You are on page 1of 106

IMED BOOK Protection In Cyber World

UNIT 1 Introduction to Cyber Security

1) Need of cyber security 1. Everybody is using COMPUTERS. 2. From white collar criminals to terrorist organizations And from Teenagers to Adults 3. Conventional crimes like Forgery, extortion, kidnapping etc. Are being committed with the help of computers 4. New generation is growing up with computers 5. MOST IMPORTANT - Monetary transactions are moving on to the IINTERNET So we use computers for everything from banking and investing to shopping and communicating with others through email or chat programs. Although you may not consider your communications "top secret," you probably do not want strangers reading your email, using your computer to attack other systems, sending forged email from your computer, or examining personal information stored on your computer such as financial statements. All crimes are performed or resorted by abuse of electronic media or otherwise, with the purpose of influencing the functioning of computer or computer system. COMPUTER CRIME is any crime where Computer is a target. Computer is a tool of crime Computer is incidental to crime Computer Crimes are Vulnerable because of lack of user awareness. The victims may be the gullible, desperados and greedy people, Unskilled & Inexperienced people, unlucky people. And disgruntled employees, teenagers, political hacktivist, professional hackers, business rival, ex-Boy Friend, divorced husband Etc. may be the cyber criminals Intruders also referred to as hackers, attackers, or crackers may not care about your identity. Often they want to gain control of your computer so they can use it to launch attacks on other computer systems. Having control of your computer gives them the ability to hide their true location as they launch attacks; often against high-profile computer systems such as government or financial systems. Even if you have a computer

connected to the Internet only to play the latest games or to send email to friends and family, your computer may be a target. Intruders may be able to watch all your actions on the computer, or cause damage to your computer by reformatting your hard drive or changing your data. Unfortunately, intruders are always discovering new vulnerabilities informally called "security holes" to exploit in computer software. The complexity of software makes it increasingly difficult to thoroughly test the security of computer systems. When holes are discovered, computer vendors will usually develop patches to address the problem. However, it is up to you, the user, to obtain and install the patches, or correctly configure the software to operate more securely. Also, some software applications have default settings that allow other users to access your computer unless you change the settings to be more secure. Examples include chat programs that let outsiders execute commands on your computer or web browsers that could allow someone to place harmful programs on your computer that run when you click on them. Now it seems that everything relies on computers and the Internet now communication (email, cell phones), entertainment (digital cable, mp3s), transportation (car engine systems, airplane navigation), shopping (online stores, credit cards), medicine (equipment, medical records), and the list goes on. How much of your daily life relies on computers? How much of your personal information is stored either on your own computer or on someone else's system? Cyber security involves protecting that information by preventing, detecting, and responding to attacks. 2)Understanding cyber security Computer security is a branch of computer technology known as information security as applied to computers and networks. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to remain accessible and productive to its intended users. The term computer system security means the collective processes and mechanisms by which sensitive and valuable information and services are protected from publication, tampering or collapse by unauthorized activities or untrustworthy individuals and unplanned events respectively. Cyber security is the process of preventing and detecting unauthorized use of your computer and network. Prevention measures help you to stop unauthorized users also known as "intruders" from accessing any part of your computer system. Cyber security helps you to determine

whether or not someone attempted to break into your system, if they were successful, and what they may have done and what may be the further security. 3)Layered approach in cyber security 4)Relevant case studies Salami attacks In such crime criminal makes insignificant changes in such a manner that such changes would go unnoticed. Criminal makes such program that deducts small amount like Rs. 2.50 per month from the account of all the customer of the Bank and deposit the same in his account. In this case no account holder will approach the bank for such small amount but criminal gains huge amount. E.g. The Ziegler case wherein a logic bomb was introduced in the banks system, which deducted 10 cents from every account and deposited it in a particular account. UNIT 2 Passwords

1) Case studies related with computer passwords. 2) Use of System passwords/BIOS passwords. A password is a form of secret authentication data that is used to control access to a resource. The password is kept secret from those not allowed access, and those wishing to gain access are tested on whether or not they know the password and are granted or denied access accordingly. It is a protected word or string of characters which serves as authentication of a person's identity, or which may be used to grant or deny access to private or shared data. passwords are used to control access to protected computer operating systems, mobile phones, cable TV decoders, automated teller machines (ATMs), etc. A typical computer user may require passwords for many purposes: logging in to computer accounts, retrieving email from servers, accessing files, databases, networks, web sites, and even reading the morning newspaper online. Types of Password 1. BIOS Password

2. System Password i. Administrator password ii. User password 1. BIOS Password BIOS is an acronym for basic input/output system. Computers BIOS is the first program that is run when computer starts. You can tell the BIOS to ask for a password when it starts, thus restricting access to your computer. A computer's Basic Input-Output System (BIOS) is embedded software on a motherboard that will control attached hardware. It provides an operating system with information about hardware, and is designed to support a specific range of components. The BIOS itself is typically an EEPROM, or Electronically Erasable Programmable Read-Only Memory, that is programmed with "firmware" and has the ability to save small amounts of information specific to user configurations. To enter into the BIOS setup program Sometimes it is also called CMOS setup. When the PC is powering up, immediately initiate execution of the BIOS utility. For most systems, this is done by pressing DEL key on the keyboard within the first 2 - 10 seconds of turning the computer on. Other systems might use other keys such as F2, F10, CTRL & ENTER, etc. If you don't know the keystroke sequence for entering the BIOS utility, watch the monitor to see if the computer displays it. To clear the BIOS settings, look for an option to "Restore Defaults" or "Load Fail-Safe Defaults". This may be on the main page of the BIOS utility or on the last page of a tabbed menu. Use the arrow keys to navigate, and follow the on-screen instructions. When complete, save the settings and exit the BIOS utility. When you hit DEL at the right time you'll see a menu screen something like the following screen:

Fig 1: BIOS or CMOS setting screen As you can see there are two options that relate to passwords, Supervisor Password and User Password, these relate to controlling access to the BIOS Setup Program and the Machine Boot respectively. Note that not all BIOS's have this password feature; your bios may not have it in which case you won't be able to restrict access to your computer in this way. Select USER PASSWORD and you'll be prompted to enter a password: You should now enter a password of up to eight characters; most BIOS's are limited to eight characters unfortunately. Recommend you use the full eight but take care that you choose something you'll not forget. The BIOS will then prompt you to confirm the password, just type the same thing again.

Now navigate back to the main menu and select SAVE & EXIT SETUP. Your machine will then reboot and you'll be prompted for the password. Each and every time you boot you'll be asked for password you chose. If you forget your BIOS password, consult your motherboard manual or if you don't have one, consult the website of the BIOS manufacturer. It's not always the DEL key some BIOS's use F2 or F10 or another key combination, check your motherboard manual. 2.System Password It includes i. User Password ii. Administrator Password i. User Password They are the passwords assigned to the users on a single machine or a domain. Different users can have different permissions on the same objects. Permissions may be granted to a single user or to users group.

Create User and Set Password a) Go to Start -> Control panel

b) Click on User account

c) Clicking on user account following window will appear where you can create new user by clicking on create new account link.

d) In following window you give the new user name and click next


In following window you can select the account type as a administrator or limited and click on create account button.

f) In following window new user has been created. By clicking on specific user account you can set the password.

g) In following window click on create a password link for setting a password for that user. How to assign a Password For e.g. User password or Administrator password Start -> Control panel -> User account -> create password

h) Give the desire password in given box and click create password button.

i) In the following window new account has been created with the limited account type and it is now password protected.

j) In this way you can create other account and set the password for that account. There are also other settings that you can do by clicking on the particular link such as change the name of account, change the password, remove the password, change the picture, change the account type, delete the account. ii) Administrator Password Administrator password as the name suggests is assigned to the administrator of the machine who has all the powers to make changes on the machine and privileges to assign different rights to different users. Note: Setting the user and administrator password is mentioned as above in snapshots.

3) Need of strong passwords. While passwords are a vital component of system security, they can be cracked or broken relatively easily. Password cracking is the process of figuring out or breaking passwords in order to gain unauthorized entrance to a system or account. It is much easier than most users would think. Another easy way for potential intruders to nab passwords is through social engineering: physically nabbing the password off a Post-It from under someones keyboard or through imitating an IT engineer and asking over the phone. Many users create passwords that can be guessed by learning a minimal amount of information about the person whose password is being sought. In order to protect our data it is important that you should have a strong/complete security policy in effect. Passwords are an extremely important aspect of that security policy. They are the front line of protection for user accounts; it has been proven that computer hackers are able to guess or gather passwords to accounts, which can enable them to compromise most systems.

So you can enhance the security of your networks by setting strong password policies. Improve your computer's security by creating strong passwords and reducing your risk from online predators, email hoaxes and phishing scams. Strong passwords are important protections to help you have safer online transactions. Your passwords are the keys you use to access personal information that you've stored on your computer and in your online accounts. If criminals or other malicious users steal this information, they can use your name to open new credit card accounts, apply for a mortgage, or pose as you in online transactions. In many cases you would not notice these attacks until it was too late. Hence it is not hard to create strong passwords and keep them well protected. Obviously, passwords are just one piece of the puzzle. Other pieces are general user education, good physical security, plugging network holes, and installing strong firewalls. These provide much more global protection in the controlled corporate environment than passwords alone, but in areas where the only method of control users have is a PIN or password, the best thing we can do is be aware of security risks and keep up with their password controls.

4) Setting up strong passwords To an attacker, a strong password should appear to be a random string of characters. The following criteria can help your passwords do so: i. Make it lengthy. Each character that you add to your password increases the protection that it provides many times over. Your passwords should be 8 or more characters in length; 14 characters or longer is ideal. ii. Many systems also support use of the space bar in passwords, so you can create a phrase made of many words (a "pass phrase"). A pass phrase is often easier to remember than a simple password, as well as longer and harder to guess. iii. Combine letters, numbers, and symbols. The greater variety of characters that you have in your password, the harder it is to guess. Other important specifics include: The fewer types of characters in your password, the longer it must be. A 15-character password composed only of random letters and numbers is about 33,000 times stronger than an 8character password composed of characters from the entire keyboard. If you cannot create a password that contains symbols, you need to make it considerably longer to get the same degree of protection. An ideal password combines both length and different types of symbols.

