Transcript Effective Windows Desktop Security

EDUCAUSE
Midwest Regional 2008
Effective Windows
Desktop Security
XP and Vista
John Bruggeman, [email protected]
Director of Information Systems
Hebrew Union College – Jewish Institute of Religion
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Windows Desktop Security !
Agenda
 Windows Security
• Defense in Depth
– 4 walls of protection
• Top Vulnerabilities
• XP and Vista
 EDUCAUSE Security Taskforce Effective Practices
• EP’s on many areas, not just Windows
 Tools that work
• Comodo Firewall, Spybot Tea Timer, MBSA,
• Demo Spybot & Comodo
 Questions & Answers
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Copyright Notice
Copyright John Bruggeman, 2008. This work is the intellectual property of
the author. Permission is granted for this material to be shared for noncommercial, educational purposes, provided that this copyright statement
appears on the reproduced materials and notice is given that the copying is
by permission of the author. To disseminate otherwise or to republish
requires written permission from the author.
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Who am I?
John Bruggeman
 Director of Information Systems (and
Telecommunications)
 Hebrew Union College – Jewish Institute of Religion
• 4 Campus – LA, NY, Cincinnati, Jerusalem
• Responsible for all IS and Telcom issues
• 4 staff (one per campus plus one Website Manager)
 GSEC certified in 2003, recertified in 2005
 GCWN certified in 2008 (Windows Security)
 Active in INFRAGARD and EDUCAUSE Security
Task Force
 Advocate for IT Security –
• We are only as secure as our weakest link!
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Defense in Depth
4 Layers of Defense – 4 Walls
 Wall 1 – Blocking attacks at the Network (IPS and IDS)
• Tools to use at the Network, beyond a traditional firewall
 Wall 2 – Blocking attacks at the Host (IPS and IDS)
• Tools to use on the PC
– Anti-Virus, Anti-Spam, Anti-Phishing, Anti-Spyware
 Wall 3 – Eliminating Security Vulnerabilities (SANS Top 20)
• Windows Vulnerabilities
 Wall 4 - Safely supporting Authorized Users
• Balancing security and access
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Defense in Depth cont.
Layer 1 – Blocking Attacks at the Network
 IPS (Intrusion Protection Systems)
• Block traffic before it penetrates
• Checks “content” of traffic and allows or denies
 IDP (Intrusion Detection Systems)
• Notices when a system has been compromised (post attack)
 Firewall / Malware detection at the perimeter
• Classic firewalls are being replaced with IPS devices
• Appliance Firewalls for small institutions
– 3 Com Office Connect, Fortinet, Sonic Wall
• Big Iron for large institutions
– Check Point, Juniper
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Defense in Depth – cont.
Layer 2 – Blocking Attacks at the Host
 Host Intrusion Prevention Systems
• Spybot TeaTimer, Symantec AV & IPS
– Blocks un-authorized application loading
– AV IPS use behavior patterns not static patterns
 Personal Firewalls
• Comodo Firewall / IPS, ZoneAlarm
– Same as hardware firewalls, allows only allowed traffic
– Stealth mode hides computer from hacker scans
– Egress filtering helps deter “phone home” by Trojans
• XP SP2 aka Internet Connection Firewall
– ICF overview
» ICF stateful packet filter, “unfriendly” user interface
» No egress filtering, no immediate notifaction
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Comodo Firewall
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Defense in Depth - cont
Windows Vista security features include:









Hardened services
User Account Control (UAC)
Windows Defender (Anti-Spyware)
Windows Firewall enhancements
Network Access Protection
Internet Explorer Protected Mode
Phishing Filter
BitLocker Drive Encryption
Rights management
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Fundamentally
Secure Platform
Security
Development
Lifecycle (SDL)
Kernel Patch
Protection
Kernel-mode
Driver Signing
Secure Startup
Windows
Service Hardening
May 6th, 2008
Enables
Secure Access
User Account Control
Network Access
Protection (NAP)
IPSec and IPv6
Native smart
card support
Certificate Services
Credential roaming
Protects
Against Malware
Windows Defender
IE Protected Mode
Address Space Layout
Randomization (ASLR)
Data Execution
Prevention (DEP)
Bi-directional Firewall
Windows
Security Center
EDUCAUSE Security Conf 2008 John Bruggeman
Protects Data
Rights Management
Services (RMS)
SharePoint,
Exchange, Windows
Mobile integration
Encrypting File
System (EFS)
Bitlocker
Vista Enhancements
User Account Controls
 Enables a user to have a non-administrator
account and still be productive
 All users operate a lowest possible privileges
 Vista has a special account that runs in AAM
(admin approval mode)
• Means that the user either supplies administrative
credentials or consents (depending on group
policy settings) to perform typical admin functions
– EXAMPLE: install a program
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Vista Enhancements
Vista Firewall – Improved! (Yeah!!)
