The University of Arizona - PowerPoint PPT Presentation

1 / 55
About This Presentation
Title:

The University of Arizona

Description:

... file sharing (like KaZaA or Gnucleus) or through direct download of a malicious program ... Sophos Anti Virus (free to all UA affiliates) ... – PowerPoint PPT presentation

Number of Views:183
Avg rating:3.0/5.0
Slides: 56
Provided by: Meli304
Category:

less

Transcript and Presenter's Notes

Title: The University of Arizona


1
The University of Arizona
Beginners Guide to Computer Security
Security Awareness Brown Bag Series Sponsored by
the Information Security Office
2
Objectives
  • Provide an overview of the most common
  • threats and how to build a layered protection.
  • Includes

Spam Security Tools Anti-Virus Software
Security Policies Passwords Firewalls
Encryption Laptop Security Summary
Importance Of Security Threats to Data Viruses
Trojan Horse Programs Vandals Attacks Data
Interception Scams
3
Good News Bad News
  • Internet transforms and greatly improves our
    lives
  • Opened the door to an increasing number of
    security threats from which individuals, families
    and business must protect themselves
  • Consequences of attacks can range from the mildly
    inconvenient to the completely debilitating
  • Important data can be lost
  • Privacy can be violated
  • Computer can even used by an outside attacker to
    attack other computers on
  • the Internet

4
Threats to Data
  • Come from a very small minority
  • A car thief can steal only one car at a time
  • Single hacker working from a single computer can
    generate damage to a large number of computer
    networks
  • A general knowledge of security threats and how
    to protect yourself is essential

5
Viruses
  • Most widely known security threat due to
    extensive press coverage
  • What is a virus?
  • Computer programs that are written by malicious
    programmers and are designed to replicate
    themselves and infect computers when triggered by
    a specific event
  • Example - Macro viruses attach themselves to
    files that contain macro instructions (routines
    that can be repeated automatically, such as
    sending email) and are then activated every time
    the macro runs

6
Effects
  • Benign - cause annoying interruptions such as
    displaying a comical message when striking a
    certain letter on the keyboard
  • More destructive - cause such problems as
    deleting files from a hard drive or slowing down
    a system

7
How to catch it
  • A computer can be infected with a virus only if
    the virus enters through an outside source
  • an attachment to an email
  • a file downloaded from the Internet

When one computer on a network becomes infected,
the other computers on the network or for that
matter other computers on the Internet are
highly susceptible to contracting the virus
8
Trojan Horse Programs
  • Delivery vehicles for destructive computer code,
    like a virus
  • Appear to be harmless or useful software
    programs, such as computer games, but are
    actually enemies in disguise

9
Trojan Horse Programs
  • Can delete data, mail copies of themselves to
    e-mail address lists and open up computers to
    additional attacks
  • Can be contracted by
  • copying the Trojan horse program to a computer
  • downloading from the internet or
  • opening an email attachment

10
Vandals
  • Web sites have come alive through the development
    of such software applications as ActiveX and Java
    Applets
  • enable animation and other special effects to
    run, making web sites more attractive and
    interactive

11
Caution
  • However, the ease with which these applications
    can be downloaded and run has provided a new
    vehicle for inflicting damage
  • Vandals can embed malicious software in active X
    Apps and Java applets that cause destruction
  • A vandal can destroy a single file or a major
    portion of a computer system

12
Attacks
  • Innumerable types of network attacks have been
    documented, and they are commonly classified in
    three general categories
  • reconnaissance attacks
  • access attacks, and
  • denial of service (DoS) attacks

13
Reconnaissance Attacks
  • Reconnaissance - information gathering activities
    by which hackers collect data that is used to
    later compromise networks
  • Software tools, such as sniffers and scanners,
    are used to map out and exploit potential
    weaknesses in home computers, web servers and
    applications

14
Access Attacks
  • Access attacks are conducted to gain entry to
    e-mail accounts, databases and other confidential
    information
  • Typically performed after a recon attack -
    attacker goes back to exploit the services
    discovered in a reconnaissance attack - one
    reason an attack should make you take notice