Use the entire keyboard, not just the most common characters. Symbols typed by holding down the "Shift" key and typing a number are very common in passwords. Your password will be much stronger if you choose from all the symbols on the keyboard, including punctuation marks not on the upper row of the keyboard, and any symbols unique to your language. Use words and phrases that are easy for you to remember, but difficult for others to guess. The easiest way to remember your passwords and pass phrases is to write them down. Contrary to popular belief, there is nothing wrong with writing passwords down, but they need to be adequately protected in order to remain secure and effective.

Create a strong, memorable password in 5 steps Use these steps to develop a strong password: i. Think of a sentence that you can remember. This will be the basis of your strong password or pass phrase. Use a memorable sentence, such as "My son Amit is three years old." ii. Check if the computer or online system supports the pass phrase directly. If you can use a pass phrase (with spaces between characters) on your computer or online system, do so. iii. If the computer or online system does not support pass phrases, convert it to a password. Take the first letter of each word of the sentence that you've created and create a new, nonsensical word. Using the example above, you'd get: "msaityo".

iv. Add complexity by mixing uppercase and lowercase letters and numbers. It is valuable to use some letter swapping or misspellings as well. For instance, in the pass phrase above, consider misspelling Amit's name, or substituting the word "three" for the number 3. There are many possible substitutions, and the longer the sentence, the more complex your password can be. Your pass phrase might become "My SoN Am3T is 3 yeeRs old." If the computer or online system will not support a pass phrase, use the same technique on the shorter password. This might yield a password like "MsAi3yo". v. Finally, substitute some special characters. You can use symbols that look like letters, combine words (remove spaces) and other ways to make the password more complex. Using these tricks, we create a pass phrase of "MySoN 8N i$ 3 yeeR$ old" or a password (using the first letter of each word) "M$8ni3y0". Password strategies to avoid i. Some common methods used to create passwords are easy to guess by criminals. To avoid weak, easy-to-guess passwords: ii. Avoid sequences or repeated characters. "12345678," "222222," "abcdefg," or adjacent letters on your keyboard do not help make secure passwords. iii. Avoid using only look-alike substitutions of numbers or symbols. Criminals and other malicious users who know enough to try and crack your password will not be fooled by common look-alike replacements, such as to replace an 'i' with a '1' or an 'a' with '@' as in "M1cr0$0ft" or "P@ssw0rd". But these substitutions can be effective when combined with other measures, such as length, misspellings, or variations in case, to improve the strength of your password. iv. Avoid any part of your name, birthday, car number plate, or similar information. This is one of the first things criminals will try. v. Avoid dictionary words in any language. Criminals use sophisticated tools that can rapidly guess passwords that are based on words in multiple dictionaries, including words spelled backwards, common misspellings, and substitutions. This includes all sorts of profanity and any word you would not say in front of your children. vi. Use more than one password everywhere. If any one of the computers or online systems using this password is compromised, all of your other information protected by that password should be considered compromised as well. It is critical to use different passwords for different systems. vii. Avoid using online storage. If malicious users find these passwords stored online or on a networked computer, they have access to all your information.

Keep your passwords secret Treat your passwords and pass phrases with as much care as the information that they protect. i. Don't reveal them to others. Keep your passwords hidden from friends or family members especially children that could pass them on to other less trustworthy individuals. Passwords that you need to share with others, such as the password to your online banking account that you might share with your partner, are the only exceptions. ii. Protect any recorded passwords. Be careful where you store the passwords that you record or write down. Do not leave these records of your passwords anywhere that you would not leave the information that they protect. iii. Never provide your password over e-mail or based on an e-mail request. Any e-mail that requests your password or requests that you to go to a Web site to verify your password is almost certainly a fraud. This includes requests from a trusted company or individual. E-mail can be intercepted in transit, and e-mail that requests information might not be from the sender it claims. Internet "phishing" scams use fraudulent email messages to entice you into revealing your user names and passwords, steal your identity, and more. iv. Change your passwords regularly. This can help keep criminals and other malicious users unaware. The strength of your password will help keep it good for a longer time. A password that is shorter than 8 characters should be considered only good for a week or so, while a password that is 14 characters or longer can be good for several years. v. Do not type passwords on computers that you do not control. Computers such as those in Internet cafes, computer labs, shared systems, kiosk systems, conferences, and airport lounges should be considered unsafe for any personal use other than anonymous Internet browsing. Do not use these computers to check online e-mail, chat rooms, bank balances, business mail, or any other account that requires a user name and password. Criminals can purchase keystroke logging devices for very little money and they take only a few moments to install. These devices let malicious users harvest all the information typed on a computer from across the Internetyour passwords and pass phrases are worth as much as the information that they protect.

UNIT 3 Physical Security

1) Case studies related with physical security. 2) Need of physical security. The first layer of security you need to take into account is the physical security of your computer systems. Security is the condition of being protected against danger or loss. As security is essential in our day to day life it is also essential in the world of computers too. We have already seen the importance of data stored in computers, its use and the consequences that we have to face if this data is not protected i.e., if it is not secured. Computer Security can be defined as the measures applied to ensure security and availability of the information processed, stored and transmitted by the computer. It is protection of information assets through the use of technology, processes and training. The security measures applied differ with the differing levels of security requirements. As physical security can be achieved through the use of locks, security guards, closed circuit television, Biometrics, smart cards, fingerprinting, security tokens etc., the logical security can be achieved through the use of various antivirus softwares, firewalls, intrusion detection systems etc. 3) Understanding physical security. physical security is an extremely important part of keeping your computers and data secure-- if an experienced hacker can just walk up to your machine, it can be compromised in a matter of minutes. That may seem like a remote threat, but there are other riskslike theft, data loss, and physical damage that make it important to check your physical security posture for holes. It deals with such things as personnel, the environment, the facility and its power supply, fire protection, physical access, and even the protection of software, hardware, and data files. Physical security is concerned with physical measures designed to safeguard people, to prevent unauthorized access to equipment, facilities, hardware, materials and documents, and to safeguard them from damage or loss. The risk associated due to improper physical access maybe

1. 2. 3. 4. 5.

Unauthorized entry Damage or theft of equipments or documents. Copying or viewing of sensitive data. Abuse of data. Illegal physical access.

Remember that network security starts at the physical level. All the firewalls in the world wont stop an intruder who is able to gain physical access to your network and computers, so lock up as well as lock down. Basic Physical Security Every general computer networking class teaches the OSI and/or DoD networking models, and we all learn that everything begins at the bottom, with the physical level. Likewise, when it comes to IT security, physical security is the foundation for our overall strategy. But some individual, organizations, distracted by the more sophisticated features of software-based security products, may overlook the importance of ensuring that the network and its components have been protected at the physical level. There are simple principles to follow: Keeping People Away Most large corporations maintain very strict control over who can enter their datacenters. They use card key or keypad systems, log books and human security to limit unauthorized access. If you don't have a datacenter, this might seem like overkillvery small companies often tend to have their servers in hallways, reception areas, or other publicly-accessible spaces. Not only does this expose them to malicious attacks, it increases the risk of accidents from spilled coffee, people tripping over cables, and small, curious children. If at all possible, sensitive servers should be kept behind a locked door, not just a door with a lock, and access should be limited to a select set of trustworthy administrators. Of course, you shouldn't let security concerns override the environmental requirements of your hardware. For instance, locking a server in a closet prevents malicious users from accessing it, but if not adequately ventilated, the computer will overheat and fail, rendering your security concerns pointless. Of course, your computers aren't the only valuable asset you have: consider the worth of your backup tapes! If you want your backups to be generally useful, you'd better be storing them somewhere that protects them against fire, theft, and spilled diet Coke. Lock up the server room

Even before you lock down the servers, in fact, before you even turn them on for the first time, you should ensure that there are good locks on the server room door. Of course, the best lock in the world does no good if it isnt used, so you also need policies requiring that those doors be locked any time the room is unoccupied, and the policies should set out who has the key or keycode to get in. The server room is the heart of your physical network, and someone with physical access to the servers, switches, routers, cables and other devices in that room can do enormous damage. Use rack mount servers Rack mount servers not only take up less server room real estate; they are also easier to secure. Although smaller and arguably lighter than (some) tower systems, they can easily be locked into closed racks that, once loaded with several servers, can then be bolted to the floor, making the entire package almost impossible to move, much less to steal. Keep Out It's a good idea to restrict physical access, and limit potential damage, but someone's got to be able to use the computersyou can't keep everyone away from them. The next layer of a good physical security plan is to limit what can be done with the computers. Here's a great security feature that costs nothing: lock your computer when you're walking away from it. In Windows NT, Windows 2000, or Windows XP, you only have to quickly hit Ctrl+Alt+Delete, then "k" or windows key+L (the shortcut for the Lock button). A fast-typing attacker can get to your machine and share its disk drives with no passwords in under 10 secondsbut not if the machine's locked! Action Get in the habit of locking your computer whenever you're away from it. A corollary to the idea of restricting physical access to the areas where your computers are is to restrict people's access to the computers' components. You can do this with the physical security features built in to your computers. Practically every desktop, tower, or laptop computer sold in the last 15 years or so has some useful security features that you can apply to make it harder to attack or steal your computer or, at worst, to render it useless if stolen; Windows provides a number of useful features too.

Lock the CPU case. Most desktop and tower cases have locking lugs that you can use to keep an intruder from opening the case.

Use a cable-type security lock to keep someone from stealing the whole computer. This is particularly good advice for laptops or small desktops that can easily be hidden inside a backpack or coat.

Configure the BIOS not to boot from the floppy drive. This makes it harder for an intruder to remove passwords and account data from your system's disks.

Consider whether it's worth the expense of using a motion-sensor alarm in the room where the computers located.

Use the syskey utility (supported in Windows NT 4.0, Windows 2000, and Windows XP) to secure the local accounts database, local copies of EFS encryption keys, and other valuables that you don't want attackers to have.

