wendi
Uploaded by
42 SLIDES
557 VUES
420LIKES

Security

DESCRIPTION

Security. For computers. Analyzing the Threat. Unauthorized access Data destruction, accidental or deliberate Administrative access System crash or hardware failure Virus or Spyware Environmental threats. Unauthorized Access. Occurs when a person accesses resources without permission

1 / 42

Télécharger la présentation

Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security For computers

  2. Analyzing the Threat • Unauthorized access • Data destruction, accidental or deliberate • Administrative access • System crash or hardware failure • Virus or Spyware • Environmental threats

  3. Unauthorized Access • Occurs when a person accesses resources without permission • Data • Applications • Hardware • Opens up option to alter or delete (or enhance) information • Can use intrusion to figure out passwords, accounts, etc. • Need some sort of access control • Dumpster diving for information

  4. Social Engineering • Process of using, or manipulating, people inside the network • Humans using other humans to gain access to restricted resources • Infiltration: Gain unauthorized physical access to office; tailgating – following someone as though you belong • Telephone scams: “Hi, I forgot my password” • Phishing: trying to get usernames, passwords, etc. • Administrative access: Too easy to get Admin access to computers and thus data.

  5. Physical Theft • Don’t hack into it – just take the server! • Need to protect, with lock and key, valuable server resources • Don’t forget the router and modem

  6. Environmental Threats • Power – lack of it, or too much • Air conditioning, proper ventilation, air filtration • Dirty air – dust forms a nice warm blanket around components • If you can stand the temperature, so can the computer • Be wary of toxic chemicals, treat with care

  7. Access Control • Lock the door to computer room • Use ID badges • Privacy filter – have to be in front of screen • What is on the desk that should not be there? Documents, passwords, etc.

  8. Getting secure • It’s Windows-L to lock a system • Authentication: How do I know who you are? • Software: Passwords • Hardware: Smart cards or biometric device • Knowledge factor – something you know • Ownership factor – something you own • Inherent factor – something part of user • Use NTFS not FAT32 – can convert FAT to NTFS

  9. Software Authentication • Use passwords – strong passwords and not the same one everywhere • Change CMOS settings; lock you out of CMOS • Stealing a hard drive… • Don’t tape password to bottom of mouse pad • Smart cards and security tokens

  10. Users and Groups • Accounts should have minimum permissions to get the job done • Use groups, not accounts for permissions • Permissions are combined • Everyone group has full access by default • Permissions control access to resources

  11. Policies • Policies are permissions for activities • Local Security Policy on local system • Group Policy on domain server • Policies: • Prevent Registry Edits • Prevent Access to the Command prompt • Log on locally • Shut down system • Minimum Password length • Disable Windows Installer • Printer browsing

  12. Data Classification • Public, internal use only, confidential, top secret, etc. • Sarbanes-Oxley impose limits on what people can do with information • Affects how you recycle equipment, too

  13. Auditing • Auditing means to tell Windows to create an entry in the Security Log • Event auditing – log on/off • Object access auditing – access to file/folder • Local Security Policy in Administrative Tools • Select Local Policies then Audit Policy • Go to object and enable auditing

  14. Incidence Reporting • Leaving a paper trail of what you did • Companies often have forms or use tracking software • Job not done until paperwork is compete!

  15. Evidence Handling • Ignore personal information in and around computer • Anything said or seen is personal confidence • Identify action or content as prohibited – use common sense, too • Report through proper channels – your supervisor – don’t talk to person • Data preservation – unplug and move system

  16. Virus and Spyware • Should always have protection for both – your third purchase (computer and OS) • Floppies used to be a good way to spread viruses – USB drives now do it better • Still the network is the best way to spread a virus

  17. Grayware • Neither good nor bad by itself… • Peer-to-peer file sharing programs: Bittorrent • A new class of software with dangerous potential • Pop-ups – surprise windows that appear automatically • Spyware – run in the background, tracking your activity • Most of the “search bars” in IE

  18. Spyware • Distributed computing applications • Fake-ware – Says one thing, does another • The “free” antivirus scans that find virus and want money to remove them • The FBI, you are running illegal software scam • Don’t install what you don’t know • Most antivirus software now includes spyware filters.

