Information Security February 20, 2006 - PowerPoint PPT Presentation

1 / 12
About This Presentation
Title:

Information Security February 20, 2006

Description:

Use Anti-virus and Spyware/Adware removal software. Strong Passwords ... Hoaxes. Attackers. Vulnerabilities and Exploits. Open Shares/Weak Passwords. Web Pages ... – PowerPoint PPT presentation

Number of Views:50
Avg rating:3.0/5.0
Slides: 13
Provided by: Dep53
Category:

less

Transcript and Presenter's Notes

Title: Information Security February 20, 2006


1
Information SecurityFebruary 20, 2006
  • DePaul University
  • CSRT

2
Information Security at DePaul
  • Who we are
  • Information Services
  • Business Continuity and Security (BCS)
  • Computer Security Response Team (CSRT)
  • Web Site
  • http//is.depaul.edu/security/information_security
  • Email Addresses
  • weaheart_at_depaul.edu
  • ayetniko_at_depaul.edu

3
How do I protect my computer?
  • Top Five steps
  • Update Operating System
  • Windows Automated Updates
  • Use Anti-virus and Spyware/Adware removal
    software
  • Strong Passwords
  • Firewall (software or hardware)
  • Common Sense
  • Recommended Tool
  • Microsoft Baseline Security Analyzer
  • http//www.microsoft.com/technet/security/tools/m
    bsahome.mspx

4
Who is out there?
  • Terms
  • Black Hats
  • Malicious or criminal hacker.
  • Hackers
  • A person who enjoys exploring the details of
    programmable systems and how to stretch their
    capabilities
  • Crackers
  • One who breaks security on a system
  • Script Kiddies
  • Do mischief with scripts and programs written by
    others, often without understanding the exploit
    they are using.

5
Why should we worry?
Skill Level of Miscreants
6
My computer has an address?
  • IP Address
  • An identifier for a computer or device
  • DePaul net block 140.192.0.0/16
  • 0-255
  • Port Number
  • Number assigned to an application program running
    in the computer
  • Port Numbers 0 65535
  • Web port 80
  • Connection
  • Source 140.192.79.91 (4628) ? Destination
    216.239.37.99 (80)

7
Why does a firewall help?
  • Prevents some communications to your computer
  • hopefully only unwanted traffic ?
  • Software
  • Windows Firewall
  • http//www.microsoft.com/windowsxp/using/security/
    internet/sp2_wfintro.mspx
  • Commercial/Freeware
  • Kerio, ZoneAlarm, Blackice
  • Hardware
  • Firewall Devices
  • Broadband Routers

8
How do they find my computer?
  • sudo nmap -sS x.x.x.x
  • Starting nmap 3.50 ( http//www.insecure.org/nmap/
    ) at 2006-02-20 0957 CST
  • Interesting ports on (x.x.x.x)
  • (The 1654 ports scanned but not shown below are
    in state closed)
  • PORT STATE SERVICE
  • 135/tcp open msrpc
  • 139/tcp open netbios-ssn
  • 1025/tcp open NFS-or-IIS
  • 5000/tcp open UPnP
  • 5101/tcp open admdog
  • Nmap run completed -- 1 IP address (1 host up)
    scanned in 0.956 seconds

9
A typical day
  • Scanning logs
  • Jan 19 001523 CST 2006Number of scans 15639
  • Destination Ports
  • Total     Port
  •    
  • 175      445 Windows (File Shares)
  • 592     139 Windows (File Shares)
  • 867     1433 MS-SQL - slammer worm
  • 8571      135 Windows (RPC
    Vulnerabilities)

10
What do they want?
  • Resources
  • Storage
  • Access
  • Bandwidth
  • Launching point for attacks
  • Profitable
  • Information
  • Personal
  • Corporate
  • Source Code
  • Challenge
  • Activism
  • Political - Hacktivism

11
How do they do it?
  • Attack Vectors
  • Email
  • Attachments
  • Messages
  • Deception/Social Engineering
  • Scams and Fraud
  • Hoaxes
  • Attackers
  • Vulnerabilities and Exploits
  • Open Shares/Weak Passwords
  • Web Pages
  • Malware (Malicious Software
  • Instant Messaging, Internet Relay Chat (IRC) and
    Peer to Peer File Sharing (P2P)

12
Questions
  • Thank you
Write a Comment
User Comments (0)
About PowerShow.com