Use the Encrypting File System (EFS) to encrypt sensitive folders on your machine. EFS is available for all versions of Windows 2000 and for Windows XP Professionalwhether you're using a laptop, desktop, or server, EFS adds an extra layer of protection.

Set up surveillance Locking the door to the server room is a good first step, but someone could break in, or someone who has authorized access could misuse that authority. You need a way to know who goes in and out and when. A log book for signing in and out is the most elemental way to accomplish this, but it has a lot of drawbacks. A person with malicious intent is likely to just bypass it. A better solution than the log book is an authentication system incorporated into the locking devices, so that a smart card, token, or biometric scan is required to unlock the doors, and a record is made of the identity of each person who enters. A video surveillance camera, placed in a location that makes it difficult to tamper with or disable (or even to find) but gives a good view of persons entering and leaving should supplement the log book or electronic access system. Surveillance cams can monitor continuously, or they can use motion

detection technology to record only when someone is moving about. They can even be set up to send e-mail or cell phone notification if motion is detected when it shouldnt be (such as after hours). Make sure the most vulnerable devices are in that locked room Remember, its not just the servers you have to worry about. A hacker can plug a laptop into a hub and use sniffer software to capture data traveling across the network. Make sure that as many of your network devices as possible are in that locked room, or if they need to be in a different area, in a locked closet elsewhere in the building. Dont forget the workstations Hackers can use any unsecured computer thats connected to the network to access or delete information thats important to your business. Workstations at unoccupied desks or in empty offices (such as those used by employees who are on vacation or have left the company and not yet been replaced) or at locations easily accessible to outsiders, such as the front receptionists desk, are particularly vulnerable. Disconnect and/or remove computers that arent being used and/or lock the doors of empty offices, including those that are temporarily empty while an employee is at lunch or out sick. Equip computers that must remain in open areas, sometimes out of view of employees, with smart card or biometric readers so that its more difficult for unauthorized persons to log on. Keep intruders from opening the case Both servers and workstations should be protected from thieves who can open the case and grab the hard drive. Its much easier to make off with a hard disk in your pocket than to carry a full tower off the premises. Many computers come with case locks to prevent opening the case without a key. You can get locking kits from a variety of sources for very low cost, such as the one at Innovative Security Products. Protect the portables Laptops and handheld computers pose special physical security risks. A thief can easily steal the entire computer, including any data stored on its disk as well as network logon passwords that may be saved. If employees use laptops at their desks, they should take them with them when they leave or secure them to a permanent fixture with a cable lock, such as the one at PC Guardian.

Handhelds can be locked in a drawer or safe or just slipped into a pocket and carried on your person when you leave the area. Motion sensing alarms such as the one at are also available to alert you if your portable is moved. For portables that contain sensitive information, full disk encryption, biometric readers, and software that phones home if the stolen laptop connects to the Internet can supplement physical precautions. Pack up the backups Backing up important data is an essential element in disaster recovery, but dont forget that the information on those backup tapes, disks, or discs can be stolen and used by someone outside the company. Many IT administrators keep the backups next to the server in the server room. They should be locked in a drawer or safe at the very least. Ideally, a set of backups should be kept off site, and you must take care to ensure that they are secured in that offsite location. Dont overlook the fact that some workers may back up their work on floppy disks, USB keys, or external hard disks. If this practice is allowed or encouraged, be sure to have policies requiring that the backups be locked up at all times. Disable the drives If you dont want employees copying company information to removable media, you can disable or remove floppy drives, USB ports, and other means of connecting external drives. Simply disconnecting the cables may not deter technically savvy workers. Some organizations go so far as to fill ports with glue or other substances to permanently prevent their use, although there are software mechanisms that disallow it. Disk locks, such as the one at, can be inserted into floppy drives on those computers that still have them to lock out other diskettes. Protect your printers You might not think about printers posing a security risk, but many of todays printers store document contents in their own on-board memories. If a hacker steals the printer and accesses that memory, he or she may be able to make copies of recently printed documents. Printers, like servers and workstations that store important information, should be located in secure locations and bolted down so nobody can walk off with them. Also think about the physical security of documents that workers print out, especially extra copies or copies that dont print perfectly and may be just

abandoned at the printer or thrown intact into the trash can where they can be retrieved. Its best to implement a policy of immediately shredding any unwanted printed documents, even those that dont contain confidential information. This establishes a habit and frees the end user of the responsibility for determining whether a document should be shredded.

Protect Your Plumbing Network cabling, hubs and even the external network interface are extremely vulnerable points in a network. An attacker who can attach to your network can steal data in transit or mount attacks against computers on your network or on other networks! If at all possible, keep hubs and switches behind locked doors or in locked cabinets, run cabling through walls and ceilings to make it harder to tap, and ensure that your external data connection points are kept locked. A few other tips:

If you're using a DSL connection for your home or office computers, make sure the phone company's interface box is lockedif anything happens to its cabling, your DSL service will go away.

If you want to use wireless networking, be sure that you understand the security requirements. In brief, you need to secure your network so that an outside attacker can't intercept your traffic or join your network. The process of setting this up varies according to your wireless hardware vendor, but it's easy to do from Windows XP.

4) Accountability of physical security. Access and use must be specific to an individual user at a particular moment in time; it must be possible to track access and use to that individual. Throughout the entire protection process, user access must be appropriately controlled and limited to prevent excess privileges and the opportunity for serious errors. Tracking must always be an important dimension of this control. At the conclusion of the entire cycle, violations occurring during access and data manipulation phases must be reported on a regular basis so that these security problems can be solved. Accountability uses such system components as audit trails or records and logs to associate a subject with its actions. The information recorded should

be sufficient to map the subject to a controlling user. Audit trails and logs are important for

Detecting security violations Re-creating security incidents

If no one is regularly reviewing your logs and they are not maintained in a secure and consistent manner, they may not be admissible as evidence. Many systems can generate automated reports based on certain predefined criteria or thresholds, known as clipping levels. For example, a clipping level may be set to generate a report for the following:

More than three failed logon attempts in a given period Any attempt to use a disabled user account

These reports help a system administrator or security administrator to more easily identify possible break-in attempts. Activity must be tracked to specific individuals to determine accountability. Responsibility for all actions is an integral part of accountability; holding someone accountable without assigning responsibility is meaningless. Conversely, to assign responsibility without accountability makes it impossible to enforce responsibility. Therefore, any method for protecting resources requires both responsibility and accountability for all of the parties involved in developing, maintaining, and using processing resources. An example of providing accountability and responsibility can be found in the way some organizations handle passwords. Users are taught that their passwords are to be stored in a secure location and not disclosed to anyone. In some organizations, first-time violators are reprimanded; if they continue to expose organizational information, however, penalties may be imposed, including dismissal.

5) Security equipments (Biometrics, smart cards, fingerprinting, security tokens etc.) Biometrics

Biometric come from the Greek words "bio" (life) and "metric" (to measure). Biometrics is technologies used for measuring and analyzing a person's unique characteristics. Biometric characteristics can be divided in two main classes: Physiological are related to the shape of the body. Examples include, but are not limited to fingerprint, face recognition, DNA, hand and palm geometry, iris recognition, which has largely replaced retina, and odor/scent. Behavioral are related to the behavior of a person. Examples include, but are not limited to typing rhythm, gait, and voice. Some researchers have coined the term behaviometrics for this class of biometrics.

Use of Biometric Security Biometrics is used for identification and verification:


Identification is determining who a person is. It involves trying to find a match for a person's biometric data in a database containing records of people and that characteristic. This method requires time and a large amount of processing power, especially if the database is very large.


Verification is determining if a person is who they say they are. It involves comparing a user's biometric data to the previously recorded data for that person to ensure that this is the same person. This method requires less processing power and time, and is used for access control (to buildings or data). Need of Biometric Security Reliable user authentication is essential. The consequences of insecure authentication in a banking or corporate environment can be catastrophic, with loss of confidential information, money, and compromised data integrity. Many applications in everyday life also require user authentication, including physical access control to offices or buildings, e-commerce, healthcare, immigration and border control, etc. Currently, the prevailing techniques of user authentication are linked to passwords, user IDs, identification cards and PINs (personal identification numbers). These techniques suffer from several limitations like Passwords and PINs can be guessed, stolen or illicitly acquired by covert observation.

In addition, there is no way to positively link the usage of the system or service to the actual user. A password can be shared, and there is no way for the system to know who the actual user is. A credit card transaction can only validate the credit card number and the PIN, not if the transaction is conducted by the rightful owner of the credit card. Is it possible to break password? Yes, it is possible to break password using password breaking tools e.g Backtrack, knoppix. The issue is that many password are easy to guess, and can also be easily forgotten. Is it possible to make duplicate key of car? Yes, Key of the car can anytime be duplicated if it is lost from owner or if anybody stolen that original key. Is it possible to crack PIN (Personal Identification Number) of Card? Yes, it can be making possible. Is it possible to break biometrics techniques? No, its impossible to make duplication of biometrics techniques. You cannot lose them, are unique for each individual and are difficult to forge e.g. fingerprint, hand, iris, retina, voice. Features of Biometrics

Unique: The various biometrics systems have been developed around unique characteristics of individuals. The probability of 2 people sharing the same biometric data is virtually nil. Cannot be shared: Because a biometric property is an intrinsic property of an individual, it is extremely difficult to duplicate or share (you cannot give a copy of your face or your hand to someone!). Cannot be copied: Biometric characteristics are nearly impossible to forge or spoof, especially with new technologies ensuring that the biometric being identified is from a live person. Cannot be lost: A biometric property of an individual can be lost only in case of serious accident.

