Practical Computer Security - PowerPoint PPT Presentation

1 / 69
About This Presentation
Title:

Practical Computer Security

Description:

Confusion over different defenses: antivirus, firewall, patches ... Symantec Norton 360. McAfee Falcon. 42. OneCare Live. 43. Firewalls. What firewall does ... – PowerPoint PPT presentation

Number of Views:226
Avg rating:3.0/5.0
Slides: 70
Provided by: markc78
Category:

less

Transcript and Presenter's Notes

Title: Practical Computer Security


1
Practical Computer Security
  • Mark Ciampa
  • Western Kentucky University
  • mark.ciampa_at_wku.edu

2
Practical Security
  • Current Status

3
Internet Security Threat Report
  • 10,866 new Windows viruses and worms (142)
  • 1,862 new software vulnerabilities
  • Average vulnerability to exploit is 6 days but
    vulnerability to patch is 54 days
  • 200,000th threat definition added to malware
    detection database (doubled in less than 2
    years)
  • Unprotected PC infected in 20 minutes

4
Identity Theft
  • 1 in 4 Americans (88 million) had digital data
    exposed in last 18 months for losses exceed 48
    billion
  • Victims spent average 330 hours to recover
  • 5.7 million phishing e-mail attacks per day (1 of
    125 e-mails is phishing)
  • 14,191 phishing Web sites July 2006 (3,326 May
    2006)
  • 2,683 Web sites pushed key-logging software

5
Trends
  • Attacks for financial gain
  • Attacks on confidential information
  • Shift away from recognizable threats to
    customizable malware
  • Cell phones and iPods target
  • Increase number zero-day attacks

6
Why Increase In Attacks
  • Speed of attacks
  • More sophisticated attacks
  • Faster detection weaknesses
  • Distributed attacks
  • User confusion

7
User Confusion
  • Confusion over different attacks worm or virus?
    adware or spyware?
  • Confusion over different defenses antivirus,
    firewall, patches
  • Asked perform technical procedures and make
    technical decisions

8
User Confusion
  • Permission to open port?
  • Safe quarantine attachment?
  • Approval your bank install add-in?
  • Education and awareness are key defenses

9
Teaching Security
  • Brief coverage of security in Introduction to
    Computers courses where teach definitions
  • Teach network security to computer majors
  • Leave out practical security for non-computer
    majors

10
Teaching Security
  • Need educate all students about practical
    computer security
  • Security Literacy Why and how to make
    personal systems secure
  • Users should be as fluent with security literacy
    as with Office or e-mail

11
Practical Security
  • What every user should know
  • Attacks and defenses
  • Where included in curriculum

12
Practical Security
  • Attacks

13
Attacks
  • Viruses
  • Worms
  • Denial of Service
  • Backdoors
  • Phishing
  • Spyware adware
  • Rootkits
  • Hidden data

14
Virus
  • Must be attached to e-mail, file, etc.
  • Malicious intent
  • Virus evolution

15
Worm
  • Not attached but spreads by itself
  • Exploit system vulnerability like buffer overflow
    or flawed protocol

16
Worm
  • Consume system resources
  • Modify system configurations
  • Install backdoor program
  • Create zombie to launch Denial of Service (DoS)

17
Denial of Service
  • Overwhelms system resources
  • Prevents legitimate users from accessing system
  • Distributed DoS attacks

18
Denial of Service
19
Backdoor
  • Virus and DoS disrupts but backdoor provides
    avenue to steal
  • Allows attacker to secretly access system
  • Listen for commands on open ports

20
Phishing
  • Online scam
  • Tricks user into disclosing personal info like
    credit cards
  • Uses spoofed e-mails or popups to direct users to
    fraudulent Web sites

21
Phishing
22
Phishing
23
Phishing Examples.
  • survey.mailfrontier.com/survey/quiztest.cgi
  • www.antiphishing.org/phishing_archive.html
  • http//www.millersmiles.co.uk/archives/current

24
Spyware.
  • Collects personal information
  • Monitors activity without knowledge
  • Keystroke logger

25
Adware
  • Installs a service or program
  • Spawns popups or launches Web browser to specific
    site
  • Can track surfing habits

26
Rootkit
  • Software to obtain special operating system
    privileges to perform unauthorized functions and
    hide all traces of existence
  • Causes no direct damage to the computer but hides
    presence of other types of malicious software
  • Remove traces of log-in records, log entries, and
    related processes
  • User can no longer trust operating system

27
Hidden Data.
  • Metadata - data about data
  • Hidden deletions and comments in documents
  • Test for vulnerabilities
  • Remove hidden data

