Securing your computer GADGET GURUS
description
Transcript of Securing your computer GADGET GURUS
![Page 1: Securing your computer GADGET GURUS](https://reader035.fdocuments.us/reader035/viewer/2022062217/568144bf550346895db18800/html5/thumbnails/1.jpg)
1
![Page 2: Securing your computer GADGET GURUS](https://reader035.fdocuments.us/reader035/viewer/2022062217/568144bf550346895db18800/html5/thumbnails/2.jpg)
Securing your computerGADGET GURUS
Dr. Wayne Summers
TSYS Department of Computer Science
Columbus State University
http://csc.colstate.edu/summers
![Page 3: Securing your computer GADGET GURUS](https://reader035.fdocuments.us/reader035/viewer/2022062217/568144bf550346895db18800/html5/thumbnails/3.jpg)
3
![Page 4: Securing your computer GADGET GURUS](https://reader035.fdocuments.us/reader035/viewer/2022062217/568144bf550346895db18800/html5/thumbnails/4.jpg)
4
SQL Slammer
“It only took 10 minutes for the SQL Slammer worm to race across the globe and wreak havoc on the Internet.”
“The worm, shut down some U.S. bank teller machines, doubled the number of computers it infected every 8.5 seconds.”
![Page 5: Securing your computer GADGET GURUS](https://reader035.fdocuments.us/reader035/viewer/2022062217/568144bf550346895db18800/html5/thumbnails/5.jpg)
5BLASTER
At least 500,000 computers worldwide infected
In eight days, the estimated cost of damages neared $2 billion.
![Page 6: Securing your computer GADGET GURUS](https://reader035.fdocuments.us/reader035/viewer/2022062217/568144bf550346895db18800/html5/thumbnails/6.jpg)
6SOBIG.F
One of every 17 e-mails scanned was infected (AOL detected 23.2 million attachments infected with SoBig.F)
Worldwide, 15% of large companies and 30% of small companies were affected by SoBig - estimated damage of $2 billion.
![Page 7: Securing your computer GADGET GURUS](https://reader035.fdocuments.us/reader035/viewer/2022062217/568144bf550346895db18800/html5/thumbnails/7.jpg)
7
![Page 8: Securing your computer GADGET GURUS](https://reader035.fdocuments.us/reader035/viewer/2022062217/568144bf550346895db18800/html5/thumbnails/8.jpg)
8Goals confidentiality (privacy) - limiting
who can access assets of a computer system.
integrity - limiting who can modify assets of a computer system.
availability - allowing authorized users access to assets.
![Page 9: Securing your computer GADGET GURUS](https://reader035.fdocuments.us/reader035/viewer/2022062217/568144bf550346895db18800/html5/thumbnails/9.jpg)
9
Definitions vulnerability - weakness in the security
system that might be exploited to cause a loss or harm.
threats - circumstances that have the potential to cause loss or harm. Threats typically exploit vulnerabilities.
control - protective measure that reduces a vulnerability or minimize the threat.
![Page 10: Securing your computer GADGET GURUS](https://reader035.fdocuments.us/reader035/viewer/2022062217/568144bf550346895db18800/html5/thumbnails/10.jpg)
10Vulnerabilities
“Today’s complex Internet networks cannot be made watertight…. A system administrator has to get everything right all the time; a hacker only has to find one small hole.”– Robert Graham, lead architect of Internet Security
Systems
![Page 11: Securing your computer GADGET GURUS](https://reader035.fdocuments.us/reader035/viewer/2022062217/568144bf550346895db18800/html5/thumbnails/11.jpg)
11Recent News “New Trojan horses threaten cell phones”
Keyloggers Jump 65% As Info Theft Goes Mainstream
Computers around the world are systematically being victimized by rampant hacking. This hacking is not only widespread, but is being executed so flawlessly that the attackers compromise a system, steal everything of value and completely erase their tracks within 20 minutes.
![Page 12: Securing your computer GADGET GURUS](https://reader035.fdocuments.us/reader035/viewer/2022062217/568144bf550346895db18800/html5/thumbnails/12.jpg)
12Recent News
IM Worms could spread in seconds – “Symantec has done some simulations … and has found that half a million systems could be infected in as little as 30 to 40 seconds.”
Fraudulent e-mails designed to dupe Internet users out of their credit card details or bank information topped the three billion mark last month.
![Page 13: Securing your computer GADGET GURUS](https://reader035.fdocuments.us/reader035/viewer/2022062217/568144bf550346895db18800/html5/thumbnails/13.jpg)
13
![Page 14: Securing your computer GADGET GURUS](https://reader035.fdocuments.us/reader035/viewer/2022062217/568144bf550346895db18800/html5/thumbnails/14.jpg)
14E-mail from “Microsoft” [email protected]
{Virus?} Use this patch immediately !
Dear friend , use this Internet Explorer patch now!
There are dangerous virus in the Internet now!
More than 500.000 already infected!
