ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office •...
Transcript of ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office •...
![Page 1: ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office • “Total Security is an illusion – security will always be slightly broken.” •](https://reader036.fdocuments.in/reader036/viewer/2022071019/5fd337080ec5d466ad355826/html5/thumbnails/1.jpg)
Student Tech Security TrainingITS Security Office
![Page 2: ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office • “Total Security is an illusion – security will always be slightly broken.” •](https://reader036.fdocuments.in/reader036/viewer/2022071019/5fd337080ec5d466ad355826/html5/thumbnails/2.jpg)
ITS Security Office
• “Total Security is an illusion – security will always be slightly broken.”
• Find strategies for living with it.• Monitor our Network with IDS• Incident Response• Work with Network Security Contacts• Education• System Security Assessment• Policy Compliance
– Copyright Violations
![Page 3: ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office • “Total Security is an illusion – security will always be slightly broken.” •](https://reader036.fdocuments.in/reader036/viewer/2022071019/5fd337080ec5d466ad355826/html5/thumbnails/3.jpg)
Network Citizenship Policy
• Intended to protect campus network.• At UI persons owning or overseeing
network connected systems are responsible for securing them.
• Servers, laptops, handhelds, lab equipment, etc.
• Systems posing a threat to campus network will be removed.
![Page 4: ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office • “Total Security is an illusion – security will always be slightly broken.” •](https://reader036.fdocuments.in/reader036/viewer/2022071019/5fd337080ec5d466ad355826/html5/thumbnails/4.jpg)
Who are the Customers
• Faculty viewpoint– Loss of Control– Loss of Privacy– Transparency
• Unforgettable experiences• Be a resource
– Share experiences– Lend advice
![Page 5: ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office • “Total Security is an illusion – security will always be slightly broken.” •](https://reader036.fdocuments.in/reader036/viewer/2022071019/5fd337080ec5d466ad355826/html5/thumbnails/5.jpg)
Baseline Security Standards
• Software Updates – Automatic updates
• Anti-virus – UI site license – Update virus signatures
• Strong Administrator Passwords• Support Contacts• Best Practices
– http://cio.uiowa.edu/ITsecurity/bestprac/
![Page 6: ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office • “Total Security is an illusion – security will always be slightly broken.” •](https://reader036.fdocuments.in/reader036/viewer/2022071019/5fd337080ec5d466ad355826/html5/thumbnails/6.jpg)
Legal Responsibilities
• Confidential Data– HR Data– University records
• Legally Protected Data– HIPAA - Health Insurance Portability and
Accountability Act– FERPA – Family Educational Rights and
Privacy Act– Graham Leach Bliley
![Page 7: ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office • “Total Security is an illusion – security will always be slightly broken.” •](https://reader036.fdocuments.in/reader036/viewer/2022071019/5fd337080ec5d466ad355826/html5/thumbnails/7.jpg)
What’s an Incident
• Incidents– System Intrusion
• Web defacement
– Intrusion Attempts– Malicious Scanning– Viruses – Malware– Others?
• When to Report?• How to Report?
![Page 8: ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office • “Total Security is an illusion – security will always be slightly broken.” •](https://reader036.fdocuments.in/reader036/viewer/2022071019/5fd337080ec5d466ad355826/html5/thumbnails/8.jpg)
Incident Response
![Page 9: ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office • “Total Security is an illusion – security will always be slightly broken.” •](https://reader036.fdocuments.in/reader036/viewer/2022071019/5fd337080ec5d466ad355826/html5/thumbnails/9.jpg)
Where do threats come from?
