Winndows 98 Security Essay, Research Paper
Windows 98 Security
As we know the need of data communication becomes vital in the 20th century as we call it information Age. Both business and government were concerned with security and the need for data security becomes evident. Therefore, the computer processing, centralized database storage techniques, and communication networks have increased the need for security. Under security, the information in a computer system can only be accessible for reading by authorized personnel or parties. This type of access includes printing, displaying, and other form of disclosure, including simply revealing the existence of an object. The major areas of security that Windows 98 have are local security, network security and Internet security. We are going to look at these three rings of security issues.
Every security should start with local security. If we do not have the local environment secured, how do we expect to secure anything else? By Windows 98, there is the ability to assign two levels of password protection to every resource and will work fine for a peer-to-peer network. The inability to assign a password to a specific file does not sit well with me, if sometimes you need to protect one file in a directory but not another. For me, I like to make my exe files read-only so that others do not accidentally erase them. We can still implement a significant strategy by using Windows 98 built-in capabilities, such as, Logon. The best way to prevent a security breach is to keep someone from getting onto the network in the first place. The dialog box that we can see when we start Windows 98 is our first line of defense against someone who would try to break into our system. Even you do not connect to the network, your standalone workstation still needs security. The initial strategy to follow for a standalone workstation is to enable password protection by using the password properties dialog box that we can access by opening control panel and double clicking the password applet. Moreover, just enabling passwords does not help us very much. We can also back up our configuration changes with a policy change. The policy change reinforces the password setting that we can turn off various types of access, for example, we can turn off the control panel settings by using the options in the Windows 98 system, just like those computers at our school labs. Or we can disable network control panel, printer settings, if we are afraid that other users will add a nonexistent printer or delete the one already installed in the system. Windows 98 also implements something called a password cache. The password list file in either the main Windows 98 or our own individual profile folder contains more than just passwords for Windows 98 system. This file also remembers the password for online services, such as MSN or any other resources like network drives that we need to access. Windows 98 logon password unlocks this file, which in turn contains the passwords that unlock all the other resources we can access. As to the password itself, a minimum password length policy can help us to make it more difficult for a hacker to break into the network. Setting a minimum password length between 5 to 10 characters is usually sufficient. And, in fact, passwords that are over 10 characters long usually encourage the user to write down their passwords. For example, if we take a look at all the desks in a big enterprise, there is always a chance to see some people have a password reminder on the desk. If it happens to a computer software or hardware company, or a business enterprise with tons of secrets in their computer system. No one can really estimates how much the loss of the company would be, if an evildoer gets the access the all files.
A good password means difficult to guess which has both upper case and lower case letters contain special characters and numbers. It should be easy to remember so users do not need to write it down anywhere. Also, it should be more than six characters long, but it should be typed quickly. So some body wouldn t notice what the user types by looking the keyboard.
Good passwords also include some techniques such as:
1) If there are two short words can be combined with a special character or number such as ya-brow?
2) Substitution of numbers for letters such as 1nv01ve, instead of involve
The characteristic of bad passwords
1) Persons name or spouse, parents, pet, child, friends, boss and any bodies name.
2) A word in the English dictionary or a place. Like, write, or Seattle
3) Passwords of all same letters and it should always differ from login name and old password.
4) Never change back to the initial password assigned by the computer services for example IT-Center.
Share-level versus user-level security: the first level of security that Windows 98 provides is share-level access control. We get to this setting by using the access control page of the network dialog box. The other level is user-level access control. Share level access control enables us to assign a password to each resource on the network. We can use the same password for each resource, or a variety of passwords. It also enables us to determine whether a user gets read-only or full access based on a password. There are three levels: 1. No password: because the user has to log on to the network in the first place, we can assume that the person already has a certain level of security. 2. Read-only: the read-only password allows us to give people quick access to documents that they can either copy to their hard drives or read online. It works well with applications which do not provide a revision-marks feature, because I can see who made what comments. 3. Full: anyone one who is working on a sensitive project with other users usually gets full access to the resource. Turning on an application s revision-marks feature allows people to see who made what changes.
Master key: Windows 98 provides the capability to use one master key to get all the networks and resources that a user can access. For the old system, if we need to log into the workgroup network, we need one password. Another password would give us access to the company network, and we need another password for your email program and yet another for the communication program. Even if we use the same password for every access, it is inconvenient to enter a password every time we want to access something. Trying to get any user to remember more than one login password is difficult. It also wastes time in logging into the carious networks. Windows 98 remembers all the user s passwords and enters them automatically as needed.
