Professional Documents
Culture Documents
Topics
Common Security Terminology Password Security E-mail Security Web Security Peer-to-Peer Filesharing
Terminology
Password Cracking
Password Cracker
An application that tries to obtain a password by repeatedly generating and comparing encrypted passwords or by authenticating multiple times to an authentication source.
Terminology
Password Cracking (contd)
Passwords are usually stored in an encrypted form with a one way encryption algorithm
If this data is compromised, password cracking can be moved to a standalone system for easier control and speed of cracking
Terminology
Biometrics
Science and technology of measuring and statistically analyzing biological data. When used in Information Technology it usually refers to the use of human traits for authentication This can include fingerprints, eye retinas and irises, voice patterns and a host of other consistent biological data
Terminology
Public Key Cryptography
Two keys, a.k.a. certificates, are available for each resource, one public and one private As the names imply, the public key can be shared freely while the private key is kept secret Items encrypted using the public key are decrypted with the private key and conversely anything encrypted with the private key can be decrypted with the public key
Terminology
Public Key Cryptography (contd)
This method of encryption is used to ensure secure communication is only between a valid, known, sender and recipient
Terminology
SSL
Secure Sockets Layer Uses Public Key Cryptography Negotiates a method to encrypt communication between a client and server Allows other network protocols to connect over top of it, such as web browsing and e-mail protocols Transport Layer Security (TLS) is a variant of SSL used to negotiate encryption within the network protocol being used
Terminology
Man-in-the-Middle Attack
A system between two hosts that either passively watches traffic to gain information used to replay a session or actively interferes with the connection, potentially imitating the remote system
Terminology
Zombies
Computer systems infected by a virus or trojan horse that allows the system to be remotely controlled for future exploits These systems may be used to send large amounts of spam email or take part in Distributed Denial of Service (DDoS) attacks
Terminology
Denial of Service Attack
Sending large amounts of data and requests to a remote system in order to inundate the remote computer or network A Distributed DoS is a a coordinated effort by a number of systems to perform a DoS on a single host
Terminology
Key Logging Software
Software installed on a system to capture and log all keystrokes
Security Exploit
A software bug, or feature, that allows access to a computer system beyond what was originally intended by the operator
Terminology
Firewall
Network device or software used to filter traffic to and from the connected resources Ranges from simple filters, blocking certain services and protocols, to more complex systems that plot traffic patterns Local operating system firewalls are referred to as personal firewall software
Terminology
Terminology
Where to find technology definitions
www.webopedia.com www.whatis.com www.techweb.com www.computeruser.com www.google.com
Password Security
According to CERT/CC (Computer Emergency Response Team / Coordination Center) approximately 80% of all network security issues are caused by bad passwords. Computer to Computer authentication can use large keysets and complex encryption while Human to Computer authentication relies on much easier methods
Password Security
How to deal with password limitations
Expiration
Decreases chances of cracking passwords
Complexity Requirements
Decreases ability of automated attacks by increasing possible character combinations
Length Requirements
The longer the password the more possible character combinations
Password Security
How to deal with password limitations
Password Lockouts
If a certain number of login attempts fails within a given timeframe the account is locked for a preset time period Stops brute force authentication attempts
Dictionary Checks
Simple checks against common dictionaries are used to increase password complexity
Password Security
Are password rules too complex?
Computer hardware speed and price are always dropping Post-it Notes
Is your computer in a locked room? Who has physical access to your system? A majority of system attacks originate through the network.
Password Security
Suggestions for Complex Passwords
Think of a phrase and use the first characters of each word, mix case and use numbers and special characters
It is good to change your password every 6 months = Iig2cyPe6m UI Vandals are number one = UiVdlsR#1
Password Security
Future Password Requirements
Decreasing password expiration times Certificate authentication Biometrics Two part identification, password and physical item
Password Security
Passwords are like Underwear!