 The Windows Vista firewall can block
outgoing traffic
 Windows XP only blocked incoming traffic
 Provides the ability to stop peer-to-peer
connections
 Provides the ability to stop instant messaging
programs
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Windows Vista Firewall
Both inbound and
outbound
Authentication and
authorization aware
Outbound applicationaware filtering is now
possible
 Includes IPSec management
 Policy-based administration
 Great for Peer-to-Peer
control
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Defense in Depth – cont.
Layer 2 – Blocking Attacks at the Host
 Personal Anti-Malware
• Spybot Search and Destroy, Symantec, Microsoft Windows
Defender, Sunbelt Counter-Spy, Tenebril SpyCatcher
• Pattern matching for known signatures
 Network Access Control – Host Based
• Clients of NAC’s the verify configuration and patch level.
• Can enforce network policy, quarantine computers that do
not comply with the policy
– Bradford Networks, Cisco Clean access, ISS products
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
SpyBot Normal
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
SpyBot - Immunize
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
SpyBot - Advanced
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
SpyBot - Tools
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
SpyBot - Tools
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Defense in Depth – cont.
Layer 3 – Eliminating Security Vulnerabilities
 Vulnerability Management and Testing
• Know your systems – are they patched?
 Patch Management
• Use patch management systems to keep clients current
– WSUS, BigFix
 Application Security Testing
• Tools from Foundstone and Source Forge can help with
application testing
– http://www.foundstone.com/us/resources-free-tools.asp
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Defense in Depth cont.
Layer 3 – Eliminating Security Vulnerabilities

SANS Top Vulnerabilities in Windows Systems
– The SANS (SysAdmin, Audit, Network, Security) Inst.
•
From the SANS website www.sans.org
1)Windows Services
2)Internet Explorer
3)Windows Libraries
4)MS Office and Outlook Express
5)Windows Configuration Weaknesses
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Defense in Depth cont.
Layer 3 – Eliminating Security Vulnerabilities
 Acronyms Galore!
• CVE, CPE, CCE, CVSS, OVAL, SCAP, NVD
–
–
–
–
–
–
–
Common Vulnerabilities and Exposures (CVE)
Common Platform Enumeration (CPE)
Common Configuration Enumeration (CCE)
Common Vulnerability Scoring System (CVSS)
Open Vulnerability and Assessment Language (OVAL)
Security Content Automation Protocol SCAP (s Cap)
National Vulnerability Database
• SCAP – http://nvd.nist.gov
• MITRE – http://cve.mitre.org, http://cpe.mitre.org
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
National Vulnerability DB
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Defense in Depth cont.
Top Vulnerabilities in Windows Systems

From the SANS website www.sans.org
1) Windows Services
•
•
May 6th, 2008
Critical Vulnerabilities were discovered in these
services in 2007
• Routing and Remote Access Service (MS07-017)
• Unix Services (MS07-053)
What to do?
• Disable Service if possible
• Scan for Vulnerabilities
• PATCH
EDUCAUSE Security Conf 2008 John Bruggeman
Windows Services
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Defense in Depth cont.
 From the SANS Website www.sans.org
2) Internet Explorer
– Multiple vulnerabilities were discovered in 2007 in IE
» Vector Markup Language, RCE (MS07-050)
» Cumulative Security Update for IE (MS07-057, 045, 033)
» Vulnerabilities in GDI, RCE (MS07-017)
– How to mitigate
» On XP, install SP2, Upgrade to IE 7
» On 2000, NT, keep patches current
» Use DropMyRights from MS to lower IE privileges
» Check your Broswer Helper Objects (BHO) for spyware
» Disable Scripting and ActiveX
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Windows IE settings
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Defense in Depth cont.
