermeasures Easttom, C. (2006). Principles and practices. Upper Saddle River, NJ: Pearson. Operating system http://www.webopedia.com/TERM/O/operating_system.html Spyware Adware Malware Information http://www.spyware-removal-info.com The Anti-Virus Strategy System http://www.research.ibm.com/antivirus/SciPapers/Gordon/Strategy.html Windows XP Operating System Security Guide http://www.uta.edu/oit/iso/docs/windows_security_checklist.pdf