Discovery 1 Chapter 8 2007

Download Report

Transcript Discovery 1 Chapter 8 2007

8: Basic Security
Networking for Home & Small Business
Network Intrusion
• Attacks can be
devastating
– Cost money, time, theft of
files, etc
• HACKERS
– Intruders who gain
access by modifying
software or exploiting
software vulnerabilities
4 Threats from the Hacker
• Stealing Confidential Info
– Credit card #’s
– Private Company info such as a project in
development
– Could be sold
4 Threats from the Hacker
• Destroy or Alter Records
– Send a virus that reformats HD
– Changing your grades
– Change store prices
4 Threats from the Hacker
• Identity Theft
– Stealing info to take on identity
– Applying for credit cards & buying stuff
– Obtain DL’s
4 Threats from the Hacker
• Disrupting Service
– Preventing user from accessing services such
as Internet
Activity
Where’d He Come From?
• External Threat
– Outside attacker
– Internet or Wireless
Where’d He Come From?
• Internal Threat
– Has authorized access
• Knows people & network
• Knows what info is valuable
– OR someone may have just picked up a virus
• According to the FBI, internal access and
misuse of computers systems account for
approximately 70% of reported incidents of
security breaches.
Social Engineering
• Deceiving internal users into performing
actions or revealing confidential info
– Takes advantage of them
– Usually don’t meet them face-to-face
Fight Intrusion
• http://www.us-cert.gov/reading_room/before_you_plug_in.html
• http://www.us-cert.gov/reading_room/distributable.html
3 Types of Social Engineering
• Pretexting, Phishing, and Vishing
Phishing
Review
Let’s Try This…
• Cyber Security Awareness Quiz
Other Attacks
• Viruses, Worms and Trojan horses
– Malicious software put on hosts
– Damage system, destroy data, deny access
– They can forward data to thieves
– Can replicate to other hosts
3 Evil Things
• Viruses, Worms and Trojan horses
– Go to 8.2.1.2
Simplified
Virus
Attaches to a
program
Can reproduce
Causes havoc!
Worm
Self-replicating
Sends copies of
itself to other
comp. w/
security holes
Cause harm to
network; ties up
bandwidth
Trojan
Horse
Computer
program
disguised
Does damage
when run
Can’t replicate
Let’s See…
• GCIT
• Who wants to play…
– ID Theft Faceoff?
– Invasion of the Wireless Hackers?
– Phishing Scams?
• Quiz Time for all!
– http://www.sonicwall.com/phishing/
Activity
• Virus, Worm or Trojan Horse???
Just Being Evil!
• Sometimes the goal is to shut a network
down & disrupt the organization
– Can cost a business lots of money!!
Denial of Service (DoS)
• In general, DoS attacks seek to:
– Flood a system or network with traffic to
prevent legitimate network traffic from flowing
– Disrupt connections between a client and
server to prevent access to a service
– Some are not used much anymore, but can be
• SYN flooding
• Ping of Death
DoS- SYN Flooding
DoS- Ping of Death!
• Sending SO MANY pings, the server can’t
respond to anyone else!
DDoS
• DDoS
– Attack by multiple systems infected with DDoS
code
– Sends useless data to server
– Overwhelms system & it crashes
Brute Force
• Fast computer used to guess passwords or
decipher encryption code
• Brute force attacks can cause a denial of
service due to excessive traffic to a specific
resource or by locking out user accounts
• Try 8.2.2.3
Review
• Name 3 types of social engineering.
– Pretexting, Phishing, Vishing
• How are you targeted in a pretexting
attack?
– Over the phone
• You click on a pop-up window to claim a
“prize.” A program was installed w/out you
knowing & now an attacker has access to
your system. What is this called?
– Trojan Horse
Review
• Which attack doesn’t need activation and
copies itself across the network?
– Worm
• A server is busy responding to a SYN with
an invalid source IP address. What’s the
attack?
– SYN Flooding
Other Threats
• Not all threats do damage
– Some collect info
•
•
•
•
Spyware
Tracking Cookies
Adware
Pop-ups
Spyware
