1 / 23

Network Security

Network Security. Allan G. Dyer CISSP, MHKCS, MIAP, AIDPM, MSc (tech), BSc Past Chair, ISSG, HKCS; President, AVAR adyer@yuikee.com.hk. Education Success. Sven Jaschan German Teenager School Student Wrote software worth >US$157,000. Worldwide Headlines Interview with Stern Magazine

jayden
Télécharger la présentation

Network Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Network Security Allan G. Dyer CISSP, MHKCS, MIAP, AIDPM, MSc (tech), BSc Past Chair, ISSG, HKCS; President, AVAR adyer@yuikee.com.hk

  2. Education Success Sven Jaschan • German Teenager • School Student • Wrote software worth >US$157,000 • Worldwide Headlines • Interview with Stern Magazine • Job with Securepoint - German IT Security Company

  3. Education Success? • estimated damages of US$157,000 for 4 specimen victims • Created Netsky and Sasser Worms • Arrested May 2004 • Tip-off from school friends • Confessed after arrest • Netsky.Z attacked educational sites: www.educ.ch, www.medinfo.ufl.edu, www.nibis.de

  4. Education Failure • He "had not considered the consequences or the damage" • "everyone in Jaschan's class knew what he was doing" • "some of them helped him distribute [the worms]" • Parents did not recognise the significance: • 'Papa, I've put out a computer worm.' • 'Sven, you didn't do anything stupid, did you?'

  5. Education Improvements • Students need to learn about Information Security and Ethics • Protect Themselves • Respect Others

  6. What Is Information Security? CIA Confidentiality Integrity Availability

  7. Meet The Threats:Viruses, Worms, Trojans

  8. Meet The Threats:Spyware

  9. Meet The Threats:Spam

  10. Meet The Threats:Phishing

  11. Meet The Threats:Criminals

  12. Meet The Threats:Porn Inappropriate Content

  13. "Ordinary" Organisation Internet Firewall

  14. "Ordinary" Organisation • Trusted Users Inside • Users are already Trained • Threats Outside

  15. A School SAMS Internet Firewall Classrooms

  16. A School • Firewall is still a useful control point • Many users (pupils) with minimal computer knowledge • Some users may be mischievous or malicious • SAMS an attractive target

  17. SAMS • Attendance Records • Hide skiving • Sell the service • Test or Exam Results • Personal Details • Intimidate or Blackmail others

  18. SAMS: Gaining Access • Guess Passwords • Unattended Computer • Network Sniffing • Keystroke Loggers

  19. How Young? • Some macro viruses probably written by 10 to 12 year olds • Primary Students… • Joke programs? • Plagiarism?

  20. Are Hackers Evil?

  21. The "Hacker Ethic" • Curiosity • Exploring • Learning • Testing and Pushing Limits • Freedom

  22. HKCERT/CC • Hong Kong Computer Emergency Response Team Coordination Centre • Established February 2001 • Under Hong Kong Productivity Council, funded by Innovation & Technology Fund • Virus Alerts: • http://www.hkcert.org/valert/valert.html • Security Alerts: • http://www.hkcert.org/salert/salert.html

  23. Questions? http://www.yuikee.com.hk/computer/info-ctr/newsletter/

More Related