Download - Recent Security Threats Vulnerabilities Computer security Bob Cowles HEPiX, Fall 2005 SLAC Work supported by U. S. Department.

Transcript

Recent Security Threats & Vulnerabilities Computer security Bob Cowles HEPiX, Fall 2005 SLAC Work supported by U. S. Department of Energy contract DE-AC03-76SF00515 11 October 2005HEPiX - Fall Final Thoughts Spring 2005 uAll operating systems are vulnerable uAll browsers are vulnerable (firefox vulnerability) uNo simple solution security still to complex l Patching helps l Firewalls help l AV & attachment removal & spam filters help l Encrypted passwords/tunnels help if used!! uYou cant be secure; only more secure uWe must share information better l HEPiX Securitylist 11 October 2005HEPiX - Fall More Sophisticated Tools 11 October 2005HEPiX - Fall More Sophisticated Tools - 2 11 October 2005HEPiX - Fall More Sophisticated Tools - 3 11 October 2005HEPiX - Fall Passwords (from Monday) uPOP3 l peggyy,kcoct21,dec3.1 41, baum2kid, abouki99, jasperD9, pi16tchou uIMAP l omeRun75, Bruck5BD, uonsF9 uSMTP l $JPsiMeson, 0~, ha66il33 uICQ l gg14723 uFTP l aw3edcft6 11 October 2005HEPiX - Fall Passwords (http) - 2 ud115872m uHammerhead uS0ph0S u268jld823 ubravodb umonkies uD ufabien ufigarek u637xre286 uaK`5huHn ue4077a97 upeggy101 uguest ucisco ufin_maggie ufrump upingpass uanais uadmin ucband utig4yet upincopallino uMammoths 11 October 2005HEPiX - Fall On the Increase uphishing (including IM)upharminguspyware (p2p) uTailored viruses uIdentity theft (in general) 11 October 2005HEPiX - Fall Bad Practices 11 October 2005HEPiX - Fall New Technologies ubluetooth l voice recognition uRFID uVoIP (skype, googletalk, ) usmartcards, OTP uWill they make a difference? 11 October 2005HEPiX - Fall Advances in Security uCommon Malware EnumerationuCommon Vulnerability Scoring SystemuMS Office 2003 SP2 anti-phishing Extra click to activate links in 11 October 2005HEPiX - Fall Map of Bots 11 October 2005HEPiX - Fall DOE Site Assistance Visit uWere from the government and here to help uHelp with documentation required by new government standards (NIST 800-xx) uIncluded penetration test 11 October 2005HEPiX - Fall Penetration Test - results uWin 2000 SP3 server uMS dropped support as of June 30 uNo warning of August vulnerability uLM hashes for local admin password l Rainbow tables l 64GB 99.9% success at LM passwords uAdmin account shared with other servers 11 October 2005HEPiX - Fall No Final Thoughts Questions?


Top Related

HEPiX bit-preservation WG

HEPiX bit-preservation WG

d1009.tif231 - Cowles Foundation

d1009.tif231 - Cowles Foundation

Symon Cowles

Symon Cowles

WiFi security appliance for authentication solution during conferences and seminars Riccardo Veraldi INFN - CNAF HEPiX Spring 2009.

WiFi security appliance for authentication solution during conferences and seminars Riccardo Veraldi INFN - CNAF HEPiX Spring 2009.

VAR Modelling Approach and Cowles Commission Heritage · VAR Modelling Approach and Cowles Commission Heritage ... VAR Modelling Approach and Cowles Commission ... The VAR methodology

VAR Modelling Approach and Cowles Commission Heritage · VAR Modelling Approach and Cowles Commission Heritage ... VAR Modelling Approach and Cowles Commission ... The VAR methodology

Security in the NT Environment at SLAC HEPNT at CERN December 4, 1998 Bob Cowles, SLAC.

Security in the NT Environment at SLAC HEPNT at CERN December 4, 1998 Bob Cowles, SLAC.

HEPiX bit-preservation WG Dmitry Ozerov/DESY Germán Cancio/CERN HEPiX Fall 2013, Ann Arbor.

HEPiX bit-preservation WG Dmitry Ozerov/DESY Germán Cancio/CERN HEPiX Fall 2013, Ann Arbor.

Cowles Egan - Evolutions Transatlantic

Cowles Egan - Evolutions Transatlantic

Languages
Pages
Legal

Copyright © 2022 FDOCUMENTS