28
Practical Security
  • Defenses

29
Practical Defenses
  • Passwords
  • Patch management
  • Antivirus Antispyware
  • Firewall
  • Browser security
  • Backups
  • Rootkits
  • Wireless LANs

30
Weak Passwords
  • Password paradox difficult to memorize complex
    passwords so take shortcuts
  • Short (ABCD)Short passwords easier to break
  • Common word (Friday)Electronic dictionary match
    the password
  • Personal information (Susan) Easy to identify
  • Use same password for all accounts Can access
    all accounts
  • Write password down Single point attack
  • Not changeUnlimited access by attackers

31
Strong Passwords
  • Minimum 8 characters
  • Use combination letters, numbers, special
    characters
  • Use space or nonprintable characters when
    available
  • Change every 30 days
  • Not reuse for 12 months
  • Not use for multiple accounts
  • Avoid inexpensive biometric devices

32
Password Tools
  • Password crackers
  • Online password creators
  • Create protect secure password list (Adobe
    Acrobat PDF)
  • Use password program (Password Safe)

33
Secure Password List.
34
Patch Management
  • Different types of patches
  • Install patch
  • Auto-update

35
Windows Patch Updates
36
Antivirus
  • Update
  • Scan a device
  • Test antivirus settings
  • Disinfect

37
Antivirus.
38
Antispyware
  • Install
  • Update
  • Scan a device
  • Disinfect (System Restore)

39
Antispyware
40
Antispyware
41
Comprehensive Products
  • Comprehensive, integrated, automatic
    subscription service
  • Automatic updated antivirus, antispyware,
    firewall, backup, tuneup
  • Microsoft Windows OneCare Live
  • Symantec Norton 360
  • McAfee Falcon

42
OneCare Live
43
Firewalls
  • What firewall does (close ports)
  • Network firewalls Refuse transmit inbound
    packets based on source IP or domain
  • Personal firewalls Only open ports for
    user-approved applications

44
Firewalls
  • Configure Windows Firewall
  • Check exceptions
  • Test firewall

45
Check Firewall
46
Test Firewall
47
Browser Security
  • Clean up
  • Delete cookies
  • Delete temporary Internet files
  • Clear cache
  • Clear history
  • Clear Autocomplete

48
Browser Security
  • Set security zones
  • Privacy (cookies)
  • Content page restrictions
  • Individual settings

49
Browser Tools
  • Drop My Rights
  • VMWare Player
  • Application Sandboxes

50
Browser Tools
  • Application sandboxes have small footprint (lt1
    MB)
  • Allows HHD read functions
  • Intercepts HDD write operations
  • Redirects writes to transient storage container
  • Run browser in sandbox and isolate any malware

51
Browser Tools.
52
Backups
  • What to backup
  • What media to use
  • Frequency
  • Where be stored

53
Backup Media
  • CD-R or DVD
  • Internet storage
  • Network attached storage (NAS)
  • Portable USB drive

54
Backups
55
Rootkits.
  • Sony BMG Music
  • Cannot remove rootkit
  • Rootkit detectors

56
Does Wireless Security Matter?
  • Get into any folder set with file sharing enabled
  • See wireless transmissions
  • Access network behind firewall can inject malware
  • Download harmful content linked to unsuspecting
    owner
  • Security begins at home

57
WLAN Defenses That Dont Work
  • Hide my network (Disable SSID beaconing)
  • Restrict who can join my network (MAC address
    filtering)
  • Encrypt transmissions (WEP)
  • Use advanced security (WPA)

58
Steps Protect Personal Wireless
  • Install Microsoft Hot Fix (KB893357)
  • Update Intel Centrino drivers
  • Turn on WPA2
  • On older equipment use WPA
  • MUST use 20 character WPA passphrase
  • Turn on wireless VLAN

59
Set WPA2 on AP
60
Set WPA2 on AP
61
Set WPA2 on Device
62
Show WPA2
63
Turn on VLAN
64
Baseline Security Analyzer
65
Practical Security
  • Where Teach Security Literacy

66
Where Teach?
  • CIS Curriculum Integrate into all courses
    programming, Web development, applications,
    networking
  • Intro to Computers Make Practical Security key
    topic with supplemental text

67
Where Teach?
  • Introduction to Business Ethics Practical
    Security 1-hour course required all business
    majors
  • Continuing Education Course for community
    patrons

68
Textbooks
  • Security Awareness Applying Practical Security
    in Your World, Second Edition by Mark Ciampa
  • Course Technology (ISBN 1418809691)
  • Publication date - February 2006

69
Practical Computer Security
  • Mark Ciampa
  • Western Kentucky University
  • mark.ciampa_at_wku.edu
Write a Comment
User Comments (0)
About PowerShow.com