IT Security - PowerPoint PPT Presentation

About This Presentation
Title:

IT Security

Description:

E-mail. Machine Security. Physical Security. File Security. Viruses (inc. E-mail Hoax) Public machines. OS Security. Network Security. Student connections ... – PowerPoint PPT presentation

Number of Views:59
Avg rating:3.0/5.0
Slides: 35
Provided by: typey50
Category:
Tags: hoax | security

less

Transcript and Presenter's Notes

Title: IT Security


1
IT Security
Tony Brett IT Systems Manager Corpus Christi
College OxCERT tony.brett_at_corpus-christi.oxford.ac
.uk
2
Overview
  • Excuses
  • Policy
  • E-mail
  • Machine Security
  • Physical Security
  • File Security
  • Viruses (inc. E-mailHoax)
  • Public machines
  • OS Security
  • Network Security
  • Student connections
  • Excuses
  • Sniffing
  • Firewalls - University
  • OxCERT
  • Who
  • What
  • What it does
  • What it doesnt do
  • What to take away
  • Resources
  • Questions?

3
Excuses FAQs
  • Users
  • Why would anybody be interested in my account -
    I only use it for email
  • Security is the admins problem not mine
  • I let my friend in Spain use my account because
    they have been having problems with their
    network
  • Why has my account been disabled on sable

4
Policy
  • Enforce good passwords
  • DONT store password in E-mail clients etc.
  • Disable dormant accounts
  • Age passwords
  • Have a policy on the use of accounts encourage
    deletion unused accounts. Tell OUCS User Reg!
  • Have a policy on Virus Hoaxes
  • Make sure everyone knows about it
  • Enforce it

5
E-Mail
  • E-mail is NOT SECURE!
  • Faking E-mail is very easy
  • PGP is your friend
  • Use for digital signatures
  • Use for encrypting E-mail
  • http//www.oucs.ox.ac.uk/email/pgp.html
  • E-mail virus hoaxes policy.
  • E-mail viruses ILOVEYOU, Melissa

6
Securing Computers
  • Physical Security
  • File Security
  • Use Security

7
Securing Computers
  • Physical Security
  • File Security
  • Use Security

8
Physical Security
Physical Security of machine is the limiting
factor in security
  • Where are machines located?
  • Who has keys or can get keys?
  • How is access to rooms controlled and monitored?
  • Are machines in cages or wired?
  • Are building exits monitored?
  • Keyboard sniffers

9
Securing Computers
  • Physical Security
  • File Security
  • Use Security

Viruses
Password protect
Encrypt
10
Viruses Trojans
  • Destructive Power - BIOS Erase
  • Types of Virus
  • Boot Sector
  • Executable infectors, Trojans
  • Macro or Document
  • E-mail worms Outlook!, ILOVEYOU, MELISSA etc.
  • Anti-Virus Products
  • F-Prot
  • Sophos - http//www.uk.sophos.com
  • Dr. Solomons
  • Norton -LiveUpdate
  • Lynne Munro at OUCS

11
Public Machines
  • Libraries
  • Machines need to run Win95/98 to run OxLIP
    properly
  • Inherent security risk with so many different
    applications
  • OWL - http//web.lib.ox.ac.uk/software
  • Password from technicians_at_las.ox.ac.uk
  • Disk imaging software e.g. Ghost

12
Securing Computers
  • Physical Security
  • File Security
  • Use Security

Password protect accounts
Restrict access
Physical locks
13
Securing your OS
  • Ensure sufficient logging
  • Examine logs
  • Take note of and understand error messages
  • Keep up-to-date with patches
  • Dont run unnecessary network services
  • Web servers are notorious, especially Microsoft
    IIS

14
Securing UNIX
  • Linux a good, free OS but is the most often
    compromised
  • Dynamic OS. Fixes released regularly
  • Solaris, SunOS, HP-UX, Digital, SGI (IRIX).
  • New compromises almost daily Bugtraq.
  • Beware of Students running any UNIX. Encourage
    students to be aware. Sniffers!
  • Only Run services that are needed. Turn off
    everything else. Telnetd, IMAPd, POPd, NFSd etc.
  • Use SSH, SCP etc. Putty on Windows

15
Securing Macintoshes
  • Mac OS Not designed for security
  • Appletalk over Ethernet
  • OUCS routing between departments
  • Appleshare
  • Guest account
  • Owner sees whole Hard Disk
  • TCP/IP
  • DoS Attacks

16
PCs - DOS, Win16, Win32
  • Standard operating systems
  • DOS, Win95, WinNT (workstation)
  • None designed to be servers
  • Some security holes - DoS vulnerabilitiesDefault
    shares on 95 and NT boxesC, D, etc.
  • Password caching(.pwl files)

17
NT Server, Netware Server
  • Network O/S - running on PCs
  • NT can run on other platforms
  • File/Print services
  • TCP/IP services (FTP, Web etc).
  • Network packet signing
  • Physical access to server
  • Password regimes
  • Backup disaster plan essential!
  • Use OUCS HFS for backup
  • Keep service packs up-to-date
  • Compromises are rare
  • See http//www.securityfocus.com/frames/?content/
    vdb/stats.html

18
Network Security
  • 10BaseT vs. 10Base2 (coax)
  • Manageable Hubs
  • Physical access to hubs
  • MAC address restriction
  • Hub management passwords
  • DHCP - dynamic vs. static, logs
  • Switches vs. repeaters
  • Sniffers
  • Operating system policy running services.

