Wat is nu eigenlijk: "Windows Update" en "WSUS"

Size: px
Start display at page:

Download "Wat is nu eigenlijk: "Windows Update" en "WSUS""

Transcription

1 Wat is nu eigenlijk: "Windows Update" en "WSUS" Van Hecke Vincent

2 Microsoft Patch Management Van Hecke Vincent

3 Topics Terminologie Hoe Microsoft zijn software fixed. Overzicht technologiën en producten: Automatic Updates of WSUS? WSUS Extra s: MBSA,

4 TERMINOLOGIE

5 Important Security Terms Term Vulnerability Threat Attack Countermeasure Definition Software, hardware, a procedural weakness, a feature, or a configuration that could be a weak point exploited during an attack. Also called an exposure. A source of danger. A threat agent attempting to take advantage of vulnerabilities for unwelcome purposes. Software configurations, hardware, or procedures that reduce risk in a computer environment. Also called a safeguard or mitigation.

6 Software Vulnerabilities Term Buffer overrun (overflow) Privilege elevation (escalation) Validation error (source code) Definition An unchecked buffer in a program that can overwrite the program code with new data. If the program code is overwritten with new executable code, the effect is to change the program's operation as dictated by the attacker. Allows users or attackers to attain higher privileges in certain circumstances. Allows malformed data to have unintended consequences.

7 Vulnerability Severity Ratings Rating Critical Important Moderate Low Definition A vulnerability whose exploitation could allow the propagation of an Internet worm without user action. A vulnerability whose exploitation could result in compromise of the confidentiality, integrity, or availability of users' data, or of the integrity or availability of processing resources. Exploitability is mitigated to a significant degree by factors such as default configuration, auditing, or difficulty of exploitation. A vulnerability whose exploitation is extremely difficult, or whose impact is minimal.

8 STRIDE Model of Threat Categories (1/2) Term Spoofing identity Tampering with data Repudiation Definition Illegally obtaining access and use of another person's authentication information, such as a user name or password. The malicious modification of data. Associated with users who deny performing an action, yet there is no way to prove otherwise.(non-repudiation refers to the ability of a system to counter repudiation threats, and includes techniques such as signing for a received parcel so that the signed receipt can be used as evidence.)

9 STRIDE Model of Threat Categories (2/2) Term Information disclosure Denial of service Elevation (Escalation) of privilege Definition The exposure of information to individuals who are not supposed to have access to it, such as accessing files without having the appropriate rights. An explicit attempt to prevent legitimate users from using a service or system. Where an unprivileged user gains privileged access. An example of privilege elevation would be an unprivileged user who contrives a way to be added to the Administrators group.

10 Threat Agents (1/3) Term Virus Worm Trojan horse Definition An intrusive program that infects computer files by inserting copies of self-replicating code, and deletes critical files, makes system modifications, or performs some other action to cause harm to data on the computer or to the computer itself. A virus attaches itself to a host program. A self-replicating program, often malicious like a virus, that can spread from computer to computer without infecting files first. Software or that professes to be useful and benign, but which actually performs some destructive purpose or provides access to an attacker.

11 Threat Agents (2/3) Term Mail bomb Adware Definition A malicious sent to an unsuspecting recipient. When the recipient opens the or runs the program, the mail bomb performs some malicious action on their computer. Any software application or program in which advertising banners are displayed or Pop-up windows appear while the program is running. Adware is considered "Spyware" and is installed without the user's knowledge.

12 Threat Agents (3/3) Term Spyware Definition Any software that covertly gathers user information through the user's Internet connection without his or her knowledge, usually for advertising purposes. Once installed, the Spyware monitors user activity on the Internet and transmits that information in the background to someone else. Spyware can also gather information about addresses and even passwords and credit card numbers. Spyware is similar to a Trojan horse in that users unwittingly install the product when they install something else. A common way to become a victim of Spyware is to download certain peer-to-peer file swapping products that are available today.

13 Microsoft is committed to protecting customers from security vulnerabilities. As part of this effort, Microsoft makes available periodic releases of software. HOE MICROSOFT ZIJN SOFTWARE FIXED Meer info: Google "Trustworthy Computing"

14

15 MSRC Security Bulletin

16 OVERZICHT TECHNOLOGIEËN EN PRODUCTEN

17 WU: Windows Update MU: Microsoft Update MOU: Microsoft Office Update WSUS: Windows Server Update Services SCCM: System Center Configuration Manager MUC: Microsoft Update Catalog

18 Windows Update

19

20

21

22 Microsoft Update

23 Via Office toepassing

24 Via Windows Update

25

26

27

28

29

30

31 Vergelijking Microsoft Update Windows Update

32 De weg terug naar Windows Update Want eens de agent gekozen voor MU, blijft deze actief tot de WU agent terug wordt geïnstalleerd.

33

34

35

36 Microsoft Office Update

37 Via Windows Update

38

39

40

41 Het update proces

42

43 Het update proces: type updates High priority Critical updates, security updates, service packs, and update rollups. Software (optional) Non-critical fixes for Windows programs Hardware (optional) Non-critical fixes for drivers and other hardware devices

44 Express vs Custom Express (recommended) displays all high priority updates for your computer so that you can install them with one click. This is the quickest and easiest way to keep your computer up to date. Custom displays high priority and optional updates for your computer. You review and select the updates that you want to install, one by one.

