Who’s Knocking At My Firewall Door?

And, other sundry things to know for the non-profit hands-on IT manager or MIS or CIO or CSO or CISO or CITO or CISTO...

Security is a mindset

Ø Think of what can fail

Ø Act to protect yourself from that failure

Ø Prevention is your best defenseØ SmartWater is a liquid with a unique identifier

linked to a particular owner. "The idea is for me to paint this stuff on my valuables as proof of ownership," I wrote when I first learned about the idea.

"I think a better idea would be for me to paint it on your valuables, and then call the police.“

Quote by Bruce Schneier

Network Security

What is Network Security?v Security is the process of preventing and detecting

unauthorized use of your system.v Prevention measures help you stop unauthorized

users (also known as “intruders”) from accessing any part of your system.

v Detection helps you determine whether or not someone attempted to break into your system, if they were successful, and what they may have done.

We use computers for everything from banking to shopping to communicating with others through email and chat programs. Although you may consider communications not “top secret” you certainly don’t want:

Strangers reading your email,Using your network to attack other systems,Sending forged email from your computers orExamining personal information.

Network Security

Why should I care about network security?

Then there are passwords…

Unfortunately, intruders are always discovering new vulnerabilities (informally called ”holes”) to exploit software and, ultimately, the hardware and, quite possibly, your entire network. The complexity of operating systems and software, in general, makes it increasingly difficult to thoroughly test the security of your systems it may effect.

Network Security

How easy is it to break into my network?

Passwords

v Are passwords a good form of security?v It depends

v What makes a bad/good password?v BAD

v Birthplace, mother’s maiden name, pet’s name…What are some others?

v GOODv Something unrecognizable, mnemonic or word/image

associated or patterned

Passwords

OpenID.netv Many web users deploy the same password across multiple websites.

And since traditional passwords are not centrally administered, if a security compromise occurs at any website you use, a hacker could gain access to your password across multiple sites. With OpenID, passwords are never shared with any websites, and if a compromise does occur, you can simply change the password for your OpenID, thus immediately preventing a hacker from gaining access to your accounts at any websites you visit.

v Sites using OpenID include Flickr, Blogger, Yahoo!, Google, Wordpress, AOL, MySpace and more.

The Knocks on the Door

v What is at risk?v Confidentiality

v Rights to access

v Integrityv Permission to modify or edit

v Availabilityv Accessible to those who need it when they need it

Risks

Types:• Trojan horse programs

• Back door & remote administration programs

• Denial of Service (DoS)

• Being an intermediary for another attack

• Unprotected Windows shares

• SQL injections

•

• Mobile code (Java, Javascript & ActiveX)

Solutions

v Virus/Spam protection – set for scheduled scans

v Firewall & WiFi Access Points

v Don’t open unknown email attachments

v Don’t run applications of unknown origins

v Disable hidden file extensions

v Keep everything updated

v Turn off or disconnect computers from network

v Disable mobile code, if possible

v Backup, Backup, Backup

v Maintain original install or boot disks

Key Points

v Perfect Security is not possiblev It’s a moving target.

v Have a backup planv Plan for crisis and damage control

v TEST IT!!!

Evaluation Code: 244

How Was this Session?

Call In Text Online

Call 404.939.4909Enter Code 244

Text 244 to 69866 Visit nten.org/ntc-evalEnter Code 244

Session feedback powered by:

Tell Us and You Could Win a Free 2011 NTC Registration!

Weblinks & Referenceswww.cert.orgwhodoyoucall.us/resources.htmwww.comptechdoc.org