15
Dos Attacks
  • DoS attacks prevent access to all or part of a
    computer system
  • Usually achieved by sending large amounts of
    malicious connection requests or other
    unmanageable data to a machine that is connected
    to the Internet, blocking legitimate traffic from
    getting through
  • Even more malicious is a Distributed Denial of
    Service attack (DdoS) in which the attacker
    utilizes multiple compromised machines to focus
    them onto a particular host/network

16
Data Interception
  • The intercepting perpetrators might eavesdrop on
    communications or even alter the data packets
    being transmitted
  • Various methods to intercept data
  • IP spoofing, for example, entails posing as an
    authorized party in the data transmission by
    using the internet protocol (IP) address of one
    of the data recipients

17
Scams
  • Stakes are higher as they've got easy access to
    millions of people on the internet
  • Email
  • May contain a hyperlink to a web site that asks
    you for personal information, including your
    password
  • May contain a solicitation for your credit card
    information in the guise of a billing request

18
Protect Yourself
  • Never give out your password, billing information
    or other personal information to strangers online
  • Be mindful of who you're talking with before you
    give out personal information

19
Protect Yourself
  • Don't click on hyperlinks or download attachments
    from people/web sites you don't know
  • Be skeptical of any company that doesn't clearly
    state its name, physical address and telephone
    number

20
(No Transcript)
21
Spam
  • Unsolicited e-mail or the action of broadcasting
    unsolicited advertising messages via e-mail
  • Takes up time and storage space on your computer
  • Report it to your local postmaster or
    postmaster_at_email.arizona.edu

22
Security Tools
  • First, understand the threats
  • Second, put proper safeguards in place
  • Extensive choice of technologies
  • Anti-virus software packages
  • Firewalls for providing protection
  • Implement proper computer security without
    compromising the need for quick and easy access
    to information
  • Encryption
  • Password protected screen saver
  • Laptop locking devices

23
Anti-virus Software
  • Relies on early warnings of new viruses, so that
    antidotes can be developed and distributed
    quickly
  • 1,000s of new viruses being generated every
    month
  • Essential virus database be kept up to date
  • Record held by the anti-virus package that helps
    identify known viruses when they attempt to
    strike
  • Can prompt users to periodically collect new data
  • Sophos Anti Virus
  • https//sitelicense.arizona.edu/sophos/sophos.html

24
Security Policies
  • Rules and written or verbal regulations by which
    all staff, students and faculty operate
  • Often preempt security breaches
  • Customers or suppliers with access to certain
    parts of the network need to be adequately
    regulated

25
Passwords
  • Simplest and most common way to ensure that only
    those that have permission can enter your
    computer or certain parts of your computer
    network
  • Virtually ineffective if people do not protect
    their passwords

26
Passwords
  • The golden rules, or policies for passwords are
  • Make passwords as meaningless and as memorable as
    possible (h0t ala!)
  • Change passwords regularly
  • Never divulge passwords to anyone -
  • Dont write your password down. First place the
    attacker looks?
  • Sticky notes on monitor or under keyboard or desk

27
Firewall Basics
What They Do and How They Work
28
Firewalls
  • A hardware or software solution to enforce
    security policies
  • Built-in filters that can disallow unauthorized
    or potentially dangerous material from entering
    the system
  • Logs attempted intrusions

29
What Does a Firewall Do?
  • In general, firewalls try to keep people from
    remotely accessing your computer in bad ways when
    you are connected to the internet

30
How Do Firewalls Work?
  • Most firewalls are designed to allow or block
    specific types of data going to and from your
    computer to the internet
  • Allow "good" data traffic

and block all "bad" data traffic
31
How Do Firewalls Work?
  • "Good" traffic is the kind you need to do things
    like surf the web, download files, chat, share
    files, etc
  • "Bad" traffic is what hackers might do like
    steal files on your computer, use a Trojan to
    control your computer, disrupt your connection or
    network, etc