Main types of Physical biometric systems :The main physical biometric technologies include: 1. 2. 3. 4. 5. 6. fingerprint iris retina hand palm vein face

There are also a number of behavioural biometric technologies such as voice recognition (analyzing a speaker's vocal behavior), keystroke (measuring the time spacing of typed words), gait recognition (manner of walking), or signature (analyzing the way you sign). Fingerprint biometrics Why we use finger part from Human Body? Human fingerprints are unique to each person and can be regarded as a sort of signature, certifying the person's identity. Because no two fingerprints are exactly alike, the process of identifying a fingerprint involves comparing the ridges and impressions on one fingerprint to those of another. Principles of fingerprint biometrics A fingerprint is made of a a number of ridges and valleys on the surface of the finger. Ridges are the upper skin layer segments of the finger and valleys are the lower segments. The ridges form so-called minutia points: ridge endings (where a ridge end) and ridge bifurcations (where a ridge splits in two). Many types of minutiae exist, including dots (very small ridges), islands (ridges slightly longer than dots, occupying a middle space between two temporarily divergent ridges), ponds or lakes (empty spaces between two temporarily divergent ridges), spurs (a notch protruding from a ridge), bridges (small ridges joining two longer adjacent ridges), and crossovers (two ridges which cross each other). The uniqueness of a fingerprint can be determined by the pattern of ridges and furrows as well as the minutiae points. There are five basic fingerprint patterns: arch, tented arch, left loop, right loop and whorl. Loops make up 60% of all fingerprints, whorls account for 30%, and arches for 10%.

Fingerprints are usually considered to be unique, with no two fingers having the exact same dermal ridge characteristics. Figure- Fingerprint Example

How does fingerprint biometrics work The main technologies used to capture the fingerprint image with sufficient detail are optical, silicon, and ultrasound. There are two main algorithm families to recognize fingerprints:

Minutia matching It compares specific details within the fingerprint ridges. At registration (also called enrollment), the minutia points are located, together with their relative positions to each other and their directions. At the matching stage, the fingerprint image is processed to extract its minutia points, which are then compared with the registered template.

Pattern matching It compares the overall characteristics of the fingerprints, not only individual points. Fingerprint characteristics can include sub-areas of certain interest including ridge thickness, curvature, or density. During enrollment, small sections of the fingerprint and their relative distances are extracted from the fingerprint. Areas of interest are the area around a minutia point, areas with low curvature radius, and areas with unusual combinations of ridges.

Applications of fingerprint biometrics : Fingerprint sensors are best for devices such as cell phones, USB flash drives, notebook computers and other applications where price, size, cost and low

power are key requirements. Fingerprint biometric systems are also used for law enforcement, background searches to screen job applicants, healthcare and welfare. Benefits of fingerprint biometric systems Easy to use Cheap Small size Low power Non-intrusive Large database already available

Issues with fingerprint systems :The tip of the finger is a small area from which to take measurements, and ridge patterns can be affected by cuts, dirt, or even wear and tear. Acquiring high-quality images of distinctive fingerprint ridges and minutiae is complicated task. People with no or few minutia points (surgeons as they often wash their hands with strong detergents, builders, people with special skin conditions) cannot enroll or use the system. The number of minutia points can be a limiting factor for security of the algorithm. Results can also be confused by false minutia points (areas of obfuscation that appear due to low-quality enrollment, imaging, or fingerprint ridge detail). Note: There is some controversy over the uniqueness of fingerprints. The quality of partial prints is however the limiting factor. As the number of defining points of the fingerprint become smaller, the degree of certainty of identity declines. There have been a few well-documented cases of people being wrongly accused on the basis of partial fingerprints. Iris biometrics Function: Iris recognition is a method of biometric authentication that uses patternrecognition techniques based on high-resolution images of the irides of an individual's eyes. Principles of iris biometrics The iris is the elastic, pigmented, connective tissue that controls the pupil. The iris is formed in early life in a process called morphogenesis. Once fully formed, the texture is stable throughout life. It is the only internal human

organ visible from the outside and is protected by the cornea. The iris of the eye has a unique pattern, from eye to eye and person to person.

How does iris biometrics work An iris scan will analyze over 200 points of the iris, such as rings, furrows, freckles, the corona and will compare it it a previously recorded template. Glasses, contact lenses, and even eye surgery does not change the characteristics of the iris. To prevent an image / photo of the iris from being used instead of a real "live" eye, iris scanning systems will vary the light and check that the pupil dilates or contracts. Applications of iris biometrics Applications include: Identity cards and passports, border control and other Government programmes, prison security, database access and computer login, hospital security, schools, aviation security, controlling access to restricted areas, buildings and homes. Benefits of retina biometric systems Highly accurate: There is no known case of a false acceptance for iris recognition Not intrusive and hygienic - no physical contact required

Weaknesses of retina biometric systems The user must hold still while the scan is taking place

Retina biometrics Function:

The retina biometric analyzes the layer of blood vessels located at the back of the eye. This technique usually uses a low-intensity light source through an optical coupler and scans the unique patterns of the layer of blood vessels known as the retina. Retina scanning is quite accurate and very unique to each individual similar to the iris scan; but unlike the iris scan, it typically requires the user to look into a receptacle and focus on a given point for the user's retina to be scanned. This is not particularly convenient for people who wear glasses or are concerned about close contact with the reading device. This technique is more intrusive than other biometric techniques; as a result, retina scanning is not the most friendly process even though the technology itself is very accurate for use in identification, verification and authentication. Principles of retina biometrics The blood vessels at the back of the eye have a unique pattern, from eye to eye and person to person. How does retina biometrics work Retina scans require that the person removes their glasses, place their eye close to the scanner, stare at a specific point, and remain still, and focus on a specified location for approximately 10 to 15 seconds while the scan is completed. A retinal scan involves the use of a low-intensity coherent light source, which is projected onto the retina to illuminate the blood vessels which are then photographed and analysed. A coupler is used to read the blood vessel patterns. A retina scan cannot be faked as it is currently impossible to forge a human retina. Furthermore, the retina of a deceased person decays too rapidly to be used to deceive a retinal scan. A retinal scan has an error rate of 1 in 10,000,000, compared to fingerprint identification error being sometimes as high as 1 in 500.

Applications of retina biometrics Retina biometrics systems are suited for environments requiring maximum security, such as Government, military and banking. Retina biometric systems have been in use for military applications since the early seventies Benefits of retina biometric systems Highly accurate

Issues with retina systems Enrollment and scanning are intrusive and slow. Face biometrics Function: Face recognition can be an important alternative for selecting and developing an optimal biometric system. Its advantage is that it does not require physical contact with an image capture device (camera). A face identification system does not require any advanced hardware, as it can be used with existing image capture devices (webcams, security cameras etc.). Like fingerprint biometrics, facial recognition technology is widely used various systems, including physical access control and computer user accounts security. Usually these systems extract cetain features from face images and then perform face matching using these features. A face does not have as many uniquely measurable features as fingerprints and eye irises, so facial

recognition reliability is slightly lower than these other biometric recognition methods. However, it is still suitable for many applications, especially when taking into account its convenience for user. Facial recognition can also be used together with fingerprint recognition or another biometric method for developing more security-critical applications. Principles of face biometrics The dimensions, proportions and physical attributes of a person's face are unique. How does face biometrics work Biometric facial recognition systems will measure and analyze the overall structure, shape and porportions of the face: Distance between the eyes, nose, mouth, and jaw edges; upper outlines of the eye sockets, the sides of the mouth, the location of the nose and eyes, the area surrounding the cheekbones. At enrolment, several pictures are taken of the user's face, with slightly different angles and facial expressions, to allow for more accurate matching. For verification and identification, the user stands in front of the camera for a few seconds, and the scan is compared with the template previously recorded. To prevent an image / photo of the face or a mask from being used, face biometric systems will require the user to smile, blink, or nod their head. Also, facial thermography can be used to record the heat of the face (which won't be affected by a mask). The main facial recognition methods are: feature analysis, neural network, eigenfaces, and automatic face processing.

Applications of face biometrics Access to restricted areas and buildings, banks, embassies, military sites, airports, law enforcement. Benefits of face biometric systems

Not intrusive, can be done from a distance, even without the user being aware of it (for instance when scanning the entrance to a bank or a high security area).

Weaknesses of face biometric systems Face biometric systems are more suited for authentication than for identification purposes, as it is easy to change the proportion of one's face by wearing a mask, a nose extension, etc. User perceptions / civil liberty: Most people are uncomfortable with having their picture taken.

Security token A security token sometimes called an authentication token is a small hardware device that the owner carries to authorize access to a network service. It is used to prove one's identity electronically as in the case of a customer trying to access their bank account. The token is used in addition to or in place of a password to prove that the customer is who they claim to be. The token acts like an electronic key to access something. The device may be in the form of a smart card or may be embedded in a commonly used object such as a key fob. Security tokens provide an extra level of assurance through a method known as two-factor authentication: the user has a personal identification number (PIN), which authorizes them as the owner of that particular device; the device then displays a number which uniquely identifies the user to the service, allowing them to log in. The identification number for each user is changed frequently, usually every five minutes or so. Unlike a password, a security token is a physical object. A key fob, for example, is practical and easy to carry, and thus, easy for the user to protect. Even if the key fob falls into the wrong hands, however, it can't be used to gain access because the PIN which only the rightful user knows is also needed.

