MIS 5170-18 Topic: Operating Systems Security

MIS 5170 - Section 001 - Andrew Szajlai

Fox School of Business

Week 14 Update

By 19 Comments

Good morning,

This week we will look at Unix/Linux network controls.

We are reviewing for our 2nd test, please bring all your questions, we will be taking time to complete the University survey.  After everyone has their questions answered we will begin the quiz will be released for this week.

If anyone has any questions as always please reach out to me and I’ll be happy to work with you.

 

In The News:

 

When Identity Thieves Hack Your Accountant
Use of Secure VPN to use the internet
‘iTunes Wi-Fi Sync’ Feature Could Let Attackers Hijack Your iPhone, iPad Remotely

 

This weeks slides: Week_14

Week 7 Update

By 23 Comments

Good Evening,

Wanted to take a couple minutes to talk about the main topics from this weeks class.  Firewalls – a way to protect what and who (in terms of computers) can connect to our operating systems.  What we did:

  • Install Telnet Server and client on our DC
  • Install Telnet client on our Windows 7 computer
  • Built a firewall rule to allow talent from our Windows 7 computer to our Window 2008 DC
  • Built an IPSec rule to protect a protocol that can not protect itself
  • WireShark Capture of Telnet with IPSec and without
    • Can you use WireShark to extract what command I ran after connected to the server via Telnet.
      • e-mail me for a 5-point extra credit bonus towards your final grade; you have two weeks from tonight March 14th; 11:59.

* Links to the videos are on: Week_07_Firewalls

This weeks Slides:  Week 7

 

Week 6 Update

By 3 Comments

Good morning,

I just wanted to continue with the way we have been running the class.  Post the slide before class; try the night before, but missed that goal this week.  I really liked what I read on the community site, I use almost all the post from the site this week.  I have also looked at the quizzes from last week.  I’ll talk about that tonight.

 

The put the quiz for tonight to start about the end of class at it will be out there till the night before the next time we meet or one week out based on what the schedule brings.

 

This weeks slides:  Week 6

 

In the News:

Week 1 Update

By 53 Comments

Good evening,

I’m glad to have met everyone on Thursday night.  I really enjoy our first class.

Here are the slides from last night:  Operating-Systems-Week1

I have reviewed the video and only saw two pop-ups of the class recording.  I think I answered all the questions.  If I missed anything please let me know via e-mail or posts to the site.  I have also reviewed the WebEx recordings, but it did not record any of the chat sessions.

Please review the the items from slide 12 “In The News” and post thoughts from the overview we have talked about on Thursday.  Take one of the three items from the news and think about how you would use one item we talked about to secure a target OS.  If you don’t feel comfortable with the OS being reviewed in the three articles I posted you may select one of your own from the news article.

Also review the video link on how to install Windows 7. (Note: that Chrome works best when watching linked videos, Safari does not work)

The below video show you how to install Windows 7 on VMWare Fusion (On Box Link: Install Windows 7)

 

The below video shows you how to install the main set of patches for Windows 7 (On Box Link: Install Windows 7 Patches Main)

 

The below video shows you how to install ‘Cygwin’ to watch the WindowsUpdate.log (On Box Link: Install Cygwin)

 

Download this zip file and Place files into a folder structure Windows_LinkedPS_Scripts and Share the folder to the Guest OS via VMWare to have it work with the below video: PS_WU_Setup

The below video shows you how to setup PowerShell to watch the WindowsUpdate.log (On Box Link: Set-Up PS to Watch WU)

 

Download: Windows 7 Pro 64-bit SP1, VMWare Fusion or Workstation.  Make notes of the license keys.  Please use the links from the class syllabus on how to install VMWare Fusion or Workstation.  If you have any issues we will work on them in our next class.

To download Windows : Temple Download site

VMWare: Temple Download Site for VMWare

Here is what I put into the form to get the download.

 

You will need to also get VMWare Workstation or Fusion.

Week 1 In The News

By 6 Comments

Group,

I have been working with our IT team and I was able to download the new VMWare; I think that we have a good handle on getting everyone running with VMWare.  Use the following link VMWare Download.

In The News

Intel Spectre & Meltdown

Intel admits that patches for Meltdown and Spectre are causing reboots on a wider variety of systems: https://www.geekwire.com/2018/intel-admits-patches-meltdown-spectre-causing-reboots-wider-variety-systems/

FireEye Notice for CVE-2017-5754, CVE-2017-5753, and CVE-2017-5715 (“Meltdown” and “Spectrevulnerabilities: https://www.fireeye.com/blog/products-and-services/2018/01/fireeye-notice-for-meltdown-and-spectre-vulnerabilities.html

Some Basic Rules for Securing Your IoT Stuff https://krebsonsecurity.com/2018/01/some-basic-rules-for-securing-your-iot-stuff/

Week 3 Update

By 66 Comments

This week’s main topic is on ACL’s (Access Control Lists).  How to use them on what they protect: Files, Shares, Registry, Services, AD OU’s.

The following command will protected service security:

subinacl /service spooler /deny=users=PTO

I will start create teams to complete future assignments and post those to this thread.

I’ll add the links we talk about on Thursday night here:

In the News:

First ‘Jackpotting’ Attacks Hit U.S. ATMs

File Your Taxes Before Scammers Do It For You

SANS Reading Room (https://www.sans.org/reading-room/)

Slides for this week: Week3 Slides

Week 4 Update

By 41 Comments

Good Afternoon,

I have uploaded the complete set of videos to the 2nd assignment.  I have also sent a link to the location for the videos on OWLBox.

This weeks class spent a lot of time reviewing what will be needed to complete assignment 2.

  • I have fix the above link, as well as added everyone in class to be able to see the files.  I missed updating the access.  If anyone is having any issues please let me know.

Please post items you have found difficult or need help building the environment.  This week most of the participation on the site will focus on getting things working for our next class.

As a secondary item would questions or thought about CIS or NIST baselines.

Class slides for Week 4

See those that can make it tonight at 5:30 on WebEx; if not I’ll post the recording after class tonight.

I have sent an e-mail to four students that have not submitted their first assignment, which is considered late (with a 10% deduction).  I will grade those that I have gotten and start to post the grades on BBLearn.

 

Here are the links from the Class slides to drive this weeks conversation: