dkNET Webinar "Texera: A Scalable Cloud Computing Platform for Sharing Data a...
Information Systems Security: An Overview
1. Information Systems Security: An
Overview
Sotirios Kontogiannis1 and Apostolos Syropoulos2
1Western Macedonia
University of Applied Sciences
Grevena, Greece
skontog@ee.duth.gr
2Independent scholar
Xanthi, Greece
asyropoulos@yahoo.com
January 13, 2016
Xanthi
2. Introduction System Protection Malware Cyber-security Finale
Presentation Overview
1 Introduction
2 System Protection
3 Malware
4 Cyber-security
5 Finale
4. Introduction System Protection Malware Cyber-security Finale
What is IS Security?
Information system security is the software and hardware
mechanisms that prevent access to certain system resources:
5. Introduction System Protection Malware Cyber-security Finale
What is IS Security?
Information system security is the software and hardware
mechanisms that prevent access to certain system resources:
Access Control and restrictions per user per role;
6. Introduction System Protection Malware Cyber-security Finale
What is IS Security?
Information system security is the software and hardware
mechanisms that prevent access to certain system resources:
Access Control and restrictions per user per role;
System policy and restrictions; and
7. Introduction System Protection Malware Cyber-security Finale
What is IS Security?
Information system security is the software and hardware
mechanisms that prevent access to certain system resources:
Access Control and restrictions per user per role;
System policy and restrictions; and
Access Control and restriction per network/machine per role.
10. Introduction System Protection Malware Cyber-security Finale
What IS security does include?
Prevention of
System level security (e.g., OS attacks, application overflow,
etc.);
11. Introduction System Protection Malware Cyber-security Finale
What IS security does include?
Prevention of
System level security (e.g., OS attacks, application overflow,
etc.);
Network level security (e.g., network data evesdroping,
machine impersonization, etc.);
12. Introduction System Protection Malware Cyber-security Finale
What IS security does include?
Prevention of
System level security (e.g., OS attacks, application overflow,
etc.);
Network level security (e.g., network data evesdroping,
machine impersonization, etc.);
Physical attacks (e.g., boot computer with OS DVD);
13. Introduction System Protection Malware Cyber-security Finale
What IS security does include?
Prevention of
System level security (e.g., OS attacks, application overflow,
etc.);
Network level security (e.g., network data evesdroping,
machine impersonization, etc.);
Physical attacks (e.g., boot computer with OS DVD);
IS attacks via modified hardware [e.g., Mifare attacks (RFID
systems), etc.] and
14. Introduction System Protection Malware Cyber-security Finale
What IS security does include?
Prevention of
System level security (e.g., OS attacks, application overflow,
etc.);
Network level security (e.g., network data evesdroping,
machine impersonization, etc.);
Physical attacks (e.g., boot computer with OS DVD);
IS attacks via modified hardware [e.g., Mifare attacks (RFID
systems), etc.] and
IS malfunction via Hardware I/O attacks (e.g., USB device
plugged into a system).
16. Introduction System Protection Malware Cyber-security Finale
What does System Security protects?
The system hardware, which must be protected physically.
Maxim: Protect thy console before thy self!
17. Introduction System Protection Malware Cyber-security Finale
What does System Security protects?
The system hardware, which must be protected physically.
Maxim: Protect thy console before thy self!
The system’s OS and software resources. Also, users’ files
and per user OS restrictions.
18. Introduction System Protection Malware Cyber-security Finale
What does System Security protects?
The system hardware, which must be protected physically.
Maxim: Protect thy console before thy self!
The system’s OS and software resources. Also, users’ files
and per user OS restrictions.
The system’s local services (e.g., shared service resources).
20. Introduction System Protection Malware Cyber-security Finale
What does Network Security protects?
System services available to end users via the Internet or
Local network.
21. Introduction System Protection Malware Cyber-security Finale
What does Network Security protects?
System services available to end users via the Internet or
Local network.
The data that traverses through the network.
22. Introduction System Protection Malware Cyber-security Finale
What does Network Security protects?
System services available to end users via the Internet or
Local network.
The data that traverses through the network.
The machine network information and the levels of per
machine (pc) access on network resources (provided from
other machines).
24. Introduction System Protection Malware Cyber-security Finale
Hackers…
A person who secretly gets access to a computer system in
order to get information, cause damage, etc.
25. Introduction System Protection Malware Cyber-security Finale
Hackers…
A person who secretly gets access to a computer system in
order to get information, cause damage, etc.
Robert Tapan Morris: He released a worm that took down
one-tenth of the Internet, crippling 6,000 plus computer
systems.
26. Introduction System Protection Malware Cyber-security Finale
Hackers…
A person who secretly gets access to a computer system in
order to get information, cause damage, etc.
Robert Tapan Morris: He released a worm that took down
one-tenth of the Internet, crippling 6,000 plus computer
systems.
Vladimir Levin: Citybank hacker (1994).
27. Introduction System Protection Malware Cyber-security Finale
Hackers…
A person who secretly gets access to a computer system in
order to get information, cause damage, etc.
Robert Tapan Morris: He released a worm that took down
one-tenth of the Internet, crippling 6,000 plus computer
systems.
Vladimir Levin: Citybank hacker (1994).
Michael Calce: Yahoo hack (2000).
28. Introduction System Protection Malware Cyber-security Finale
Hackers…
A person who secretly gets access to a computer system in
order to get information, cause damage, etc.
Robert Tapan Morris: He released a worm that took down
one-tenth of the Internet, crippling 6,000 plus computer
systems.
Vladimir Levin: Citybank hacker (1994).
Michael Calce: Yahoo hack (2000).
David Smith: Melisa e-mail clone virus (2000).
29. Introduction System Protection Malware Cyber-security Finale
Hackers…
A person who secretly gets access to a computer system in
order to get information, cause damage, etc.
Robert Tapan Morris: He released a worm that took down
one-tenth of the Internet, crippling 6,000 plus computer
systems.
Vladimir Levin: Citybank hacker (1994).
Michael Calce: Yahoo hack (2000).
David Smith: Melisa e-mail clone virus (2000).
Adrian Lamo: The homeless hacker of Microsoft, New York
Times and Yahoo! (2000).
30. Introduction System Protection Malware Cyber-security Finale
Hackers…
A person who secretly gets access to a computer system in
order to get information, cause damage, etc.
Robert Tapan Morris: He released a worm that took down
one-tenth of the Internet, crippling 6,000 plus computer
systems.
Vladimir Levin: Citybank hacker (1994).
Michael Calce: Yahoo hack (2000).
David Smith: Melisa e-mail clone virus (2000).
Adrian Lamo: The homeless hacker of Microsoft, New York
Times and Yahoo! (2000).
Jonathan James: US department of defence hacker-spy.
31. Introduction System Protection Malware Cyber-security Finale
Hackers…
A person who secretly gets access to a computer system in
order to get information, cause damage, etc.
Robert Tapan Morris: He released a worm that took down
one-tenth of the Internet, crippling 6,000 plus computer
systems.
Vladimir Levin: Citybank hacker (1994).
Michael Calce: Yahoo hack (2000).
David Smith: Melisa e-mail clone virus (2000).
Adrian Lamo: The homeless hacker of Microsoft, New York
Times and Yahoo! (2000).
Jonathan James: US department of defence hacker-spy.
Gary Mckinnon: US Air Force, US Navy, and NASA systems
hacker.
32. Introduction System Protection Malware Cyber-security Finale
Hackers…
A person who secretly gets access to a computer system in
order to get information, cause damage, etc.
Robert Tapan Morris: He released a worm that took down
one-tenth of the Internet, crippling 6,000 plus computer
systems.
Vladimir Levin: Citybank hacker (1994).
Michael Calce: Yahoo hack (2000).
David Smith: Melisa e-mail clone virus (2000).
Adrian Lamo: The homeless hacker of Microsoft, New York
Times and Yahoo! (2000).
Jonathan James: US department of defence hacker-spy.
Gary Mckinnon: US Air Force, US Navy, and NASA systems
hacker.
Kevin Mitnick: switching system (PBX) phreacker (one who
gains illegal access to the telephone system).
34. Introduction System Protection Malware Cyber-security Finale
Vocabulary PART I
noob Someone who knows little and has no will to learn any
more.
35. Introduction System Protection Malware Cyber-security Finale
Vocabulary PART I
noob Someone who knows little and has no will to learn any
more.
script kiddie Someone who relies on premade exploit
programs and files (”scripts”) to conduct his hacking, and
refuses to bother to learn how they work.
36. Introduction System Protection Malware Cyber-security Finale
Vocabulary PART I
noob Someone who knows little and has no will to learn any
more.
script kiddie Someone who relies on premade exploit
programs and files (”scripts”) to conduct his hacking, and
refuses to bother to learn how they work.
lamer A person who knows little and uses nukes to do his
work
37. Introduction System Protection Malware Cyber-security Finale
Vocabulary PART I
noob Someone who knows little and has no will to learn any
more.
script kiddie Someone who relies on premade exploit
programs and files (”scripts”) to conduct his hacking, and
refuses to bother to learn how they work.
lamer A person who knows little and uses nukes to do his
work
cracker Someone who uses software cracking to modify a
program.
38. Introduction System Protection Malware Cyber-security Finale
Vocabulary PART I
noob Someone who knows little and has no will to learn any
more.
script kiddie Someone who relies on premade exploit
programs and files (”scripts”) to conduct his hacking, and
refuses to bother to learn how they work.
lamer A person who knows little and uses nukes to do his
work
cracker Someone who uses software cracking to modify a
program.
Warez Copyrighted works distributed without fees or
royalties, and may be traded, in general violation of
copyright law.
40. Introduction System Protection Malware Cyber-security Finale
Vocabulary Part II
warez d00dz Are part of the darkest internet subculture.
They usually copy the warez from their own software,
breaking copy protection if need be.
41. Introduction System Protection Malware Cyber-security Finale
Vocabulary Part II
warez d00dz Are part of the darkest internet subculture.
They usually copy the warez from their own software,
breaking copy protection if need be.
Guru An authority on computers and computing.
42. Introduction System Protection Malware Cyber-security Finale
Vocabulary Part II
warez d00dz Are part of the darkest internet subculture.
They usually copy the warez from their own software,
breaking copy protection if need be.
Guru An authority on computers and computing.
Poser One who tries to fit in but with exaggeration; pretends
to be someone whose not.
43. Introduction System Protection Malware Cyber-security Finale
Vocabulary Part II
warez d00dz Are part of the darkest internet subculture.
They usually copy the warez from their own software,
breaking copy protection if need be.
Guru An authority on computers and computing.
Poser One who tries to fit in but with exaggeration; pretends
to be someone whose not.
Leecher In the context of to peer to peer file sharing
protocols, or networks (e.g., Bittorrent), someone who
consumes bandwidth by downloading, yet has no will to
upload or give back to a community.
45. Introduction System Protection Malware Cyber-security Finale
Hackers…
The population pyramid of potential
Information System attackers
AVERAGE NONSKILLED USER
NOOB
KIDDIE SCRIPTER
LAMER
CRACKER
PHREAKS/WAREZ D00DZ
HACKER
GURU
>25,000
>50,000
<8,000
<3,000
<500
<150
POSER/WANNABEE
LEECHER
Population/10,000,000
47. Introduction System Protection Malware Cyber-security Finale
Hacker Manners
They use Jargon
(http://www.catb.org/jargon/html/go01.html).
48. Introduction System Protection Malware Cyber-security Finale
Hacker Manners
They use Jargon
(http://www.catb.org/jargon/html/go01.html).
The use nicknames from irc channesl (#hack or #linux).
49. Introduction System Protection Malware Cyber-security Finale
Hacker Manners
They use Jargon
(http://www.catb.org/jargon/html/go01.html).
The use nicknames from irc channesl (#hack or #linux).
Always two there are a master and an apprentice (Yoda
syntax!).
50. Introduction System Protection Malware Cyber-security Finale
Hacker Manners
They use Jargon
(http://www.catb.org/jargon/html/go01.html).
The use nicknames from irc channesl (#hack or #linux).
Always two there are a master and an apprentice (Yoda
syntax!).