Smart Card A smart card, chip card, or integrated circuit card (ICC), is any pocket-sized card with embedded integrated circuits. The card may embed a hologram to prevent counterfeiting. Smart cards may also provide strong security authentication for single sign-on within large organizations. Smart cards can be used for identification, authentication, data storage and application processing. The most common smart card applications are: Credit cards Electronic cash Computer security systems Wireless communication Loyalty systems (like frequent flyer points) Banking Satellite TV Government identification

A quickly growing application is in digital identification. In this application, the cards authenticate identity. The most common example employs PKI. The card stores an encrypted digital certificate issued from the PKI provider along with other relevant information. Combined with biometrics, cards can provide twoor three-factor authentication. In 1999 Gujarat was the first Indian state to introduce a smart card license system. To date it has issued 5 million smart card driving licenses to its people. In computer the Mozilla Firefox web browser can use smart cards to store certificates for use in secure web browsing. Some disk encryption systems, such as FreeOTFE, TrueCrypt and Microsoft Windows 7 BitLocker, can use smart cards to securely hold encryption keys, and also to add another layer of encryption to critical parts of the secured disk. Smart cards are also used for single sign-on to log on to computers 6) Tips to protect your laptop from theft Laptop computer is an essential tool, but it also creates all kinds of security problems. Here is what you need to know to set up basic laptop security. There Are Two Levels of Laptop Security

First, securing your actual laptop hardware against theft. Second, about making sure the information on your laptop is more secure. Ways to Prevent Your Laptop from Being Stolen 1. Get a cable lock: Almost all laptops come equipped with a Universal Security Slot that allows you to attach the laptop to a heavy or unbreakable object. Cables are not so costly and can be found in any technology supply store. Use it in places like hotel rooms, conference rooms, airport waiting areas, and libraries. 2. Use a docking station: If you have a lot of visitors, contractors, or housekeeping staff coming through your office, locking your laptop into a docking station is a good idea. 3. Lock the laptop in a filing cabinet or other secure, out-of-sight location when you leave the office. 4. When travelling with your laptop, don't carry it in a computer case. This makes you an obvious target for laptop thieves. Get a padded sleeve and carry your laptop in a regular briefcase or a backpack instead. 5. Be especially cautious in airports. Don't put your laptop down or let it out of your sight through security checkpoints. There are many two-person scams involving one person creating a distraction while another calmly walks away with your laptop. Use a buddy system whenever possible, so one person can go through security, and then receive both laptops while you go through security. Keys to Prevent Data Theft Now, let's talk about keeping the data on your laptop secure. Besides the financial cost of getting a laptop stolen, this can be the real blow for many people. Imagine losing all your contacts, your calendar, your Word and Excel documents, years of digital photos -- whatever you value on your computer. And if you have confidential information or trade secrets on your laptop, then you have even greater security concerns.

1. The most basic advice is to regularly back up all of the important data on your laptop hard drive. DVD burners make this easy to fit on one disc, so get in the habit of doing it regularly. Use a thumb drive in between for backups. 2. Disable the Guest account in Windows. It's also a good idea to assign it a long string of random numbers as a password, just for good measure. 3. Many hackers will try to log in to a Windows laptop using the Administrator account. Rename this account with something that does not look obvious. Some have even set up a dummy Administrator account as well. 4. Modify your laptop so that the last username used to log on is not displayed in the logon dialog box. 5. Don't set your laptop to automatically log into websites, and don't save passwords on your laptop to make login easier. Otherwise, a thief who has stolen your laptop can easily log into your accounts. 6. It's possible for someone to access your files even without touching your computer. One way to stop this is to disable the Bluetooth and infrared port on your computer. 7. In addition, be careful about using Wi-Fi access. With unencrypted Wi-Fi, every password, email message, and Web page can be read by any other user on that Wi-Fi network. That means you should only use secure (encrypted) email and should never enter a password or confidential information on a webpage over Wi-Fi unless it is a secure connection. If you don't know what that means, then don't use email and don't enter private information from your browser when using Wi-Fi. 8. Add Spoofstick to your browser. It helps you identify bogus websites. 9. Use data encryption whenever possible. This is for more advanced users.

Getting Your Stolen Laptop Back If your laptop is stolen, there are simple things you can do to help increase the odds that you get it back. 1. Record your serial number or MAC id in a separate location. You will need this to prove ownership of any recovered laptop. This is also important if you file an insurance claim. 2. Register your hardware with the manufacturer. You can contact them if your laptop is stolen, so if the thief ever sends it in for repair, you will be notified. 3. Put a tamper resistant metal asset tag on your computer. This will help police track down the legal owner. 4. Use a laptop tracking and recovery service. There are a variety of products and services that are designed to either prevent laptop theft and loss or locate a missing laptop. There are many different recovery services that use GPS to track a lost or stolen laptop when it connects to the internet. Some tracking software can be removed by reformatting the hard drive, but others are embedded into the computer itself and are more difficult for thieves to deactivate. Adeona offers high quality laptop tracking software. You can also use tracker software to for stolen laptop such as- LaptopLocator.

UNIT 4 Windows XP security 1) Case studies related with WINXP user accounts and service packs 2) Installation of WINXP and need of service packs. I.Installation of Windows XP Before you begin the installation process, use this checklist to make sure that you are prepared: A) Pre-installation checklist You have the Windows XP CD. You have the product key available. The product key is located on your Windows XP CD case and is required to install and activate Windows XP. Your computer hardware is set up. At a minimum, you should connect your keyboard, mouse, monitor, and CD drive. If available, you should connect your computer to a wired network. You have Windows XP drivers available. Drivers are software that Windows XP uses to communicate with your computers hardware. Most new computers include a CD containing drivers. If you do not have drivers available, Windows XP may already include drivers for your hardware. If not, you should be able to download them from your hardware manufacturers Web site after you set up Windows XP. If you are reinstalling Windows XP on an existing computer, you need a backup copy of your files and settings. The installation process will delete all of your files. You can use the File and Settings Transfer Wizard to store your files and settings on removable media and then restore them after installation is complete.

B) Installation process Installing Windows XP can take up to two hours. To make the process more manageable, it has been broken up into several sections. When you are ready, install Windows XP: Part 1: Begin the installation Part 2: Continue the installation Part 3: Complete the installation Part 1: Begin the installation

1. Insert the Windows XP CD into your computer and restart your computer.

2. If prompted to start from the CD, press SPACEBAR. If you miss the prompt (it only appears for a few seconds), restart your computer to try again.

1. You can press F6 if you need to install additional SCSI adapters or other mass-storage devices. If you do you will be asked to supply a floppy disk with the drivers and you CANNOT browse it.


If you want, you can press F2 to run the ASR sequence. For that you need a good backup created by the Windows XP backup program, and the ASR floppy disk. If you plan to install a new copy of XP - don't do anything.

3. Setup will load all the needed files and drivers.


Windows XP Setup begins. During this portion of setup, your mouse will not work, so you must use the keyboard. On the Welcome to Setup page, press ENTER. If you want, and if you have a previous installation of XP, you can try to fix it by pressing R. If not, just press ENTER.


On the Windows XP Licensing Agreement page, read the licensing agreement. Press the PAGE DOWN key to scroll to the bottom of the agreement. Then press F8 if you accept it.

6. This page enables you to select the hard disk drive on which Windows XP will be installed. Select or create the partition on which you will install Windows XP Professional. Depending upon your existing disk configuration. Once you complete this step, all data on your hard disk drive will be removed and cannot be recovered. It is extremely important that you have a recent backup copy of your files before continuing. When you have a backup copy, press D, and then press L when prompted. This deletes your existing data. choose one of the following:

Press ENTER to select unpartitioned space, which appears by default. If the hard disk is unpartitioned, you can create and size the partition on which you will install Windows XP Professional.

If the hard disk is already partitioned, but has enough unpartitioned disk space, you can create an additional partition in the unpartitioned space. If the hard disk already has a partition that is large enough, you can install Windows XP Professional on that partition. If the partition has an existing operating system, you will overwrite that operating system if you accept the default installation path. However, files other than the operating system files, such as program files and data files, will not be overwritten. If the hard disk has an existing partition, you can delete it to create more unpartitioned space. After installation, use Disk Management to partition the remaining space on the hard disk.


Press ENTER again to select Format the partition using the NTFS file system, which appears by default. Select a file system for the installation partition. After you create the partition on which you will install Windows XP Professional, you can use Setup to select the file system with which to format the partition. Windows XP Professional supports the NTFS file system in addition to the file allocation table (FAT) and FAT32 file systems. Windows Server 2003, Windows XP Professional, Windows 2000, and Windows NT are the only Microsoft operating systems that you can use to gain access to data on a local hard disk that is formatted with NTFS. If you plan to gain access

to files that are on a local Windows XP Professional partition with the Microsoft Windows 95 or Windows 98 operating systems, you should format the partition with a FAT or FAT32 file system. We will use NTFS.

8. Windows XP erases your hard disk drive using a process called formatting and then copies the setup files. You can leave your computer and return in 20 to 30 minutes.

9. The computer will restart in graphical mode, and the installation will continue.

Part 2: Continue the installation The GUI-based portion of the Setup program 1. The setup process reboots and loads a GUI mode phase.

2. It will then begin to load device drivers based upon what it finds on your computer. You don't need to do anything at this stage.

3. Windows XP restarts and then continues with the installation process. From this point forward, you can use your mouse. Eventually, the Regional and Language Options page appears. Click Next to accept the default settings. If you are multilingual or prefer a language other than English, you can change language settings after setup is complete.

4. Click Customize to change regional settings, if necessary. Current System Locale - Affects how programs display dates, times, currency, and numbers. Choose the locale that matches your location, for example, French (Canada). Current Keyboard Layout - Accommodates the special characters and symbols used in different languages. Your keyboard layout determines which characters appear when you press keys on the keyboard. If you don't need to make any change just press Next.

5. If you do need to make changes press Customize and add your System Locale etc.

6. On the Personalize Your Software page, type your name and your organization name. Some programs use this information to automatically fill in your name when required. Then, click next.

7. On the Your Product Key page, type your product key as it appears on your Windows XP CD case. The product key is unique for every Windows XP installation. Then, click Next.


On the Computer Name and Administrator Password page, in the Computer name box, type a name that uniquely identifies your computer in your house, such as FAMILYROOM or TIGER. You cannot use spaces or punctuation. If you connect your computer to a network, you will use this computer name to find shared files and printers. Type a strong password that you can remember in the Administrator password box, and then retype it in the Confirm password box. Write the password down and store it in a secure place. Click Next.

9. Type the computer name and a password for the local Administrator account. The local Administrator account resides in the SAM of the computer, not in Active Directory. If you will be installing in a domain, you need either a pre-assigned computer name for which a domain account has been created, or the right to create a computer account within the domain.


On the Date and Time Settings page, set your computers clock. Then, click the Time Zone down arrow, and select your time zone. Click Next.


Windows XP will spend about a minute configuring your computer. On the Networking Settings page, click Next. Setup will now install the networking components.