Dont leave yours lying around Dont share them with friends The longer the better (warmer?) Change yours often Be mysterious
Password Security
E-mail Security
E-mail Security
Common E-mail Protocols
POP Post Office Protocol
Older protocol for downloading messages from an INBOX
E-mail Security
Secure e-mail protocols at the University
POPS POP over an SSL connection IMAPS IMAP over an SSL connection SMTP+TLS Negotiation of a TLS/SSL connection after connecting
E-mail Security
Digital Signatures and Encryption
Uses Public Key Cryptography Allows secure signing of messages as well as complete encryption
E-mail Security
Digital Signatures
Creates a checksum of an email message and then encrypts the message information using the senders private key. The message is then sent, without encryption, along with the digital signature usually containing the senders public key. The recipient can decode the message information using the public key and confirm the message was not altered in transit
E-mail Security
Digital Encryption
Requires the sender to have the public key of the message recipient A message is encrypted completely by the sender using the recipients public key The recipient receives the message and uses their private key to decrypt the message
E-mail Security
E-mail Security
What does this look like in e-mail clients?
Outlook uses S/MIME natively for encrypting and decrypting messages. A signed message has an icon that looks like a red ribbon. An encrypted message has a lock icon. Thunderbird also uses S/MIME and will display a key for an encrypted message and a pen for a signed message. Many other e-mail clients use similar methods to denote these types of messages. You can usually click on the icons to display additional information about the encoding
10
Web Security
HyperText Transfer Protocol (HTTP)
Modern web browsers are capable of using multiple protocols to download content although most data transfers use HTTP
Web Security
SSL
Very important on insecure networks such as wireless How to verify SSL in a Browser
https the web address begins with https meaning the connection is using HTTP over SSL Look for a Lock Icon Internet Explorer may display a Security Alert that you are about to view pages over a secure connection
Web Security
SSL (contd)
Certificate Authorities
A CA is an entity that issues certificates If you trust a CA you will trust the certificates issued by that CA Web browsers come with a standard collection of common certificate authorities including Verisign, Geotrust, Thawte and a number of others Be wary of untrusted certificates as it has the potential of being a man-in-the-middle attack
11
Web Security
SSL (contd)
Web Security
Spyware/Adware
Spyware is software designed to intercept or take partial control of a computer without the express consent of the operator Adware is similar to spyware except it is used primarily for advertising purposes and may have provided the user with information about its operation Regardless of the network level security, when browsing, spyware will have access to your data
Web Security
Web Browser Software Updates
Update, update, update! Security exploits can use your web browser to access your system, install software, delete data, spread viruses
12
Peer-to-Peer Filesharing
Peer-to-Peer Filesharing, or P2P, is using software to facilitate the transfer of data between two systems without the need for a central file server Common P2P apps are:
Kazaa eDonkey Morpheus Gnutella Clients (Limewire, Bearshare)
Peer-to-Peer Filesharing
Issues to consider with P2P filesharing
Copyright issues Spyware/Adware Zombies
Remote Control
Peer-to-Peer Filesharing
Install AntiVirus Software
Symantec Antivirus
Check for operating system and software updates regularly Install Spyware Detection Software
Microsoft Anti-Spyware Beta Spybot Adaware
13
Presentation Schedule
Tuesday November 29th 2005 Commons Crest 1:00pm Introduction to Computer Security
2:00pm 3:00pm
4:00pm
Presentation Schedule
Wednesday November 30th 2005 Commons Horizon 9:00am 10:00am 1:00pm 2:00pm 3:00pm 4:00pm Update, Update, Update: Patching Windows and Office Tools for Finding and Removing Rootkits SEL Cybersecurity Solutions for the Electric Power System Using Helix for Recovering from PC Hacks ISP Liability for Copyright Violations by Their Customers Phishing, Dont Get Reeled In
14
Presentation Schedule
Thursday December 1st 2005 Commons Horizon 9:00am Got Backup?
10:00am
15