1 / 103

Computer and Network Security

Computer and Network Security Iain Moffat B.Sc(Hons) CEng MIET Chairman IET Anglian Coastal You are Not Alone …. Contents What is Computer Security? Data Protection Principles and the DPA The Security Implementation Process The threats to your computer and network Security Policies

jacob
Télécharger la présentation

Computer and Network Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Computer and Network Security Iain Moffat B.Sc(Hons) CEng MIET Chairman IET Anglian Coastal

  2. You are Not Alone ….

  3. Contents • What is Computer Security? • Data Protection Principles and the DPA • The Security Implementation Process • The threats to your computer and network • Security Policies • Risk/Impact Assessment • Countermeasures • Checking Security • Investigation and Evidence

  4. What is computer security? Protection of computer hardware and software from loss, damage or theft

  5. Data Protection

  6. Data Protection Principles • Personal data shall be processed fairly and lawfully and, in particular, shall not be processed unless- (a) at least one of the conditions in Schedule 2 is met, and (b) in the case of sensitive personal data, at least one of the conditions in Schedule 3 is also met. • Personal data shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes. • Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed. • Personal data shall be accurate and, where necessary, kept up to date. • Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes. • Personal data shall be processed in accordance with the rights of data subjects under this Act. • Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data. • Personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data. From the Data Protection Act 1998 Schedule 1 part 1:http://www.opsi.gov.uk/acts/acts1998/19980029.htm#aofs

  7. Security Processs 2 POLICIES COUNTER MEASURES 3 THREATS 1 4 INCIDENTS AUDITS 5

  8. THE THREATS

  9. The Threats • Fire • Flood • Theft • Vandalism • Impersonation • Junk Mail

  10. The Threats • Fire • Purely a physical threat • Results in data loss, loss of money invested in equipment, and downtime • Flood • Theft • Vandalism • Impersonation • Junk Mail

  11. The Threats • Fire • Flood • Purely a physical threat • Results in data loss, loss of money invested in equipment, and downtime • Theft • Vandalism • Impersonation • Junk Mail

  12. The Threats • Fire • Flood • Theft • Has physical and electronic forms • May involve hardware, data or both • Stolen data may be hard to replace • Stolen data may facilitate other crimes (eg. Impersonation) • Causes financial loss and loss of reputation • Vandalism • Impersonation • Junk Mail

  13. The Threats • Fire • Flood • Theft • Vandalism • Has Physical and Electronic forms • May cause downtime and/or data loss • Causes financial loss and loss of reputation • Impersonation • Junk Mail

  14. The Threats • Fire • Flood • Theft • Vandalism • Impersonation • Primarily an electronic threat • Leads to financial loss and loss of reputation • Junk Mail

  15. The Threats • Fire • Flood • Theft • Vandalism • Impersonation • Junk Mail • Used to be mostly a waste of time and bandwidth • Now a carrier for malicious software

  16. Where Threats Come From • People with access to your computer • Removable media (tapes, disks etc) • Malicious Software • Trojans • Viruses • Worms • Exploits and Rootkits • Spyware • Network Connections • Confidence Tricks

  17. Malicious Software

  18. Malicious Software • Trojans • Viruses • Worms • Exploits and Rootkits • Spyware • Password Capture or “Phishing”

  19. Malicious Software • Trojans • Programs that claim to do one thing but actually do something unwanted • Need to be loaded and run by an authorised user of the system • Limited to the access rights of that user • Often used as a loader for rootkits or spyware • Nowadays usually downloaded by a misleading/bogus website or a link in SPAM email messages • Viruses • Worms • Exploits and Rootkits • Spyware • Password Capture or “Phishing”

  20. Malicious Software • Trojans • Viruses • Self replicating programs • May just install a replicator on an infected machine or deliver a “payload” program to do its makers work on your PC • Payload may be destructive or spyware • Historically spread using infected DOS floppy disks • Nowadays found as macros in documents or downloadable programs • Worms • Exploits and Rootkits • Spyware • Password Capture or “Phishing”

  21. Malicious Software • Trojans • Viruses • Worms • Self-replicating programs that spread from machine to machine over a network • May carry destructive or spyware payloads • Rely on vulnerable network services to infect new victims • Common in UNIX systems in 1980s, nowadays more common in Windows environments • Exploits and Rootkits • Spyware • Password Capture or “Phishing”

