43
Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

Embed Size (px)

Citation preview

Page 1: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

Cal Poly Pomona Foundation

Security Awareness Brown Bag Series

Sponsored by Foundation MIS

Beginners Guide to Computer Security

Page 2: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

Beginners Guide to Computer Security

Threats and Countermeasures

Page 3: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

ObjectivesProvide an overview of the mostcommon threats and how to buildlayered protection.

Spam Security Tools Anti-Virus Software Security Policies Passwords Firewalls Encryption Summary

Importance Of Security Threats to Data Viruses Trojan Horse Programs Vandals Attacks Data Interception Scams

Page 4: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

Good News – Bad News

• Internet transforms and greatly improves our lives• Opened the door to an increasing number of

security threats from which individuals, families and business must protect themselves

• Consequences of attacks can range from the mildly inconvenient to the completely debilitating– Important data can be lost– Privacy can be violated – Computer can even used by an outside attacker

to attack other computers on the Internet.

Page 5: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

Threats to Data

• Come from a very small minority• A car thief can steal only one car at a

time• Single hacker working from a single

computer can generate damage to a large number of computer networks

• A general knowledge of security threats and how to protect yourself is essential

Page 6: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

Viruses

• Most widely known security threat due to extensive press coverage.

• What is a virus? – Computer programs that are written by

devious programmers and are designed to replicate themselves and infect computers when triggered by a specific event.

• Example - Macro viruses attach themselves to files that contain macro instructions (routines that can be repeated automatically, such as sending email) and are then activated every time the macro runs.

Page 7: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

Effects

• Benign - cause annoying interruptions such as displaying a comical message when striking a certain letter on the keyboard

• More destructive - cause such problems as deleting files from a hard drive or slowing down a system

Page 8: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

How to “catch” it

• A computer can be infected with a virus only if the virus enters through an outside source– an attachment to an email– a file downloaded from the Internet.

When one computer on a network becomes infected, the other computers on the network – or for that matter other computers on the

Internet – are highly susceptible to contracting the virus.

Page 9: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

Trojan Horse Programs • Delivery vehicles for destructive

computer code• Appear to be harmless or useful

software programs, such as computer games, but are actually enemies in disguise

Page 10: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

Trojan Horse Programs

• Can delete data, mail copies of themselves to e-mail address lists and open up computers to additional attacks

• Can be contracted only by – copying the Trojan horse program to a

computer– downloading from the internet or – opening an email attachment

Page 11: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

Vandals

• Web sites have come alive through the development of such software applications as ActiveX and Java Applets – enable animation and other special

effects to run, making web sites more attractive and interactive

Page 12: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

Caution

• However, the ease with which these applications can be downloaded and run has provided a new vehicle for inflicting damage

• Vandals can take on the form of a software application or applet that causes destruction of various degrees

• A vandal can destroy a single file or a major portion of a computer system

Page 13: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

Attacks

• Innumerable types of network attacks have been documented, and they are commonly classified in three general categories: – reconnaissance attacks– access attacks, and – denial of service (DoS) attacks.

Page 14: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

Reconnaissance Attacks

• Reconnaissance - information gathering activities by which hackers collect data that is used to later compromise networks

• Software tools, such as sniffers and scanners, are used to map out and exploit potential weaknesses in home computers, web servers and applications – Example – password cracking software

Page 15: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

Access Attacks

• Access attacks are conducted to gain entry to e-mail accounts, databases and other confidential information

Page 16: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

Dos Attacks

• DoS attacks prevent access to all or part of a computer system.

• Usually achieved by sending large amounts of jumbled or other unmanageable data to a machine that is connected to the Internet, blocking legitimate traffic from getting through.

• Even more malicious is a Distributed Denial of Service attack (DdoS) in which the attacker compromises multiple machines or hosts.

Page 17: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

Data Interception

• The intercepting perpetrators might eavesdrop on communications or even alter the data packets being transmitted

• Various methods to intercept data– IP spoofing, for example, entails posing as

an unauthorized party in the data transmission by using the internet protocol (IP) address of one of the data recipients

Page 18: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

Scams

• Stakes are higher as they've got easy access to millions of people on the internet

• Email– May contain a hyperlink to a web site that asks

you for personal information, including your password

– May contain a solicitation for your credit card information in the guise of a billing request

Page 19: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

Protect Yourself

• Never give out your password, billing information or other personal information to strangers online

• Be mindful of who you're talking with before you give out personal information

Page 20: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

Protect Yourself• Don't click on hyperlinks or download

attachments from people/web sites you don't know

• Be skeptical of any company that doesn't clearly state its name, physical address and telephone numbe

• Great Home Computer Security Webpagehttp://www.cert.org/homeusers/HomeComputerSecurity/

Page 21: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security
Page 22: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

Spam

• Unsolicited e-mail or the action of broadcasting unsolicited advertising messages via e-mail

• Takes up time and storage space on their computer

• Report it to ISP. Check your ISP help areas to find out how to report spam

Page 23: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

Security Tools

• First, understand the threats• Second, put proper safeguards in place• Extensive choice of technologies

– Anti-virus software packages– Firewalls for providing protection– Implement proper computer security

without compromising the need for quick and easy access to information

Page 24: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

Anti-virus Software• Relies on early warnings of new viruses, so

that antidotes can be developed and distributed quickly

• 1,000’s of new viruses being generated every month– Essential virus database be kept up to date– Record held by the anti-virus package that helps

identify known viruses when they attempt to strike

– Can prompt users to periodically collect new data

Page 25: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

Security Policies

• Rules and written or verbal regulations by which all staff, students and faculty operate

• Often preempt security breaches • Customers or suppliers with access

to certain parts of the network need to be adequately regulated

Page 26: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

Passwords

• Simplest and most common way to ensure that only those that have permission can enter your computer or certain parts of your computer network

• Virtually ineffective if people do not protect their passwords.