Exchange knowledge with knowledge or zero date exploits
with remote access.
51. Introduction System Protection Malware Cyber-security Finale
Hacker Manners
They use Jargon
(http://www.catb.org/jargon/html/go01.html).
The use nicknames from irc channesl (#hack or #linux).
Always two there are a master and an apprentice (Yoda
syntax!).
Exchange knowledge with knowledge or zero date exploits
with remote access.
Follow strategy and protection measures (e.g., connect from
owned IP)
52. Introduction System Protection Malware Cyber-security Finale
Hacker Manners
They use Jargon
(http://www.catb.org/jargon/html/go01.html).
The use nicknames from irc channesl (#hack or #linux).
Always two there are a master and an apprentice (Yoda
syntax!).
Exchange knowledge with knowledge or zero date exploits
with remote access.
Follow strategy and protection measures (e.g., connect from
owned IP)
They do not portscan or sniff or expose themselves to
danger. They have lamers for this.
53. Introduction System Protection Malware Cyber-security Finale
Hacker Manners
They use Jargon
(http://www.catb.org/jargon/html/go01.html).
The use nicknames from irc channesl (#hack or #linux).
Always two there are a master and an apprentice (Yoda
syntax!).
Exchange knowledge with knowledge or zero date exploits
with remote access.
Follow strategy and protection measures (e.g., connect from
owned IP)
They do not portscan or sniff or expose themselves to
danger. They have lamers for this.
They never delete systems, only deface and install rootkits or
backdoors.
54. Introduction System Protection Malware Cyber-security Finale
Hacker Manners
They use Jargon
(http://www.catb.org/jargon/html/go01.html).
The use nicknames from irc channesl (#hack or #linux).
Always two there are a master and an apprentice (Yoda
syntax!).
Exchange knowledge with knowledge or zero date exploits
with remote access.
Follow strategy and protection measures (e.g., connect from
owned IP)
They do not portscan or sniff or expose themselves to
danger. They have lamers for this.
They never delete systems, only deface and install rootkits or
backdoors.
Maintain low profile and utilize social engineering
techniques.
56. Introduction System Protection Malware Cyber-security Finale
Malware or more …ware!
Computer Virus A binary patch set to a system’s executable
file “accidentally” by an administrator role.
57. Introduction System Protection Malware Cyber-security Finale
Malware or more …ware!
Computer Virus A binary patch set to a system’s executable
file “accidentally” by an administrator role.
Worm Something similar to a virus by design and is
considered to be a sub-class of a virus. Also, a worm has the
capability to travel without any human “intervention.”
58. Introduction System Protection Malware Cyber-security Finale
Malware or more …ware!
Computer Virus A binary patch set to a system’s executable
file “accidentally” by an administrator role.
Worm Something similar to a virus by design and is
considered to be a sub-class of a virus. Also, a worm has the
capability to travel without any human “intervention.”
Spyware Software that aims to gather information about a
person or force a person visit specific web, view ads using
popup windows sites or metasearch engines.
59. Introduction System Protection Malware Cyber-security Finale
Malware or more …ware!
Computer Virus A binary patch set to a system’s executable
file “accidentally” by an administrator role.
Worm Something similar to a virus by design and is
considered to be a sub-class of a virus. Also, a worm has the
capability to travel without any human “intervention.”
Spyware Software that aims to gather information about a
person or force a person visit specific web, view ads using
popup windows sites or metasearch engines.
Trojans A type of malware that is often disguised as
legitimate software. Users are typically tricked by some form
of social engineering into loading and executing Trojans on
their systems.
60. Introduction System Protection Malware Cyber-security Finale
Malware or more …ware!
Computer Virus A binary patch set to a system’s executable
file “accidentally” by an administrator role.
Worm Something similar to a virus by design and is
considered to be a sub-class of a virus. Also, a worm has the
capability to travel without any human “intervention.”
Spyware Software that aims to gather information about a
person or force a person visit specific web, view ads using
popup windows sites or metasearch engines.
Trojans A type of malware that is often disguised as
legitimate software. Users are typically tricked by some form
of social engineering into loading and executing Trojans on
their systems.