45

46

47 De (ongekende?) opties

48

49

50

51

52 WSUS

53 Situering

54 Situering

55 Meerdere WSUS servers

56 Voordelen WSUS Beter beheer van Microsoft Updates, vooral in grotere omgevingen. Rapportering Mogelijks minder trafiek over de internetlijn, indien gebruik makend van centraal repository

57 SCCM

58 SCCM SCCM is eigenlijk grote broer van WSUS. De extra features in SCCM zijn: Inventaris management Geavanceerde rapportering Mogelijkheden om systemen te beheren vanop afstand

59 SCCM

60 Microsoft Update Catalog

61 Windows Update Catalog

62

63

64

65

66

67

68

69 AUTOMATIC UPDATES OF WSUS?

70 The Microsoft way Customer Type Large or Medium Enterprise Large or Medium Enterprise Scenario The organization wants a single, flexible update management solution with an extended level of control that enables them to update (and distribute) all Windows operating systems and applications and also includes an integrated asset management solution. The organization wants a solution for update management only that provides simple updating for Microsoft software initially supporting Windows 2000 and later supporting Office 2003, Office XP, Exchange Server 2000 and later, SQL Server 2000 and later. Customer Choice SCCM WSUS

71 The Microsoft way Customer Type Scenario Customer Choice Small Business Small Business Consumer The business has at least one Windows server and one IT administrator. All other scenarios All other scenarios WSUS Microsoft Update or Windows Update Microsoft Update or Windows Update

72 Automatic Updates

73 Best practise indien: Automatic Updates Installeer overal de Microsoft Update agent (zodat alle software wordt geupdate)

74 WSUS Meer mogelijkheden Vergt ook onderhoud Server nodig

75 WSUS

76 Over WSUS

77 Over WSUS BITS = Background Intelligent Transfer Service WSUS bevat rapportagemogelijkheden WSUS kan op 2 manieren werken: updates van WSUS halen updates van internet halen Command Line mogelijkheden (wsusutil.exe)

78 Installatie documentatie Step-by-step guide FamilyID=C8FA2FD1-72F6-4F19-A1B0- F689DAE14BE6&displaylang=en

79 Installatie

80 Installatie Keuze poort is by default 80 maar kan 8530 zijn

81 Configuratie Firewall! https://*.windowsupdate.microsoft.com https://*.update.microsoft.com

82 Configuratie

83 Configuratie Groepen

84 Configuratie De keuze is aan u:

85 Configuratie TIP

86 Configuratie TIP SSL? Do not store update file locally? Remote workers

87 Meer documentatie Operations Guide: amilyid=66d250fa-670f-4a49-95ec- 2FFDA7691F55&displaylang=en

88 WSUS Tips

89 WSUS Tips: Cloning machines Als een voor WSUS geconfigureerde machine wordt gecloned (via Ghost, ) dan moet er een registry keys worden verwijderd: HKLM\Software\Policies\Microsoft\Windows\Windo wsupdate HKLM\Software\Microsoft\Windows\CurrentVersio n\windowsupdate

90 WSUS Tips: Forefront Forefront gebruikt WSUS voor zijn updates. Dus GPO setting bepaald frequentie voor het zoeken naar nieuwe virusdefinities. Standaard 22u, best op 1u zetten. Optie Allow automatic update immediate installation enabled. Zodat de virusdefinities worden geïnstalleerd zonder schedule in te stellen Zet wel nog een (dagelijkse?) schedule in voor de product updates.

91 WSUS Tips: Performantie issues svchost/msi performance issue both KB and the new 3.0 client needed update-on.aspx

92 WSUS Tips: Client logging Start, then click Run, type WINDOWSUPDATE.LOG and then click OK. Logging from bottom up. WindowsUpdate.log Is the v6 version windows update.log Is the v4 version

93 WSUS Tips 0x80072EE2 0x80072F78 0x80072F76 0x80072EFD You receive an "Error 0x80072EE2" or "Error 0x80072EFD" error message when you try to use Windows Update Add Windows Update Web sites to the Trusted Sites list

94 WSUS Tips 0x How to troubleshoot problems accessing secure Web pages with Internet Explorer 6 Service Pack 2 (870700) This Windows Update error code is caused by unregistered DLL files for Windows Update or Internet Explorer. On Windows XP SP2 and later this may be resolved using the iexplore /rereg command.

95 WSUS Tips 0x /0x800A01AD These Windows Update error codes can be caused by a damaged Windows XP XML subsystem. The first step to take is to reregister this component using the command regsvr32 msxml3.dll. If this does not resolve the issue, check for more recently updated MSXML Parser and MSXML components from the following link: px?productid=&freetext=msxml&displaylang=e n

96 WSUS Tips When accessing the Update site, you receive the 0x800A01AE error. This issue may happen if the current session of Internet Explorer has cached an older version of Wuapi.dll Re-register the Windows Update DLL with the commands below Click Start, click Run, type cmd, and then click OK. Type the following commands. Press ENTER after each command. regsvr32 wuapi.dll regsvr32 wuaueng.dll regsvr32 wuaueng1.dll regsvr32 wucltui.dll regsvr32 wups.dll regsvr32 wups2.dll regsvr32 wuweb.dll

97 WSUS Tips 0x This Windows Update error code is normally related to inconsistent or damaged information in the c:\windows\softwaredistribution folder. Stopping the Automatic Updates service then renaming the c:\windows\softwaredistribution folder to SDOLD then restarting the Automatic Updates service normally is the fix for this issue. Note: Renaming this folder will clear the display of previous successful and failed updates.

