Hacking and Securing Laptops - PowerPoint PPT Presentation

About This Presentation
Title:

Hacking and Securing Laptops

Description:

Password protected screen saver. Educate users to activate screen savers ... Screen Saver. 9/6/09. Access and Authentication. Tokens or smartcards. Two factor ... – PowerPoint PPT presentation

Number of Views:34
Avg rating:3.0/5.0
Slides: 56
Provided by: me690
Category:

less

Transcript and Presenter's Notes

Title: Hacking and Securing Laptops


1
Hacking and Securing Laptops
2
Outline
  • Objectives
  • The risks
  • Hacking laptops
  • Physical security
  • Access and authentication
  • Network security
  • Data security

3
Objectives
  • Examine techniques for hacking laptops
  • Analyse tools and systems for securing laptops

4
The Risks
  • Laptops are very common
  • Extremely useful
  • Inexpensive
  • Laptops can contain a great deal of critical
    information
  • MoD provide a good example!
  • More difficult to secure than LAN systems
  • Fewer physical controls
  • Less centralisation
  • The human factor!

5
Hacking Laptops
  • Wired network connection
  • LAN
  • Use same techniques as hacking any host
  • Modem / Remote access
  • Interception on the wire
  • Wireless network connection (long range)
  • Wireless networking (802.11b)
  • Insecure protocol
  • Available in public

6
Hacking Laptops
  • Wireless network connection (short range)
  • Personal Area Networks
  • IR
  • Bluetooth
  • Theft!
  • Bios password crackers
  • Encryption crackers
  • File undelete utilities

7
Physical Security
  • Asset tagging
  • Tamper resistance is critical
  • Makes resale more difficult
  • May assist in recovery
  • Cable locks
  • Universal Security Slot (USS) fitted to most
    laptops
  • Tether laptops to an immovable or heavy object
  • Motion sensitive alarms
  • Locking docking stations
  • Tracker systems

8
Cable Lock
9
Motion Sensitive Alarm
10
Physical Security Procedures
  • Ensure users are aware of physical security
    features
  • Educate mobile users about risks in common theft
    locations
  • Airports
  • Cars
  • Hotels
  • Conferences

11
Access and Authentication
  • BIOS passwords
  • Setup password
  • Power on password
  • Password protected screen saver
  • Educate users to activate screen savers
  • Use time delay activation

12
Screen Saver
13
Access and Authentication
  • Tokens or smartcards
  • Two factor authentication
  • Secure local login
  • RSA SecurID
  • Biometrics
  • Provides two or even three factor authentication
  • Fingerprint recognition
  • Built-in to keyboard or mouse
  • Ankari Biomouse
  • Compaq

14
Access and Authentication
  • Biometrics (continued)
  • Facial recognition
  • Using built-in camera
  • FaceIT NT
  • TrueFace
  • Voice recognition
  • Using built-in microphone
  • Citadel Gatekeeper
  • VoiceCrypt

15
Biometrics
16
Network Security
  • Personal firewalls
  • Provides network control point
  • Generally packet filters, not stateful
  • Often includes some application firewall
    capability
  • Controls outbound and inbound traffic
  • ZoneAlarm
  • BlackICE Defender
  • Personal firewall management
  • Create a central rulebase for distribution
  • CheckPoint Firewall-1 NG SecureDesktop
  • Only allow services that users absolutely require

17
Personal Firewall Management
18
Network Security
  • Secure connections to corporate networks
  • Dedicated modem / ISDN lines
  • Virtual Private Networks
  • Uses Internet as transport
  • Creates encrypted tunnel
  • Use two factor authentication
  • Secure wireless networking
  • 802.11b
  • Use Wireless Encryption Protocol
  • Bluetooth
  • Use enforced authentication
  • Disable Infrared

19
Data Security
  • Harden OS
  • Secure administrative accounts
  • Disable guest access
  • Do not display last logged-on user
  • Do not install unnecessary services (e.g. IIS,
    NFS)
  • Use NTFS or similar
  • On-disk encryption
  • Store sensitive data in an encrypted section of
    the disk
  • Encrypted File System (EFS) built-in to Windows
    2000
  • BestCrypt
  • E4M
  • PGP

20
On-disk Encryption
21
Data Security
  • Secure deletion facility
  • Ensures deleted files are really gone!
  • Overwrites deleted files several times
  • PGP suite
  • Anti virus
  • Critical protects all means of inputting files
  • Use resident scanner as well as scheduled scans
  • Ensure virus definitions are regularly updated

22
Data Security
  • Backups
  • Prevent loss in the event of theft
  • Synchronisation while connected
  • Windows 2000 mirrored folders
  • Manual copy
  • E-mail

23
Questions
?
?
?
?
?
?
?
?
?
24
(No Transcript)
25
(No Transcript)
26
(No Transcript)
27
(No Transcript)
28
(No Transcript)
29
(No Transcript)
30
(No Transcript)
31
(No Transcript)
32
(No Transcript)
33
(No Transcript)
34
(No Transcript)
35
(No Transcript)
36
(No Transcript)
37
(No Transcript)
38
(No Transcript)
39
(No Transcript)
40
(No Transcript)
41
(No Transcript)
42
(No Transcript)
43
(No Transcript)
44
(No Transcript)
45
(No Transcript)
46
(No Transcript)
47
(No Transcript)
48
(No Transcript)
49
(No Transcript)
50
(No Transcript)
51
(No Transcript)
52
(No Transcript)
53
(No Transcript)
54
(No Transcript)
55
(No Transcript)
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Hacking and Securing Laptops" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!