  22. Malicious Software • Trojans • Viruses • Worms • Exploits and Rootkits • Exploits are bugs in an operating system that allow a local or remote user to get admin-level access • Hackers ‘exploit’ these bugs to write programs that install a permanent remote access kit which gives them access to a compromised system • The remote access kit gives them root (UNIX) or administrator (Windows) access and hides itself from normal operating system file and process lists • Spyware • Password Capture or “Phishing”

  23. Malicious Software • Trojans • Viruses • Worms • Exploits and Rootkits • Spyware • Usually installed by a trojan or worm • May log key strokes or URLs visited • Originally an unethical form of market research • Now used by organised crime to steal passwords • Password Capture or “Phishing”

  24. Malicious Software • Trojans • Viruses • Worms • Exploits and Rootkits • Spyware • Password Capture or “Phishing” • Originally done by faking a login screen on a mainframe terminal or by faking dial-back • Now usually a link to a web site • Purports to be an urgent message from e-bay, paypal or a bank containing a link to click • Link text says http://some.bank.com/login.html but underlying code says http://some.hackers.hijacked.server/fakelogin.html

  25. Network Threats • Wire Taps / Eavesdropping • Primarily a risk in shared media (eg. wireless 802.11) • Leads to data loss and may facilitate Man-in-Middle or Impersonation attacks in the future • Password sniffing is a specific form of this threat • Man in the Middle • Primarily a risk in multi-hop links • Requires access to a link carrying all traffic between end systems • Impersonation • Use of false credentials to log in to network services • DNS Poisoning • Denial of Service • Primarily a risk to sites with limited internet access bandwidth • High volumes of unwanted inbound traffic may bring down servers or squeeze out legitimate traffic • Bandwidth Theft • unauthorised connections to your WLAN may steal your internet access bandwidth

  26. Security Policies

  27. Security Policies • Physical Security • User Access • Removable Media • Network Software • Network Connectivity • 3rd. Party Access • Audit and Logging • Patching and Updates

  28. Security Policies • Physical Security • Siting to avoid flood and fire risks • Locks and chains • Computer room access controls • Laptop security in transit and in use • Backups • Off site storage of backup and rebuild media • Availability of replacement hardware • User Access • Removable Media • Network Software • Network Connectivity • 3rd. Party Access • Audit and Logging • Patching and Updates

  29. Security Policies • Physical Security • User Access • Who has administrative access (can add users or programs) • Password policies (length, complexity and change period) • Identity and background checks prior to granting access • Password reset process must prove that the real user is asking • 7x24 or restricted access hours • Separation of roles (user vs administrator) • Audit and removal of expired or unused access • Shared user accounts are dangerous (undermine audit trail) • Users must be warned that unauthorised access is illegal • Users must be informed of the scope and purpose of permitted access • Users must be informed and/or trained in data protection • Removable Media • Network Software • Network Connectivity • 3rd. Party Access • Audit and Logging • Patching and Updates

  30. Security Policies • Physical Security • User Access • Removable Media • How to store backups away from harm • Potentially different content/retention profiles for archives and backups • Need to have software to read old archives and install old backups • Need to ensure that media are still readable after time • Consider retention period (legal and practical constraints may apply) • Consider risk from imported media (virus etc) • How to ensure timely identification and destruction of redundant media • Need to control introduction of new media from outside • Network Software • Network Connectivity • 3rd. Party Access • Audit and Logging • Patching and Updates

  31. Security Policies • Physical Security • User Access • Removable Media • Network Software • Minimise visible network presence • Turn off unwanted network services (need mail on web server?) • Avoid use of unsafe protocols (eg. TELNET or FTP send unencrypted passwords) • Use safe/encrypted protocols (SSH, HTTPS) • Avoid programs or configurations that auto-open received files • Network Connectivity • 3rd. Party Access • Audit and Logging • Patching and Updates

