Foundation MIS - Guide to Computer Security
Upcoming SlideShare
Loading in...5
×
 

Foundation MIS - Guide to Computer Security

on

  • 862 views

 

Statistics

Views

Total Views
862
Views on SlideShare
862
Embed Views
0

Actions

Likes
0
Downloads
26
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Foundation MIS - Guide to Computer Security Foundation MIS - Guide to Computer Security Presentation Transcript

    • Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security
    • Beginners Guide to Computer Security Threats and Countermeasures
    • Objectives
      • Provide an overview of the most
      • common threats and how to build
      • layered protection.
      Spam Security Tools Anti-Virus Software Security Policies Passwords Firewalls Encryption Summary Importance Of Security Threats to Data Viruses Trojan Horse Programs Vandals Attacks Data Interception Scams
    • Good News – Bad News
      • Internet transforms and greatly improves our lives
      • Opened the door to an increasing number of security threats from which individuals, families and business must protect themselves
      • Consequences of attacks can range from the mildly inconvenient to the completely debilitating
        • Important data can be lost
        • Privacy can be violated
        • Computer can even used by an outside attacker to attack other computers on
        • the Internet.
    • Threats to Data
      • Come from a very small minority
      • A car thief can steal only one car at a time
      • Single hacker working from a single computer can generate damage to a large number of computer networks
      • A general knowledge of security threats and how to protect yourself is essential
    • Viruses
      • Most widely known security threat due to extensive press coverage.
      • What is a virus?
        • Computer programs that are written by devious programmers and are designed to replicate themselves and infect computers when triggered by a specific event.
          • Example - Macro viruses attach themselves to files that contain macro instructions (routines that can be repeated automatically, such as sending email) and are then activated every time the macro runs.
    • Effects
      • Benign - cause annoying interruptions such as displaying a comical message when striking a certain letter on the keyboard
      • More destructive - cause such problems as deleting files from a hard drive or slowing down
      • a system
    • How to “catch” it
      • A computer can be infected with a virus only if the virus enters through an outside source
        • an attachment to an email
        • a file downloaded from the Internet.
        • When one computer on a network becomes infected, the other computers on the network – or for that matter other computers on the Internet – are highly susceptible to contracting the virus.
    • Trojan Horse Programs
      • Delivery vehicles for destructive computer code
      • Appear to be harmless or useful software programs, such as computer games, but are actually enemies in disguise
    • Trojan Horse Programs
      • Can delete data, mail copies of themselves to e-mail address lists and open up computers to additional attacks
      • Can be contracted only by
        • copying the Trojan horse program to a computer
        • downloading from the internet or
        • opening an email attachment
    • Vandals
      • Web sites have come alive through the development of such software applications as ActiveX and Java Applets
        • enable animation and other special effects to run, making web sites more attractive and interactive
    • Caution
      • However, the ease with which these applications can be downloaded and run has provided a new vehicle for inflicting damage
      • Vandals can take on the form of a software application or applet that causes destruction of various degrees
      • A vandal can destroy a single file or a major portion of a computer system
    • Attacks
      • Innumerable types of network attacks have been documented, and they are commonly classified in three general categories:
        • reconnaissance attacks
        • access attacks, and
        • denial of service (DoS) attacks.
    • Reconnaissance Attacks
      • Reconnaissance - information gathering activities by which hackers collect data that is used to later compromise networks
      • Software tools, such as sniffers and scanners, are used to map out and exploit potential weaknesses in home computers, web servers and applications
        • Example – password cracking software
    • Access Attacks
      • Access attacks are conducted to gain entry to e-mail accounts, databases and other confidential information
    • Dos Attacks
      • DoS attacks prevent access to all or part of a computer system.
      • Usually achieved by sending large amounts of jumbled or other unmanageable data to a machine that is connected to the Internet, blocking legitimate traffic from getting through.
      • Even more malicious is a Distributed Denial of Service attack (DdoS) in which the attacker compromises multiple machines or hosts.
    • Data Interception
      • The intercepting perpetrators might eavesdrop on communications or even alter the data packets being transmitted
      • Various methods to intercept data
        • IP spoofing, for example, entails posing as an unauthorized party in the data transmission by using the internet protocol (IP) address of one of the data recipients
    • Scams
      • Stakes are higher as they've got easy access to millions of people on the internet
      • Email
        • May contain a hyperlink to a web site that asks you for personal information, including your password
        • May contain a solicitation for your credit card information in the guise of a billing request
    • Protect Yourself
      • Never give out your password, billing information or other personal information to strangers online
      • Be mindful of who you're talking with before you give out personal information
    • Protect Yourself
      • Don't click on hyperlinks or download attachments from people/web sites you don't know
      • Be skeptical of any company that doesn't clearly state its name, physical address and telephone numbe
      • Great Home Computer Security Webpage
      • http://www.cert.org/homeusers/HomeComputerSecurity/
    •  
    • Spam
      • Unsolicited e-mail or the action of broadcasting unsolicited advertising messages via e-mail
