Big IT Firm Gets It!
ITMA Fall 2008 K.Ng
17-Nov-08 ITAM K.Ng 1 17-Nov-08 ITAM K.Ng 2
In the News… In the News…
都市日報 4 Nov 2008
17-Nov-08 ITAM K.Ng 3 17-Nov-08 ITAM K.Ng 4
And remember this?
17-Nov-08 ITAM K.Ng 5 17-Nov-08 ITAM K.Ng 6
What you will learn? What is computer security?
Types of threats Protection of computing systems and
Guidelines on protecting yourself the data that they store or access.
17-Nov-08 ITAM K.Ng 7 17-Nov-08 ITAM K.Ng 8
What could happen if your computer is
Why is it important? compromised?
Enable you to carry out your duties 1. Could be used to hide programs that launch
attacks on other computers.
Protect personal and sensitive info.
2. Could be generating large volumes of unwanted
traffic, slowing down the entire system.
3. Someone could be distributing illegal software
from your computer.
4. Someone could access personal info. From your
5. Someone could record all of your keystrokes and
get your passwords.
17-Nov-08 ITAM K.Ng 9 17-Nov-08 ITAM K.Ng 10
Answer? It is NOT just an IT problem
All of the above! 10% of security safeguards are
90% of security safeguards rely on the
computer user to observe good
IT Security is everyone’s responsibility!!!
17-Nov-08 ITAM K.Ng 11 17-Nov-08 ITAM K.Ng 12
Social Engineering Three common examples
The practice of obtaining confidential info. by 1. Spam scams: deceptive emails to get people
manipulation of legitimate users.
to reveal info.
Users are the weakest link in security.
“They” will use the telephone, Internet, email to 2. Impersonation: pose as someone in authority
trick people into revealing sensitive info. or get or IT personnel to obtain info. or access to
them to do something against the policy. systems.
For more info:
http://hk.youtube.com/watch?v=xn9hH1BckPE 3. Dumpster diving: go thro’ trash to obtain
“The Art of Deception”, Kelvin Mitnick, 2003. valuable info.
Movie (2000) & book (1996) “Takedown”
17-Nov-08 ITAM K.Ng 13 17-Nov-08 ITAM K.Ng 14
Case (1) Safely destroy files on HD?
Mr Chapman found important This?
personal data on a computer
he bought on ebay.
Affected a million bank Or this?
customers from RBS, • http://hk.youtube.com/watch?v=8M9fNu3X1K4
NatWest, AmEx. Or this?
Under investigation by the Info
£35 from eBay!
From Daily Mail UK, 27Aug08
17-Nov-08 ITAM K.Ng 15 17-Nov-08 ITAM K.Ng 16
Cheaper solutions… Spam scams
Email asks you to go to a website to update your
http://cmrr.ucsd.edu/people/Hughes/SecureErase.shtml personal info.
Phishing scam archive
Phony security alert
Emails or pop-up windows warn that your computer is
at risk of being infected or hacked and contain an
attachment or link to a patch to fix the problem.
Nigerian bank account scam
Collect your money and bank account info.
17-Nov-08 ITAM K.Ng 17 17-Nov-08 ITAM K.Ng 18
Examples of phone prank Sarah Palin called by Nicolas!
A very popular radio program in the late 80s.
17-Nov-08 ITAM K.Ng 19 17-Nov-08 ITAM K.Ng 20
Avoid social engineering Computer Viruses
DO NOT give sensitive personal info. to
anyone you don’t know or who doesn’t
have a legitimate need for it.
Destroy or securely erase sensitive info.
before recycling or throwing it away.
Delete unsolicited emails immediately.
Sounds too good to be true? It is!
Report to the authority.
17-Nov-08 ITAM K.Ng 21 17-Nov-08 ITAM K.Ng 22
What is it? Types of viruses (i)
A self-replicating program that spreads Macro Viruses
by inserting copies of itself onto other Use command (macros) embedded in other
executable code or documents. software to infect and spread to other files
viewed by that software, e.g. Word/Excel.
It will perform a function, e.g. delete
17-Nov-08 ITAM K.Ng 23 17-Nov-08 ITAM K.Ng 24
Macro Protection in Word 2007 Types of viruses (ii)
Duplicate themselves and use
communications such as emails to spread.
They can look at your email address book
and send themselves to users in your
17-Nov-08 ITAM K.Ng 25 17-Nov-08 ITAM K.Ng 26
Worms examples Type of viruses (iii)
Spyworm.Win32 File viruses
Attach themselves to other software. When
the software is run, the virus first loads itself
into memory so that it can further infect
other files or begin damaging the computer.
Programs that claim to perform a particular
function but in fact do something different
17-Nov-08 ITAM K.Ng 27 17-Nov-08 ITAM K.Ng 28
Type of viruses (iv) Example
Backdoor Trojans “I Love You” and “Bagle” worms
Programs that allow other computer users to They spread themselves via email
remotely control your computer via attachments.
networks. It sends an email with itself as an
Boot Sector Viruses attachment to everyone in that computer’s
Infect a computer’s startup program so that
email address books.
the virus would become active as soon as Worms are also often designed to use up
the computer started up. resources on that computer, such as,
memory and processing power.
17-Nov-08 ITAM K.Ng 29 17-Nov-08 ITAM K.Ng 30
Virus Scanners Malware
Online scanner A general term for software that is
http://housecall65.trendmicro.com installed on your computer without your
knowledge and often your consent to
perform various tasks.