From the SANS Website www.sans.org
3) Windows Libraries
• DLL’s can have buffer overflow vulnerabilities
• Vulnerabilties discovered in 2007
–
–
–
–
–
•
•
•
•
May 6th, 2008
Vulnerability in Media file format allows RCE (MS07-068
Vulnerability in Windows messaging allows RCE (MS07-065)
Vulnerability in Direct X allows RCE (MS07-064)
Vulnerability in Windows URI handling allows RCE (MS07-061)
The list continues for 2007 and 2008
Patch your system and scan for vulnerabitlites
Use least privileges where possible
Filter IP ports 135-139, 445,
Use an IPS and IDS
EDUCAUSE Security Conf 2008 John Bruggeman
Defense in Depth cont.
 Vista Vulnerabilities in 2007 – 2008
• It is more secure, but holes still exist:
–
–
–
–
–
–
–
–
Vulnerability in Kernel – Priv. elevation (MS08-025)
Vulnerability in GDI allows RCE (MS08-021)
Vulnerability in DNS could allow spoofing (MS08-020)
Vulnerability in IE 7.0 cumulative SP (MS08-010)
Vulnerability in OLE automation allows RCE (MS08-008)
Vulnerability in WEBDAV allows RCE (MS08-007)
Vulnerability in Media File Format RCE (MS07-068)
Vulnerability in Kernel could allow RCE (MS07-066)
• Patch, patch, patch…
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Defense in Depth cont.
 MS Office and Outlook
• Check your systems with a vulnerability scanner
– MSBSA, Windows Update,
• Mitigate by patching, disable IE feature of opening
Office documents
• Configure Outlook with enhanced security
• Use IPS and IDS
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Defense in Depth cont.
 From the SANS Website www.sans.org
5) Windows configuration Weaknesses
– Weak passwords on accounts or network shares
» LAN Manager hashes are weak and should be replaced
with stronger more current hash techniques
» Default configuration for servers and applications can open
machines to password guessing.
» MSDE ships with SA account set with a blank password.
» Several worms take advantage of this, Voyager, Alpha
Force, SQL Spida use known weak configurations to
spread
– Enforce a strong password policy
– Prevent Windows from storing the LM hash in AD or the SAM
– Disable NULL shares and restrict anonymous access
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Defense in Depth cont.
Frequent Mistakes made in Windows Security
• www.sans.org/reading_room/whitepapers/windows/1016.php
 Allowing Null Sessions
• http://www.microsoft.com/technet/security/bulletin/ms99-055.mspx
• http://www.microsoft.com/technet/security/prodtech/windows
2000/secwin2k/swin2k06.mspx
 Weak Lockout Policies
• http://www.microsoft.com/technet/archive/security/chklist/xpcl.mspx





Weak Account Policies
Multiple Trust relationships
Multiple Domain admin accounts
Audit logs turned off
Automatic Updates turned off
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Password Policies
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Defense in Depth cont.
Common Password Myths
1. Password hashes are safe using NTLMv2
2. Hr^y*Pwe(1#$ is a great password
1. [email protected] is better
3. 14 Characters is the Optimal length
1. Passwords over 14 characters have an invalid hash stored
4.
5.
6.
7.
8.
M1ke100 is a good password
Eventually any password can be cracked
Passwords should be changed every 60 days
You should never write down your password
Passwords can’t include spaces
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Defense in Depth cont.
Frequent Mistakes made in Windows Security
 Updates turned off
• SANS, Gartner Group, others report that 80-90% of attacks
are from known vulnerabilities.
• SQL Slammer, W32.Slammer in 2005 attacked a known
vulnerability that had a patch available 6 months before it hit.
 Need to patch systems and keep them current
• Does require a patch management strategy
• Will require time
• Payoff is less downtime
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
ANI Vulnerability
http://www.infoworld.com/article/07/04/04/HNanispammers_1.html
In April 2007, Chinese and Russian hackers unleashed an
exploit for a previously undisclosed vulnerability which
attacks Internet Explorer browsers infecting them with a
malware via the ANI (Animate Icon) vulnerability.
The vulnerability overflowed an internal buffer in LoadAnih
function. This vulnerability was not completely new, it was
properly patched by Microsoft but apparently not
completely.
