Security - PowerPoint PPT Presentation

1 / 31
About This Presentation
Title:

Security

Description:

Programs that do something malicious instead of or in addition to what was expected. ... Adaware, Spybot (both free fro personal use) Patch OS, Browser, Applications ... – PowerPoint PPT presentation

Number of Views:65
Avg rating:3.0/5.0
Slides: 32
Provided by: hall
Category:
Tags: security | spybot

less

Transcript and Presenter's Notes

Title: Security


1
Security
  • FREC135-011-04S

2
An Analogy
3
Main Areas of Security
  • Computer Security
  • Network Security
  • Data Security

4
The Scenarios
  • Someones out to get YOU
  • Someones out to get someone
  • Somethings out to get everyone

5
The Enemy
  • Employees
  • Outside Users
  • Hackers (fun), Crackers (chaos)
  • Organized crime
  • Terrorists

6
Types of Attacks
  • System Compromise
  • Malicious Code
  • Direct Hacking
  • Network Security
  • Sniffing
  • DoS (Denial of Service)
  • Data Security
  • Improper insider access use
  • Social Engineering
  • Dumpster Diving

7
Computer Security-Malicious Code
  • Trojan Horse
  • Virus
  • Worm
  • Adware (malicious?)
  • Spyware
  • Distinction is still being debated
  • http//www.mediapost.com/PrintFriend.cfm?articleId
    242077

8
Trojan Horses
  • Programs that do something malicious instead of
    or in addition to what was expected.
  • Only effect the machine they are run on
  • Can be installed after a machine is broken into
  • Can be the payload of a virus or worm
  • Backdoors, rootkits, etc.

9
Trojan Horses
  • Can be a fake web site or link too
  • http//vil.nai.com/vil/content/v_100927.htm

10
Viruses
  • Computer program that replicates
  • Spreads through user action
  • Running infected file
  • Booting from infected floppy
  • Opening infected Office document
  • Opening infect e-mail attachment

11
Viruses
  • File Infector
  • Program that infects other programs
  • Jerusalem (1987)
  • Infected executable files
  • Deleted files on Fri. 13

Infect() Print( Hi)
Print( Me)
Print( Si)
Infect() Print( Me)
Hi
12
Viruses
  • File Infector
  • Program that infects other programs
  • Jerusalem (1987)
  • Infected executable files
  • Deleted files on Fri. 13

Infect() Print( Me)
Infect() Print( Hi)
Print( Si)
Infect() Print( Si)
Me
13
Viruses
  • Boot Sector Virus
  • Infects disks
  • Usually spread by accidentally restarting with a
    floppy in the drive
  • AntiEXE (1995)

14
Viruses
  • Word Macro E-mail Attachment
  • Melissa (1999)
  • Word Macro virus
  • Mails itself to 50 people in address book
  • 80 Million in damages

15
Worms
  • Find new machines to infect ON THEIR OWN
  • Take advantage of bugs in network programs
  • Can have Trojan Horse payloads or just spreads

16
The Morris Worm
  • 1988
  • Looked for a number of vulnerabilities
  • i.e. sendmail
  • Known problems, but not fixed
  • Infect, look for other machines to infect
  • Spread faster than anticipated
  • Infected 6000 machines (big at that time)

17
SQL Slammer
  • Flaw in MS SQL Server
  • Know problem, but hard to patch
  • Big real world problems
  • 13,000 BoA ATMs knocked out
  • Airline delays cancelled flights
  • No payload, but imagine

18
Blaster Worm
  • Caused reboots
  • 500,000 computers infected

Chronicle of Higher Education, 03/18/04
19
Theoretical Warhol Worm
  • Worst-case scenario
  • Every vulnerable machine infected in 15 minutes
  • http//www.cs.berkely.edu/nweaver/warhol.html

20
Adware / Spyware
  • My (our) definition
  • Spyware is a Trojan Horse that looks at what you
    do and reports it to someone without you knowing
  • Adware does the same thing, but you agreed to it
    (even if you didnt know it). Therefore its
    not technically a Trojan Horse

21
Manual Hacking
  • Relatively rare
  • Usually Script Kiddies
  • Could be targeted for
  • Resources (esp. network)
  • Credit card info (esp. business)
  • Launch pad for further attacks

22
Protection
  • Virus protection
  • http//udeploy.udel.edu
  • Firewall
  • Built into WindowsXP
  • Spyware detection/removal
  • Adaware, Spybot (both free fro personal use)
  • Patch OS, Browser, Applications
  • http//windowsupdate.microsoft.com

23
Protection
  • Dont install junk
  • Physical security
  • Strong passwords
  • Dont use the computer as an administrator

24
Network AttacksSnooping
  • Sniffing
  • Hard on most wired networks now
  • Very easy in wireless networks
  • Man-in-the-middle attacks

25
Protection
  • Encryption
  • SSL (https)
  • SSH
  • WEP for Wireless Ethernet
  • More Coming Soon?? (IPSEC/IPv6)

26
Network AttacksDenial of Service
  • Worms can plant a Trojan Payload to turn 1000s
    of machines into Zombies
  • Zombies activated to flood a targets server with
    junk traffic
  • Real traffic cant get through
  • Lost clients
  • Lost transactions
  • Bad PR
  • Costs real

27
Worm DoS
28
Worm DoS
GO!
29
DoS Protection
  • ???

30
Data Security (no computer)
  • Unauthorized internal access
  • Unauthorized internal use
  • Dumpster diving
  • Shredder
  • Social Engineering

31
Credits
  • Images from
  • Office XP Clip Art Collection
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Security" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!