98 WSUS Tips 0x800B0001 This Windows Update error code is related to 3 particular DLL files that are not registered in windows correctly. Registering the following files with REGSVR32 normally fixes this issue: Softpub.dll Mssip32.dll Initpki.dll

99 WSUS Tips 0x C This Windows Update error can be caused by a damaged installation of BITS and corrupted information in the SoftwareDistribution folder. The solution is normally to re-download the BITS updates (KB and KB842773) from the Microsoft.com website, then stop the Automatic Updates service and rename the SoftwareDistribution folder to SDOLD. Reboot the computer and return to Windows Update.

100 WSUS Tips: Client Firewalls Most third party firewalls such as Norton Personal Firewall block SVCHOST (Generic Host Process Win32) communication by default. This can cause issues with Windows Update as SVCHOST communication is required by the Windows Update client to connect to the Windows Update Servers on the internet.

101 WSUS Tips: Diag tools Client diag tool Server diag tool

102

103 WSUS Tips To enable site tracing for a single visit to the Windows Update site, add &dev=true to the end of the URL, as in the example below: ault.aspx?ln=en&dev=true

104 WSUS Tips Backup?

105 WSUS Links

106 WSUS 3.0 SP2 Beta Overview New Windows Server and Client Version Support Integration with Windows Server 2008 R2 Support for Windows 7 client Support for the BranchCache feature on Windows Server 2008 R2

107 WSUS 3.0 SP2 Beta Overview WSUS Beta Feature Improvements and Fixes Auto-Approval Rules New functionality lets you specify the approval deadline date and time. You can now apply a rule to all computers or to specific computer groups. Cross-Version Compatibility The user interface is compatible between Service Pack 1 and Service Pack 2 for WSUS 3.0 on both the client and the server.

108 WSUS 3.0 SP2 Beta Overview Software Updates Stability and reliability fixes for the WSUS server, such as support for IPV6 addresses greater than 40 characters. The approval dialog now sorts computer groups alphabetically by group name. Computer status report sorting icons are now functional in x64 environments. Fixed setup issues with database servers running Microsoft SQL Server 2008.

109 EXTRA S

110 MBSA: Scan for vulnerabilites and look for patches Malicious Software Removal Tool Microsoft Security Assessment Tool

111 Microsoft Technical Security Notifications

112 EINDE

Step-by-Step Guide to Securing Windows XP Professional with Service Pack 2 in Small and Medium Businesses

Step-by-Step Guide to Securing Windows XP Professional with Service Pack 2 in Small and Medium Businesses Step-by-Step Guide to Securing Windows XP Professional with Service Pack 2 in Small and Medium Businesses 2004 Microsoft Corporation. All rights reserved. This document is for informational purposes only.

More information

Lectures 9 Advanced Operating Systems Fundamental Security. Computer Systems Administration TE2003

Lectures 9 Advanced Operating Systems Fundamental Security. Computer Systems Administration TE2003 Lectures 9 Advanced Operating Systems Fundamental Security Computer Systems Administration TE2003 Lecture overview At the end of lecture 9 students can identify, describe and discuss: Main factors while

More information

Windows Operating Systems. Basic Security

Windows Operating Systems. Basic Security Windows Operating Systems Basic Security Objectives Explain Windows Operating System (OS) common configurations Recognize OS related threats Apply major steps in securing the OS Windows Operating System

More information

Microsoft Security Bulletin MS09-064 - Critical

Microsoft Security Bulletin MS09-064 - Critical Microsoft Security Bulletin MS09-064 - Critical: Vulnerability in License Logging Se... Page 1 of 11 TechNet Home > TechNet Security > Bulletins Microsoft Security Bulletin MS09-064 - Critical Vulnerability

More information

Microsoft Security Bulletin MS09-053 - Important

Microsoft Security Bulletin MS09-053 - Important Microsoft Security Bulletin MS09-053 - : Vulnerabilities in FTP Service for...page 1 of 28 TechNet Home > TechNet Security > Bulletins Microsoft Security Bulletin MS09-053 - Vulnerabilities in FTP Service

More information

Airtel PC Secure Trouble Shooting Guide

Airtel PC Secure Trouble Shooting Guide Airtel PC Secure Trouble Shooting Guide Table of Contents Questions before installing the software Q: What is required from my PC to be able to use the Airtel PC Secure? Q: Which operating systems does

More information

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak DryView 8150 Imager Release 1.0.

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak DryView 8150 Imager Release 1.0. Medical Device Security Health Imaging Digital Capture Security Assessment Report for the Kodak DryView 8150 Imager Release 1.0 Page 1 of 9 Table of Contents Table of Contents... 2 Executive Summary...

More information

How to easily clean an infected computer (Malware Removal Guide)

How to easily clean an infected computer (Malware Removal Guide) How to easily clean an infected computer (Malware Removal Guide) Malware, short for malicious (or malevolent) software, is software used or programmed by attackers to disrupt computer operation, gather

More information

Microsoft Baseline Security Analyzer (MBSA)

Microsoft Baseline Security Analyzer (MBSA) Microsoft Baseline Security Analyzer Microsoft Baseline Security Analyzer (MBSA) is a software tool released by Microsoft to determine security state by assessing missing security updates and lesssecure

More information

Maintaining, Updating, and Protecting Windows 7

Maintaining, Updating, and Protecting Windows 7 Lesson 7 Maintaining, Updating, and Protecting Windows 7 Learning Objectives Students will learn to: Understand Disk Defragmenter Understand Disk Cleanup Understand Task Scheduler Understand Action Center

