Improving Windows Security Multiple Layers of Security
Part 1
The Villages Computer Plus http://www.villagescp.com/
Bob Walton et al. May-16-2013
Security.1 1
Links: Multiple Layers of Security
1. Tools for a Safer PC
https://krebsonsecurity.com/tools-for-a-safer-pc/
2. Ninite web-site
https://ninite.com/
3. FileHippo UpdateChecker
http://www.filehippo.com/updatechecker/
4. Secunia PSI web-site
https://secunia.com/vulnerability_scanning/personal/
5. Learn how to enable JavaScript in the most popular web browsers.
http://activatejavascript.org/en/instructions
6. NoScript Firefox Add-On
https://addons.mozilla.org/en-US/firefox/addon/noscript/?src=search
7. NotScripts: Google Chrome Extension
https://chrome.google.com/webstore/detail/notscripts/odjhifogjcknibkahlpidmdajjpkkcfn
8. Installing and Configuring EMET (VIDEO)
https://www.microsoft.com/en-us/showcase/details.aspx?uuid=7683a9cb-28c9-428f-ada6-8adafd2efbee
9. Enhanced Mitigation Experience Toolkit v3.0
https://www.microsoft.com/en-us/download/details.aspx?id=29851
Security.1 2
Credentials: Brian Krebs
Security.1 3
Overview: Multiple Layers of Security
• Explain Bad Guy uses for your PC
• Layers of Security – Obey 3 Basic Rules of Safety
– Keep up-to-date with Updates
– Put a Leash on JavaScript
– Use Enhanced Mitigation Experience Toolkit
– Prop up Your Passwords
– Harden your Hardware
– Set Default DNS servers
– Use Antivirus Software
– Force Apps to Play in the Sandbox
– Use post-compromise remedies
Security.1 4
Bad Guy uses for your PC
Security.1 5
The Scrap Value of a Hacked PC (1)
Security.1 6
The Scrap Value of a Hacked PC (2)
Security.1 7
The Scrap Value of a Hacked PC (3)
Security.1 8
The Scrap Value of a Hacked PC (4)
Security.1 9
Overview: Multiple Layers of Security
• Explain Bad Guy uses for your PC
• Layers of Security
– Obey 3 Basic Rules of Safety
Security.1 10
Krebs’s 3 Basic Rules for online safety
Security.1 11
1) If you didn’t go looking for it, don’t install it
2) If you installed, update it
3) If you no longer need it, get rid of it!
Overview: Multiple Layers of Security
• Explain Bad Guy uses for your PC
• Layers of Security
– Obey 3 Basic Rules of Safety
– Keep up-to-date with Updates
Security.1 12
Keep Up-to-Date with Updates
Security.1 13
1) Secure By Design’s: Ninite
2) FileHippo’s: Update Checker
3) Secunia’s: Personal Software Inspector
4) Microsoft’s: Security Update
Ninite
Security.1 14
Ninite Updater
Security.1 15
FileHippo Updater
Security.1 16
FileHippo Updater
Security.1 17
Keep Up-to-Date with Updates
Security.1 18
Secunia PSI Updater
Security.1 19
Overview: Multiple Layers of Security
• Explain Bad Guy uses for your PC
• Layers of Security
– Obey 3 Basic Rules of Safety
– Keep up-to-date with Updates
– Put a Leash on JavaScript
Security.1 20
Managing JavaScript
Security.1 21
Most Web sites use JavaScript, a powerful scripting
language that helps make sites interactive.
Unfortunately, a huge percentage of Web-based attacks
use JavaScript tricks to foist malicious software and
exploits onto site visitors.
To protect yourself, it is critically important to have an easy
method of selecting which sites should be allowed to run
JavaScript in the browser.
JAVA Control
Security.1 22
JAVA Control
Security.1 23
JavaScript Control
Security.1 24
JavaScript Control
Security.1 25
0
JavaScript Control
Security.1 26
0
JavaScript Control: NoScript (Firefox)
Security.1 27
JavaScript Control: NotScripts (Chrome)
Security.1 28
Overview: Multiple Layers of Security
• Explain Bad Guy uses for your PC
• Layers of Security
– Obey 3 Basic Rules of Safety
– Keep up-to-date with Updates
– Put a Leash on JavaScript
– Use Enhanced Mitigation Experience Toolkit
Security.1 29
EMET
Security.1 30
EMET, short for the Enhanced Mitigation Experience Toolkit, is a free tool from Microsoft that can help Windows users beef up the security of commonly used applications, whether they are made by a third-party vendor or by Microsoft.
EMET allows users to force applications to use one or both of two key security defenses built into Windows Vista and Windows 7 — Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR).
EMET
Security.1 31
Put very simply, DEP is designed to make it harder to exploit security vulnerabilities on Windows, and ASLR makes it more difficult for exploits and malware to find the specific places in a system’s memory that they need to do their dirty work.
EMET can force individual applications to perform ASLR on every component they load, whether the program wants it or not.
EMET (Video)
Security.1 32
Enhanced Mitigation Experience Toolkit
Link: Installing and Configuring EMET https://www.microsoft.com/en-us/showcase/details.aspx?uuid=7683a9cb-28c9-428f-ada6-8adafd2efbee
Links: Multiple Layers of Security
1. Tools for a Safer PC
https://krebsonsecurity.com/tools-for-a-safer-pc/
2. Ninite web-site
https://ninite.com/
3. FileHippo UpdateChecker
http://www.filehippo.com/updatechecker/
4. Secunia PSI web-site
https://secunia.com/vulnerability_scanning/personal/
5. Learn how to enable JavaScript in the most popular web browsers.
http://activatejavascript.org/en/instructions
6. NoScript Firefox Add-On
https://addons.mozilla.org/en-US/firefox/addon/noscript/?src=search
7. NotScripts: Google Chrome Extension
https://chrome.google.com/webstore/detail/notscripts/odjhifogjcknibkahlpidmdajjpkkcfn
8. Installing and Configuring EMET (VIDEO)
https://www.microsoft.com/en-us/showcase/details.aspx?uuid=7683a9cb-28c9-428f-ada6-8adafd2efbee
9. Enhanced Mitigation Experience Toolkit v3.0
https://www.microsoft.com/en-us/download/details.aspx?id=29851
Security.1 33
Thank You!
Security.1 34