      • Takes up time and storage space on their computer
      • Report it to ISP. Check your ISP help areas to find out how to report spam
    • Security Tools
      • First, understand the threats
      • Second, put proper safeguards in place
      • Extensive choice of technologies
        • Anti-virus software packages
        • Firewalls for providing protection
        • Implement proper computer security without compromising the need for quick and easy access to information
    • Anti-virus Software
      • Relies on early warnings of new viruses, so that antidotes can be developed and distributed quickly
      • 1,000’s of new viruses being generated every month
        • Essential virus database be kept up to date
        • Record held by the anti-virus package that helps identify known viruses when they attempt to strike
        • Can prompt users to periodically collect new data
    • Security Policies
      • Rules and written or verbal regulations by which all staff, students and faculty operate
      • Often preempt security breaches
      • Customers or suppliers with access to certain parts of the network need to be adequately regulated
    • Passwords
      • Simplest and most common way to ensure that only those that have permission can enter your computer or certain parts of your computer network
      • Virtually ineffective if people do not protect their passwords.
      • The golden rules, or policies for passwords are:
        • Make passwords as meaningless as possible
        • Change passwords regularly
        • Never divulge passwords to anyone
    • Firewalls
      • A hardware or software solution to enforce security policies
      • Built-in filters that can disallow unauthorized or potentially dangerous material from entering the system
      • Logs attempted intrusions
    • Firewall Basics What They Do and How They Work
    • What Does a Firewall Do?
      • In general, firewalls try to keep people from remotely accessing your computer in bad ways when you are connected to the internet
    • How Do Firewalls Work?
      • Most firewalls are designed to allow or block specific types of data going to and from your computer to the internet
      • Allow "good" data traffic and block all "bad" data traffic
    • How Do Firewalls Work?
      • "Good" traffic is the kind you need to do things like: surf the web, download files, chat, share files, etc
      • "Bad" traffic is what hackers might do like: steal files on your computer, use a Trojan to control your computer, disrupt your connection or network, etc
      • Doors (ports) are points where a person (hacker) can get in
      • Think of a firewall as a security guard who is watching each door and who is going in and out of the doors
      Computer – a House With Many Doors
      • The firewall makes sure only the right doors get opened and that only the right people (data) have access to your house
      • Some firewalls can also hide your house (computer) so casual hackers can't see it (also called "stealth mode“)
      Computer – a House With Many Doors
    • What Traffic Is Good/What's Bad?
      • Experience
      • Reading
      • Learning
      • The easiest way is to start with a simple firewall program, see how it works and then graduate to more sophisticated solutions as you gain knowledge
    • Do Firewalls Prevent Viruses and Trojans?
      • NO!! A firewall can only prevent a virus or Trojan from accessing the internet while on your machine
      • 95% of all viruses and trojans are received via e-mail, through file sharing (like Kazaa or Gnucleus) or through direct download of a malicious program
      • Firewalls can't prevent this -- only a good anti-virus software program can
      • However, once installed on your PC, many viruses and trojans "call home" using the internet to the hacker that designed it
      • This lets the hacker activate the trojan and he/she can now use your PC for his/her own purposes
      • A firewall can block the call home and can alert you if there is suspicious behavior taking place on your system
      Do Firewalls Prevent Viruses and Trojans?
    • What Is "Stealth" Mode?
      • In theory, stealth mode hides all the ports on your computer from being visible to others on the internet.
        • Some think this makes them less vulnerable to a malicious attack and consider it the "holy grail" of firewall configurations.
      • While true that your ports are "invisible", a "stealthed" computer really looks like a black hole to a hacker.
        • Data goes in but it never comes out.
    • Stealth Mode
      • A good hacker can spot this behavior - may actually consider it a challenge to try to break in as he/she wonders what's there
        • Sometimes, staying in plain sight makes you less attractive as a target
      • Achieving "stealth" mode with some network configurations (such as Microsoft internet connection sharing or ICS) can be very difficult
      • Stealth mode can make it difficult for the networked computers to "see" and interact with the gateway computer
      • Computers don't stay "stealthed". The moment you do something that accesses the internet from your end, you're "unstealthed" because data is coming out
      • Any hacker with a packet sniffer who knows where to look can tell that something's there
    • Encryption
      • Ensures that messages cannot be intercepted/read by anyone other than the authorized recipient
      • Deployed to protect data transported over a public network (internet)
      • Uses advance mathematical algorithms to ‘scramble’ messages and their attachments
    • Encryption
      • Provides the security necessary to sustain the increasingly popular virtual private network (VPN) technology
        • VPNs are private connections, or tunnels, over public networks
        • Deployed to protect telecommuters, mobile workers, branch offices and business partners to corporate networks or each other
    • Summary
      • Common sense, some simple rules and a few pieces of technology can help protect your computer systems from unauthorized use
      • Important to remember that by protecting your own computer system, you're also doing your part to protect computers throughout the university
    • Resources at Cal Poly Pomona University
      • Foundation MIS
      • http://www.foundation.csupomona.edu/financial
      • Policies, procedures and guidelines
      • http://foundation.csupomona.edu/hr/hrpolicies.aspx
      • University I&IT
      • http:// www.csupomona.edu/~ehelp