• The golden rules, or policies for passwords are: • Make passwords as meaningless as possible • Change passwords regularly • Never divulge passwords to anyone

Page 27: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

Firewalls

• A hardware or software solution to enforce security policies

• Built-in filters that can disallow unauthorized or potentially dangerous material from entering the system

• Logs attempted intrusions

Page 28: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

Firewall Basics

What They Do and How They Work

Page 29: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

What Does a Firewall Do?

• In general, firewalls try to keep people from remotely accessing your computer in bad ways when you are connected to the internet

Page 30: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

How Do Firewalls Work?• Most firewalls are designed to

allow or block specific types of data going to and from your computer to the internet

• Allow "good" data traffic and block all "bad" data traffic

Page 31: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

How Do Firewalls Work?• "Good" traffic is the kind you need to do

things like: surf the web, download files, chat, share files, etc

• "Bad" traffic is what hackers might do like: steal files on your computer, use a Trojan to control your computer, disrupt your connection or network, etc

Page 32: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

• Doors (ports) are points where a person (hacker) can get in

• Think of a firewall as a security guard who is watching each door and who is going in and out of the doors

Computer – a House With Many Doors

Page 33: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

• The firewall makes sure only the right doors get opened and that only the right people (data) have access to your house

• Some firewalls can also hide your house (computer) so casual hackers can't see it (also called "stealth mode“)

Computer – a House With Many Doors

Page 34: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

What Traffic Is Good/What's Bad?

• Experience• Reading• Learning• The easiest way is to start with a

simple firewall program, see how it works and then graduate to more sophisticated solutions as you gain knowledge

Page 35: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

Do Firewalls Prevent Viruses and Trojans?

• NO!! A firewall can only prevent a virus or Trojan from accessing the internet while on your machine

• 95% of all viruses and trojans are received via e-mail, through file sharing (like Kazaa or Gnucleus) or through direct download of a malicious program

• Firewalls can't prevent this -- only a good anti-virus software program can

Page 36: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

• However, once installed on your PC, many viruses and trojans "call home" using the internet to the hacker that designed it

• This lets the hacker activate the trojan and he/she can now use your PC for his/her own purposes

• A firewall can block the call home and can alert you if there is suspicious behavior taking place on your system

Do Firewalls Prevent Viruses and Trojans?

Page 37: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

What Is "Stealth" Mode?

• In theory, stealth mode hides all the ports on your computer from being visible to others on the internet. – Some think this makes them less vulnerable to a

malicious attack and consider it the "holy grail" of firewall configurations.

• While true that your ports are "invisible", a "stealthed" computer really looks like a black hole to a hacker. – Data goes in but it never comes out.

Page 38: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

Stealth Mode• A good hacker can spot this behavior - may

actually consider it a challenge to try to break in as he/she wonders what's there– Sometimes, staying in plain sight makes you less

attractive as a target

• Achieving "stealth" mode with some network configurations (such as Microsoft internet connection sharing or ICS) can be very difficult

• Stealth mode can make it difficult for the networked computers to "see" and interact with the gateway computer

Page 39: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

• Computers don't stay "stealthed". The moment you do something that accesses the internet from your end, you're "unstealthed" because data is coming out

• Any hacker with a packet sniffer who knows where to look can tell that something's there

Page 40: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

Encryption

• Ensures that messages cannot be intercepted/read by anyone other than the authorized recipient

• Deployed to protect data transported over a public network (internet)

• Uses advance mathematical algorithms to ‘scramble’ messages and their attachments

Page 41: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

Encryption

• Provides the security necessary to sustain the increasingly popular virtual private network (VPN) technology– VPNs are private connections, or tunnels,

over public networks– Deployed to protect telecommuters, mobile

workers, branch offices and business partners to corporate networks or each other

Page 42: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

Summary

• Common sense, some simple rules and a few pieces of technology can help protect your computer systems from unauthorized use

• Important to remember that by protecting your own computer system, you're also doing your part to protect computers throughout the university

Page 43: Cal Poly Pomona Foundation Security Awareness Brown Bag Series Sponsored by Foundation MIS Beginners Guide to Computer Security

Resources at Cal Poly Pomona University

Foundation MIS http://www.foundation.csupomona.edu/financial

• Policies, procedures and guidelineshttp://foundation.csupomona.edu/hr/hrpolicies.aspx

• University I&IThttp://www.csupomona.edu/~ehelp