Operating System Install And Defence Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

To have a perfect running computer system one needs to ensure that only the essential services are running and this can only be done through a clean install. Normally before the manufactures releases a computer system to the market they install additional software, such as the manufactures tools. Therefore to remove such software one has to perform clean installation, although the process can be time consuming it is very important. Another additional benefit that comes with the process is that it guarantees one to have all the skills and software needed to reconstruct the computer incase there is a need to do so. This should be the first step in disabling non-essential items not used when securing the network management process.

If one does not need to do the clean up then the main process of performing a disable of non essential items begins with setting up a defense against attacks on the computer. At this stage one can use the Detector's whose main objective is to make a decision in case an attack occurs. Where there is a developed prototype the following method is used in case the detector shows that there is a DDoS attack .It encodes its decision then N addresses the attack hosts to filter and investigator.

The filter then takes up its purpose which is to remove the traffic on basis of the information given by the detector. If it is established that the network is under an attack then filter starts to remove the packets from the said hosts. After the filtration then the investigator identifies and defeats the attacking agents.

The user presses on a particular combination of keys (a hot key) like Ctrl+Shift+P while the background program in the random access memory (RAM) of the computer waits. Then Immediately the programs that were idle come back into life.

The user should then perform Terminate - and- stay- resident (TSR) which is a call to the computer system in the DOS. This call brings back control to the system just as if the program has stopped, and still maintains the program in memory. Examples of performed functions that the user can use TRS include instant calculators, address book or even the small notepad.

A process is a background program in Microsoft windows like svchostexe.The work of the process is to provide a function to the operating system as shown by the function name such as Appmgmt.

The name of the service is then displayed so that the user can view. It gives a comprehensive description, such application management. One particular process can have an outcome of many services. The services are put into diverse categories which include:-

1. Manul

2. Automatic

3. Disabled.

In addition to preventing attackers from linking up leering code to services, disabling nonessential services obstructs entries into the system.

Then the user datagram protocol (UDP) which is among the core members of the internet protocol suite provides for connectionless TCP/IP transfer. The UDP does so by using a simplistic transmission model without implicit hand shaking dialogue for providing reliability, ordering, or data integrity.UDP is used often in applications that are time sensitive since dropping packets is seen as a better option compared to waiting packets which might not be an option at last. At the network interface level incase error correction facilities are needed then an application could use the Transmission Control Protocol or stream control transmission which perform this purpose. The stateless nature of UDPs is also very useful for servers which respond to small questions from large number of clients.

Both the TCP and UDP are put in a list of internet socket port numbers. The sockets in this case form a mechanism for delivering new data packets to appropriate application process, based on a combination of local and remote IP and port numbers.

A colon is used to separate the IP address from the port number, as in 19414611920:50

After disabling the non essential items then a hardening process is required in order to reduce vulnerabilities. To protect against attacks a hardened system is configured and updated. The three main categories that should be hardened include the:-

Operating system


Applications run by the operating system.

The process of securely configuring the system against unlicensed access, hackers or any security vulnerabilities is referred to as operating system hardening, this process enables the computer to be more reliable efficient and above all gives it an optimized performance. Therefore the main purpose of system hardening is to minimize security risks and non essential items. It is normally done by uninstalling unnecessary programs, installing antivirus, insatallation of firewall and having an updated operating system .where advanced system hardening is required the user should do a reformatting of the hard disk ,disable the quest account, enable auditing, rename the administrator account and create secure password for all the other users

Apart from disabling non essential items system hardening is also beneficial in faster recovery in case of system failure. The operating systems are intended to be dynamic therefore as the needs of the users change a new hardware should be introduced. The user must update the operating systems as regularly as possible

After duration of two to four year a new version of operating system is released by the vendors, they use particular terms to stand for the diverse types of updates. The most broadest and complete update is provided by a service park. The hot fix corrects particular software problems although it addresses security issues. Security flaw can be fixed due software update and this could be released either on regular or in irregular basis, depending on the support team or vendor.

Restricting user access is another way of hardening an operating system; the users can generally be given permission to have an access to a given folder (directories in DOS and UNIX/Linux)

A Microsoft window gives a provision for centralized way of security definition on the Microsoft management console (MMC)

It is an asset of windows which accepts extra components (snap-ins)

One can transfer the setting to a group of computers after applying security templates that organize

the security settings.

It is important that in the same way you harden the operating system you also harden applications used to run it. Although not with the same frequency service packs, hotfixes, and patches are generally available for most applications.

Server hardening is the process of making baselines in the security on the server in your organization. Windows server 2003 default configurations are not manufactured with security as a primary attention. However a default installed computer is made for communication and functionality. In order to ensure server protection one must come up with a solid and complicated security measures for the different types of servers within an organization. The servers are hardened in order to prevent attackers from gaining access to the software.