1 / 55

Hacking and Securing Laptops

Hacking and Securing Laptops. Outline. Objectives The risks Hacking laptops Physical security Access and authentication Network security Data security. Objectives. Examine techniques for hacking laptops Analyse tools and systems for securing laptops. The Risks. Laptops are very common

pier
Download Presentation

Hacking and Securing Laptops

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Hacking and Securing Laptops

  2. Outline • Objectives • The risks • Hacking laptops • Physical security • Access and authentication • Network security • Data security

  3. Objectives • Examine techniques for hacking laptops • Analyse tools and systems for securing laptops

  4. The Risks • Laptops are very common • Extremely useful • Inexpensive • Laptops can contain a great deal of critical information • MoD provide a good example! • More difficult to secure than LAN systems • Fewer physical controls • Less centralisation • The human factor!

  5. Hacking Laptops • Wired network connection • LAN • Use same techniques as hacking any host • Modem / Remote access • Interception on the wire • Wireless network connection (long range) • Wireless networking (802.11b) • Insecure protocol • Available in public

  6. Hacking Laptops • Wireless network connection (short range) • Personal Area Networks • IR • Bluetooth • Theft! • Bios password crackers • Encryption crackers • File undelete utilities

  7. Physical Security • Asset tagging • Tamper resistance is critical • Makes resale more difficult • May assist in recovery • Cable locks • Universal Security Slot (USS) fitted to most laptops • Tether laptops to an immovable or heavy object • Motion sensitive alarms • Locking docking stations • Tracker systems

  8. Cable Lock

  9. Motion Sensitive Alarm

  10. Physical Security Procedures • Ensure users are aware of physical security features • Educate mobile users about risks in common theft locations: • Airports • Cars • Hotels • Conferences

  11. Access and Authentication • BIOS passwords • Setup password • Power on password • Password protected screen saver • Educate users to activate screen savers • Use time delay activation

  12. Screen Saver

  13. Access and Authentication • Tokens or smartcards • Two factor authentication • Secure local login • RSA SecurID • Biometrics • Provides two or even three factor authentication • Fingerprint recognition • Built-in to keyboard or mouse • Ankari Biomouse • Compaq

  14. Access and Authentication • Biometrics (continued) • Facial recognition • Using built-in camera • FaceIT NT • TrueFace • Voice recognition • Using built-in microphone • Citadel Gatekeeper • VoiceCrypt

  15. Biometrics

  16. Network Security • Personal firewalls • Provides network control point • Generally packet filters, not stateful • Often includes some application firewall capability • Controls outbound and inbound traffic • ZoneAlarm • BlackICE Defender • Personal firewall management • Create a central rulebase for distribution • CheckPoint Firewall-1 NG SecureDesktop • Only allow services that users absolutely require

  17. Personal Firewall Management

  18. Network Security • Secure connections to corporate networks • Dedicated modem / ISDN lines • Virtual Private Networks • Uses Internet as transport • Creates encrypted ‘tunnel’ • Use two factor authentication • Secure wireless networking • 802.11b • Use Wireless Encryption Protocol • Bluetooth • Use enforced authentication • Disable Infrared

  19. Data Security • Harden OS • Secure administrative accounts • Disable guest access • Do not display last logged-on user • Do not install unnecessary services (e.g. IIS, NFS) • Use NTFS or similar • On-disk encryption • Store sensitive data in an encrypted section of the disk • Encrypted File System (EFS) built-in to Windows 2000 • BestCrypt • E4M • PGP

  20. On-disk Encryption

  21. Data Security • Secure deletion facility • Ensures deleted files are really gone! • Overwrites deleted files several times • PGP suite • Anti – virus • Critical – protects all means of inputting files • Use resident scanner as well as scheduled scans • Ensure virus definitions are regularly updated

  22. Data Security • Backups • Prevent loss in the event of theft • Synchronisation while connected • Windows 2000 mirrored folders • Manual copy • E-mail

  23. Questions ? ? ? ? ? ? ? ? ?

More Related