MIS 5170-18 Topic: Operating Systems Security
MIS 5170 - Section 001 - Andrew Szajlai
Good Evening,
Week 5 slides can be found here: Week 05
CIS Windows 10: Windows_10
CIS Windows Server: Windows 2012
In the News:
Good Afternoon,
I have uploaded the complete set of videos to the 2nd assignment. I have also sent a link to the location for the videos on OWLBox.
This weeks class spent a lot of time reviewing what will be needed to complete assignment 2.
Please post items you have found difficult or need help building the environment. This week most of the participation on the site will focus on getting things working for our next class.
As a secondary item would questions or thought about CIS or NIST baselines.
Class slides for Week 4
See those that can make it tonight at 5:30 on WebEx; if not I’ll post the recording after class tonight.
I have sent an e-mail to four students that have not submitted their first assignment, which is considered late (with a 10% deduction). I will grade those that I have gotten and start to post the grades on BBLearn.
Here are the links from the Class slides to drive this weeks conversation:
This week’s main topic is on ACL’s (Access Control Lists). How to use them on what they protect: Files, Shares, Registry, Services, AD OU’s.
The following command will protected service security:
subinacl /service spooler /deny=users=PTO
I will start create teams to complete future assignments and post those to this thread.
I’ll add the links we talk about on Thursday night here:
First ‘Jackpotting’ Attacks Hit U.S. ATMs
File Your Taxes Before Scammers Do It For You
SANS Reading Room (https://www.sans.org/reading-room/)
Slides for this week: Week3 Slides
Group,
I have been working with our IT team and I was able to download the new VMWare; I think that we have a good handle on getting everyone running with VMWare. Use the following link VMWare Download.
In The News
Intel Spectre & Meltdown
Intel admits that patches for Meltdown and Spectre are causing reboots on a wider variety of systems: https://www.geekwire.com/2018/intel-admits-patches-meltdown-spectre-causing-reboots-wider-variety-systems/
FireEye Notice for CVE-2017-5754, CVE-2017-5753, and CVE-2017-5715 (“Meltdown” and “Spectre” vulnerabilities: https://www.fireeye.com/blog/products-and-services/2018/01/fireeye-notice-for-meltdown-and-spectre-vulnerabilities.html
Some Basic Rules for Securing Your IoT Stuff https://krebsonsecurity.com/2018/01/some-basic-rules-for-securing-your-iot-stuff/
Good evening,
I’m glad to have met everyone on Thursday night. I really enjoy our first class.
Here are the slides from last night: Operating-Systems-Week1
I have reviewed the video and only saw two pop-ups of the class recording. I think I answered all the questions. If I missed anything please let me know via e-mail or posts to the site. I have also reviewed the WebEx recordings, but it did not record any of the chat sessions.
Please review the the items from slide 12 “In The News” and post thoughts from the overview we have talked about on Thursday. Take one of the three items from the news and think about how you would use one item we talked about to secure a target OS. If you don’t feel comfortable with the OS being reviewed in the three articles I posted you may select one of your own from the news article.
Also review the video link on how to install Windows 7. (Note: that Chrome works best when watching linked videos, Safari does not work)
The below video show you how to install Windows 7 on VMWare Fusion (On Box Link: Install Windows 7)
The below video shows you how to install the main set of patches for Windows 7 (On Box Link: Install Windows 7 Patches Main)
The below video shows you how to install ‘Cygwin’ to watch the WindowsUpdate.log (On Box Link: Install Cygwin)
Download this zip file and Place files into a folder structure Windows_LinkedPS_Scripts and Share the folder to the Guest OS via VMWare to have it work with the below video: PS_WU_Setup
The below video shows you how to setup PowerShell to watch the WindowsUpdate.log (On Box Link: Set-Up PS to Watch WU)
Download: Windows 7 Pro 64-bit SP1, VMWare Fusion or Workstation. Make notes of the license keys. Please use the links from the class syllabus on how to install VMWare Fusion or Workstation. If you have any issues we will work on them in our next class.
To download Windows : Temple Download site
VMWare: Temple Download Site for VMWare
Here is what I put into the form to get the download.
You will need to also get VMWare Workstation or Fusion.
Great to have you all!
I hope you are as excited to get started as I am. We will begin on Thursday January 18th when we will go through the structure of the course.
This course introduces operating system security and tools to secure operating systems. Methods of securing operating systems will be explored in theory and in hands on exercises. The course will require simple programming using operating system specific and Open Source scripting languages. For that reason, some knowledge of and experience with computer programming is required. General operating system usability with Microsoft Windows and/or Linux is required. We will build a virtual environment to test and expand our learning in the class.
Just remember the greatest tool everyone has is your past experiences and your ability to learn from your experiences. The ability to know your strengths and weaknesses. We will learn as a group, yes I do also include myself in the learning process. This is why I have been working to secure Operating Systems since the middle 1980’s. This field is ever changing and the greatest take-away is how to learn and vet what you find to secure your operating system.
We will meet on Thursday Night in class and online.
Andrew