19
Student Connections
  • Connection Policy is essential
  • Students must sign agreement
  • Log DHCP assignments so abuses can be traced
  • Get student to assign College the right to
    examine their machine
  • Control use of server-type OS.

20
Securing the Network
  • Outsiders looking in
  • Insiders looking about
  • Insiders looking out
  • Access through valid means
  • Misuse of features
  • inadvertent doors
  • Insecurity by design

21
Common Excuses
  • I was just looking
  • It wasnt secured so I thought it was OK
  • I accidentally downloaded it and just thought I
    would see what happens when I ran it
  • Hey man, the internet is an anarchy, I can do
    what I want
  • Oh yeah, what are you going to do about it

22
Network Sniffing
  • Almost impossible to detect
  • Impact depends on topology of network
  • Switching reduces possibilities

23
Network Sniffing - What is it?
  • Much network traffic in clear text
  • Passwords and Usernames
  • Compromised machines running sniffers

Host Q listens without A B knowing
24
Network Topolgy
University Backbone
SWITCH
HUB
HUB
25
How to reduce the risk
  • Encryption
  • SSH, Disposable passwords, SCP
  • Switch sensitive parts of network
  • Use port scrambling on hubs
  • Keep student and staff segments on separate
    switched ports

26
Firewalls
  • Isolate the network
  • Bandwidth bottleneck
  • Rule based access
  • IP addresses, blocks, or ports
  • Extensive logging
  • False sense of security
  • OUCS
  • Started fully open ports or addresses closed as
    vulnerabilites are identified
  • Balance between security and utility

Badlands
Happyville
27
Who/What is OxCERT
  • University IT Security Team
  • oxcert_at_ox.ac.uk
  • (2)82222
  • Member of FIRST
  • 9am-5pm, and best-attempt cover outside this
  • probe-report_at_oxcert.ox.ac.uk

28
Who/What is OxCERT
  • C. 10 Committee, termly meeting.
  • 4 front-line
  • Pete Biggs, Physical Theoretical Chemistry
  • Patrick Green, OUCS
  • Neil Clifford, Astrophysics
  • Neil Long, OUCS
  • Emergency Repsonse service, not a free machine
    set-up service
  • http//info.ox.ac.uk/compsecurity/oxcert/

29
What OxCERT can do
SECURITY
  • Advise IT staff and individuals on matters of IT
    security
  • Advise on methods of improving security
  • Liason with other CERTs
  • Checking security of machines within Oxford
    University
  • Assistance in disaster recovery
  • Assistance in planning new networks and/or
    machines

30
What OxCERT can do
  • Direct contact with all parts of OUCS
  • Intervention when machines are found to be
    compromised
  • Disable IP addresses or networks (both within and
    without Oxford) if security is being compromised
  • Investigation of DoS (Denial of Service) type
    attacks
  • What it can! Only 1.5 posts is funded by the
    University, others are volunteers.

31
What OxCERT cant do
  • Get involved with policy decisions that dont
    affect security
  • Deal with SPAM or abusive E-mail
    (advisory_at_oucs.ox.ac.uk)
  • Deal with non-security computing issues
    (electronic harrassment etc.)
  • Act as a substitute for OUCS advisory
  • Miracles! Security is YOUR responsibility,
    OxCERT can only advise

32
What to take away
  • Be aware of security
  • Make users aware of the need for security
  • Have, and enforce an IT Security Policy
  • Maintain OS security
  • Know what services you are providing and only
    provide those you know about

33
Resources
  • This presentation
  • http//users.ox.ac.uk/aesb/itsec.ppt
  • OxCERT
  • http//www.ox.ac.uk/it/compsecurity/oxcert/
  • Secure E-mail
  • http//www.oucs.ox.ac.uk/email/secure.html
  • Public Machines
  • http//users.ox.ac.uk/aesb/itsec.ppt
  • Virus Hoaxes
  • http//www.uk.sophos.com/virusinfo/scares/
  • University and other IT rules
  • http//www.ox.ac.uk/it/rules/
  • The OUCS Hierarchical File Server
  • http//hfs.ox.ac.uk/local/

34
Fin
  • Questions?
Write a Comment
User Comments (0)
About PowerShow.com