12. After a few seconds you will receive the Networking Settings window. BTW, if you have a NIC that is not in the HCL and XP cannot detect it, or if you don't have a NIC at all, setup will skip this step and you will immediately go to the final phase of the setup process.

Press Next to accept the Typical settings option if you have one of the following situations: You have a functional DHCP on your network. You have a computer running Internet Connection Sharing (ICS). You're in a workgroup environment and do not plan to have any other servers or Active Directory at all, and all other workgroup members are configured in the same manner.

13.Otherwise select Custom Settings and press Next to customize your network settings.

14.One thing you CAN do it on the Increase Internet Connection Speed in Windows XP page is to uninstall the Qos Packet Scheduler. Click it and press the Uninstall button. If you want to keep it you can simply remove the mark from the QoS check-box. In any way you can later install or uninstall it if you want.

15. Keep the TCP/IP, Client for Microsoft Networks and the File and Print Sharing options selected.


Highlight the TCP/IP selection and press Properties.

17.In the General tab enter the required information. You must specify the IP address of the computer, and if you don't know what the Subnet Mask entry should be - you can simply place your mouse pointer over the empty area in the Subnet Mask box and click it. The OS will automatically select the value it thinks is good for the IP address you provided.

18.If you don't know what these values mean, or if you don't know what to write in them, press cancel and select the Typical Settings option. You can easily change these values later. 19.In the Workgroup or Domain window enter the name of your workgroup or domain.

A workgroup is a small group of computers on a network that enables users to work together and does not support centralized administration. A domain is a logical grouping of computers on a network that has a central security database for storing security information. Centralized security and administration are important for computers in a domain because they enable an administrator to easily manage computers that are geographically distant from each other. A domain is administered as a unit with common rules and procedures. Each domain has a unique name, and each computer within a domain has a unique name. If you're a stand-alone computer, or if you don't know what to enter, or if you don't have the sufficient rights to join a domain - leave the default entry selected and press Next. On the Workgroup or Computer Domain page, click Next.

20.If you want to join a domain (NT 4.0 domain of W2K/2003 Active Directory domain) enter the domain's name in the "Yes, make this computer a member of the following domain" box.

21.To successfully join a domain you need the following:

The person performing the installation must have a user account in Active Directory. This account does not need to be the domain Administrator account. The computer must have an existing computer account in the Active Directory database of the domain that the computer is joining, and the computer must be named exactly as its domain account is named. The person performing the installation must have appropriate permission to create a domain account for the computer during installation. Also, you need to have connectivity to the domain's domain controllers (only to the PDC if on an NT 4.0 domain) and a fully functional DNS server (only in AD domains).



Enter the Active Directory domain name (in the form of xxx.yyy, for example: DPETRI.NET) or the NetBIOS name of the NT 4.0 domain (in the form of xxx, for example: DPETRI). Press Next.

Note: If you provide a wrong domain name or do not have the correct connectivity to the domain's DNS server you will get an error message. A username/password window will appear. Enter the name and password of the domain's administrator (or your own if you're the administrator on the target domain).

Note: Providing a wrong username or password will cause this phase to fail. 22.Next the setup process will finish copying files and configuring the setup. You do not need to do anything


Windows XP will spend 20 or 30 minutes configuring your computer and will automatically restart when finished. When the Display Settings dialog appears, click OK.

24.After the copying and configuring phase is finished, if XP finds that you have a badly configured screen resolution it will advise you to change it and ask you if you see the new settings right.

When the Monitor Settings dialog box appears, click OK.

BTW, the minimum supported screen resolution in XP is 800X600. Setup finishes and boots Windows XP.

Part 3: Complete the installation 1. A Welcome screen is the first thing you see. The computer checks your Internet connectivity (required for the mandatory Activation and voluntary Registration processes).


The final stage of setup begins. On the Welcome to Microsoft Windows page, click Next.


On the Help protect your PC page, click Help protect my PC by turning on Automatic Updates now. Then, click Next.

4. Windows XP will then check if you are connected to the Internet:

If you are connected to the Internet, select the choice that describes your network connection on the Will this computer connect to the Internet directly, or through a network? page. If youre not sure, accept the default selection, and click Next.

If you use dial-up Internet access, or if Windows XP cannot connect to the Internet, you can connect to the Internet after setup is complete. On the How will this computer connect to the Internet? Page, click Skip.


Windows XP Setup displays the Ready to activate Windows? Page, If you are connected to the Internet, click Yes, and then click Next. If you are not yet connected to the Internet, click No, click Next, and then skip to this step. After setup is complete, Windows XP will automatically remind you to activate and register your copy of Windows XP.


On the Ready to register with Microsoft? page, click Yes, and then click Next.


On the Collecting Registration Information page, complete the form. Then, click Next.

8. XP will ask you for the default username that will log onto this computer. You can enter as many as 5 users, but you can create more after the installation is finished.

On the Who will use this computer? Page, type the name of each person who will use the computer. You can use first names only, nicknames, or full names. Then click Next. To add users after setup is complete or to specify a password to keep your account private, read Create and customize user accounts.


On the Thank you! Page, click Finish.

11. Congratulations! Windows XP setup is complete. You can log on by clicking your name on the logon screen. If youve installed Windows XP on a new computer or new hard disk drive, you can now use the File and Settings Transfer Wizard to copy your important data to your computer or hard disk drive.


Need of service packs

Microsoft occasionally releases service packs to Windows XP for its Windows operating systems to fix problems and add features. Each service pack is a superset of all previous service packs and patches so that only the latest service pack needs to be installed, and also includes new revisions. These updates contain all the fixes and enhancements which have been made available in the previous year. The updates called Service Packs provide convenient, all-in-one access to the most up-to-date drivers, tools, security updates, patches, and customer-requested product changes.

There are three service pack is released by Microsoft i.e. service pack 1, service pack 2, service pack 3. If you still have the earliest version of Win XP on Retail CD (without any service packs included), you will need to install SP1a or SP2, before SP3 installation. III. Need of creating users and assigning access privileges

Yes, just like your local bank, Windows can manage accounts. User accounts or accounts for the users of your computer are a feature you can choose or ignore. But, particularly if more than one person uses your computer they do offer some advantages. Well, each Windows user account can have its own area to store files, its own programs and many of its own settings - including things like the picture on the desktop - you know you can choose your own picture as the background on the Windows desktop or sounds - you know, like the default "dingy dingy ding, ding ding" sound when you turn on your computer. Another important feature of user accounts is security. You can have accounts that 'can do anything' or accounts that have limited privilege like only allowed seeing their own files, not those of other users. Whereas an account set up as a 'can do anything' account are highly privileged and so can see and read and change the files of any user account. This security feature is used extensively by companies that run Windows to ensure individual employee files are protected from deliberate or accidental changes and deletions and of course to protect privacy just like in a bank, you wouldn't expect other bank customers to be able to look at the details of your account. Windows calls the 'can do anything' user accounts 'computer administrator' accounts and those that are limited it calls 'Limited.' In the home, user accounts might be set up for the family members that use the computer for example- Your own computer has user accounts for you and your brother, sister. So we can say that user creation is needed for Authentication. Authentication is the process of verifying the identity of a user, device, or other entity in a computer system, often as a prerequisite to granting access to resources in a system. With different user accounts, you are able to personalize settings and data. Every user has his or her documents, favourites, e-mail, address book, Live Messenger, etc.

Create User Accounts User accounts are quite straight forward to create. Here are the things its good to know before you begin - the first is the only thing you need to know:

What name(s) are you going to use for your accounts - For example, my user account is simply called 'Madhu'. Do you want to take advantage of different security restrictions - For example, give other users restricted privilege to read, update or delete other users files - even by accident. Do you want to protect your user accounts with a password or PIN - This would stop someone else accidentally or otherwise using another user's account; if you do, you need to think of at least your own password.

Let's use an example. Perhaps you want three user accounts for members of the household: Madhu, Amit and Sangita. Madhu will have an administrator account, those that can do anything and Amit and Sangita will have a limited privilege accounts. For Madhu and Amit accounts we want to have a password, but we won't create a password for Sangita's account. You should expect to have at least one account with administrator privilege, as this is the only privilege level that allows you to add new accounts for example. A good security oriented decision by-the-way is that that all of the user accounts used for day-day activity are limited and you have a separate account set up for computer administration. Once you have this information you can create new accounts using the 'User Accounts' section of Control Panel. Creating a user accounts is easy: Control Panel, User Accounts, Create a new Account which is mentioned in previous chapter. Click the User Accounts option and you'll be presented with three main options:

Change an


Create a new account Change my picture

User Accounts and Internet Security There is another important advantage of user accounts, that is, the ability to improve your security against internet attacks like viruses. Of course you should have your firewall turned on, have an anti-virus product installed and up-to-date and get updates for Windows itself from Windows Update the three most important things you need to do to protect your computer from those with malicious intent. But, lets imagine for a moment that you computer has been infiltrated by a virus that wants to install a new modem connection on your computer to dial an expensive premium rate service - of course without your knowledge. If you are logged on with administrator privilege and the virus gets to run while you are logged on - it too has administrator privilege -as far as Windows is concerned its running on your behalf and so could indeed go about its malicious work. If you were logged on with limited privilege - it would be unable to add or change a modem connection and you will have foiled its evil little plan. So, all you need to do is give everybody limited privilege accounts and you've added another level of defence. Windows actually allows multiple user accounts to be used at any one time. Try this little experiment, we're going to right mouse click a program on the start menu and examine the menu list that appears:

Open the Start menu (click the Start button) Let go of the mouse button so the menu stays but you have no mouse buttons pressed Move you mouse over a program on the left hand list of the menu, e.g. Windows Media Player or Internet Explorer Hold down a Shift key on the keyboard Press the right mouse button

Look at the right mouse button menu that appears. You should see 'Run as.' as the second menu item. This allows you to run a program under a different user account - like those for other members of your household.