32
Computer a House With Many Doors
  • Doors (ports) are points where a person (hacker)
    can get in
  • Think of a firewall as a security guard who is
    watching each door and who is going in and out of
    the doors

33
Computer a House With Many Doors
  • The firewall makes sure only the right doors get
    opened and that only the right people (data) have
    access to your house
  • Some firewalls can also hide your house
    (computer) so casual hackers can't see it (also
    called "stealth mode)

34
What Traffic Is Good/What's Bad?
  • Experience
  • Reading
  • Learning
  • The easiest way is to start with a simple
    firewall program, see how it works and then
    graduate to more sophisticated solutions as you
    gain knowledge
  • Helpful Home Computer Security Webpage
  • http//www.cert.org/homeusers/HomeComputerSecurity
    /

35
Do Firewalls Prevent Viruses and Trojans?
  • NO!! A firewall can only prevent a virus or
    Trojan from accessing the internet while on your
    machine
  • 95 of all viruses and Trojans are received via
    e-mail, through file sharing (like KaZaA or
    Gnucleus) or through direct download of a
    malicious program
  • Some file sharing programs, such as KaZaA, now
    come with spyware installed.

36
Do Firewalls Prevent Viruses and Trojans?
  • Firewalls can't prevent this -- only a good
    anti-virus software program can
  • Install Kerio Firewall
  • https//sitelicense.arizona.edu/kerio/kerio.shtml

37
  • However, once installed on your PC, many viruses
    and Trojans "call home" using the internet to the
    hacker that designed it
  • This lets the hacker activate the Trojan and
    he/she can now use your PC for his/her own
    purposes
  • A firewall can block the call home and can alert
    you if there is suspicious behavior taking place
    on your system

38
What Is "Stealth" Mode?
  • In theory, stealth mode hides all the ports on
    your computer from being visible to others on the
    internet.
  • Some think this makes them less vulnerable to a
    malicious attack and consider it the "holy grail"
    of firewall configurations.
  • While true that your ports are "invisible", a
    "stealthed" computer really looks like a black
    hole to a hacker.
  • Data goes in but it never comes out.

39
Stealth Mode
  • A good hacker can spot this behavior - may
    actually consider it a challenge to try to break
    in as he/she wonders what's there
  • Sometimes, staying in plain sight makes you less
    attractive as a target
  • Achieving "stealth" mode with some network
    configurations (such as Microsoft internet
    connection sharing or ICS) can be very difficult
  • Stealth mode can make it difficult for the
    networked computers to "see" and interact with
    the gateway computer

40
  • Computers don't stay "stealthed". The moment you
    do something that accesses the internet from your
    end, you're "unstealthed" because data is coming
    out
  • Any hacker with a packet sniffer who knows where
    to look can tell that something's there

41
Encryption
  • Ensures that messages cannot be intercepted/read
    by anyone other than the authorized recipient
  • Deployed to protect data transported over a
    public network (internet)
  • Uses advance mathematical algorithms to
    scramble messages and their attachments

42
Encryption
  • Provides the security necessary to sustain the
    increasingly popular virtual private network
    (VPN) technology
  • VPNs are private connections, or tunnels, over
    public networks
  • Deployed to protect telecommuters, mobile
    workers, branch offices and business partners to
    corporate networks or each other

43
Virtual Private Network (VPN)
  • Allows connection to the UA from an off-campus
    computer anywhere on the Internet
  • Recognized as a UA affiliate when your data
    reaches the campus network
  • Provides extra security by encrypting data to and
    from your computer
  • creating a private tunnel through the Internet
    for your communication
  • Data unencrypted by the software once it reaches
    the campus

44
System Requirements
  • Internet connection through an Internet service
    provider
  • Must have a valid UA NetID
  • https//netid.arizona.edu
  • Off-campus computer must have a Windows, Linux,
    Macintosh, or Sun Solaris operating system
  • Additional minimum system requirements listed at
  • https//sitelicense.arizona.edu/vpn/system_require
    ments.shtml

