System Defense - PowerPoint PPT Presentation

1 / 18
About This Presentation
Title:

System Defense

Description:

System Defense. Defending Home Networks. Introduction. Computer Security ... Best Newsletter - http://www.neohapsis.com/. http://www.cio.com/research/security. ... – PowerPoint PPT presentation

Number of Views:42
Avg rating:3.0/5.0
Slides: 19
Provided by: Fin120
Category:

less

Transcript and Presenter's Notes

Title: System Defense


1
System Defense
  • Defending Home Networks

2
Introduction
  • Computer Security
  • What its not
  • Person, Place or Thing
  • What it is
  • Independent
  • Of Network OS
  • Of Host OS
  • Of Application
  • Process
  • Achievable

3
Why Computer Security?
  • Data Integrity
  • Confidentiality
  • Availability
  • Non Repudiation
  • Identification
  • Authentication

4
Identify Risk
  • Physical Access
  • Humans
  • Application Runtime
  • Browser
  • Email
  • IM
  • Network Access

5
Risk Vectors
6
Defend Yourself
  • Know your system
  • What it is
  • Whats on it
  • What Changes on it
  • Who is using it
  • Who can use it
  • Patch vulnerabilities

7
The Onion of Security
8
File System
Physical Protection
BIOS Password
File Integrity
Anti Virus Scanner
File System Encryption
9
Host Defenses
Host based Firewall
Host based IDS
Configuration Management
Auditing
Patch Maintenance
IP Restrictions
Backup
10
Application Defenses
Configuration
Patch
Encrypt
Auditing
Access Control
11
LAN Defenses
LAN Based IDS
Ensure Hosts Authenticate
Router Based ACL
12
WAN Defenses
Firewall
Implement NAT
Router Based ACL
Filter Both Directions
13
Resources
  • Firewalls
  • Linux
  • Back it up with an IDS
  • Tiny Firewall www.tinysoftware.com
  • Zonelabs www.zonelabs.com
  • Netscreen - www.netscreen.com

14
Resources
  • IDS
  • Port Sentry - www.psionic.com
  • Snort www.snort.org
  • AracNIDS - http//www.whitehat.org

15
Resources
  • Configuration advice
  • Microsoft www.microsoft.com/technet/treeview/def
    ault.asp?url/technet/security/tools/tools.asp
  • Linux www.cert.org/security-improvement/index.htm
    l
  • Benchmark www.cisecurity.org

16
Resources
  • Vulnerability Awareness.
  • www.securityfocus.com - Bugtrak.
  • www.nessus.org Nessus Scanner.
  • www.sans.org/top20.htm - SANS/FBI Top 20
    Vulnerabilities.
  • www.cert.org - Carnegie Mellon CERT.
  • www.nipc.gov/warnings/computertips.htm - The
    National Infrastructure Protection Center.
  • Best Newsletter - http//www.neohapsis.com/.
  • http//www.cio.com/research/security.

17
Resources
  • Encryption
  • OpenPGP www.openpgp.org
  • File integrity
  • MD5
  • Tripwire - www.tripwire.com/products/linux/
  • www.tripwire.org
  • Port Scanner - NMAP www.nmap.org
  • AV Software - McAfee
  • Pest Patrol

18
QA
Write a Comment
User Comments (0)
About PowerShow.com