So, why would you want to do this? The most common reason of this is when you are running in a limited privilege user account and need to run a program with elevated privilege - that is with administrator privilege. Often the setup programs that install new applications need to run with administrator privilege for example. In this case 'Run as.' is your friend, allowing you to enter a different user account name and password that will be used to run the program. With the default installation of Windows XP Professional or Windows XP Home there is always at least one user account on your computer, with the name of 'Administrator' and a blank password - that is, no password required. If you have added no user accounts yourself and when you start your computer it simply shows you the Windows desktop with Start button etc. then you are actually logging on using this default account. As you can probably gather from the name of the account, it is a user account with administrator privilege - so highly privileged to do anything on your computer. Let's go back to our earlier scenario the virus that wants to create a new modem connection. If you are logged on using a limited privilege account, like the 'Madhu' account we created earlier, the virus will not be able to create the modem connection using 'Madhu' but it might try logging on as 'Administrator' with no password - something that will work on most Windows XP computers. This account does have the ability to create the modem account and so the virus can go about its dirty work. You can deal with this problem of a hidden, password free administrator account by either disabling the administrator account on Windows XP Professional or by adding a hard to guess password to the account on either Windows XP Professional or Windows XP Home. Creating a Password for the Administrator Account If you have added user accounts to Windows XP, when you see the Welcome screen as your turn on your computer you will not see 'Administrator' in the list - by default Windows hides this user account. To make it appear in:

Widows XP Professional - press the three key combination Control (or Ctrl) + Alt + Delete (or Del) all at the same time, twice. Windows will present you with a different way to login to Windows using a dialog box where you can type a user name and a password. At this dialog box enter 'Administrator' as the user, leave the password blank and press 'OK'

Windows XP Home - you will need to re-boot your computer and activate Windows 'Safe Mode.' This mode is there as a precaution in-case something goes wrong with your computer and it won't start in its regular mode. From safe mode you can logon to the administrator account. So, tell your computer to 'Restart' (Start menu, choose 'Turn Off Computer' and then press 'Restart.' As the screen goes black to signify the beginning of the computers start-up processes hold down the F8 key- on the top row of your keyboard. Windows will eventually present you will a black screen with options in white text. Use the updown cursor keys to choose 'Safe Mode' and press 'Enter.' When Windows starts you will probably notice the screen text looks a lot bigger, but you should see 'Administrator' as an option to log-on, choose it.

At this point you should be logged on as administrator. The only thing we need to is go to user accounts (Start, Control Panel, User Accounts), choose 'Change an account', choose 'Administrator', then 'Create a password'. This will give you a window with three places to enter text, asking you to:

Type a new password Type the new password again to confirm Type the word or phrase to use as a password hint

The screenshot explained in previous chapter So, choose an appropriate password and enter a hint that will help you remember what the password is without allowing someone else to guess the password. You can now press the 'Create password' button and either log-off if you are running Windows XP Professional or restart in normal mode if you are running Windows XP Home. You may never want to use the 'Administrator' account, but knowing that it has a hard to guess password also significantly reduces the chances of it being used by malicious software.

UNIT 5 Windows XP security

1)Case studies related with encryption 2) Understanding encryption In cryptography, encryption is the process of transforming information referred to as plaintext using an algorithm called cipher to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information in cryptography, referred to as cipher text.

Computer encryption is based on the science of cryptography, which has been used as long as humans have wanted to keep information secret. Before the digital age, the biggest users of cryptography were governments, particularly for military purposes. Cryptography During this time when the Internet provides essential communication between tens of millions of people and is being increasingly used as a tool for commerce, security becomes a tremendously important issue to

deal with. There are many aspects to security and many applications, ranging from secure commerce and payments to private communications and protecting passwords. One essential aspect for secure communications is that of cryptography. Cryptography derived from greek word where kryptos means "hidden, secret"; and graphy is the art of writing Where cryptology is the practice and study of hiding information. Cryptography has been used almost since writing was invented. It is the science of writing in secret code and is an ancient art; the first documented use of cryptography in writing dates back to circa 1900 B.C. when an Egyptian scribe used nonstandard hieroglyphs in an inscription. Modern cryptography intersects the disciplines of mathematics, computer science, and engineering. Applications of cryptography include ATM cards, computer passwords, and electronic commerce. When you shop on the Internet, for example to buy a book at, cryptography is used to ensure privacy of your credit card number as it travels from you to the shops server. Or, in electronic banking, cryptography is used to ensure that your checks cannot be forged. So In data and telecommunications, cryptography is necessary when communicating over any untrusted medium, which includes just about any network, particularly the Internet. Cryptography Terminology

Plaintext: The simple message is called plaintext.

Also called as clear text Language that we normally use Easily understood by everybody

Example of Plain Text Message


Encryption: Encoding the contents of the message in such a way that hides its contents from outsiders Ciphertext: The encrypted message or coded message. Language that cannot be understood. To achieve security, plain text is transformed into cipher text



Decryption: The process of retrieving the plaintext from the ciphertext. Key: Encryption and decryption usually make use of a key, and the coding method is such that decryption can be performed only by knowing the proper key.


Computer encryption systems generally belong in one of two categories: A. Symmetric-key or private key encryption


Asymmetric key or Public-key encryption

Symmetric-key cryptography

It is also called conventional or private-key or single-key or secret key. Sender and recipient share a common key. With secret key cryptography, a single key is used for both encryption and decryption. The sender uses the key (or some set of rules) to encrypt the plaintext and sends the ciphertext to the receiver. The receiver applies the same key (or rule set) to decrypt the message and recover the plaintext. Because a single key is used for both functions, secret key cryptography is also called symmetric encryption. With this form of cryptography, it is obvious that the key must be known to both the sender and the receiver; that, in fact, is the secret. All classical encryption algorithms are private-key. It was only type prior to invention of public-key in 1970s. The keys, in practice, represent a shared secret between two or more parties that can be used to maintain a private information link.

Secret key cryptography algorithms that are in use today include: DES, AES, Twofish, Serpent, Blowfish, CAST5, RC4, TDES, IDEA. The first major symmetric algorithm developed for computers in the United States was the Data Encryption Standard (DES), approved for use in the 1970s. The DES uses a 56-bit key. Because computers have become increasingly faster since the '70s, security experts no longer consider DES secure - although a 56-bit key offers more than 70 quadrillion possible combinations (70,000,000,000,000,000), an attack of brute force (simply trying every possible combination in order to find the right key) could easily decipher encrypted data in a short while. DES has since been replaced by the Advanced Encryption Standard (AES), which uses 128-, 192- or 256-bit keys. Most people believe that AES will be a sufficient encryption standard for a long

time coming: A 128-bit key, for instance, can have more 300,000,000,000,000,000,000,000,000,000,000,000 key combinations Private Key disadvantages


The Key Exchange Problem: The key exchange problem arises from the fact that communicating parties must somehow share a secret key before any secure communication can be initiated, and both parties must then ensure that the key remains secret. Of course, direct key exchange is not always feasible due to risk, inconvenience, and cost factors. // explain MITM The Trust Problem: Ensuring the integrity of received data and verifying the identity of the source of that data can be very important. For example, if the data happens to be a contract or a financial transaction, much may be at stake. To varying degrees, these issues can even be legally important for ordinary email correspondence, since criminal investigations often center around who knew what and when they knew it. A symmetric key can be used to check the identity of the individual who originated a particular set of data, but this authentication scheme can encounter some thorny problems involving trust. a. Key management: One disadvantage of symmetric-key algorithms is the requirement of a shared secret key, with one copy at each end. In order to ensure secure communications between everyone in a population of n people a total of n (n 1)/2 keys are needed, which is the total number of possible communication channels and they should be changed regularly and kept secure during distribution and in service. For Example: When A wants to communicate only with B, we need one lock-andkey pair (A-B). When A wants to communicate with B & C, we need two lock-key pairs (A-B and A-C) If four persons wants to communicate with each other, we need 6 pairs. A-B,A-C,A-D,B-C,B-D, & C-D. In general, for n persons, number of lock and key pair is n*(n-1)/2. For 1000 persons, we need 1000*999/2=499,500.

Asymmetric key cryptography To overcome the drawbacks of private key systems, a number of mathematicians have invented public key systems. Unknown until about 30 years ago, public key systems were developed from some very subtle insights about the mathematics of large numbers and how they relate to the power of computers. In the 1970s Martin Hellman, Whitfield Diffie, and, independently, Ralph Merkle invented a beautiful cryptographic idea. Their idea was to solve the key exchange and trust problems of symmetric cryptography by replacing the single shared secret key with a pair of mathematically related keys, one of which can be made publicly available and another that must be kept secret by the individual who generated the key pair. The advantages are obvious. First, no key agreement is required in advance, since the only key that needs to be shared with the other party is a public key that can be safely shared with everyone. Second, whereas the security of a symmetric algorithm depends on two parties successfully keeping a key secret, an asymmetric algorithm requires only the party that generated it to keep it secret. This is clearly much less problematic. Third, the issue of trusting the other party disappears in many scenarios, since without knowledge of your secret key, that party cannot do certain evil deeds, such as digitally sign a document with your private key or divulge your secret key to others. Asymmetric cryptography does not replace symmetric cryptography. Rather, it is important to recognize the relative strengths and weaknesses of both techniques so that they can be used appropriately and in a complementary manner. Symmetric algorithms tend to be much faster than asymmetric algorithms, especially for bulk data encryption. They also provide much greater security than asymmetric algorithms for a given key size. On the down side, symmetric key cryptography requires that the secret key be securely exchanged and then remain secret at both ends. In a large network using symmetric encryption many key pairs will proliferate, all of which must be securely managed. Because the secret key is exchanged and stored in more than one place, the symmetric key must be changed frequently, perhaps even on a per-session basis. Finally, although symmetric keys can be used for message authentication in the form of a keyed secure hash, the full functionality of a digital signature requires asymmetric encryption techniques, such as RSA or DSA. As we see later, a symmetric keyed secure hash algorithm can be used to implement a MAC (Message Authentication Code), which provides authentication and integrity but not non-repudiation. In contrast, asymmetric digital signature

algorithms provide authentication, integrity, and non-repudiation, and enable the services of certificate authorities (CAs). Comparison of Symmetric and Asymmetric Encryption

In public key systems there is a public key, which may be known to many people and a secret key, which is unique and known only to the sender. Because a different key is used on each side of the process, public key systems are also known as 'asymmetric systems'. The distribution of keys for public key systems is generally much easier because it is not normally necessary to keep the public key secret. The private key, on the other hand, must remain secret or else security is compromised.

