Upload
eze
View
39
Download
0
Embed Size (px)
DESCRIPTION
Security. Test. December 13 Binary Numbers Computer Networks Internet Protocols Security. Security Threats. Data Security Viruses Worms Trojans. Security Threats. Viruses Virus is a program written with malicious intent and sent out by attackers - PowerPoint PPT Presentation
Citation preview
© 2007-2010 Cisco Systems, Inc. All rights reserved. Cisco PublicITE PC v4.1 Chapter5 1
Security
ITE PC v4.1 Chapter 5 2© 2007-2010 Cisco Systems, Inc. All rights reserved. Cisco Public
Test
• December 13• Binary Numbers• Computer Networks• Internet Protocols• Security
ITE PC v4.1 Chapter 5 3© 2007-2010 Cisco Systems, Inc. All rights reserved. Cisco Public
Security Threats
• Data Security• Viruses• Worms• Trojans
ITE PC v4.1 Chapter 5 4© 2007-2010 Cisco Systems, Inc. All rights reserved. Cisco Public
Security Threats
• Viruses• Virus is a program written with malicious intent and sent out by attackers
• The virus is transferred to another computer through e-mail, file transfers, and instant messaging
• It hides by attaching itself to a file on the computer.
• When the file is accessed, the virus executes and infects the computer
ITE PC v4.1 Chapter 5 5© 2007-2010 Cisco Systems, Inc. All rights reserved. Cisco Public
Security Threats
• Viruses
• Keystroke Recording• Used to record passwords and credit card numbers
ITE PC v4.1 Chapter 5 6© 2007-2010 Cisco Systems, Inc. All rights reserved. Cisco Public
Security Threats
• Famous Virus
• ILOVEYOU (2000)
• Disguised itself as a text file in an email which, when opened, would automatically send itself to every contact in a users address book
• Caused billions in lost business
ITE PC v4.1 Chapter 5 7© 2007-2010 Cisco Systems, Inc. All rights reserved. Cisco Public
Security Threats
• Worms
• Do not rely on humans
• Are not attached to programs that need to be opened
• Copies itself and sends its copies throughout a computer network (such as the internet)
ITE PC v4.1 Chapter 5 8© 2007-2010 Cisco Systems, Inc. All rights reserved. Cisco Public
Security Threats
• Famous Worm
• Code Red (July 2001)
• Named after “Code Red” Mountain Dew
• Spread to web servers and changed website to:• HELLO! Welcome to http://www.worm.com! Hacked By Chinese!
• Became a meme…
•Also launched DDoS attacks
ITE PC v4.1 Chapter 5 9© 2007-2010 Cisco Systems, Inc. All rights reserved. Cisco Public
Security Threats
• Trojans
• Appear to do one thing, really do another
• Often disguised as useful hardware
• Technically a type of worm
ITE PC v4.1 Chapter 5 10© 2007-2010 Cisco Systems, Inc. All rights reserved. Cisco Public
Security Threats
• Spam• Junk e-mail
• Often advertising
• May contain links to viruses, infected sites, or popups
ITE PC v4.1 Chapter 5 11© 2007-2010 Cisco Systems, Inc. All rights reserved. Cisco Public
TCP/IP Attacks
•TCP/IP
• The protocol used to control all of the communications on the internet
• Common Attacks• DoS• DDoS• Spoofing
ITE PC v4.1 Chapter 5 12© 2007-2010 Cisco Systems, Inc. All rights reserved. Cisco Public
TCP/IP Attacks
• Denial of Service (DoS) Attacks• Prevent users from accessing servers• Server is too busy, overloads, ceases to operate• Types:
• Ping of Death: Repeated, larger than normal pings• E-Mail Bomb: Large quantity of email that overloads e-mail server
•Distributed Denial of Service (DDoS)•Uses infected computers, called zombies
ITE PC v4.1 Chapter 5 13© 2007-2010 Cisco Systems, Inc. All rights reserved. Cisco Public
TCP/IP Attacks
•Spoofing• A person or program impersonates another with false data
• Phishing Scams• Legitimate webpage is reproduced on another server under attacker’s control• Used to harvest usernames and passwords
•E-mail Spoofing• False sender information
ITE PC v4.1 Chapter 5 14© 2007-2010 Cisco Systems, Inc. All rights reserved. Cisco Public
Data Protection
•Password Protection•Two Levels
• BIOS• Operating system will not boot• BIOS cannot be changed
• Login• Prevent access to computer and network
ITE PC v4.1 Chapter 5 15© 2007-2010 Cisco Systems, Inc. All rights reserved. Cisco Public
Data Protection
•Password Protection• Password Security
• NOT 123456• Rules
• Passwords should expire• Mixture of letters and numbers• DO NOT WRITE THEM DOWN• Do not use the same password for everything• Longer is better… for passwords, pervert
ITE PC v4.1 Chapter 5 16© 2007-2010 Cisco Systems, Inc. All rights reserved. Cisco Public
Data Protection
•Password Protection• Smartcards
• Plastic card, needs to be swiped
• Biometric Security• Fingerprint• Retinal scan, etc.
ITE PC v4.1 Chapter 5 17© 2007-2010 Cisco Systems, Inc. All rights reserved. Cisco Public
Data Protection
•Wireless Security
• What IS the difference between:• Wired equivalent privacy• Wi-fi protected access• Wi-fi protected access 2• Lightweight extensible authentication protocol