More information

Threat Modeling. Frank Piessens (Frank.Piessens@cs.kuleuven.be ) KATHOLIEKE UNIVERSITEIT LEUVEN

Threat Modeling. Frank Piessens (Frank.Piessens@cs.kuleuven.be ) KATHOLIEKE UNIVERSITEIT LEUVEN Threat Modeling Frank Piessens (Frank.Piessens@cs.kuleuven.be ) Secappdev 2007 1 Overview Introduction Key Concepts Threats, Vulnerabilities, Countermeasures Example Microsoft s Threat Modeling Process

More information

Computer Security Maintenance Information and Self-Check Activities

Computer Security Maintenance Information and Self-Check Activities Computer Security Maintenance Information and Self-Check Activities Overview Unlike what many people think, computers are not designed to be maintenance free. Just like cars they need routine maintenance.

More information

Data Management Policies. Sage ERP Online

Data Management Policies. Sage ERP Online Sage ERP Online Sage ERP Online Table of Contents 1.0 Server Backup and Restore Policy... 3 1.1 Objectives... 3 1.2 Scope... 3 1.3 Responsibilities... 3 1.4 Policy... 4 1.5 Policy Violation... 5 1.6 Communication...

More information

PC Security and Maintenance

PC Security and Maintenance PC Security and Maintenance by IMRAN GHANI PC Maintenance and Security-Forecast. Major sources of danger. Important steps to protect your PC. PC Security Tools. PC Maintenance Tools. Tips. PC Security-

More information

INTERNATIONAL JOURNAL OF COMPUTER ENGINEERING & TECHNOLOGY (IJCET)

INTERNATIONAL JOURNAL OF COMPUTER ENGINEERING & TECHNOLOGY (IJCET) INTERNATIONAL JOURNAL OF COMPUTER ENGINEERING & TECHNOLOGY (IJCET) International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 ISSN 0976 6367(Print) ISSN 0976 6375(Online) Volume 3,

More information

Introduction to Computer Security Table of Contents

Introduction to Computer Security Table of Contents Introduction to Computer Security Table of Contents Introduction... 2 1 - Viruses... 3 Virus Scanners... 3 2 - Spyware... 7 Spyware Scanners... 8 3 - Firewalls... 10 Windows Firewall... 10 4 - References...

More information

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster Security Standards Symantec shall maintain administrative, technical, and physical safeguards for the Symantec Network designed to (i) protect the security and integrity of the Symantec Network, and (ii)

More information

Contents. McAfee Internet Security 3

Contents. McAfee Internet Security 3 User Guide i Contents McAfee Internet Security 3 McAfee SecurityCenter... 5 SecurityCenter features... 6 Using SecurityCenter... 7 Fixing or ignoring protection problems... 16 Working with alerts... 21

More information

Using Windows Update for Windows XP

Using Windows Update for Windows XP Using Windows Update for Windows XP Introduction This document provides instructions on updating Windows XP with the necessary patches. It is very important to update your operating system software in

More information

How to Configure Sophos Anti-Virus for Home Systems

How to Configure Sophos Anti-Virus for Home Systems How to Configure Sophos Anti-Virus for Home Systems When you download and install Sophos on your home computer, on-access scanning is enabled. However, the settings for scheduled scans and scanning for

More information

Ohio University Computer Services Center October, 2004 Spyware, Adware, and Virus Guide

Ohio University Computer Services Center October, 2004 Spyware, Adware, and Virus Guide Ohio University Computer Services Center October, 2004 Spyware, Adware, and Virus Guide Definitions Malware is term meaning malicious software. Malware is software designed to disrupt a computer system.

More information

Implementing Security Update Management

Implementing Security Update Management Implementing Security Update Management Wayne Harris MCSE Senior Consultant Certified Security Solutions Business Case for Update Management When determining the potential financial impact of poor update

More information

MailEnable Connector for Microsoft Outlook

MailEnable Connector for Microsoft Outlook MailEnable Connector for Microsoft Outlook Version 2.23 This guide describes the installation and functionality of the MailEnable Connector for Microsoft Outlook. Features The MailEnable Connector for

More information

Networking Best Practices Guide. Version 6.5

Networking Best Practices Guide. Version 6.5 Networking Best Practices Guide Version 6.5 Summer 2010 Copyright: 2010, CCH, a Wolters Kluwer business. All rights reserved. Material in this publication may not be reproduced or transmitted in any form

More information

Release Notes for Websense Email Security v7.2

Release Notes for Websense Email Security v7.2 Release Notes for Websense Email Security v7.2 Websense Email Security version 7.2 is a feature release that includes support for Windows Server 2008 as well as support for Microsoft SQL Server 2008. Version

More information

Using Windows Update for Windows 95/98

Using Windows Update for Windows 95/98 Using Windows Update for Windows 95/98 Contents Introduction... 1 Before You Begin... 2 Downloading and Installing the Windows Update Components... 2 Maintaining a Secure Computing Environment... 6 Introduction

More information

TIME TO LIVE ON THE NETWORK

TIME TO LIVE ON THE NETWORK TIME TO LIVE ON THE NETWORK Executive Summary This experiment tests to see how well commonly used computer platforms withstand Internet attacks in the wild. The experiment quantifies the amount of time

More information

Kaseya 2. User Guide. Version 7.0. English

Kaseya 2. User Guide. Version 7.0. English Kaseya 2 Patch Management User Guide Version 7.0 English September 3, 2014 Agreement The purchase and use of all Software and Services is subject to the Agreement as defined in Kaseya s Click-Accept EULATOS