  32. Security Policies • Physical Security • User Access • Removable Media • Network Software • Network Connectivity • Firewalls are essential • Identify security domains in your network and outside • Identify necessary connections by source, destination and protocol between machines or domains • Configure firewall rules to permit only these connections • Log permitted but potentially dangerous traffic • Maintain a low profile to the internet – minimise visible network services exposed to the outside by your firewall • 3rd. Party Access • Audit and Logging • Patching and Updates

  33. Security Policies • Physical Security • User Access • Removable Media • Network Software • Network Connectivity • 3rd. Party Access • 3rd party maintainers or outsource staff may need remote or on site access • Ensure that work is controlled and staff are trustworthy • Ensure that confidentiality agreements are in place before granting access • Shut off remote access when not in use • Log or supervise support access • Review and if possible disable ‘phone home’ features for vendor support unless you are trying to fix a problem • Test automatic updates on a sacrificial machine before allowing network-wide deployment in your business • Audit and Logging • Patching and Updates

  34. Security Policies • Physical Security • User Access • Removable Media • Network Access • Network Connectivity • 3rd. Party Access • Audit and Logging • Logs help diagnose problems and are evidence of misuse • Excessive logs may be a security risk (eg unencrypted data or disk full) • Should be sufficient to determine who did what when • Should not be an easier alternative to keystroke logging or wire tapping • Useless as an audit trail if login accounts are shared • Must be protected from modification – ideally best sent to a dedicated server in real time over the network using SYSLOG (Unix and Network) or MOM (Windows) • Content and retention of logs must satisfy data protection and privacy laws • Patching and Updates

  35. Patching and Updates • Physical Security • User Access • Removable Media • Network Software • Network Connectivity • 3rd. Party Access • Audit and Logging • Patching and Updates • Hackers are always finding new bugs • Software vendors are always fixing them • You must monitor vendor websites or mailing lists • Also check CERT, UNIRAS and ISC alerts frequently • If you have resources test and deploy patches in a controlled way • If not subscribe to windows update or its Linux counterparts • Upgrade the OS before it becomes unsupported

  36. Risk Assessment

  37. Risk Assessment Factors • Business or domestic • Business needs to consider employees as a risk • Domestic users have only external threats • Single or Multi-User • Multi-User systems need to consider who can see what • Single user systems only need to prevent accidental damage (by running trojans as an administrator) • Networked or Standalone • Networked systems are at risk from outside • Physical access is needed to harm standalone systems • Internet-connected networks are at greater risk than isolated ones

  38. Risk Assessment Process • Make a list of risks • Determine probability of each one happening • Determine cost of each one if it happens • Calculate cost * probability for each one • Deal with the worst first • It is worth paying £(cost * probability) to fixeach risk that has been identified.

  39. Countermeasures

  40. Countermeasures • Physical Security • User Access Control • Removable Media Control • Network Software • Network Access • File Permissions and Security • 3rd. Party Access • Audit and Logging

  41. Physical Security • Separate components of large systems across multiple sites • Clustering for high availability • Live/Standby operation for less critical system • Consider using test/development system as a cold standby • Standby systems are only useful if data and software are up to date • Need to rehearse failover and failback • Keep taking the backups! • Test Backup and restore process regularly • Keep all media needed to reinstall your software • Test that media are still readable from time to time • Ensure backups are stored as securely as the live data (or more so) • Review availability of hardware and upgrade or buy spares when it is near end of life • Don’t keep backups and live systems in the same room (and if possible not in the same building) • Keep critical computers in a separate locked room (which also helps with noise and dust and air conditioning) • Don’t put computers under water pipes or tanks • Don’t use floor-standing computers or storage furniture in rooms liable to flooding • Ensure that temperature and humidity are monitored nd alarmed in computer rooms • Ensure that media stores are dry and free from dust and insects

  42. Physical Security • Separate components of large systems across multiple sites • Keep taking the backups! • Keep critical computers in a separate locked room (which also helps with noise and dust and air conditioning) • Don’t put computers under water pipes or tanks • Don’t use floor-standing computers or storage furniture in rooms liable to flooding • Ensure that temperature and humidity are monitored nd alarmed in computer rooms • Ensure that media stores are dry and free from dust and insects