• Program that gathers personal
info w/out your permission
– Info sent to advertisers
• Usually installed unknowingly
– Downloaded, installing a
program, click on pop-up
• Can slow computer down or
make settings changes
• Can be difficult to remove
Tracking Cookies
• Form of spyware
– Not always bad
• Records info about user
when they visit web
sites
– Allows personalization
– Many sites require them
Adware
• Form of spyware
• Records info about user when they visit
web sites
• For advertising purposes
– Pop-ups & pop-ups of ads
Pop-Ups (and Pop-Unders)
• Adware EXCEPT doesn’t collect any info
• Pop-ups
– Open in front of the current browser window
• Pop-unders
– Open behind the current browser window
What’s This?
Spam
• Unwanted bulk mail from advertisers
• Spammer sends
– Often sent through unsecured servers
– Can take control of computers
– Then sent from that computer to others
• On average, how many spam emails
are sent to a person per year?
– 3000
Review
• You visit a web site and see this annoying
advertising tactic that appears in a new window.
What is it?
– Pop-up
• This type of advertising is sent to many, many
people. The advertiser uses no marketing
scheme.
– Spam
• This form of spyware is not always bad & can be
used for personalization of a site.
– Cookies
Security Measures
• You can’t eliminate security breaches
– You can minimize the risks
• Policy
• Procedures
• Tools & Applications
Security Policy
• Formal statement of rules when using tech
– Acceptable use policy
– Detailed handbook
• What should be included?
Activity
• Let’s review some policies…
More Security Procedures
• The procedures help implement the policies
• Some of the security tools and applications
used in securing a network include:
Rut Roh!
• Computer starts acting abnormally
• Program does not respond to mouse and
keystrokes.
• Programs starting or shutting down on their own.
• Email program begins sending out large
quantities of email
• CPU usage is very high
• There are unidentifiable, or a large number of,
processes running.
• Computer slows down significantly or crashes
Anti-Virus Software
• Preventive & Reactive tool
• Features
– Email checker
– Dynamic Scanning (checks files when
accessed)
– Scheduled scans
– Auto update
• When a virus is known, they will update it
Anti-Spam
• Spam sends unwanted emails
– Code takes over PC to send more
• The software ID’s it & places it in junk
folder or deletes it
• On PC or on email server
– ISP may have a spam filter
Other ways to prevent spam
•
•
•
•
•
Keep anti-virus up to date
Don’t forward suspect emails
Ignore the virus warning email
Report spam to admin to be blocked
Don’t open attachment from people you
don’t know
Anti-Spyware
• Spyware & Adware cause virus-like
symptoms
– Use computer resources
• This software can detect & delete them
• Pop-Up Blockers
Activity
What’s a firewall?
• Resides between two or more networks and
controls the traffic between them as well as helps
prevent unauthorized access
• Packet Filtering
– Based on IP or MAC addresses
• Application / Web Site Filtering
– Based on the application.
– Websites can be blocked by URL or keywords
• Stateful Packet Inspection (SPI)
– Must be responses from internal host
– DoS saver
4 Types of Firewalls
Firewall Placement & DMZ
Firewall & DMZ at home/ Port
Forwarding/ Wireless AP internal
• Let’s say you have a web server
• It needs to handle web request while you
still protect you internal network
• Create a DMZ with the Linksys
Lab 8.4.2.4??
• Server CD
Is Your Network Vulnerable?
• Tools to help identify where attacks can
occur
– Number of hosts on a network
– The services hosts are offering
– The OS and update versions on hosts
– Packet filters and firewalls in use
• Lab 8.4.3.2?
– Vulnerability Analysis
Lab 8.4.3.2?
• Vulnerability Analysis
Review
Review
Review
Review
Review
Review
Review
Review
Review
Review
8: Basic Security
Networking for Home & Small Business