• Unmanaged machines• Automated programs or scripts
– Script kiddies
![Page 10: ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office • “Total Security is an illusion – security will always be slightly broken.” •](https://reader036.fdocuments.in/reader036/viewer/2022071019/5fd337080ec5d466ad355826/html5/thumbnails/10.jpg)
Types of Threats
• Malware– Viruses– Worms– Bot Networks– Trojans– Key-stroke loggers– RootKits - Hacker Defender
• Software Vulnerabilities– Privilege Elevation– Bugs / Glitches / Fuzzing– Full Disclosure vs. Obscurity
![Page 11: ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office • “Total Security is an illusion – security will always be slightly broken.” •](https://reader036.fdocuments.in/reader036/viewer/2022071019/5fd337080ec5d466ad355826/html5/thumbnails/11.jpg)
Types of Threats
• Social Engineering– Phishing
• Tricking people to run applications, open e-mail attachments or navigate to websites
• Cross Site Scripting – Trojan website
• Identity Theft– Credential Theft / Impersonation– Financial Theft
![Page 12: ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office • “Total Security is an illusion – security will always be slightly broken.” •](https://reader036.fdocuments.in/reader036/viewer/2022071019/5fd337080ec5d466ad355826/html5/thumbnails/12.jpg)
Report & Prevent
• Report Phishing– http://www.antiphishing.org/phishing_arc
hive.html
• Information about Identity Theft– http://www.consumer.gov/idtheft/index.h
tml
![Page 13: ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office • “Total Security is an illusion – security will always be slightly broken.” •](https://reader036.fdocuments.in/reader036/viewer/2022071019/5fd337080ec5d466ad355826/html5/thumbnails/13.jpg)
Spyware
• Spyware– How do you get Spyware
• By downloading “Attractive” applications, utilities and games
• Utilities like Weatherbug• P2P file sharing
– Obscure EULAs– Captures data from your computer– Monitors your actions on the Internet– Installs programs without your consent– Places “Intelligent” Ads
![Page 14: ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office • “Total Security is an illusion – security will always be slightly broken.” •](https://reader036.fdocuments.in/reader036/viewer/2022071019/5fd337080ec5d466ad355826/html5/thumbnails/14.jpg)
You might have spyware if:
• You notice new toolbars, links, or favorites that you did not want or place in your Web browser.
• Your default home page, mouse pointer, or search program changes.
• You type the address for a specific Web site, but are taken to another Web site without notice.
• You see a lot of pop-up ads, even if you're not on the Internet.
• Your computer suddenly performs slowly or seems unstable.
![Page 15: ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office • “Total Security is an illusion – security will always be slightly broken.” •](https://reader036.fdocuments.in/reader036/viewer/2022071019/5fd337080ec5d466ad355826/html5/thumbnails/15.jpg)
Hacking Google
• Use search engines to find vulnerabilities
• http://johnny.ihackstuff.com• usernames
– filetype:log username putty
• Management Consoles– inurl:rpSys.html
• And Many more
![Page 16: ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office • “Total Security is an illusion – security will always be slightly broken.” •](https://reader036.fdocuments.in/reader036/viewer/2022071019/5fd337080ec5d466ad355826/html5/thumbnails/16.jpg)
What’s our exposure
• Fast Internet connection• Thousands of fast computers• University Values
– Unrestricted Internet access– Individual / Academic Freedom– Distributed management– Unmanaged computers– Broad Acceptable Use Policy
• Can we block threats?• Do we block threats?
![Page 17: ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office • “Total Security is an illusion – security will always be slightly broken.” •](https://reader036.fdocuments.in/reader036/viewer/2022071019/5fd337080ec5d466ad355826/html5/thumbnails/17.jpg)
Countermeasures & Best Practices
• Educated Computer Users – Understand relevant technology– Understand the threats– Timely response to problems
![Page 18: ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office • “Total Security is an illusion – security will always be slightly broken.” •](https://reader036.fdocuments.in/reader036/viewer/2022071019/5fd337080ec5d466ad355826/html5/thumbnails/18.jpg)
Countermeasures & Best Practices
• Careful Computer Management– Automate OS + Application Patching– Update Anti-virus signatures– Regular reliable backups– Strong Passwords– Principle of Least Privilege
• UAC – User Account Control• Access Control Lists
– Security Auditing • MBSA – MS Baseline Analyzer
– Securely Store and Erase Confidential Data
![Page 19: ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office • “Total Security is an illusion – security will always be slightly broken.” •](https://reader036.fdocuments.in/reader036/viewer/2022071019/5fd337080ec5d466ad355826/html5/thumbnails/19.jpg)
Countermeasures & Best Practices
• Careful Computer Management– Physical Security
• MS Threats and Countermeasures guide– http://www.microsoft.com/windowsxp/usi
ng/helpandsupport/getstarted/ballew_03may19.mspx
• System services• Software restrictions
• XP Security Guide– http://www.microsoft.com/technet/securit
y/prodtech/windowsxp/secwinxp/default.mspx
![Page 20: ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office • “Total Security is an illusion – security will always be slightly broken.” •](https://reader036.fdocuments.in/reader036/viewer/2022071019/5fd337080ec5d466ad355826/html5/thumbnails/20.jpg)
Countermeasures & Best Practices
• Security Tools– Host Based Firewall
• Windows Firewall• Symantec Client Security• IPSEC Rules
– Anti-virus• Symantec Corporate Edition
– Anti-spyware• Windows Defender• Symantec Anti-virus
– Security Configuration• MS Security Templates
![Page 21: ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office • “Total Security is an illusion – security will always be slightly broken.” •](https://reader036.fdocuments.in/reader036/viewer/2022071019/5fd337080ec5d466ad355826/html5/thumbnails/21.jpg)
Log Monitoring
• How do you know when your being attacked?