Exploit A small program (source code) that uses a system’s
vulnerability in order to gain unauthorized access to IS
resources
62. Introduction System Protection Malware Cyber-security Finale
Types of Exploits
Local exploits Applicable when the program requires local
system user access.
63. Introduction System Protection Malware Cyber-security Finale
Types of Exploits
Local exploits Applicable when the program requires local
system user access.
Remote exploits Applicable when the program requires only
service connection or service user access.
64. Introduction System Protection Malware Cyber-security Finale
Types of Exploits
Local exploits Applicable when the program requires local
system user access.
Remote exploits Applicable when the program requires only
service connection or service user access.
Zero date When the code is published in the Internet is less
that 3 months time.
66. Introduction System Protection Malware Cyber-security Finale
Types of Trojans
Root kit A collection of programs that enable
administrator-level access to a computer or computer
network.
67. Introduction System Protection Malware Cyber-security Finale
Types of Trojans
Root kit A collection of programs that enable
administrator-level access to a computer or computer
network.
Backdoor A method, often secret, of bypassing normal
authentication in a product, computer system, cryptosystem
or algorithm etc.
68. Introduction System Protection Malware Cyber-security Finale
Types of Trojans
Root kit A collection of programs that enable
administrator-level access to a computer or computer
network.
Backdoor A method, often secret, of bypassing normal
authentication in a product, computer system, cryptosystem
or algorithm etc.
Fake Antivirus It masquerades as legitimate software, but is
actually a malicious program that extorts money from you to
“fix” your computer.
69. Introduction System Protection Malware Cyber-security Finale
Types of Trojans
Root kit A collection of programs that enable
administrator-level access to a computer or computer
network.
Backdoor A method, often secret, of bypassing normal
authentication in a product, computer system, cryptosystem
or algorithm etc.
Fake Antivirus It masquerades as legitimate software, but is
actually a malicious program that extorts money from you to
“fix” your computer.
Spy Trojans Usaually a standalone program that allows a
hacker to monitor user’s activities on an infected computer.
Typically, they capture screen, keyboard, I/O operations.
70. Introduction System Protection Malware Cyber-security Finale
Types of Trojans
Root kit A collection of programs that enable
administrator-level access to a computer or computer
network.
Backdoor A method, often secret, of bypassing normal
authentication in a product, computer system, cryptosystem
or algorithm etc.
Fake Antivirus It masquerades as legitimate software, but is
actually a malicious program that extorts money from you to
“fix” your computer.
Spy Trojans Usaually a standalone program that allows a
hacker to monitor user’s activities on an infected computer.
Typically, they capture screen, keyboard, I/O operations.
Trojans to hide Trojans Malicious software that hides itself,
so its activity doesn’t appear in the list of processes.
71. Introduction System Protection Malware Cyber-security Finale
Types of Trojans
Root kit A collection of programs that enable
administrator-level access to a computer or computer
network.
Backdoor A method, often secret, of bypassing normal
authentication in a product, computer system, cryptosystem
or algorithm etc.
Fake Antivirus It masquerades as legitimate software, but is
actually a malicious program that extorts money from you to
“fix” your computer.
Spy Trojans Usaually a standalone program that allows a
hacker to monitor user’s activities on an infected computer.
Typically, they capture screen, keyboard, I/O operations.
Trojans to hide Trojans Malicious software that hides itself,
so its activity doesn’t appear in the list of processes.
OS kernel module Trojans A kind of Trojan horse which
combines with kernel Rootkit technologies.
73. Introduction System Protection Malware Cyber-security Finale
Network Security Malware
Port scanners (which posts are open?) and TCP
Fingerprinters (Detecting remote OS and its version).
74. Introduction System Protection Malware Cyber-security Finale
Network Security Malware
Port scanners (which posts are open?) and TCP
Fingerprinters (Detecting remote OS and its version).
Magic Packet Activated Backdoor The backdoor opens a
port, executes a signle command, initiates a session or
perform some other action when it received a single magic
packet.
75. Introduction System Protection Malware Cyber-security Finale
Network Security Malware
Port scanners (which posts are open?) and TCP
Fingerprinters (Detecting remote OS and its version).