  19. Spyware • Greed (something for free – Kazaa) is the root cause of most spyware infections • Don’t install something you don’t know about – ask others first • Be careful how you close pop-up windows • Run Ad-aware regularly or Spybot Search and Destroy • “Hostage-ware” comes with most new computers

  20. Spam • Unwanted emails • Huge percentage of Internet traffic • Can use third-party filter • Never unsubscribe to email

  21. Malware • Virus: Attached to another program; runs when that program is run (i.e. opening attachment to email message) • Trojans: Should do one thing, does something else. Standalone program • Worms: Replicate themselves and over-whelm system or network. Standalone. • Adware: Tracks what you do on the Internet and reports to somewhere • Rootkit – hides in very low level OS functions

  22. Anti-Virus • Scan for viruses once a week (daily?) • Monitor computer activity all the time • Compares files to signature file(s) • Polymorphs attempt to change code to escape detection • Stealth: Boot sector viruses • Keep this current • Zero Day threats: Hole and virus on same day

  23. Malware Symptoms • Computer slows down, one-time crash, home page change in IE • Keep antivirus up to date and always on • Watch for security alerts that are from antivirus or Windows program • Keep systems patched and up to date

  24. Malware Prevention • Keep anti-virus up to date • TSR – terminate and stay resident – you will find these in Startup in msconfig; don’t turn these off • Know the source of software before you load it

  25. Recovery Tips • Recognize – Identify that you have malware infection; turn off System Restore • Search and destroy – Your anti-virus program should eliminate problem • Remediate – fix what got broken; startup repair most often used • Educate users to limit exposure

  26. Firewalls - Hardware • Protect from unauthorized access to computer • Hardware – routers • Software – XP Service Pack 2 • Stateful Packet Inspection – look at each packet as it comes in • Port Forwarding – open a port and direct to a specific IP address

  27. Firewalls - software • Windows Firewall in Control Panel • Create exceptions to firewall (i.e. allowed traffic) • XP firewall only has one setting; 7 allows one for each network

  28. Network Authentication • Kerberos from MIT used by Windows and Mac for user name and password • Microsoft uses IPSec(urity) for data encryption • Application – Netscape’s Secure Sockets Layer (SSL); results in HTTPS

  29. Wireless Issues • Encryption – WEP, WPA or WPA2 • Disable DHCP • Filter by MAC address • Change default user name and password • Update firmware as needed

  30. Backup • Systems in your care should have regular backups performed • Essential data: My Documents, Outlook (Express) data and address book and Favorites (web bookmarks); Quickbooks data can be almost anywhere • Backup System State on servers • Keep a copy of backup offsite – usually under lock and key

  31. Migrating and Retiring • What do you do with old system or hard disk drive? • Use Documents and Settings Transfer Wizard to get most data to new system in secure setting • Remove data remnants from hard drives • Recycle old equipment – don’t trash it

  32. That old hard drive • Once the data is moved, it’s not removed • A run of FDISK and delete partitions is a good start (and often good enough) • Window Washer or other scrubbing software can make data even harder to find. Often necessary on corporate systems

  33. Recycle • Keep as much out of the landfill as possible • Recycle place on Del Norte, just above 5th Street • Consider donation(s) if equipment is current enough

  34. Network Share Permissions • When you share a resource (folder), you can set Permissions to: • Full Control: Can perform any and all functions on all files and folders • Change: Can read and execute, change and delete files and folders • Read: Can read and execute files and folders; cannot modify or delete

  35. File Permissions • Read: Can view the contents • Write: Can create new file or subfolder; to change must also have Read; can append • Read and Execute: Both Read and run applications and can traverse a folder • Modify: Read and Execute and delete • Full Control: Do anything and take ownership • List Folder Contents: See what is there

  36. Security Policies • Permissions for activities (Run… command, install software, shutdown system) • Group Policies set on groups, organization units (OU) and domain • Requires server software • Local Security policy can be set on a user, but might be over-ridden by GP of domain

  37. Defense • Up to date anti-virus software (Norton, AVG Free) • Up to date anti-adware software (Ad-Aware or equal) • Firewall, either in hardware (router) or software • Check regularly for security patches and system updates

  38. Email • Good way to get malware • Turn off Preview Pane – this can load virus • Delete suspect email without opening it • Consider a third-party spam blocker rather than Outlook Express filter • 2-300 spam messages per day

  39. Browser Problems • Pop-ups: Be careful how you close/exit these to prevent more from showing up. Not so much of this anymore as browser takes care to remove it • Spyware: Run in the background, send information to another computer • Adware: Display ads on your system

  40. Encryption • Authentication to domain uses Kerberos • Server controls dial-up encryption • Remote Access Systems: • Password Authentication Protocol (PAP) is old, kept around for Telnet; no encryption at all • Challenge Handshake Authentication Protocol (CHAP) is most common; challenges remote system (usually password) • MS-CHAP is Microsoft’s version; more advanced encryption protocol; can encrypt the whole session

  41. Data Encryption • Microsoft uses IPSec (IP Security) for long distance (public) networks • Virtual Private Network (VPN) uses Internet for part of the cable • DES (56-bit encryption) • DES3 (168-bit encryption) – Encryption of the encryption of the encryption of the message

  42. Application Encryption • Browsers and HTTPS (HTTP over SSL) • Server sends public key to browser with digital certificate from trusted authority • Browser has list of trusted authorities • Clear SSL Cache in Internet Explorer • Internet Options | Content | Clear SSL Cache • Do this once every three years

More Related