Key Pairs (Public and Private). Publish one key, keep the other secret. Anyone who wants to send you a message encrypts it using your public key. To read a message you decrypt it with the private key.

Matrix of Keys Key Details As Private Key As Public Key Bs Private Key As Public Key A Should Know Yes Yes No Yes B Should Know No Yes Yes Yes

Using Asymmetric Cryptography To use asymmetric cryptography, Bob randomly generates a public/private key pair. He allows everyone access to the public key, including Alice. Then, when Alice has some secret information that she would like to send to Bob, she encrypts the data using an appropriate asymmetric algorithm and the public key generated by Bob. She then sends the resulting ciphertext to Bob. Anyone who does not know the matching secret key will have an enormously difficult time retrieving the plaintext from this ciphertext, but since Bob has the matching secret key (i.e., the trapdoor information), Bob can very easily discover the original plaintext. The Combination Lock Analogy A traditional symmetric cipher is analogous to a lockbox with a combination lock that has one combination used both to open it and close it. The analogy for an asymmetric cipher is a somewhat stranger device: The single lock has two distinct combinations, one for opening it and another for closing it. By keeping one of these combinations secret and making the other combination public, you can effectively control who can place or remove the contents in the lockbox. This added flexibility supports two useful scenarios: confidentiality without prior key exchange and data integrity enforcement.

Here is the first scenario. If you know the public combination for closing the lock but not the private combination for opening the lock, then once you have placed something into the box and locked it, it becomes impossible for anybody who does not know the private opening combination6 to obtain the contents. This demonstrates spontaneous confidentiality (i.e., keeping a secret without prior key exchange). Hence, we have a solution to the key exchange problem described earlier in symmetric key cryptography. Public-Key Cryptography: Authentication

Enforcing Data Integrity

As stated earlier, encryption is the process of taking all of the data that one computer is sending to another and encoding it into a form that only the other computer will be able to decode. Another process, authentication, is used to verify that the information comes from a trusted source. Basically, if information is "authentic," you know who created it and you know that it has not been altered in any way since that person created it. This scenario is if only you know the private combination for closing the lock, and you place contents into the lockbox and then lock it. Then anyone can open the lock, but nobody else can lock other contents into the lockbox, since nobody else knows the private combination for closing the lock. Therefore, nobody else can tamper with its contents and then close the lock again. You might think that this is easy to defeat, since anyone could easily create his or her own key pair and then lock any data into the lockbox. However, only the newly created public key would then work, and the original public key would fail to unlock the lockbox. Therefore, anyone with knowledge of the original public key would not be fooled by such an attack. Since tampering is detectable, this scenario demonstrates how data integrity can be enforced. These two processes, encryption and authentication, work hand-in-hand to create a secure environment. Note that we are encrypting with the public key and decrypting with the private key. This achieves confidentiality. And when encrypting with the private key and decrypting with the public key, to achieve authentication and integrity checking is digital signature and digital certificate. Asymmetric key Algorithms includes: RSA, Diffie Hellman, etc Advantages of the Asymmetric Approach With the asymmetric also known as public key approach, only the private key must be kept secret, and that secret needs to be kept only by one party. This is a big improvement in many situations, especially if the parties have no previous contact with one another. However, for this to work, the authenticity of the corresponding public key must typically be guaranteed somehow by a trusted third party, such as a CA. The certificate authority acts as a middleman that both computers trust. It confirms that each computer is in fact who it says it is, and then provides the public keys of each computer to the other. Because the private key needs to be kept only by one party, it never needs to be transmitted over any potentially compromised networks. Therefore, in many cases an asymmetric key pair may remain unchanged over many sessions or perhaps even over several years. Another benefit of public key schemes is that they generally can be used to implement digital signature schemes that include non-repudiation. Finally, because one key pair is associated with one party, even on a large network, the total number of required keys is much smaller than in the symmetric case.

Before the modern era, cryptography was concerned solely with message confidentiality (i.e., encryption) conversion of messages from a comprehensible form into an incomprehensible. Which is the process of converting ordinary information (plaintext) into unintelligible and Decryption is the reverse, in other words, moving from the unintelligible ciphertext back to plaintext. Encryption was used to ensure secrecy in communications, such as those of spies, military leaders, and diplomats. In recent decades, the field has expanded beyond confidentiality concerns to include techniques for message integrity checking, sender/receiver identity authentication, digital signatures, and interactive proofs and secure computation, among others. 3) Benefits of encryption When we use the Internet, we're not always just clicking around and passively taking in information, such as reading news articles or blog posts or mail checking - a great deal of our time online involves sending others our own information. Ordering something over the Internet, whether it's a book, a CD or anything else from an online vendor, or signing up for an online account, requires entering in a good deal of sensitive personal information. A typical transaction might include not only our names, e-mail addresses and physical address and phone number, but also passwords and personal identification numbers (PINs). The incredible growth of the Internet has excited businesses and consumers alike with its promise of changing the way we live and work. It's extremely easy to buy and sell goods all over the world while sitting in front of a laptop. But security is a major concern on the Internet, especially when you're using it to send sensitive information between parties. There is a lot of information that we don't want other people to see, such as: Credit-card information Social Security numbers Private correspondence Personal details Sensitive company information Bank-account information

Cyber security is provided on computers and over the Internet by a variety of methods. A simple but straightforward security method is to only keep sensitive information on removable storage media like

portable flash memory drives or external hard drives. But the most popular forms of security all rely on encryption, the process of encoding information in such a way that only the person or computer with the key can decode it. Encryption has long been used by militaries and governments to facilitate secret communication. Encryption is now commonly used in protecting information within many kinds of civilian systems. For example, the Computer Security Institute reported that 71% of companies surveyed utilized encryption for some of their data in transit, and 53% utilized encryption for some of their data in storage. Encryption can be used to protect data such as files on computers and storage devices e.g. USB flash drives. In recent years there have been numerous reports of confidential data such as customers' personal records being exposed through loss or theft of laptops or backup drives. Encrypting such files helps protect them should physical security measures fail. Digital rights management systems which prevent unauthorized use or reproduction of copyrighted material and protect software against reverse engineering. Encryption is also used to protect data in transit, for example data being transferred via networks e.g. the Internet, e-commerce, mobile telephones, wireless microphones, wireless intercom systems, Bluetooth devices and bank automatic teller machines. There have been numerous reports of data in transit being intercepted in recent years. Encrypting data in transit also helps to secure it as it is often difficult to physically secure all access to networks. A popular implementation of public-key encryption is the Secure Sockets Layer (SSL). Originally developed by Netscape, SSL is an Internet security protocol used by Internet browsers and Web servers to transmit sensitive information. Look for the "s" after "http" in the address whenever you are about to enter sensitive information, such as a credit-card number, into a form on a Web site.

You will notice that the "http" in the address line is replaced with "https," and you should see a small padlock in the status bar at the bottom of the browser window. When you're accessing sensitive information, such as an online bank account or a payment transfer service like PayPal or Google Checkout, chances are you'll see this type of format change and know your information will most likely pass along securely.

The padlock symbol lets you know that you are using encryption. SSL make significant use of certificate authorities. Once your browser requests a secure page and adds the "s" onto "http," the browser sends out the public key and the certificate, checking three things: 1. That the certificate comes from a trusted party; 2. That the certificate is currently valid; and 3. That the certificate has a relationship with the site from which it's coming. The browser then uses the public key to encrypt a randomly selected symmetric key. Public-key encryption takes a lot of computing, so most systems use a combination of public-key and symmetric key encryption. When two computers initiate a secure session, one computer creates a symmetric key and sends it to the other computer using public-key encryption. The two computers can then communicate using symmetric-key encryption. Once the session is finished, each computer discards the symmetric key used for that session.

4)Benefits of Steganography Encryption may not be enough For example A and B are in jail and wish to hatch an escape plan. All their communications pass through the warden, H, and if H detects any encrypted messages, they can simply stop the communication. So they must find some way of hiding their secret message in an innocuous looking text.

The goal of the cryptography system is to conceal the content of the messages, while the goal of information hiding or steganography is to conceal their existence. Steganography is Greek Words where STEGANOS is Covered and GRAPHIE is Writing

Steganography is the art and science of writing hidden messages in such a way that no one apart from the intended recipient knows of the existence of the message. This can be achieving by concealing the existence of information within carriers or cover that is hiding information into pictures and other media. What to hide o Texts o Images o Sound How to hide o embed text in text/images/sound files o embed image in text/image/sound files o embed sound in text/image/sound files

Cryptographic System and Steganographic System i. Cryptography System

ii. Steganographic System

i. Comparison

Steganographic Techniques
i. ii. iii. iv.



Genome Steganography: Encoding a hidden message in a strand of human DNA Hiding in Text: Information hidden in documents by manipulating the positions of lines and words, hiding the data in html files Hiding in the disk space: Hiding the data in unused or reserved space Hiding data in software and circuitry: Data can be hidden in the layout of the code distributed in a program or the layout of electronic circuits on a board. Information Hiding in Images: Ranges from least significant bit insertion to masking and filtering to applying more sophisticated image processing algorithms Hiding in network packets: Hidden in packets transmitted through the Internet. Software Tools


ii. iii. iv. v.

S-Tools: Includes programs that process GIF and BMP images, process audio files and will even hide information in the unused areas of the floppy diskettes StegoDos: Also known as the Black Wolfs Picture Encoder version 0.90a. It works only for 320* 200 images with 256 colors Camouflage: Allows hiding files by scrambling them and then attaching them to the file of your choice Mp3 Stego: Hides information in MP3 files during the compression process InvisibleSecret: Hide the text or image file into other image or text file by using Blowfish algorithm.