More information

Computer Viruses: How to Avoid Infection

Computer Viruses: How to Avoid Infection Viruses From viruses to worms to Trojan Horses, the catchall term virus describes a threat that's been around almost as long as computers. These rogue programs exist for the simple reason to cause you

More information

WEB SECURITY. Oriana Kondakciu 0054118 Software Engineering 4C03 Project

WEB SECURITY. Oriana Kondakciu 0054118 Software Engineering 4C03 Project WEB SECURITY Oriana Kondakciu 0054118 Software Engineering 4C03 Project The Internet is a collection of networks, in which the web servers construct autonomous systems. The data routing infrastructure

More information

FREQUENTLY ASKED QUESTIONS

FREQUENTLY ASKED QUESTIONS FREQUENTLY ASKED QUESTIONS Secure Bytes, October 2011 This document is confidential and for the use of a Secure Bytes client only. The information contained herein is the property of Secure Bytes and may

More information

Online Security Awareness - UAE Exchange - Foreign Exchange Send Money UAE Exchange

Online Security Awareness - UAE Exchange - Foreign Exchange Send Money UAE Exchange The responsibility of safeguarding your personal information starts with you. Your information is critical and it must be protected from unauthorised disclosure, modification or destruction. Here we are

More information

Sophos for Microsoft SharePoint startup guide

Sophos for Microsoft SharePoint startup guide Sophos for Microsoft SharePoint startup guide Product version: 2.0 Document date: March 2011 Contents 1 About this guide...3 2 About Sophos for Microsoft SharePoint...3 3 System requirements...3 4 Planning

More information

Security Consultant Scenario INFO 517-900 Term Project. Brad S. Brady. Drexel University

Security Consultant Scenario INFO 517-900 Term Project. Brad S. Brady. Drexel University Security Consultant Scenario INFO 517-900 Term Project Drexel University Author Note This paper was prepared for INFO-517-900 taught by Dr. Scott White. Table of Contents ABSTRACT.1 THE INTERVIEW...2 THE

More information

ServerView Integration Pack for Microsoft SCCM

ServerView Integration Pack for Microsoft SCCM User Guide - English FUJITSU Software ServerView Suite ServerView Integration Pack for Microsoft SCCM Edition July 2012 Comments Suggestions Corrections The User Documentation Department would like to

More information

Common Cyber Threats. Common cyber threats include:

Common Cyber Threats. Common cyber threats include: Common Cyber Threats: and Common Cyber Threats... 2 Phishing and Spear Phishing... 3... 3... 4 Malicious Code... 5... 5... 5 Weak and Default Passwords... 6... 6... 6 Unpatched or Outdated Software Vulnerabilities...

More information

Known Issues and Work Around

Known Issues and Work Around Known s and Work Around During Compass 2.0 installation, sometimes you may get a popup message.net framework/sqlexpress could not be installed. Install.Net framework/sqlexpress manually. Sometimes, migration

More information

COSC 472 Network Security

COSC 472 Network Security COSC 472 Network Security Instructor: Dr. Enyue (Annie) Lu Office hours: http://faculty.salisbury.edu/~ealu/schedule.htm Office room: HS114 Email: ealu@salisbury.edu Course information: http://faculty.salisbury.edu/~ealu/cosc472/cosc472.html

More information

Recommended Practice Case Study: Cross-Site Scripting. February 2007

Recommended Practice Case Study: Cross-Site Scripting. February 2007 Recommended Practice Case Study: Cross-Site Scripting February 2007 iii ACKNOWLEDGEMENT This document was developed for the U.S. Department of Homeland Security to provide guidance for control system cyber

More information

HoneyBOT User Guide A Windows based honeypot solution

HoneyBOT User Guide A Windows based honeypot solution HoneyBOT User Guide A Windows based honeypot solution Visit our website at http://www.atomicsoftwaresolutions.com/ Table of Contents What is a Honeypot?...2 How HoneyBOT Works...2 Secure the HoneyBOT Computer...3

More information

Countermeasures against Spyware

Countermeasures against Spyware (2) Countermeasures against Spyware Are you sure your computer is not infected with Spyware? Information-technology Promotion Agency IT Security Center http://www.ipa.go.jp/security/ 1. What is a Spyware?

More information

SQL Backup and Restore using CDP

SQL Backup and Restore using CDP CDP SQL Backup and Restore using CDP Table of Contents Table of Contents... 1 Introduction... 2 Supported Platforms... 2 SQL Server Connection... 2 Figure 1: CDP Interface with the SQL Server... 3 SQL

More information

Windows Remote Access

Windows Remote Access Windows Remote Access A newsletter for IT Professionals Education Sector Updates Issue 1 I. Background of Remote Desktop for Windows Remote Desktop Protocol (RDP) is a proprietary protocol developed by

More information

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak Capture Link Server V1.00

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak Capture Link Server V1.00 Medical Device Security Health Imaging Digital Capture Security Assessment Report for the Kodak Capture Link Server V1.00 Version 1.0 Eastman Kodak Company, Health Imaging Group Page 1 Table of Contents

More information

Web Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability

Web Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability Web Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability WWW Based upon HTTP and HTML Runs in TCP s application layer Runs on top of the Internet Used to exchange

More information

Infocomm Sec rity is incomplete without U Be aware,

Infocomm Sec rity is incomplete without U Be aware, Infocomm Sec rity is incomplete without U Be aware, responsible secure! HACKER Smack that What you can do with these five online security measures... ANTI-VIRUS SCAMS UPDATE FIREWALL PASSWORD [ 2 ] FASTEN

More information

Shakambaree Technologies Pvt. Ltd.