45
File Sharing Piracy
  • What You Dont Know Can Hurt You

46
File Sharing Piracy
  • The RIAA has announced as of June 25, 2003 they
    will be on a rampage to stop illegal file sharing
    at whatever costs are necessary

47
File Sharing Piracy
  • Plan to file lawsuits against anyone that is
    sharing files illegally on the Net and that could
    be big, medium or small file share users. This
    weeks tip could literally save you thousands of
    dollars in the end.
  • For all you pirates at sea, who don't want to go
    afloat, the time has come to make one of the
    following decisions

48
Options
  • Turn off your file sharing for a bit.
  • How to disable the file sharing option
  • http//www.upb.pitt.edu/offices_services/technolog
    y_services/resnet/filesharing.pdf.
  • 2. Take the chance of getting caught paying
    thousands of dollars by doing nothing.

49
Laptop Security
  • Laptops are a valuable resource, especially to
    individuals who must travel while remaining in
    continual communication with their office.
  • They also allow connectivity that provides users
    the ability to take their workplace with them.

Unfortunately, the mobility, technology and
information that makes laptops so useful to
employees and organizations also make them
valuable prizes for thieves.
50
Laptop Security
  • Laptop computers with confidential information
    are stolen regularly. In fact, over 400,000 were
    stolen in 2002! (CSI 2003)
  • 40 of laptop theft happens in private offices,
    temporary work stations, meeting rooms
  • A surprising number of laptop computers are
    stolen at airport metal detectors by teams
    working in concert
  • Another theft method is a variation of the old
    pickpocket game of bump and run

51
Security Checkpoint Method
  • If you are approaching the metal detector with
    your laptop, do not put it on the belt until you
    have a clear path through the metal detector.
    Even then, keep your eye on the laptop as it
    comes through the other side. Do not allow
    yourself to be distracted by anyone.
  • Remember to
  • Love your laptop. Cherish it. Hold on to it.
    Keep it in your hand or on your shoulder whenever
    possible.
  • Always be aware of others around you. You can
    also hand your laptop to security and ask them to
    check it by hand.
  • Carry your laptop in a briefcase or other bag
    that doesnt look like a laptop bag and is
    heavier.

52
Bump and Run Method
  • Youre susceptible to this technique when your
    laptop is riding on top of your.
  • luggage cart.
  • Someone either stops in front of you or runs into
    you.
  • While they are apologizing and you are brushing
    yourself off, an accomplice picks up your laptop
    case and is gone in a split second.
  • Anytime you loose immediate control of your
    laptop, its susceptible to theft. Three things
    to remember.

Hold on
Heavy case
Hand over
53
Additional Tips
  • Secure unattended laptop (laptop locking devices)
  • Adhere a Return to Owner notice on your laptop
  • Prevent shoulder-surfing on trains and busses
  • Emergency list make, model, serial number,
    internal inventory number, security phone numbers
  • Consider technical solutions
  • encryption software
  • Attach a security cable (choose one with a
    tubular cylinder lock vs. tumbler lock)
  • Laptop safe
  • Motion sensors and alarms
  • Be aware of increased vulnerability on the Road
  • Cabs, shuttle busses, rental cars, parking
    facilities

54
Summary
  • Common sense, some simple rules and a few pieces
    of technology can help protect your computer
    systems from unauthorized use
  • Important to remember that by protecting your own
    computer system, you're also doing your part to
    protect computers throughout the university

55
UA Resources
  • Kerio Firewall (free to all UA affiliates)
  • https//sitelicense.arizona.edu/kerio/kerio.shtml
  • Sophos Anti Virus (free to all UA affiliates)
  • https//sitelicense.arizona.edu/sophos/sophos.html
  • VPN client software
  • https//sitelicense.arizona.edu/vpn/vpn.shtml
  • Policies, Procedures and Guidelines
  • http//w3.arizona.edu/policy/
  • Security Awareness
  • http//w3.arizona.edu/security/awareness.htm
Write a Comment
User Comments (0)
About PowerShow.com