Windows Security

Introduction

Windows systems are becoming the targets for many hackers in the world. There has been a rise in the attacks which are targeted at Windows of late. In today's world business connectivity is crucial. In an organization where computers, and hence user, are connected through networking has much better productivity and is able to make decision much more quickly and reliable. These benefits are achieved through connectivity and sharing of information and resource. By connecting to network, users are able to communicate with each other through the use of instant messengers as well as email while also sharing files. Also, through networking, it is possible to share hardware resources such as Hard Drives and Printer which makes the use of resource much more efficient.  In many organizations, computers connected through network also share a single connection, which otherwise would only be available on one computer (Smith, 2000).

Configuring Windows SSL

This is a set of rules that provide security over TCP/IP networks for communication using cryptographic methodology so as to also attain data integrity. Cryptography involves encryption and decryption of the information in form of plain text. This protocol therefore can dictate and bring about secure communication between two endpoints such as two computers transacting via the internet. Microsoft, IBM and Netscape are some of the companies using SSL as part of its secure channel (Hontanon, 2001). SSL is implemented over the network model, it provides authentications and confidentiality for information therefore identity and non repudiation are ensured. Data integrity is adhered to since it can't be altered at storage or during transit.

The procedures for setting SSL certificate for windows is shown thus:

• On your windows server, open Internet Service Manager Microsoft Management Console (MMC). To reach to this, go to Start>Programs>Administrative Tools>Internet Service Manager.
• In this place you then double click the server names so that you are able to have a look of all the websites.
• On the website that you are interested, right click on it and click properties>Directory Security
• At this step you will be presented with three methods of security. We are interested in secure communications.
• Click on Server Certificate>Next>Create new certificate>Next>Prepare the request now, but send it later>Next
• Give a name for the certificate that you are creating. Do not specify the SGC certificate unless it is absolutely needed.
• Give the name and other details of the organization you are setting the certificate for.
• In the Common name question, you can give the Fully Qualified Domain Name (FQDN).
• Give the path and the location
• Verify the information that you have submitted and click next.
• Click finish in the Completing the Server Certificate Wizard dialog box.
• Click ok to close the Website properties.

To submit the certificate that you have just created, follow the steps that are outlined below:

• Open the browser and in the navigation bar type http://nameofyourserver/certsrv/.
• Click on Request Certificate>Next>Advanced Request>Submit a Certificate using a Base64>Next.
• Open the document that you created in notepad in the first procedure section and then click on Create a Certificate Request
• Copy the content and paste it in the Base64 Encoded Certificate Request. After this, click on Submit.

Procedures for windows patching

Patches are the security updates and tools that major software companies, especially Microsoft, post on their website to help fight with the viruses that are released everyday. It is important to have the latest patches to ensure that the system is safe all the time (Garfinkel, Spafford, & Schwartz, 2003).

To patch the system, make sure that you have the following requirements:

ü    Have Internet connection

ü    Have firewall installed on the computer

ü    Have anti-virus installed on the computer

If you have the above requirements intact, have an internet connection and get the latest release of the antivirus updates of your vendor. After updating your antivirus, make use the anti-virus to identify the viruses and Trojans that are there in your machine. Make sure you only identify. Don't delete anything because these could be part of the system files. If you happen to delete any of windows files, you will not be able to reboot the system. After identifying the viruses and the Trojans, go to the antivirus website and get information about these viruses. After this, download any critical security update for the system (Strebe, 2004).

Monitoring using event logs

All Windows versions have the capability of recording the event logs concerning the security. In a Windows environment, this capability will enable for security monitoring basics. Given the fact that this is dispersed in many windows, it is recommended that other tools be used so that the use of the event logging is proactive.

Security event log in Windows use customized file formats to record security monitoring data. There is need to have a suitable program to read this information; although a text editor can be used, it does not show this information in full. The security event file resides in the %systemroot%\System32\config directory. The access is monitored by Event Log service. It is the Event Log service which enforces access controls to each log. Administrators have the full rights to access these logs (Eckstein, Collier-Brown, 2003).

There are two types of events which get recorded in the Security event log which are success audits and failure audits. The success audits are the instances in which the user or program tried out successfully while the failure audits are the events in which users or programs tried out and failed. An example is the logon activity. If a user tries to log into the system and fails, this event will be recorded in the failure audits.

Conclusion

In conclusion, Windows encounter attacks in their systems and therefore will require enough caution to be taken to secure these systems in the network too. There is the improvement of the kernel so that the firewall is used to filter the attacks so that brutal force attacks can be detected. Windows systems should be updated from time to time to ensure effective system improvement.