Shakambaree Technologies Pvt. Ltd. Welcome to Support Express by Shakambaree Technologies Pvt. Ltd. Introduction: This document is our sincere effort to put in some regular issues faced by a Digital Signature and USB Token user doing on

More information

User Guide - English. ServerView Suite. DeskView and ServerView Integration Pack for Microsoft SCCM

User Guide - English. ServerView Suite. DeskView and ServerView Integration Pack for Microsoft SCCM User Guide - English ServerView Suite DeskView and ServerView Integration Pack for Microsoft SCCM Edition June 2010 Comments Suggestions Corrections The User Documentation Department would like to know

More information

System Administration Training Guide. S100 Installation and Site Management

System Administration Training Guide. S100 Installation and Site Management System Administration Training Guide S100 Installation and Site Management Table of contents System Requirements for Acumatica ERP 4.2... 5 Learning Objects:... 5 Web Browser... 5 Server Software... 5

More information

Patch Management Table of Contents:

Patch Management Table of Contents: Table of Contents: Manage Machines Manage Updates Patch Policy Configure Patch Parameters 153 Chapter 5 - Sadjadi et al. Introduction As new operating system and software updates are released in an ever

More information

Application Intrusion Detection

Application Intrusion Detection Application Intrusion Detection Drew Miller Black Hat Consulting Application Intrusion Detection Introduction Mitigating Exposures Monitoring Exposures Response Times Proactive Risk Analysis Summary Introduction

More information

Don t Fall Victim to Cybercrime:

Don t Fall Victim to Cybercrime: Don t Fall Victim to Cybercrime: Best Practices to Safeguard Your Business Agenda Cybercrime Overview Corporate Account Takeover Computer Hacking, Phishing, Malware Breach Statistics Internet Security

More information

1 Introduction. Agenda Item: 7.23. Work Item:

1 Introduction. Agenda Item: 7.23. Work Item: 3GPP TSG SA WG3 Security S3#34 S3-040583 6-9 Jul 2004 updated S3-040566 Acapulco, Mexico Title: Selective Disabling of UE Capabilities; updated S3-040566 based on the comments on SA3 mailing list Source:

More information

Advanced Endpoint Protection Overview

Advanced Endpoint Protection Overview Advanced Endpoint Protection Overview Advanced Endpoint Protection is a solution that prevents Advanced Persistent Threats (APTs) and Zero-Day attacks and enables protection of your endpoints by blocking

More information

6WRUP:DWFK. Policies for Dedicated SQL Servers Group

6WRUP:DWFK. Policies for Dedicated SQL Servers Group OKENA 71 Second Ave., 3 rd Floor Waltham, MA 02451 Phone 781 209 3200 Fax 781 209 3199 6WRUP:DWFK Policies for Dedicated SQL Servers Group The sample policies shipped with StormWatch address both application-specific

More information

Unicenter Patch Management

Unicenter Patch Management Unicenter Patch Management Best Practices for Managing Security Updates R11 This documentation (the Documentation ) and related computer software program (the Software ) (hereinafter collectively referred

More information

Spyware. Michael Glenn Technology Management Michael.Glenn@Qwest.com. 2004 Qwest Communications International Inc.

Spyware. Michael Glenn Technology Management Michael.Glenn@Qwest.com. 2004 Qwest Communications International Inc. Spyware Michael Glenn Technology Management Michael.Glenn@Qwest.com Agenda Security Fundamentals Current Issues Spyware Definitions Overlaps of Threats Best Practices What Service Providers are Doing References

More information

Spam, Spyware, Malware and You! Don't give up just yet! Presented by: Mervin Istace Provincial Library Saskatchewan Learning

Spam, Spyware, Malware and You! Don't give up just yet! Presented by: Mervin Istace Provincial Library Saskatchewan Learning Spam, Spyware, Malware and You! Don't give up just yet! Presented by: Mervin Istace Provincial Library Saskatchewan Learning Lee Zelyck Network Administrator Regina Public Library Malware, Spyware, Trojans

More information

Symantec AntiVirus Corporate Edition Patch Update

Symantec AntiVirus Corporate Edition Patch Update Symantec AntiVirus Corporate Edition Patch Update Symantec AntiVirus Corporate Edition Update Documentation version 10.0.1.1007 Copyright 2005 Symantec Corporation. All rights reserved. Symantec, the Symantec

More information

COB 302 Management Information System (Lesson 8)

COB 302 Management Information System (Lesson 8) COB 302 Management Information System (Lesson 8) Dr. Stanley Wong Macau University of Science and Technology Chapter 13 Security and Ethical Challenges 安 全 與 倫 理 挑 戰 Remarks: Some of the contents in this

More information

Guideline for Prevention of Spyware and other Potentially Unwanted Software

Guideline for Prevention of Spyware and other Potentially Unwanted Software Guideline for Prevention of Spyware and other Potentially Unwanted Software Introduction Most users are aware of the impact of virus/worm and therefore they have taken measures to protect their computers,

More information

Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines

Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines 1. Implement anti-virus software An anti-virus program is necessary to protect your computer from malicious programs,

More information

PART D NETWORK SERVICES

PART D NETWORK SERVICES CONTENTS 1 ABOUT THIS PART... 2 2 PUBLIC NETWORK... 2 Internet... 2 3 PRIVATE NETWORK... 3 Global WAN services... 3 4 SECURITY SERVICES... 3 Firewall... 4 Intrusion Prevention (Network)... 5 SSL/IPSEC

