DOC PREVIEW
DMC ITSY 2430 - Defence in Depth on the Home Front

This preview shows page 1-2-17-18-19-36-37 out of 37 pages.

Save
View full document
View full document
Premium Document
Do you want full access? Go Premium and unlock all 37 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 37 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 37 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 37 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 37 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 37 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 37 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 37 pages.
Access to all documents
Download any document
Ad free experience

Unformatted text preview:

Defence in Depth on the Home Front GIAC Security Essentials Certification (GSEC) Practical Assignment Version 1.4b - Option 1 Thomas Harbour April 3, 2003i Table of Contents 1. Abstract ...................................................................................................... 1 2. Introduction ................................................................................................ 1 2.1 Are Intruders Targeting the Home User? ................................................ 1 2.2 Principles of Information Security applied to the Home User .................. 3 2.3 The Defence in Depth Approach for the Home User .............................. 4 3. Implementing the Recommended Defensive Actions................................. 6 3.1 Implementing the Network Access Layer Defensive Measures .............. 6 3.1.1 Use a firewall..................................................................................... 6 3.1.2 Disconnect from the Internet when not using it ................................. 7 3.2 Implementing the Operating System Layer Defensive Measures ........... 7 3.2.1 Use a robust operating system.......................................................... 7 3.2.2 Keep up with patch releases ............................................................. 8 3.2.3 Make a boot/ERD disk and keep it current........................................ 9 3.2.4 Use and keep up to date anti-virus software ..................................... 9 3.2.5 Harden the OS by turning off unnecessary clients, services and features ......................................................................................................... 9 3.3 Implementing the User Application Layer Defensive Measures ............ 10 3.3.1 Keep up with patch releases ........................................................... 10 3.3.2 Do not install programs of unknown origin ...................................... 11 3.3.3 Disable Java, JavaScript, and ActiveX when possible .................... 11 3.3.4 Disable scripting features in e-mail programs when possible.......... 11 3.4 Implementing the Data Layer Defensive Measures .............................. 11 3.4.1 Regular backups of critical data ...................................................... 11 3.4.2 Use encryption to ensure confidentiality of sensitive data............... 12 3.4.3 Use Strong Passwords.................................................................... 13 3.4.4 Open E-mail Attachments with Care ............................................... 13 4. Comparing Three Readily Available Personal Firewalls........................... 14 4.1 Windows 2000 - Using IP Security filters as a Static Packet Filter........ 15 4.1.1 Using a Static Packet Filter as a Firewall ........................................ 15 4.1.2 Overview of IP Security Filters ........................................................ 16 4.1.3 Implementation of a Simple Firewall using IP Security filters.......... 17 4.1.4 Conclusions about this Firewall....................................................... 21 4.2 Windows XP Pro – Using Internet Connection Firewall (ICF) ............... 22 4.2.1 Overview of ICF............................................................................... 22 4.2.2 Implementation of ICF..................................................................... 23 4.2.3 Programs can change the ICF Ruleset ........................................... 23 4.2.4 Conclusions about this Firewall....................................................... 24 4.3 Windows - Using ZoneAlarm Personal Firewall .................................... 25 4.3.1 Overview of ZoneAlarm................................................................... 25 4.3.2 Conclusions about this Firewall....................................................... 25 4.4 Vulnerability of Testing of the Firewalls................................................. 25 5. Conclusion ............................................................................................... 28 Annex A – Connections and Listening Ports..................................................... 29 Annex B – Highlights of Nessus Report with no Firewall/Filtering..................... 30ii Annex C – Microsoft Recommended Updates for Microsoft Windows XP Pro . 31 References........................................................................................................ 32 List of Figures Figure 1. Most common Intruder methods used against home computers ......... 4 Figure 2. Protecting the Internet-connected Home PC ..................................... 15 Figure 3. A Static packet filter firewall and the OSI Model ................................ 15 Figure 4. Defining a Firewall Policy using IP Security filters.............................. 18 Figure 5. New Rule Properties window ............................................................. 19 Figure 6. IP Filter List window ........................................................................... 19 Figure 7. Protocol tab of the IP Filter List window ............................................. 20 Figure 8. Filter Action tab of the IP Filter List window ....................................... 20 Figure 9. Revised Firewall Policy ...................................................................... 21 List of Tables Table 1. Summary of intrusion attempts from ZoneAlarm log files ..................... 2 Table 2. Defence in Depth – Defensive Actions at each layer ............................ 6 Table 3. Results of testing the Firewalls ........................................................... 27 Table 4. Microsoft Recommended Updates for Microsoft Windows XP Pro ..... 311/34 1. Abstract The home Internet user is a target for intruders. The key question facing home Internet users is how they can securely access the Internet without sacrificing the required level of usability. After all if the security measures are too severe then use of the Internet will be very frustrating and either the Internet will not be accessed or more likely, the security measures will be circumvented or ignored to increase usability. This paper sets out a defence in depth approach to meet the security needs of the Windows-based home Internet user while maintaining usability. The four layers of defence identified and discussed are: network access; the operating system; user applications; and data. The most


View Full Document

DMC ITSY 2430 - Defence in Depth on the Home Front

Documents in this Course
Load more
Download Defence in Depth on the Home Front
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view Defence in Depth on the Home Front and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Defence in Depth on the Home Front 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?