Internet Security.ppt


Published on

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Internet Security.ppt

  1. 1. Internet Security <ul><li>Cameron Gianetti </li></ul><ul><li>Lap Hong </li></ul><ul><li>Ying-Chih Mao </li></ul><ul><li>Doung Wu </li></ul><ul><li>Simon Wu </li></ul>
  2. 2. Rising number of hackers <ul><li>difficult to estimate the number of hackers </li></ul><ul><li>only about two thousand or more sites offer free hacking tools </li></ul><ul><ul><li>unknown intruder </li></ul></ul><ul><ul><li>almost impossible to guard against. </li></ul></ul>
  3. 3. Number of incidents reported 00’-03’ <ul><li>an incident may involve one site or hundreds (or even thousands) of sites. Also, some incidents may involve ongoing activity for long periods of time. (“CERT/CC 1988-2003”) </li></ul>76,404 82,094 52,658 21,756 Incidents 2003 1Q-2Q 2002 2001 2000 Year
  4. 4. Growing complicated threats <ul><li>&quot;Love Letter&quot; worm May 2000 </li></ul><ul><li>more than 650 individual sites indicating more than 500,000 individual systems are affected </li></ul><ul><li>“ SQL Slammer” worm January 2003 </li></ul><ul><li>crashed the Internet and infected roughly “75,000 systems within 15 minutes” on all systems running Microsoft Windows </li></ul><ul><ul><li>considerable network degradation </li></ul></ul><ul><ul><li>huge amount of damages and cleanup costs </li></ul></ul>
  5. 5. Reduced spending on updating security software <ul><ul><li>network firewalls (“99%”) </li></ul></ul><ul><ul><li>anti-virus software (“98%”) </li></ul></ul><ul><ul><li>VPNs, virtual private network (“86%”) </li></ul></ul><ul><ul><li>only reduce risk, but not remove it </li></ul></ul><ul><ul><li>may be severely out of date tomorrow </li></ul></ul>
  6. 6. User authentication <ul><li>keep confidential information from unauthorized people </li></ul><ul><li>prove whether a user is who he or she claims to be. </li></ul><ul><ul><li>individual identity can be a password, a smart card, or a fingerprint. </li></ul></ul>
  7. 7. Access authorization <ul><li>avoid the information from being modified in unexpected ways </li></ul><ul><li>make sure that people who access to company resources are permitted to so. </li></ul>
  8. 8. Data encryption <ul><li>the process of scrambling a message so that it cannot be read until it is unscrambling again. </li></ul><ul><li>protect information while information is transferring between authorized entities </li></ul>
  9. 9. Spyware <ul><li>What is it? </li></ul><ul><li>It is any software which takes information from your computer without your knowledge or consent. </li></ul><ul><li>Types of Spyware available </li></ul><ul><li>Trojans </li></ul><ul><li>Web Bugs </li></ul><ul><li>Advertiser software </li></ul><ul><li>Stand-Alone Commercial Computer Monitoring. </li></ul>
  10. 10. <ul><li>They are programs which are placed on your system by tricking you. </li></ul><ul><li>It gets the from the story of the Trojan horse in Troy. </li></ul><ul><li>It pretends to be harmless. </li></ul>Trojans
  11. 11. <ul><li>They are Active X controls or cookies that track what you do online from web sites. </li></ul><ul><li>Could be used by online retail stores for marketing research. </li></ul>Web Bugs
  12. 12. <ul><li>It is software installed with certain ad-supported programs which watches what you do online in order to send you targeted advertising. </li></ul><ul><li>Online retail stores find what kind of products you look for and sends you ads related to your interests. </li></ul>Advertiser software
  13. 13. <ul><li>It is software sold for use by bosses, spouses, private investigators, or identity thieves. </li></ul><ul><li>It is used to gather everything you do on your computer for later retrieval. </li></ul>Stand-Alone Commercial Computer Monitoring
  14. 14. <ul><li> </li></ul><ul><li> </li></ul><ul><li>They’re software runs for about $50 for home computers. </li></ul><ul><li>Some virus scan software such as McAfee may be able to do the job. </li></ul>Anti-Spyware software
  15. 15. Firewalls What is a firewall? Why would you want a firewall? What can firewalls protect against? What can’t a firewall protect against? Can firewalls protect against viruses?
  16. 16. What is a firewall? <ul><li>A firewall is a group of systems that enforces access between networks </li></ul><ul><li>Enforces the inflow and outflow of data </li></ul><ul><li>Some emphasis on blocking data whereas others deal with permitting data. </li></ul><ul><li>Important feature is access control </li></ul>
  17. 17. Why would you want a firewall ? <ul><li>Helps protect your system from those who want to gain access </li></ul><ul><li>In corporations keeping databases safe is a priority </li></ul><ul><li>Keeps unwanted users out </li></ul>