Free (non-commercial use)
http://free.avg.com Grisoft’s AVG
http://www.free-av.com Avira AntiVir Personal
http://www.avast.com Avast! Home Ed.
17-Nov-08 ITAM K.Ng 31 17-Nov-08 ITAM K.Ng 32
Types of Malware Malware scanners
Adware Lavasoft Ad-Aware 2008 Free
Annoying pop-ups, install IT menu bars, www.lavasoft.com/products/ad_aware_free.php
targeted ads. according to your online Spybot Search and Destroy
shopping habits or surfing habits.
Microsoft Windows Defender (with Vista)
Collects user details, such as, passwords,
credit card info.
Pop-up windows with active-x control.
17-Nov-08 ITAM K.Ng 33 17-Nov-08 ITAM K.Ng 34
Good Password Good password
At least 8 characters containing 3 of the Or a passphrase at least 10 characters
following 4 categories: A memorable phrase, e.g. song or book title,
Lower case letters (a-z) line of poetry…etc.
Upper case letters (A-Z) A phrase that has personal meaning but
Numbers (0-9) might not appear widely.
Special characters (! # ? /) e.g. a random line from your favorite movie.
Combining phrases is better.
17-Nov-08 ITAM K.Ng 35 17-Nov-08 ITAM K.Ng 36
A word found in dictionary, whether spelled
forwards or backwards, or a word preceded
or followed by a digit (e.g. secret1, 1terces)
Demo: Include user name or login name
Include personal info: family names,
A phrase into a password places, pets, birthdays, address, hobbies,
phone nos. …etc.
Slang, dialect, jargon…etc.
Keyboard sequences, e.g. qwerty, asdfg,
17-Nov-08 ITAM K.Ng 37 17-Nov-08 ITAM K.Ng 38
Password security guidelines More on password
Never share your password with anyone How to create passwords
else for any reason. http://www.microsoft.com/protect/yourself/pa
Passwords should not be written down, ssword/create.mspx
stored electronically (e.g. browser) or
published. Test your password strength
Use different passwords for different http://www.microsoft.com/protect/yourself/pa
Change password regularly.
17-Nov-08 ITAM K.Ng 39 17-Nov-08 ITAM K.Ng 40
Firewall What is it?
It inspects network traffic passing through it,
and denies or permits passage based on a
set of rules.
17-Nov-08 ITAM K.Ng 41 17-Nov-08 ITAM K.Ng 42
Types of firewall
Packet filter Stateful packet inspection (SPI)
Pass/drop individual packets according to a Examine packets in groups rather than
set of rules individually.
Inspect source and destination IP and port Avoid attacks like SYN Floods, DoS
Port Description Application layer
21 FTP File Transfer Protocol Filter traffics on the application level
25 SMTP Simple Mail Transfer Protocol
110 Post Office Protocol (POP3)
17-Nov-08 ITAM K.Ng 43 17-Nov-08 ITAM K.Ng 44
Network address translation
Managing firewalls = A Profession
Translate address to private range Enterprise-class firewalls
10.0.0.0 – 10.255.255.255 CheckPoint
172.16.0.0 – 172.31.255.255 Juniper (Netscreen)
192.168.0.0 – 192.168.255.255 ○ http://www.juniper.net/products/models/srx5800/
e.g. CISSP from (ISC)2 , CISA
17-Nov-08 ITAM K.Ng 45 17-Nov-08 ITAM K.Ng 46
Sending info. Over the internet
Wireless security (Access Point)
Change your AP’s admin. login/Pwd Watch this
Change your default SSID http://onguardonline.gov/tools/recognize-
Disable SSID Broadcast
Encryption: WPA-PSK, avoid old WEP
Demo – online shopping
Media Access Control (MAC) Authentication
17-Nov-08 ITAM K.Ng 47 17-Nov-08 ITAM K.Ng 48
Encryption (1) Encryption (2)
Private Key Encryption Public Key Encryption
Encrypt a message http://www.encodor.com Bob sends a secret message to Alice
Encrypt a file http://file-encryptor.com/
Problems with private key?
Diagrams from wikipedia
17-Nov-08 ITAM K.Ng 49 17-Nov-08 ITAM K.Ng 50
12 Good IT Practices Cont’ (1)
1. Choose good passwords and protect 6. Shut down, lock, log off before leaving it
them unattended, and make sure it requires a
2. Cautious when using internet password to start-up.
3. Safe emailing 7. Make sure your computer is protected
4. Secure your area before leaving it with anti-virus, security patches,
5. Secure your portable computer at all 8. Don’t keep sensitive info. on portable
17-Nov-08 ITAM K.Ng 51 17-Nov-08 ITAM K.Ng 52
Cont’ (2) Conclusion
9. Don’t install or download unknown or This is only a very short introduction
unsolicited programs to your computer Remember to protect yourself at all times.
10. Avoid using P2P programs, e.g. … and Internet is like , not safe.
11. Don’t use illegal software.
12. Make backup copies of files or date you http://www.staysafeonline.org
are not willing to lose --- and store the http://onguardonline.gov/
copies very securely.
modified from http://its.ucsc.edu/security_awareness/top10.php
17-Nov-08 ITAM K.Ng 53 17-Nov-08 ITAM K.Ng 54