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
ANI Vulnerability
Not so amazingly enough, this vulnerability affects
Microsoft - Windows Vista, considered by Microsoft until
recently as “Most Secure OS ever”
Can you spot the similarity yet? If not, here is another
interesting point, the hackers installed a Trojan horse
whose sole purpose was to gather passwords stored in
your computer, as well as look for keywords such as
Credit Card, PIN numbers, etc and send them back to
what is referred to as Control Centers
These were hacked not on the day of the release of the
new exploit, but rather months back, more specifically a
few weeks before the last Superbowl
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Where they plant the
malicious code
http://securitywatch.eweek.com/exploits_and_atta
cks/ani_exploit_tied_to_hacked_super_bowl_site.
html
Unlike “regular” sites, these sites are high volume
web and have a large percentage of non-technical
people coming in. This makes it a prime
candidate for spreading the hacker's malware and
exploiting the visitors' vulnerabilities – with little
threat of them noticing it
Some additional web sites that were hacked
include asus.com, windrivers.com and others
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
The bad solution
In an attempt to get a hold of the malware,
the web sites that contained the malicious
malware and the Javascript code were
taken down.
Instead of fixing the problem (the Javascript
code) the web sites the Javascript code
pointed to was taken down, this made the
problem appeared to have been “solved”,
where in fact it wasn't
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Defense in Depth cont.
Patching Windows
 What to Patch
• OS
• Applications
 Types of Patches from MS
• Hotfix, Update, Critical Update, Security Patch,
Update Roll-up, Service Pack
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Defense in Depth cont.
How to Patch
 Tools from Microsoft
• Microsoft Update is different than Windows Update
– MU updates all MS products not just windows
» Office updates, Server product patches
• WSUS is updated SUS server
– New version coming out, WSUS 3.0 in Beta now
– www.microsoft.com/wsus
– Target client installs, selective client patching, uninstall
options
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Defense in Depth cont.
Testing and Verification
 Patch systems are not perfect, you need to test after
patches have been applied
 Tools
• Microsoft Baseline Security Analyzer 2.1 (Beta)
– Used for Vista and below
• MBSA 2.0
– Used for Windows 2000 + SP3 and later
– Office XP and later
– Exchange 2000 and later
• MBSA 1.2.1
– Office 200
– Exchange 5.0 and 5.5
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Defense in Depth cont.
Hardening Windows
 Hardening techniques
• Limit services
– Verify what services are needed
– On servers, usually these can be disable
» IIS (unless needed), Fax service, Indexing service,
Messenger, Telnet, Remote Access, QoS RSVP,
others.
– On workstations disable unless needed
» Fax service, Indexing service, messenger, Telnet,
others
» Enable firewall
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Defense in Depth cont.
Hardening Windows
 Hardening techniques
• Limit protocols
– Verify what protocols are needed for your network
» On servers normally TCP/IP is sufficient
» On workstations normally TCP/IP is all that is needed
» Remove IPX/SPX, NetBios,
• Limit Network devices
– Bluetooth (disable unless needed)
– Wireless (disable unless needed)
– Firewire (disable unless needed)
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Defense in Depth cont.
Hardening Windows
 Firewalls
• Host based firewalls
– Server options
» Windows 2003 SP1 firewall option
– Workstation options
» XP SP2, ZoneAlarm, Comodo Firewall
» 85 listed on Download.com
– Vista
» Much better default settings in Vista
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Defense in Depth cont.
Layer 4 – Safely supporting authorized Users
 ID and Access Management
• Verify that the right people are allowed to use a system
• Two factor authentication
– Pass phrase and token
• Three factor authentication
– Pass phrase, token, biometric
 File Encryption
•
•
•
•
May 6th, 2008
Encrypt your sensitive data and your backups!
USB drive encryption
Backup encryption
BitLocker in Vista – the start of HD encryption
EDUCAUSE Security Conf 2008 John Bruggeman
Defense in Depth cont.
