How to Exploit the Vulnerability of a Missing Patch Using Metasploit
How to Crack iOS Passwords
A Case Study in How Hackers Penetrate Network Infrastructures

How to Use Operating System Security to Prevent Getting Hacked

You can implement various operating system security measures to prevent hacks and ensure that passwords are protected. Regularly perform these low-tech and high-tech password-cracking tests to make sure that your systems are as secure as possible — perhaps as part of a monthly, quarterly, or biannual audit.

Windows

The following countermeasures can help prevent password hacks on Windows systems:

  • Some Windows passwords can be gleaned by simply reading the cleartext or crackable ciphertext from the Windows Registry. Secure your registries by doing the following:

    • Allow only administrator access.

    • Harden the operating system by using well-known hardening best practices, such as those from SANS (www.sans.or), NIST (http://csrc.nist.gov), the Center for Internet Security Benchmarks/Scoring Tools (www.cisecurity.org), and the ones outlined in Network Security For Dummies by Chey Cobb.

  • Keep all SAM database backup copies secure.

  • Disable the storage of LM hashes in Windows for passwords that are shorter than 15 characters.

    For example, you can create and set the NoLMHash registry key to a value of 1 under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa.

  • Use local or group security policies to help eliminate weak passwords on Windows systems before they’re created.

  • Disable null sessions in your Windows version.

  • In Windows XP and later versions, enable the Do Not Allow Anonymous Enumeration of SAM Accounts and Shares option in the local security policy.

Linux and UNIX

The following countermeasures can help prevent password cracks on Linux and UNIX systems:

  • Ensure that your system is using shadowed MD5 passwords.

  • Help prevent the creation of weak passwords. You can use either the built-in operating system password filtering (such as cracklib in Linux) or a password-auditing program (such as npasswd or passwd+).

  • Check your /etc/passwd file for duplicate root UID entries. Hackers can exploit such entries to gain backdoor access.

blog comments powered by Disqus
Banner Grabs Can Give a Hacker Information to Attack E-mail
Tools to Prevent Network Hacking
How Keystroke Logging Can be Used to Hack Passwords
How to Detect and Guard against VoIP Security Vulnerabilities
Cross-Site Scripting Hacks in Web Applications
Advertisement

Inside Dummies.com