![Page 15: Securing your computer GADGET GURUS](https://reader035.fdocuments.us/reader035/viewer/2022062217/568144bf550346895db18800/html5/thumbnails/15.jpg)
15
![Page 16: Securing your computer GADGET GURUS](https://reader035.fdocuments.us/reader035/viewer/2022062217/568144bf550346895db18800/html5/thumbnails/16.jpg)
16Malware and other Threats Viruses / Worms (over 180,000 viruses –
4/2007)– 1987-1995: boot & program infectors
– 1995-1999: Macro viruses (Concept)
– 1999-2003: self/mass-mailing worms (Melissa-Klez)
– 2001-???: Megaworms [blended attacks] (Code Red, Nimda, SQL Slammer, Slapper)
Trojan Horses
![Page 17: Securing your computer GADGET GURUS](https://reader035.fdocuments.us/reader035/viewer/2022062217/568144bf550346895db18800/html5/thumbnails/17.jpg)
17
![Page 18: Securing your computer GADGET GURUS](https://reader035.fdocuments.us/reader035/viewer/2022062217/568144bf550346895db18800/html5/thumbnails/18.jpg)
18Solutions Apply “defense in-depth”
– Don't open email from strangers or attachments you weren't expecting—especially attachments with .exe extensions
– Use good passwords
– Back up important files
– Run and maintain an antivirus product
– Do not run programs of unknown origin
– Deploy a firewall
– Keep your patches up-to-date
![Page 19: Securing your computer GADGET GURUS](https://reader035.fdocuments.us/reader035/viewer/2022062217/568144bf550346895db18800/html5/thumbnails/19.jpg)
19
![Page 20: Securing your computer GADGET GURUS](https://reader035.fdocuments.us/reader035/viewer/2022062217/568144bf550346895db18800/html5/thumbnails/20.jpg)
20Password Management Passwords should be at least 6-8 characters
Passwords should be alphanumeric with special characters like punctuation marks
Never use common words from the dictionary
Never tell anyone your password, not even to security personnel or to your best friend
Never send passwords through e-mails, as passwords are sensitive items
Never write a password down on scratch paper where someone might discover it
Never throw a password in the trash. A Dumpster Diver may discover it
![Page 21: Securing your computer GADGET GURUS](https://reader035.fdocuments.us/reader035/viewer/2022062217/568144bf550346895db18800/html5/thumbnails/21.jpg)
21
![Page 22: Securing your computer GADGET GURUS](https://reader035.fdocuments.us/reader035/viewer/2022062217/568144bf550346895db18800/html5/thumbnails/22.jpg)
22Password Management Potential passwords – which are good?
– 11042007– abc– Fido– Wayne– WayneSummers – Password– Password1996– QuePasa?– W@yn3Summ3r$
![Page 23: Securing your computer GADGET GURUS](https://reader035.fdocuments.us/reader035/viewer/2022062217/568144bf550346895db18800/html5/thumbnails/23.jpg)
23
![Page 24: Securing your computer GADGET GURUS](https://reader035.fdocuments.us/reader035/viewer/2022062217/568144bf550346895db18800/html5/thumbnails/24.jpg)
24
“The most potent tool in any security arsenal isn’t a powerful firewall or a sophisticated intrusion detection system. When it comes to security, knowledge is the most effective tool…”
Douglas Schweizer – The State of Network Security, Processor.com, August 22, 2003.
![Page 25: Securing your computer GADGET GURUS](https://reader035.fdocuments.us/reader035/viewer/2022062217/568144bf550346895db18800/html5/thumbnails/25.jpg)
25Caesar cipher (key = 3)
The message
“caesar is a roman”
becomes
FDHVD ULVDU RPDQ
a b c d e f g h i j k l m n o p q r s t u v w x y Z
D E F G H I J K L MN O P Q R S T U V WX Y Z A B C
![Page 26: Securing your computer GADGET GURUS](https://reader035.fdocuments.us/reader035/viewer/2022062217/568144bf550346895db18800/html5/thumbnails/26.jpg)
26Caesar cipher (key = DOG)
The message
“caesar is a roman”
becomes
FOKVO XLGGU CSDB
a b c d e f g h i j k l m n o p q r s t u v w x y z
D E F G H I J K L MN O P Q R S T U V WX Y Z A B C
O P Q R S T U V WX Y Z A B C D E F G H I J K L MN
G H I J K L MN O P Q R S T U V WX Y Z A B C D E F
D E F G H I J K L MN O P Q R S T U V WX Y Z A B C
![Page 27: Securing your computer GADGET GURUS](https://reader035.fdocuments.us/reader035/viewer/2022062217/568144bf550346895db18800/html5/thumbnails/27.jpg)
27Popular Cryptography
Jules Verne's - decipherment of a parchment filled with runic characters in the Journey to the Center of the Earth.
Sir Arthur Conan Doyle's detective, Sherlock Holmes, was an expert in cryptography. The Adventure of the Dancing Men, involves a cipher consisting of stick men, each representing a distinct letter.
Edgar Allan Poe issued a challenge to the readers of Philadelphia's Alexander Weekly Messenger, claiming that he could decipher any mono-alphabetic substitution cipher. He successfully deciphered all of the hundreds of submissions. In 1843, he wrote a short story, "The Gold Bug”
![Page 28: Securing your computer GADGET GURUS](https://reader035.fdocuments.us/reader035/viewer/2022062217/568144bf550346895db18800/html5/thumbnails/28.jpg)
28
COMPUTER SECURITY AWARENESS WEEK
(http://cins.colstate.edu/awareness/)April 16-20, 2007
ACCENTUATE THE POSITIVE
![Page 29: Securing your computer GADGET GURUS](https://reader035.fdocuments.us/reader035/viewer/2022062217/568144bf550346895db18800/html5/thumbnails/29.jpg)
29
QUESTIONS?