• How do you know you’ve been attacked– Security Event Log– http://www.ultimatewindowssecurity.com
/encyclopedia.html
![Page 22: ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office • “Total Security is an illusion – security will always be slightly broken.” •](https://reader036.fdocuments.in/reader036/viewer/2022071019/5fd337080ec5d466ad355826/html5/thumbnails/22.jpg)
Windows Defender
• http://www.microsoft.com/athome/security/spyware/software/default.mspx
• Real-time defense• Few false positives• Automatic updates
![Page 23: ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office • “Total Security is an illusion – security will always be slightly broken.” •](https://reader036.fdocuments.in/reader036/viewer/2022071019/5fd337080ec5d466ad355826/html5/thumbnails/23.jpg)
MS 10 ways to work more securely
• http://www.microsoft.com/AtWork/getstarted/worksecure.mspx
![Page 24: ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office • “Total Security is an illusion – security will always be slightly broken.” •](https://reader036.fdocuments.in/reader036/viewer/2022071019/5fd337080ec5d466ad355826/html5/thumbnails/24.jpg)
Protect Your Computer!
• http://helpdesk.its.uiowa.edu/security
![Page 25: ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office • “Total Security is an illusion – security will always be slightly broken.” •](https://reader036.fdocuments.in/reader036/viewer/2022071019/5fd337080ec5d466ad355826/html5/thumbnails/25.jpg)
Security Vs. Convenience
![Page 26: ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office • “Total Security is an illusion – security will always be slightly broken.” •](https://reader036.fdocuments.in/reader036/viewer/2022071019/5fd337080ec5d466ad355826/html5/thumbnails/26.jpg)
MBSA Hands - on
• Identifies Common Vulnerabilities– Weak or unmannaged policies and
configurations– Missing OS security updates– User accounts …
![Page 27: ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office • “Total Security is an illusion – security will always be slightly broken.” •](https://reader036.fdocuments.in/reader036/viewer/2022071019/5fd337080ec5d466ad355826/html5/thumbnails/27.jpg)
Disaster Recovery
• “Backups, Like care insurance, you don’t need it until you need it.”
• “But if you need it, you’d better have it!”• Types of Backup
– Network Drives– External Media
• Tape Drive• CD / DVD• USB
![Page 28: ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office • “Total Security is an illusion – security will always be slightly broken.” •](https://reader036.fdocuments.in/reader036/viewer/2022071019/5fd337080ec5d466ad355826/html5/thumbnails/28.jpg)
NT Backup
• System State
![Page 29: ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office • “Total Security is an illusion – security will always be slightly broken.” •](https://reader036.fdocuments.in/reader036/viewer/2022071019/5fd337080ec5d466ad355826/html5/thumbnails/29.jpg)
System Restore
• Restore points• System Checkpoints
![Page 30: ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office • “Total Security is an illusion – security will always be slightly broken.” •](https://reader036.fdocuments.in/reader036/viewer/2022071019/5fd337080ec5d466ad355826/html5/thumbnails/30.jpg)
What should I backup?
![Page 31: ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office • “Total Security is an illusion – security will always be slightly broken.” •](https://reader036.fdocuments.in/reader036/viewer/2022071019/5fd337080ec5d466ad355826/html5/thumbnails/31.jpg)
Does the restore work?
• “Yes, I’m in charge of backups”• “I said backups, I don’t know who’s in
charge of restores”• Test your restore methods• Does your backup contain everything
needed?
![Page 32: ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office • “Total Security is an illusion – security will always be slightly broken.” •](https://reader036.fdocuments.in/reader036/viewer/2022071019/5fd337080ec5d466ad355826/html5/thumbnails/32.jpg)
Keeping up to date
• Secunia• Securityfocus• CVE• Slashdot• RSS
– Feedreader– OMPL
![Page 33: ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office • “Total Security is an illusion – security will always be slightly broken.” •](https://reader036.fdocuments.in/reader036/viewer/2022071019/5fd337080ec5d466ad355826/html5/thumbnails/33.jpg)
Windows Live One Care
• http://www.windowsonecare.com/• OneCare
– Antivirus– Antispyware– Firewall– Performance Tune-ups– Data Backup
• And Restore
• Norton 360
![Page 34: ITS Security Office...Student Tech Security Training ITS Security Office ITS Security Office • “Total Security is an illusion – security will always be slightly broken.” •](https://reader036.fdocuments.in/reader036/viewer/2022071019/5fd337080ec5d466ad355826/html5/thumbnails/34.jpg)
Windows Live Safety Center – Beta
• Safety Center– Web Scanner– http://safety.live.com/site/en-
US/center/howsafe.htm