More information

Firewall Server 7.2. Release Notes. What's New in Firewall Server 7.2

Firewall Server 7.2. Release Notes. What's New in Firewall Server 7.2 Firewall Server 7.2 Release Notes BorderWare Technologies is pleased to announce the release of version 7.2 of the Firewall Server. This release includes the following new features and improvements. What's

More information

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft) 1- A (firewall) is a computer program that permits a user on the internal network to access the internet but severely restricts transmissions from the outside 2- A (system failure) is the prolonged malfunction

More information

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security ITSC Training Courses Student IT Competence Programme SI1 2012 2013 Prof. Chan Yuen Yan, Rosanna Department of Engineering The Chinese University of Hong Kong SI1-1 Course Outline What you should know

More information

Sophos Endpoint Security and Control Help

Sophos Endpoint Security and Control Help Sophos Endpoint Security and Control Help Product version: 10.3 Document date: June 2014 Contents 1 About Sophos Endpoint Security and Control...3 2 About the Home page...4 3 Sophos groups...5 4 Sophos

More information

Symantec Endpoint Protection Getting Started Guide

Symantec Endpoint Protection Getting Started Guide Symantec Endpoint Protection Getting Started Guide 12167130 Symantec Endpoint Protection Getting Started Guide The software described in this book is furnished under a license agreement and may be used

More information

Using Microsoft s Free Security Tools Help Secure your Windows Systems taken from Web and Other Sources by Thomas Jerry Scott November, 2003

Using Microsoft s Free Security Tools Help Secure your Windows Systems taken from Web and Other Sources by Thomas Jerry Scott November, 2003 Using Microsoft s Free Security Tools Help Secure your Windows Systems taken from Web and Other Sources by Thomas Jerry Scott November, 2003 The following chart shows the name and download locations for

More information

Cyber Security Awareness

Cyber Security Awareness Cyber Security Awareness User IDs and Passwords Home Computer Protection Protecting your Information Firewalls Malicious Code Protection Mobile Computing Security Wireless Security Patching Possible Symptoms

More information

Kaspersky Security 9.0 for Microsoft SharePoint Server Administrator's Guide

Kaspersky Security 9.0 for Microsoft SharePoint Server Administrator's Guide Kaspersky Security 9.0 for Microsoft SharePoint Server Administrator's Guide APPLICATION VERSION: 9.0 Dear User! Thank you for choosing our product. We hope that this document will help you in your work

More information

HP Server Automation Enterprise Edition

HP Server Automation Enterprise Edition HP Server Automation Enterprise Edition Software Version: 10.0 User Guide: Server Patching Document Release Date: June 13, 2013 Software Release Date: June 2013 Legal Notices Warranty The only warranties

More information

Windows Server Update Services 3.0 SP2 Operations Guide

Windows Server Update Services 3.0 SP2 Operations Guide Windows Server Update Services 3.0 SP2 Operations Guide Microsoft Corporation Author: Anita Taylor Editor: Theresa Haynie Abstract This guide describes how to manage Windows Server Update Services 3.0

More information

thriller INTERNET SECURITY

thriller INTERNET SECURITY + thriller INTERNET SECURITY Saturday, October 31, 2009 1:30 PM 3:00 PM Matthew 28:18-20 Website Ministry + Agenda 2 Scripture (Col 3:12-15) Prayer Internet Security Security Threats Security Protection

More information

WhatsUp Gold v16.3 Installation and Configuration Guide

WhatsUp Gold v16.3 Installation and Configuration Guide WhatsUp Gold v16.3 Installation and Configuration Guide Contents Installing and Configuring WhatsUp Gold using WhatsUp Setup Installation Overview... 1 Overview... 1 Security considerations... 2 Standard

More information

1 hours, 30 minutes, 38 seconds Heavy scan. All scanned network resources. Copyright 2001, FTP access obtained

1 hours, 30 minutes, 38 seconds Heavy scan. All scanned network resources. Copyright 2001, FTP access obtained home Network Vulnerabilities Detail Report Grouped by Vulnerability Report Generated by: Symantec NetRecon 3.5 Licensed to: X Serial Number: 0182037567 Machine Scanned from: ZEUS (192.168.1.100) Scan Date:

More information

NNT CIS Microsoft SQL Server 2008R2 Database Engine Level 1 Benchmark Report 0514a

NNT CIS Microsoft SQL Server 2008R2 Database Engine Level 1 Benchmark Report 0514a NNT CIS Microsoft SQL Server 2008R2 Database Engine Level 1 Benchmark Report 0514a: WIN- 2LR8M18J6A1 On WIN-2LR8M18J6A1 - By admin for time period 6/10/2014 8:59:44 AM to 6/10/2014 8:59:44 AM NNT CIS Microsoft

More information

THE IMPORTANCE OF CODE SIGNING TECHNICAL NOTE 02/2005

THE IMPORTANCE OF CODE SIGNING TECHNICAL NOTE 02/2005 THE IMPORTANCE OF CODE SIGNING TECHNICAL NOTE 02/2005 13 DECEMBER 2005 This paper was previously published by the National Infrastructure Security Co-ordination Centre (NISCC) a predecessor organisation

