Short Assignment: System
Evaluation
by Anne Bauers for INLS
187
May 5, 2003
Personal Laptop
Security
Antivirus Software
System Vulnerability
Physical Security
Recommendations
I found this assignment the most intimidating in this course; although I feel comfortable evaluating information security at a conceptual level, I don't have a lot of experience evaluating actual systems. Since this is true, I thought my laptop could probably use a thorough evaluation.
I have an IBM A24 Thinkpad laptop with a Pentium III processor and 256 MB of RAM, which is running Windows 2000 Professional. I connect to UNC's wireless network using a Cisco wireless card, and use a 56K modem to connect to the Internet from home. I bring my laptop with me wherever I go on campus. I use Netscape Messenger for email and generally connect to the Internet using Netscape 7.0, which I downloaded from the UNC Shareware site. I protect my laptop using Agentium's Outpost firewall, which I installed for the Software Evaluation assignment.
To evaluate my laptop system's security, I developed three criteria: antivirus capability, system vulnerability, and physical security.
Since my laptop routinely connects to the Internet, and the possibility of becoming infected with a virus is always present, I thought it was important to evaluate the effectiveness of my antivirus software. I run Norton AntiVirus Corporate Edition v. 7.50, which was included in my system install. I update my virus files using the LiveUpdate feature; I had the latest virus definition file when I ran this evaluation. A full scan of my PC is set to run automatically once per month. However, I don't routinely leave my laptop on if I am not using it, and sometimes stop the scan if it interrupts my work.
To evaluate the vulnerability of my system, I accessed the free Portscan software to evaluate if I had any open ports that crackers might exploit. Portscan scans many of the most commonly used ports and indicates if they are open and if a banner is available. A banner allows services to identify themselves whenever a connection is established. This allows crackers to identify what services are running on a PC. The results of my portscan are outlined below; none of the most commonly-used ports were open, and no banners were available.
| Port | Status | Banner/Remark |
|---|---|---|
| 21 | closed | (no banner available) |
| 22 | closed | (no banner available) |
| 23 | closed | (no banner available) |
| 25 | closed | (no banner available) |
| 53 | closed | (no banner available) |
| 80 | closed | (no banner available) |
| 110 | closed | (no banner available) |
| 119 | closed | (no banner available) |
| 139 | closed | (no banner available) |
| 161 | closed | (no banner available) |
| 443 | closed | (no banner available) |
| 901 | closed | (no banner available) |
| 1080 | closed | (no banner available) |
| 1243 | closed | (no banner available) |
| 3128 | closed | (no banner available) |
| 27374 | closed | (no banner available) |
My laptop PC encounters physical security challenges each day I carry it to school. These physical challenges arise both from the danger of the laptop being stolen and from the danger of physical damage. In general, I do not leave my laptop unattended and I don't place it in my locker. However, I do sometimes leave it in the lab attended by a friend while I take a short break. The dangers to my PC from physical damage are perhaps more significant. My padded laptop bag broke recently, and I have been carrying the computer in an unpadded backpack for several weeks. I recently had to replace the plastic tabs that lock the screen into the main part of the computer; they had snapped off when I dropped my backpack. Fortunately, I have an insurance policy that covers this sort of minor repair.
My recommendations to improve the security of my system do not include any radical changes; rather, I think I will reap great security benefits from implementing a few simple changes.
Antivirus software. I am running current and updated antivirus software; I would be well served to implement this software effectively. I plan to schedule a full system scan once per week instead of once per month; I will leave my PC on overnight when I am not using it and run the scan at that time so that it won't impact my work.
System vulnerability. My laptop performed well in the Portscan test. I believe my installation of the Outpost firewall greatly decreased the system's vulnerability. I plan to update the firewall regularly and to be an active monitor of the traffic I am allowing to access my system to reinforce the software's effectiveness.
Physical security. I should continue to be vigilant about the physical security of my laptop. I should not leave my laptop unattended at all, if possible. Additionally, I should invest in a padded laptop bag to protect my laptop and be sure to handle it gently.