Magic Packet Activated Backdoor The backdoor opens a
port, executes a signle command, initiates a session or
perform some other action when it received a single magic
packet.
IP Address Spoofing A hijacking technique in which a
cracker masquerades as a trusted host to conceal his identity
(e.g., sending e-mail from…NASA!).
76. Introduction System Protection Malware Cyber-security Finale
Network Security Malware
Port scanners (which posts are open?) and TCP
Fingerprinters (Detecting remote OS and its version).
Magic Packet Activated Backdoor The backdoor opens a
port, executes a signle command, initiates a session or
perform some other action when it received a single magic
packet.
IP Address Spoofing A hijacking technique in which a
cracker masquerades as a trusted host to conceal his identity
(e.g., sending e-mail from…NASA!).
Synchronize Packet Flood A cracker sends many connection
requests in a rapid pace without responding. This activity
leaves the first packet in the buffer so that other legitimate
connection requests cannot be completed
77. Introduction System Protection Malware Cyber-security Finale
Network Security Malware
Port scanners (which posts are open?) and TCP
Fingerprinters (Detecting remote OS and its version).
Magic Packet Activated Backdoor The backdoor opens a
port, executes a signle command, initiates a session or
perform some other action when it received a single magic
packet.
IP Address Spoofing A hijacking technique in which a
cracker masquerades as a trusted host to conceal his identity
(e.g., sending e-mail from…NASA!).
Synchronize Packet Flood A cracker sends many connection
requests in a rapid pace without responding. This activity
leaves the first packet in the buffer so that other legitimate
connection requests cannot be completed
Sniffer A network sniffers monitors data flowing over
computer network links.
79. Introduction System Protection Malware Cyber-security Finale
Network Security Malware II
Man-in-the-middle Attacks type of cyberattack where a
malicious actor inserts him/herself into a conversation
between two parties, impersonates both parties and gains
access to information that the two parties were trying to send
to each other.
80. Introduction System Protection Malware Cyber-security Finale
Network Security Malware II
Man-in-the-middle Attacks type of cyberattack where a
malicious actor inserts him/herself into a conversation
between two parties, impersonates both parties and gains
access to information that the two parties were trying to send
to each other.
Remote xploits Exploits done remotely by a cracker across
the Internet or by a user’s having privileges on the system.
Example: Fred Durst’s home computer was remotely
attacked and someone made a copy of a 2003 three-minute
private video in Durst’s possession.
81. Introduction System Protection Malware Cyber-security Finale
Network Security Malware II
Man-in-the-middle Attacks type of cyberattack where a
malicious actor inserts him/herself into a conversation
between two parties, impersonates both parties and gains
access to information that the two parties were trying to send
to each other.
Remote xploits Exploits done remotely by a cracker across
the Internet or by a user’s having privileges on the system.
Example: Fred Durst’s home computer was remotely
attacked and someone made a copy of a 2003 three-minute
private video in Durst’s possession.
Denial of Service (DoS) An attacker attempts to prevent
legitimate users from accessing information or services. By
targeting your computer and its network connection, or the
computers and network of the sites you are trying to use, an
attacker may be able to prevent you from accessing websites
or other services that rely on the affected computer.
83. Introduction System Protection Malware Cyber-security Finale
What is Cryptography?
Cryptography is the art and science of keeping information
secure from unintended audiences.
84. Introduction System Protection Malware Cyber-security Finale
What is Cryptography?
Cryptography is the art and science of keeping information
secure from unintended audiences.
It is achieved by making information unintelligible.
85. Introduction System Protection Malware Cyber-security Finale
What is Cryptography?
Cryptography is the art and science of keeping information
secure from unintended audiences.
It is achieved by making information unintelligible.
Here is how it works:
plaintext
encryption
ciphertext
decryption
plaintext
Example: Caesar’s cipher is a type of substitution cipher in
which each letter in the plaintext is “shifted” a certain
number of places down the alphabet. For instance the word
“Lillija” is ecrypted as “Uruursj” if we shift 9 places.
86. Introduction System Protection Malware Cyber-security Finale
What is Cryptography?
