Thread: Computer security Win/Mac OS :: Passwords, common threats, spywear
View Single Post
Old 13-09-2008, 21:14   #8
-Jon- -Jon- is offline
Новенький
 
-Jon-'s Avatar
 
Join Date: Sep 2008
Location: Scotland
Posts: 18

Computer security :: Defence (General)
I have moved these sections to a general topic because their really the same for all systems.
And I dont want write the same thing twice. Also it makes reading things easier if it isnt in one big chunk of text.


::: Access Control :::
- What is a user accounts
- What types of user accounts are their

::: Defending your Computer :::
- Common sense, or is it?

::: Maintaining your computer :::
- Backups

------------------------------------------------
::: Access Control :::

-What is a user accounts-

Security feature. Each user on a network has a user account. This account determines what name the user uses to log in to the network, the groups the user belongs to and what trustee assignments the user has. User accounts are maintained by the network supervisor.

For example your account here on this forum and anywhere else it what a system can use to identify you and give you access to the things you need. Like your PMs and when you post the post appears with your name and signature/avatar etc.
A user account makes life easier. for example, would you be able to recognise people if all you saw was their user ID number...? Do you know who member 1649 is...? You dont unless you look it up http://www.tatu.ru/forum/profile.php...profile&u=1649 the forum also dosnt know who that is but it dosnt need to all it needs toknow is the user id because then it can look at the user account. Your account stores other informtion about you, most of which you will recognise as things you use but of it you will have no control over as its used by the system.
This is what a default phpBB user account table stores.

  • user_id
    user_active
    username
    user_password
    user_session_time
    user_session_page
    user_lastvisit
    user_regdate
    user_level
    user_posts
    user_timezone
    user_style
    user_lang
    user_dateformat
    user_new_privmsg
    user_unread_privmsg
    user_last_privmsg
    user_login_tries
    user_last_login_try
    user_emailtime
    user_viewemail
    user_attachsig
    user_allowhtml
    user_allowbbcode
    user_allowsmile
    user_allowavatar
    user_allow_pm
    user_allow_viewonline
    user_notify
    user_notify_pm
    user_popup_pm
    user_rank
    user_avatar
    user_avatar_type
    user_email
    user_icq
    user_website
    user_from
    user_sig
    user_sig_bbcode_uid
    user_aim
    user_yim
    user_msnm
    user_occ
    user_interests
    user_actkey
    user_newpasswd


And thats what you need to have before you can have an account on this forum, that will function correctly.
And hopefully after explaining this a little and showing you what your forum account stores you will have a good idea about user accounts.

-What types of user accounts are their-

Their are normaly two types of acounts on a computer system.

Administrator accounts also called 'root' or 'superuser' accounts. These types of accounts are used to control the system. They have unrestricted access to all functions in the system and can do anything.
User accounts these are what normal users have. They are restricted accounts but thats a good thing, because most users dont need to and shouldnt be able to delete other users or view their files unless they have permission. Everyone should use a normal account when using their computer and not an admin account. If you have the authority to delete other users, then if someone gets into your computer so do they.

You also get guest accounts these are normally even more restricted than typical user accounts and are only their to give anyone quick access to the system.

I will also talk a little about user groups since its relivent here. In both windows and this forum their is an option to group users, a user might an admin or a normal user but when they are in a group they also gain any privelage that is assigned to that group. For example forum moderators are essentially normal users with extra privelages that can be given to them individually or given to them when they are added to a group.
Even now you have been added to a usergroup that has the privelage to view this development forum.

----------------------------------------------
::: Defending your Computer :::

-Common sense, or is it?-

Have you ever heard of someone getting conned out of all their money and though. Thats so obvious it wouldnt ever happen to me. You might be right, and you might be as paranoid (but in a good way) about online threats. But if you got an email and it looked like it came from 'jam_one@tatu.ru' and said, "you have a new private message click this link to read it : http://www.tatu.ru/forum/privmsg.php?folder=inbox
How many of you click the link, then login and read the message? Was that tatu.ru you just logged into....? How would you know if I wrote a program on that page that took your name and password saved it, logged into tatu.ru and then redirected you to your actual inbox.
And agian im just using the forum as an example a simplething like this is so easy to set up, emails are so easy to fake. What you should do is go to the actual site and login. But it is not only the forumthis can happen, it can happen anywhere. Their are even programs out their that use fake login screens on you PC and record the information.
So while we all have a little common sense you have to be extra carefull. Especially now people have another reason to target you.
Hopefully the Moderators and Administrator of this forum already know this.

One final thing I would like to point out is. When downloading something, can you trust where it came from? You should always scan anything you download or recieve from smoeone. "Before you open it" Even if you know them. I mean have any of you downloaded The game I made, or the fanmap program, or even the media player skin. From another site and used it. That site could have easily attached a virus to the file and now its on your computer. And you cant blame me for that, that what they do. They look for things people would want to download and they attach viruses or anythingto them in the hope youwont scan it before you play it, or use it.

---------------------------------------------------
::: Maintaining your computer :::

-Backups-

You dont back up, I dont back up, nobody really can be bothered to back up.... Boom your computers down you lost everything. Backups are important. If you backup your files then you can reinstall your computer with no worries and you dont need to spend lots and lots of money on data recovery people.
In business a typical backup policy is the 'child, parent, grandparent' policy. The child is the most recent backup and whe it is time to mke another backup you overwrite the grandparent, it becomes the new child, the child becomes a parent and the parent becomes the new grandparent.
This way you always have three consistand backups of your system. And no you dont keep them in the same place and no you dont keep them where peoplecan easily get them. It is also important to keep your backups safe because its your private data and if possable keep atleast one in another location incase your building burns down.
External hard-drives are coming down in price and they are a good solution. It wont be long now before we will be able to afford a Blu-ray or HD-DVD drive and then bcking up will be even easier.
~~~~~~~~~~~
Read This -> www.tatu.ru/forum/viewtopic.php?t=1163

TA Chatroom - Come and say Hello
The best times to check the chatroom are:
- 8am GMT
- 4pm GMT
- 11pm GMT (I am normaly online at this time)
  Reply With Quote