  18. 18. What can firewalls protect againts? <ul><li>Helps keep hackers from accessing the company network </li></ul><ul><li>Helps block traffic from the outside to the inside </li></ul><ul><li>Can protect against any network borne attack </li></ul><ul><li>If attacked the firewall can be used as a tracing tool. </li></ul>
  19. 19. What can’t firewalls protect against? <ul><li>Can’t protect against trojaned clients </li></ul><ul><li>Cant’ protect from those inside the network </li></ul>
  20. 20. Can firewalls protect against viruses? <ul><li>Firewalls can’t protect very well against viruses. To many ways of encoding binary files </li></ul><ul><li>Can’t protect against a data-driven attack, in which something is emailed and is opened. </li></ul>
  21. 21. Viruses Origin <ul><li>First widely seen in the late 1980s </li></ul><ul><li>Second factor: people often download </li></ul><ul><li>free software/data from computer </li></ul><ul><li>bulletin board </li></ul><ul><li>Third factor: is the creation of </li></ul><ul><li>“Floppy Disk.” </li></ul>
  22. 22. Why the Creation? <ul><li>First Reason: The “Thrill” – sense of superiority </li></ul><ul><li>Second Reason: the thrill of watching things blows up </li></ul><ul><li>Third Reason: Bragging right or the thrill of doing it </li></ul>
  23. 23. Types of Infection <ul><li>Viruses -- A virus is a small piece of software that piggybacks on real programs. </li></ul><ul><li>E-mail viruses -- Automatically mailing itself to dozens of people in victim’s e-mail address book. </li></ul><ul><li>Worms -- A worm is a small piece of software that uses computer networks and security holes to replicate itself. </li></ul><ul><li>Trojan horses – does damage to program and may erase the hard drive. </li></ul>
  24. 24. Top 5 Viruses/worm <ul><li>1 st Lovgate.G worm - Destructive = NO Overall risk = Low Damage Potential = high </li></ul><ul><li>*It’s slow down memory in the system </li></ul>2 nd Swen.A worm - Destructive = NO Overall risk = Low Damag Potential = hight *Is destructive to via peer-to-peer file-sharing networks. Also terminates running antivirus and firewall software. 3 rd Nachi.A worm- Destructive = Yes Overall risk = Medium Damage Potential = High *Is similar to MsBlast Worm which will shut down operation system once the user is on line
  25. 25. Continue <ul><li>4 th Antinny.A worm – Destructive = No Overall Risk = very low </li></ul><ul><li>Damage Potential = Low </li></ul><ul><li>*Upon execution, this worm displays the following fake message </li></ul>5 th Java Applet Virus – Destructive = No Overall Risk = Low *Damage Potential = Medium *modifications of web sites
  26. 26. How does Antivirus Work? <ul><li>Scanning -- Allows user to analyze all the files one at a time and to check them in order to see if they contain a virus. </li></ul>Real-time monitoring -- This antivirus feature is constantly active, constantly monitoring to keep any suspect file at bay. Express repair – Once it detects an infected virus, an antivirus will first quarantine it in order to prevent it from multiplying .File scanning – scan all files on computer .Download scanning – scan all files that are being download form a ftp site .Heuristic scanning – scan all usual files .Email scanning – scan all received email
  27. 27. Antivirus Publishers . User can updates their current antivirus from a publishers bulletin board .Download removal tool or fellow instructions on the vendor site for virus removal .Getting helps from “Forum Site”
  28. 28. Anonymous IP <ul><li>IP Address - This address is a unique string of numbers that identifies a computer on the Internet. All resources on the Internet must have an IP address--or else they're not on the Internet at all. </li></ul><ul><li>IP Address - the most important piece of information a hacker needs to gain access to your computer. </li></ul>
  29. 29. What Can You Do? <ul><li>Firewalls (Blocked) </li></ul><ul><li>Routers (Drop Ping) </li></ul><ul><li>Anonymous Web Surfing Programs </li></ul>
  30. 30. Anonymous Web Surfing <ul><li>Zero-Knowledge Systems (ZKS) Network World , August 10, 1998 v15 n32 p1(1) </li></ul><ul><ul><li>Onion Routing </li></ul></ul><ul><li>PGP (Pretty Good Protection) </li></ul><ul><ul><li> </li></ul></ul><ul><li>Cookie Cruncher </li></ul><ul><ul><li> </li></ul></ul>
  31. 31. Conclusion and Recommendation <ul><li>can only reduce risk, but not remove it. </li></ul><ul><li>choose the degree of applying security </li></ul><ul><li>tools </li></ul><ul><li>keep pace on updating technology </li></ul><ul><li>stay with the innovations and new </li></ul><ul><li>trends in IT field </li></ul>