Layer 4 – Safely supporting authorized Users
 Secure Communication
• SSL, encrypted tunnels, VPN’s
– SSL firewalls are hot / popular
» Easy for the end user to use
 PKI – Public Key Infrastructure
• Digital certificates, public key cryptography, Certificate
Authorities
• Big topic, lots of details here but adds a significant layer of
security for the end users
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
EDUCAUSE Security Task
Force Effective Practices
The EP group is a sub-group of the Security
Task Force
 Meets bi-weekly on Fridays via phone conference
 Active Security staff in the Higher Ed space
 Develops Effective Practices drawn from real world
staff
 Website link is:
• http://www.educause.edu/security
• https://wiki.internet2.edu/confluence/display/secguide/Effectiv
e+IT+Security+Practices+and+Solutions+Guide
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
EDUCAUSE Security Task
Force Effective Practices
Current List of EP’s
















Access Control Systems and Methodology (IT Security Guide)
Applications and System Development (IT Security Guide)
Awareness and Training (IT Security Guide)
Business Continuity and Disaster Recovery (IT Security Guide)
Compliance and Legal Issues (IT Security Guide)
Confidential Data Handling Blueprint (IT Security Guide)
Data Incident Notification Toolkit (IT Security Guide)
Incident Handling and Forensics (IT Security Guide)
Operations Security (IT Security Guide)
Personnel Security (IT Security Guide)
Physical and Environmental Security (IT Security Guide)
Responsible Use and Ethics (IT Security Guide)
Risk Management (IT Security Guide)
Security Architecture and Models (IT Security Guide)
Security Policies and Procedures (IT Security Guide)
Telecommunications and Network Security (IT Security Guide)
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
EDUCAUSE Security Task
Force Effective Practices
My top picks from the list:






Confidential Data Handling Blueprint
Awareness and Training
Data Incident Notification Toolkit
Incident Handling and Forensics
Risk Management
Security Policies and Procedures
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
What about Vista?
Vista Security Enhancements
Threat and
Vulnerability Mitigation
IE –protected mode/antiphishing
Windows Defender
Bi-directional Firewall
IPSEC improvements
Network Access Protection
(NAP)
Fundamentals
SDL
Service Hardening
Code Scanning
Default configuration
Code Integrity
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Identify and
Access
Control
User Account Control
Plug and Play Smartcards
Simplified Logon
architecture
Bitlocker
RMS Client
Tools that Work!
Tools and Techniques
 Open Source Tools for Networks testing
• MetaSploit
– Framework for testing exploits
• Nessus
– Scanning tool to check for vulnerabilities
• Ethereal
– Packet sniffer
 Microsoft Tools for Desktop Security
• MBSA 2.0.1
– MBSA 2.1 in Beta (Vista version)
•
•
•
•
May 6th, 2008
ISS Lockdown Tool
Microsoft Defender (AV / Malware detector)
http://www.microsoft.com/technet/security/default.mspx
http://www.microsoft.com/protect/default.mspx
EDUCAUSE Security Conf 2008 John Bruggeman
Tools that Work!
Tools and Techniques
 Other Tools for Desktop Security
• Comodo Firewall (better than Zone Alarm)
• Spybot Tea Timer
– No cost IPS (though you can donate)
• Secunia PSI (Personal Software Inspector)
– Beta software that checks for current versions of
software installed on your PC
– https://psi.secunia.com/
• MS Defender
– MS anti-spyware / malware tool (Free)
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Tools that Work!
Tools and Techniques
 Rootkit revealers
• VICE – freeware
– http://www.rootkit.com/vault/fuzen_op/vice.zip
• Patchfinder - freeware
– http://www.invisiblethings.org
• Rootkit Revealer - freeware
– http://www.sysinternals.com/Files/RootkitRevealer.zip
• Blacklight – commercial from F-secure
– http://www.f-secure.com/
• Tripwire – file based integrity checking
– http://www.tripwire.com
– Not as useful anymore due to memory based rootkits
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Demos
Tools and Techniques
 Available Tools
• Spybot Tea Timer
– DEMO
• Comodo Firewall
– DEMO
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Windows Security Resources
Resources
•
•
•
•
•
•
•
www.educause.edu/security
www.microsoft.com/technet/security
www.sans.org/reading_room/whitepapers/windows
www.securityfriday.com
www.cert.org
www.hackingexposed
www.incidents.org
• http://www.foundstone.com/us/resources-free-tools.asp
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman
Wrap up and Q & A
Fundamental security practice?
 DEFENSE in DEPTH
• 4 Walls or layers of security
 Wall 1 – Block attacks at the Network (IPS and IDS)
 Wall 2 – Block attacks at the Host (IPS and IDS)
• Anti-Virus, Anti-Spam, Anti-Phishing, Anti-Spyware
 Wall 3 – Eliminating Security Vulnerabilities (SANS Top 20)
 Wall 4 - Safely supporting Authorized Users
 Don’t re-invent the wheel, ask questions, look online
Questions? Comments? Tips?
 My Email: [email protected] 513-487-3269
 http://www.huc.edu
May 6th, 2008
EDUCAUSE Security Conf 2008 John Bruggeman