Digital signatures: E-mail can be made more secure by using a technique called the “digital signature.” A digital signature is unique to a person, just like a wet signature (authentication). The digital signature is several lines of code that appears at the end of the e-mail message. The digital signature guarantees the following:
*That the message was originated by the person who signed the message.(It is not forged.)
* That the message has not been altered in anyway in transmission or by anyone else wishing to change the message. (For example: someone changing one of your memos and claiming later you wrote the altered memo.)
These features also carry a protection against deniability. That is if you receive a digitally signed message from one of your scientists, that person cannot later deny responsibility for that message. This protection can be used for any other type of file including graphics files. Several states have recognized the digital signature as legally binding. For instance, there are two classes in VeriSign digital signature service. For Class 1 IDs, VeriSign uses various mechanisms to ensure that a Digital ID can only be obtained for a particular e-mail address by someone who has access to that e-mail address. If you protect your e-mail account and the password which guards your e-mail account, a would-be imposter would have a difficult time to obtain an ID. For Class 2 personal IDs, VeriSign goes to far greater lengths to ensure that you are actually who you claim to be. In order to get a Class 2 ID, you must not only control your e-mail account, but you must also provide VeriSign with detailed information about your addresses, employment, driver’s license, social security number, etc. We then compare this information against on-line consumer credit databases, such as Equifax. VeriSign uses an out-of-band method to verify the email account provided in the enrollment form. After the enrollment form is submitted, a unique Personal Identification Number (PIN) is emailed to the email address submitted in the enrollment form. You must get this unique PIN and use it to pick up and install the certificate. A Digital ID obtained for Windows 98 built-in Microsoft IE will allow signing and encrypting for Microsoft Outlook Express.
Cookies: we can find this file in a special directory that we can monitor, and the web site uses it for things like your name and site preferences. But, there are not any real limitations on what kind of information a web site can write to the cookie, and that can creates problems. For example, if a web site write some exe codes to the cookie and then fooling the operating system into executing it. This particular situation actually happened, but fortunately the results are more along the lines of a bad joke than actual damage to the system. It could have been different, and that s why people concern about cookies. Inside win98, IE stores the cookies in separate files in the cookies or temporary internet files folder within the main windows folder. Each cookie is represented by a username followed by an at sign @. For example, if a person named Peter visit www.msn.com, then he will have a cookie file name: Peter@msn in his cookie folder. IE provides ways to reject cookies you do not want.
Online shopping and security: The first time you buy a gift, have it wrapped and delivered while you sit at your computer, you will be sold on the idea. And that first-time purchase is the one that takes longest. For subsequent purchases from the same site you will not have to repeat the entry of personal information (address, credit-card number, and so on) required on the first occasion. Adding confidence to convenience, Microsoft Internet Explorer makes online shopping secure. The section of a commercial Web site where you order and make a purchase should be a “secure” site. Internet Explorer supports standard encryption security protocols. These are a set of rules for computer-to-computer communication that encode data sent between secure sites to prevent unauthorized people from seeing it. When showing a page from such a secure site, Internet Explorer displays a “lock” icon on the status bar directly below the Web page. This technology makes an online credit-card purchase safer than using your card in a restaurant. The request for funds is passed directly to the bank that issued the card, with the card number still in encrypted form. Only the institution that issued the card can see the number. You can choose the security level at which Internet Explorer operates. Depending on the security level you have set, you’ll be notified if you’re about to do something that might pose a security risk. For example, if you’re about to send your credit-card number to an unsecured site, Internet Explorer can warn you that the site is not secure.
For each person, security entails something different. Some of us will be afraid of the hackers, some of us will realize that the hackers would have no reason to do anything involving us. Some of us will be afraid of computer viruses, some of us will not worry about it since they always have protection against viruses in place. Some of us will always be afraid of the Internet, no matter what security measures are put in place, some of us will never worry about security and will use the Internet for whatever we feel is proper. Overall, the Internet is a global force with which nothing compares and nothing can be compared. Security on the Internet is, therefore, a powerful and important feature that must be attended to and nourished as the cyber-world and real world merge and interact with more frequency.