More information

HP ProLiant Essentials Vulnerability and Patch Management Pack Release Notes

HP ProLiant Essentials Vulnerability and Patch Management Pack Release Notes HP ProLiant Essentials Vulnerability and Patch Management Pack Release Notes Supported platforms... 2 What s new in version 2.1... 2 What s new in version 2.0.3... 2 What s new in version 2.0.2... 2 What

More information

Sophos Endpoint Security and Control Help. Product version: 11

Sophos Endpoint Security and Control Help. Product version: 11 Sophos Endpoint Security and Control Help Product version: 11 Document date: October 2015 Contents 1 About Sophos Endpoint Security and Control...5 2 About the Home page...6 3 Sophos groups...7 3.1 About

More information

Best Practice Configurations for OfficeScan 10.0

Best Practice Configurations for OfficeScan 10.0 Best Practice Configurations for OfficeScan 10.0 Applying Latest Patch(es) for OSCE 10.0 To find out the latest patches, refer to http://www.trendmicro.com/download/product.asp?productid=5 NOTE : There

More information

Microsoft STRIDE (six) threat categories

Microsoft STRIDE (six) threat categories Risk-based Security Testing: Prioritizing Security Testing with Threat Modeling This lecture provides reference material for the book entitled The Art of Software Security Testing by Wysopal et al. 2007

More information

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1 Host Hardening Presented by Douglas Couch & Nathan Heck Security Analysts for ITaP 1 Background National Institute of Standards and Technology Draft Guide to General Server Security SP800-123 Server A

More information

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management SECURING YOUR SMALL BUSINESS Principles of information security and risk management The challenge Information is one of the most valuable assets of any organization public or private, large or small and

More information

StruxureWare Power Monitoring 7.0.1

StruxureWare Power Monitoring 7.0.1 StruxureWare Power Monitoring 7.0.1 Installation Guide 7EN02-0308-01 07/2012 Contents Safety information 5 Introduction 7 Summary of topics in this guide 7 Supported operating systems and SQL Server editions

More information

McAfee.com Personal Firewall

McAfee.com Personal Firewall McAfee.com Personal Firewall 1 Table of Contents Table of Contents...2 Installing Personal Firewall...3 Configuring Personal Firewall and Completing the Installation...3 Configuring Personal Firewall...

More information

MacScan. MacScan User Guide. Detect, Isolate and Remove Spyware

MacScan. MacScan User Guide. Detect, Isolate and Remove Spyware MacScan MacScan User Guide Detect, Isolate and Remove Spyware Part 1 1.1 Introduction MacScan is a spyware detection utility for Macintosh OS X that finds and removes spyware and other Internet files

More information

Docufide Client Installation Guide for Windows

Docufide Client Installation Guide for Windows Docufide Client Installation Guide for Windows This document describes the installation and operation of the Docufide Client application at the sending school installation site. The intended audience is

More information

How to troubleshoot Microsoft Volume Shadow copy Service errors

How to troubleshoot Microsoft Volume Shadow copy Service errors Macrium Reflect uses a Microsoft service called Volume Shadow copy Service to enable disk images to be created and files to be backed up when in use. When VSS fails it can sometimes mean that you are unable

More information

IBackup Drive User Guide

IBackup Drive User Guide IBackup Drive User Guide TABLE OF CONTENTS Introduction... 3 Features... 4 Install IBackup Drive... 5 Login to IBackup Drive... 5 About Main Screen... 7 Settings... 8 Toolbar Options... 11 IBackup Drive

More information

Student Tech Security Training. ITS Security Office

Student Tech Security Training. ITS Security Office Student Tech Security Training ITS Security Office ITS Security Office Total Security is an illusion security will always be slightly broken. Find strategies for living with it. Monitor our Network with

More information

Threat Modeling: The Art of Identifying, Assessing, and Mitigating security threats

Threat Modeling: The Art of Identifying, Assessing, and Mitigating security threats Threat Modeling: The Art of Identifying, Assessing, and Mitigating security threats Mohamed Ali Saleh Abomhara University of Agder mohamed.abomhara@uia.no Winter School in Information Security, Finse May

More information

Troubleshooting Guide

Troubleshooting Guide Enable WMI after applying SP2 for XP Company web site: Support email: support@ Support telephone: +44 20 3287-7651 +1 646 233-1163 2 This tutorial will guide you on enabling WMI after applying Service

More information

Client Guide for Symantec Endpoint Protection and Symantec Network Access Control

Client Guide for Symantec Endpoint Protection and Symantec Network Access Control Client Guide for Symantec Endpoint Protection and Symantec Network Access Control Client Guide for Symantec Endpoint Protection and Symantec Network Access Control The software described in this book is

More information

ViRobot Desktop 5.5. User s Guide

ViRobot Desktop 5.5. User s Guide ViRobot Desktop 5.5 User s Guide ViRobot Desktop 5.5 User s Guide Copyright Notice Copyright 2007 by HAURI Inc. All rights reserved worldwide. No part of this publication or software may be reproduced,

More information

Plain English Guide To Common Criteria Requirements In The. Field Device Protection Profile Version 0.75

Plain English Guide To Common Criteria Requirements In The. Field Device Protection Profile Version 0.75 Plain English Guide To Common Criteria Requirements In The Field Device Protection Profile Version 0.75 Prepared For: Process Control Security Requirements Forum (PCSRF) Prepared By: Digital Bond, Inc.

More information

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,

More information

Pearl Echo Installation Checklist

Pearl Echo Installation Checklist Pearl Echo Installation Checklist Use this checklist to enter critical installation and setup information that will be required to install Pearl Echo in your network. For detailed deployment instructions

More information