Cryptography is the art and science of keeping information
secure from unintended audiences.
It is achieved by making information unintelligible.
Here is how it works:
plaintext
encryption
ciphertext
decryption
plaintext
Example: Caesar’s cipher is a type of substitution cipher in
which each letter in the plaintext is “shifted” a certain
number of places down the alphabet. For instance the word
“Lillija” is ecrypted as “Uruursj” if we shift 9 places.
Post-quantum cryptography.
88. Introduction System Protection Malware Cyber-security Finale
System Security Countermeasures
Keep The Operating System up to date.
89. Introduction System Protection Malware Cyber-security Finale
System Security Countermeasures
Keep The Operating System up to date.
Depending on your OS install antivirus software.
90. Introduction System Protection Malware Cyber-security Finale
System Security Countermeasures
Keep The Operating System up to date.
Depending on your OS install antivirus software.
Gather Information about zero day threats:
91. Introduction System Protection Malware Cyber-security Finale
System Security Countermeasures
Keep The Operating System up to date.
Depending on your OS install antivirus software.
Gather Information about zero day threats:
http://www.symantec.com/security_response/
92. Introduction System Protection Malware Cyber-security Finale
System Security Countermeasures
Keep The Operating System up to date.
Depending on your OS install antivirus software.
Gather Information about zero day threats:
http://www.symantec.com/security_response/
http://www.esecurityplanet.com/
93. Introduction System Protection Malware Cyber-security Finale
System Security Countermeasures
Keep The Operating System up to date.
Depending on your OS install antivirus software.
Gather Information about zero day threats:
http://www.symantec.com/security_response/
http://www.esecurityplanet.com/
http://www.securityfocus.com/
94. Introduction System Protection Malware Cyber-security Finale
System Security Countermeasures
Keep The Operating System up to date.
Depending on your OS install antivirus software.
Gather Information about zero day threats:
http://www.symantec.com/security_response/
http://www.esecurityplanet.com/
http://www.securityfocus.com/
Periodically use vulnerability scanner software:
95. Introduction System Protection Malware Cyber-security Finale
System Security Countermeasures
Keep The Operating System up to date.
Depending on your OS install antivirus software.
Gather Information about zero day threats:
http://www.symantec.com/security_response/
http://www.esecurityplanet.com/
http://www.securityfocus.com/
Periodically use vulnerability scanner software:
http://sectools.org/tag/vuln-scanners/
97. Introduction System Protection Malware Cyber-security Finale
Network Security Countermeasures
Use custom configured firewall that filters traffic.
98. Introduction System Protection Malware Cyber-security Finale
Network Security Countermeasures
Use custom configured firewall that filters traffic.
Use port sensitive sniffers (port sentry) to detect scanners.
99. Introduction System Protection Malware Cyber-security Finale
Network Security Countermeasures
Use custom configured firewall that filters traffic.
Use port sensitive sniffers (port sentry) to detect scanners.
Check thoroughly network services configuration.
100. Introduction System Protection Malware Cyber-security Finale
Network Security Countermeasures
Use custom configured firewall that filters traffic.
Use port sensitive sniffers (port sentry) to detect scanners.
Check thoroughly network services configuration. Update
services and check shared service resources permissions
101. Introduction System Protection Malware Cyber-security Finale
Network Security Countermeasures
Use custom configured firewall that filters traffic.
Use port sensitive sniffers (port sentry) to detect scanners.
Check thoroughly network services configuration. Update
services and check shared service resources permissions
Use Network Intrusion Detection System to catch threats
targeting your vulnerable systems.
105. Introduction System Protection Malware Cyber-security Finale
Finale!
We presented
general information about IS;
what system protection means;
106. Introduction System Protection Malware Cyber-security Finale
Finale!
We presented
general information about IS;
what system protection means;
the various forms of malware;
107. Introduction System Protection Malware Cyber-security Finale
Finale!
We presented
general information about IS;
what system protection means;
the various forms of malware;
advice on cyber-security.
108. Introduction System Protection Malware Cyber-security Finale
Finale!
We presented
general information about IS;
what system protection means;
the various forms of malware;
advice on cyber-security.
Thank you very much for your attension!