Phalanx Consulting Inc | Calgary Web Design - Web Hosting
Tuesday, 13 May 2008 :: Home arrow Articles arrow Quick Tips for Securing Windows XP, Part 3: The Security Impact of Software Monoculture
Home
Articles
News / Portfolio
IT Related Links
Other Links
Site Login
Contact Us
Services
Web Design
Web Hosting
Graphic Design
IT Consulting / Support
LCD Display Advertising
Promotional Items
Latest News
Calgary Business Hall of Fame
Cemblend Systems Inc
Calgary Rental Properties
Reliant Homes
Evolution Homes
Majestic Homes
Deerfoot Rental - Volvo Rents
Genesis Builders Group
The-Garage.ca
AAAF Website Re-design
PDL Mobility
View All
Visual Candy a division of Phalanx Consulting Inc. | Digital Displays / Signage, Graphic Design & Media Services
Visual Candy a division of Phalanx Consulting Inc. | Digital Displays / Signage, Graphic Design & Media Services
Quick Tips for Securing Windows XP, Part 3: The Security Impact of Software Monoculture PDF Print E-mail

This is the third part of the overview (introductory) section of our series that deals with securing standalone Windows XP machines. This information does not apply to Windows machines that are part of a corporate network with Active Directory, etc. Corporate security is an entirely different issue, and will be addressed in the future, as well as in the many related articles we already have in this Guide. For now, this will give a brief refresher for those of us who have one or more standalone machines at home, at a small office, etc. that are not secured via corporate policies. In these first three intro sections, we will merely hit the highlights. Future updates along these threads will delve into each of these subjects in greater detail.

In this section we discuss the security impact of software monoculture or "inbreeding," address 3rd party game mods, and pause to remember backups.

The Genetic Perils of Monoculture

There is a reason you can’t marry your biological sister. Your kids would be mentally challenged, overrun with rare medical disorders, and subject to horrible diseases. Thanks to normal Darwinian evolution, the frequency of severe genetic diseases, by natural selection, are gradually weeded out of the population. However, when we intermarry with people genetically similar to us, the chances of activating a recessive (defective) gene goes up astronomically. Those are the lessons that the irrefutable mathematics of genetics teach us.

In fact, it is not always the best idea even to marry a first cousin. Better yet, try to marry someone outside of your town or province. Ideally, marrying someone of a completely different race and skin color will produce the strongest offspring. The offspring from such a genetically diverse union will be more robust, more talented, and freer from genetic disorders.

This genetic lesson from biology can also help us in computer security. For example, when we use software monoculture, we weaken our natural defenses. When everyone uses the same operating system, browser, and email client, the Internet becomes far more susceptible to crippling viruses, worms and other malware.

For example, suppose you use Microsoft for all of your main tasks. You have Windows XP as your platform. Your browser is Internet Explorer, and your email client is Outlook. You fetch email from an Exchange server, and you open attachments containing Word, Excel or Power Point documents. Your database is Access or Microsoft SQL. Your publications are written in Publisher, and put online via Front Page onto an IIS web server. You use Windows Firewall and OneCare for protection.

The main problem with the above scenario is that you have all your software from a single vendor. Worse, many other people on the Internet do, too. Malware writers know that this is going to be the most common configuration. They want to infect as many systems that they can, so they’ll go for what the majority uses. Thus, they do their research and development to test their malware against the exact configuration that you happen to have.

So how do you mix it up? How do you add a little "genetic diversity" to your configuration? There are simple ways to start. For example, look for an alternative (preferably open-source) browser and email client. One free product is Mozilla, which has an integrated browser and email client. Thus, you will be freed from IE and Outlook.

These two applications in particular, IE and Outlook, are infamous for the sheer number of vulnerabilities they have had over the years. So making that simple change to Mozilla’s browser and email client will immediately protect you from the majority of common malware threats. You’ll me immune from many worms which propagate through Outlook and infect Windows XP. Of course, this is just a start. Diversifying your applications in this way eliminates the software "inbreeding" that weakens your overall, layered security scheme. What we’re saying is: when it comes to software, don’t marry your sister.

Avoid Closed-source, 3rd Party Game Mods

One thing that we as users don’t think about too often are third-party game mods. For example, you may spend hours developing policies, tuning your windows XP system, and working hard to implement a rock-solid, home security network. However, when you install a video game from a trusted source, you assume that it is going to be a secure application [md] and it usually is. However, we don’t always think about the source of third-party add-on game mods.

For instance, suppose you want to play capture the flag on a first-person shooter. Okay, that is a pretty common game mod, so is likely to be either open source, or at least tested widely enough to be secure. However, suppose you now want to try a paintball mod. This may be written by a single author or a small group of authors, and the user base might not be wide enough to have tested it properly for security. In fact, it would be very easy for a third-party game mod author to Trojan his mod.

It’s something that we don’t often think about in gaming. Who’s really writing these modifications? We know that mods often install with a high level of priority and access to the underlying operating system. So it’s something we should think about carefully. If you have a mission-critical computer, it would be best to avoid any third-party mods unless you can absolutely ensure the integrity and security of them. In other words, if you’re going to be doing gaming with untested or possibly insecure game mods, it would be best to use a dedicated gaming system, with appropriate isolation from the rest of your network.

Remember When We Used to Make Backups?

Another area on which we as home users often slack off is making backups. Backups are one of the most critical cornerstones of a complete information security scheme. You may spend a lot of time testing and evaluating firewall software, antivirus software, and encryption software, but what about backups? Do you have a regular plan for backing up your data? Are the backups off-site? Are the backups encrypted in transmission? Are they scheduled monthly, weekly or daily, according to the volume of your work and the need for security? These are the questions that are essential to answer in order to preserve the confidentiality, integrity, and availability of your data.

For a quick and dirty way to back up your data, you can use a low cost program such as WinZip. WinZip will archive and compress your files for backup, as well as allowing you to use 256 bit AES encryption. WinZip encryption has not been broken to date, even by companies such as Elcomsoft, who specifically target such archives and encryption. There are also a number of third-party tools, and even the built-in Windows XP backup method is that you can use. The important thing is that you’re able to recover from a disaster such as a corrupted disk or a network worm quickly and easily.

Next time: Rootkits and free security tools.

 Written by Cyrus Peikari and Seth Fogie
 

 
 
Copyright © 2008 Phalanx Consulting Inc.
Calgary, Alberta Canada Web Development, Design & Hosting - Graphic Design & Visual / Digital Displays

Advertisement