  43. Physical Security • Separate components of large systems across multiple sites • Clustering for high availability • Live/Standby operation for less critical system • Consider using test/development system as a cold standby • Standby systems are only useful if data and software are up to date • Need to rehearse failover and failback • Keep taking the backups! • Keep critical computers in a separate locked room (which also helps with noise and dust and air conditioning) • Don’t put computers under water pipes or tanks • Don’t use floor-standing computers or storage furniture in rooms liable to flooding • Ensure that temperature and humidity are monitored nd alarmed in computer rooms • Ensure that media stores are dry and free from dust and insects

  44. Physical Security • Separate components of large systems across multiple sites • Keep taking the backups! • Test Backup and restore process regularly • Keep all media needed to reinstall your software • Test that media are still readable from time to time • Ensure backups are stored as securely as the live data (or more so) • Review availability of hardware and upgrade or buy spares when it is near end of life • Don’t keep backups and live systems in the same room (and if possible not in the same building) • Keep critical computers in a separate locked room (which also helps with noise and dust and air conditioning) • Don’t put computers under water pipes or tanks • Don’t use floor-standing computers or storage furniture in rooms liable to flooding • Ensure that temperature and humidity are monitored nd alarmed in computer rooms • Ensure that media stores are dry and free from dust and insects

  45. User Account Security • Separation of Priveliege • Password Policies • Clean Up Afterwards • No Shared Accounts

  46. Separation of Priveliege • Create separate administrative and normal users even on a single-user system to limit the damage that can be done by mistakes or infection in normal use • Use administrative accounts only to install software or change system configuration • Never use an administrative account for normal e-mailing or web browsing • Use normal accounts for all dangerous activities so that a trojan or virus will not run as administrator • Wherever possible configure network services (mail, file and web servers) to run under dedicated user accounts rather than as administrator so a remote attack not only has to get control of them but then also gain administrative rights • Separate administrative and audit functions under separate user accounts if the operating system allows it, so that someone cannot do an unauthorised change and then cover up by changing the logs

  47. Password Policies • There are several good password guessing programs in the field and as computers get faster they become a bigger risk • Always change default passwords in operating systems and applications as soon as you take delivery or install them • Minimum recommendations are • 6 character normal passwords • 8 to 10 character administrative passwords • Change passwords at least every 90 days • Change passwords ASAP if keylogging or dishonesty is suspected • Change passwords ASAP if an employee leaves • Must not be a dictionary word • Substitution of letters for numbers is not enough (eg “pa33w0rd”) • Combinations of words or words and non-guessable numbers are stronger (eg. “pass3249w0rd” or “random.nothing” • Random, machine generated passwords are non-memorable and need to be written down (which is a greater risk) • Passwords must be non-reversibly encrypted when stored on disk • Passwords must never ever under any circumstances be shared

  48. Clean Up Afterwards • Remove user accounts when employees leave • Search disk for passwords or password bypass • eg. unix .rhosts and .netrc files • Audit the user list frequently and ensure that • All users are still employed at your site • All users have the lowest priveliege level that will let them do their work • Any application program ‘users’ are still needed • User information (real name, phone) is correct

  49. No Shared Accounts • Shared Accounts prevent effective auditing since more than one person knows the same username and password • Each human user must have their own login account for auditing to be effective • If there is more than one system administrator then it is better to have multiple administrative accounts than to share one account and password • Directly possible by assigning users to the “Administrators” group in Windows • Requires use of “SUDO” or custom-written software in Unix or Linux systems • Where accounts have to be shared then it is best to configure it so that users have to log in as themselves and then switch to the shared account

  50. Removable Media • Removable Media are • Floppy disks, CD-Roms, DVDs and tapes • The traditional infection vector for trojans and viruses • The main risk of data loss from your site • Consider laptops as removable media • New Removable Media must • Be clearly labelled with date, privacy marking and contents • Be stored as securely as the computers they came from (or more so) • Be securely destroyed when no longer required • Physical destruction by fire or cutting up is recommended • Deleting files just marks space as reusable • Must delete contents and overwrite with random data prior to sale or reuse • Be adequately protected in a risky environment • Encrypt sensitive files on media that will be posted • Ensure laptops taken off site have passwords and encrypted hard disks • Incoming Removable Media must • Be virus checked (preferably on a non-networked ‘sheep dip’ computer • Be expected and from a trustworthy source (beware magazine cover CDs)

More Related