This post is a bit late and should have been posted a month ago, but I got behind and then other things got in the way.  Sorry.

During the September PLUG Hackfest Presentation meeting, I volunteered to bring in a Windows 7 laptop to be the Flag during the October 2nd open lab hacking session (Capture the Flag).

I took one of my spare laptops and configured Windows 7 Ultimate 64-bit Edition with the following configuration:

  1. Default Installation
  2. Left all default accounts and settings including initial user created was local admin (used a 20 character passphrase for my password)
  3. Installed all the latest patches and updates from Windows Updates
  4. Installed Security Essentials (and all updates)
  5. Installed local HP printer driver
  6. Joined computer to Home Group and enabled sharing of Picture, Documents, Printers, Music and Videos.  I verified that all of the afore mentioned were accessible from other computers in the Home Group.
  7. Installed Foxit PDF Reader 4.2
  8. I enabled Remote Desktop (secure connections only)
  9. Configured Media Center for local playback and remote playback

When I connected to the Wireless network at Gangplank on Saturday, I configured the network as a Public network and proceeded to surf the Internet (actually, my son did this part of the “work” for me).  The folks in attendance used their Linux based hacking tools to attempt to hack into my Windows 7 machine.  After about an hour, I changed the settings for Remote Desktop to allow any connections.  After 3 1/2 hours, no one was able to successfully hack into my Windows 7 machine.  At the very end, we explored the “social engineering” aspect of hacking and Lisa (group leader) created a PDF document that had hidden code embedded into the document and saved it to a thumb drive.  I attempted to open the PDF using Foxit Reader and was notified by Foxit Reader that the document was attempting to execute code and was blocked.

Key Learnings

  1. Using a secure password is very important
  2. When connecting to public networks (WiFi or Wired), the connection should be configured as Public
  3. Make sure to use secure settings for PDF readers
  4. Don’t enable the Guest account
  5. Don’t install a bunch of services that exposes the computer to remote access
  6. Leave User Account Control enabled

Conclusion

Windows 7, by default is locked down and secure.  If we follow common sense and leave the security settings in place, we should be secure.

Harold Wong