Top Schools in Ghaziabad By: school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-2 Security Fundamentals What is security? Why do I need security? Levels of security Some scenarios Security Policy school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-3 What is Security? Procedures that protect you, your employees, and your peers Paper or electronic media Hardware, software, and networks Protect from damage, theft, or change school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-4 What is Security? Protect assets and resources against Human error Intruders from outside Dishonest employees Technical sabotage school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-5 Why do I Need Security? Typical bank robbery: $9000 Typical embezzlement or white collar crime: $25,000 Typical electronic crime: $650,000 school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-6 Why do I Need Security? Name a company, its been broken into What does this cost a year? (Estimate $5 billion) 17% of US companies had losses due to lack of security CERT reports a 77% increase in computer break- ins from 1994-1995 It is estimated that 85%-97% of computer intrusions go undetected school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-7 Why do I Need Security? Statistics (Who is breaking into you) Current employees 81% Former employees 6% Outsiders 13% school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-8 Why do I Need Security? Statistics (What are they doing) Alteration of information 12% Theft of service 10% Trespass 2% Money theft 44% Theft of information 16% Damage to software 16% school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-9 Why do I Need Security? Statistics (Damage to data) Dishonest employees 10% Terrorism 3% Technical sabotage 10% Water 10% Fire 15% Human error 55% school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-10 Why do I Need Security? The growth of the internet and client/server applications has moved more business data onto the network. This means more to lose if that data is tampered with or stolen. Internetworking is great for data sharing but decreases security. school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-11 Why do I Need Security? Protect yourself from an attack on your account or network Protect others from being attacked by your account or network Disaster recovery school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-12 Levels of Security The United States Department of Defense has defined 7 levels of computer OS security in a document known as the Trusted Computer Standards Evaluation Criteria. The levels are used to define different levels of protection for hardware, software, and stored information. The system is additive - higher ratings include the functionality of the levels below. school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-13 Levels of Security D1 is the lowest form of security available and states that the system is untrusted A D1 rating is never awarded because this is essentially no security at all school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-14 Levels of Security C1 is the lowest level of security. The system has file and directory read and write controls and authentication through user login. However, root is considered an unsecure function and auditing (system logging) is not available. Most Unix machines would be classified as C1. school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-15 Levels of Security C2 features an auditing function to record all security-related events and provides stronger protection on key system files, such as the password file. Most Unix machines have the capability with addition of software to become C2 compliant. school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-16 Levels of Security B1 supports multi-level security, such as secret and top secret, and mandatory access control, which states that a user cannot change permissions on files or directories B2 requires that every object and file be labeled according to its security level and that these labels change dynamically depending on what is being used. school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-17 Levels of Security B3 extends security levels down into the system hardware; for example, terminals can only connect through trusted cable paths and specialized system hardware to ensure there is no unauthorized access A1 is the highest level of security validated through the Orange Book. The design must be mathematically verified; all hardware and software must have been protected during shipment to prevent tampering. school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-18 Types of Attacks? A fire burned in an office. The fire destroyed all software, the computer, and most of the files. The office was that of the departmental administrator who did grades, budgets, and contract functions. Prevention? What to do? school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-19 Disaster Recovery Plan Backup policy Steps to be taken when you have a disaster Contact names school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-20 Disaster Recovery (Backups) Create a backup policy There are 2 reasons to do backups Recovery of accidentally deleted files Disaster recovery Follow your policy and take backups regularly. Verify these backups at some interval. Keep backups off-site school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-21 Backups Purchase good software and hardware for backups Decide on which data to backup and on what interval Get a routine Daily, weekly, and monthly Full and Incremental school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-22 Disaster Recovery (Recovery) What do you do when you have a major disaster? Dont panic Remember you have good backups Follow your plan (You did write up a plan for this right?) school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-23 Types of Attacks? In an open, well traveled, multi-cubicle office you have financial resource access that you must transfer to your network departmental computer. How do you perform your work on the mainframe, Novell and your PC while doing other clerical duties that often take you from your desk? Without compromising your data? school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-24 Protection from Theft or Change Risks analysis What are the potential risks? Who wants to see this data? Who wants to change this data? Possible attacks from inside? You must create a security policy! school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-25 Protection from Theft or Change Protect from the public wandering the area Keep good passwords and screen savers with passwords school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-26 Types of Attacks Using commonly accessible hacker tools your password is guessed and somebody uses your account to then break into another account. Prevention? What to do? school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-27 Password Hacker (Prevention) Good password Change it often Watch the last time logged in info (Unix) Monitor for new and changed files, things you didnt do school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-28 Passwords (User) Dont panic Change your password Contact your security administrator Get help looking for back doors left by the intruder such as your .rhosts file under Unix Continue to monitor for new and changed file, things you didnt do school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-29 Passwords (Security Admin) Continue to monitor for new and changed file, things the user didnt do Look for back doors left behind by the intruder such as the .rhosts file Check the password file for new accounts Look for other sites the user went to. Contact those sites and let them know that they have a hacker. school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-30 Passwords (Security Admin) Have accounting turned on so you can track the commands this person ran Contact your vendor for patches for any security holes that might have been exploited Search the web and news groups for security info (Remember this is where the hackers get their info also) school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-31 Passwords DON'T use your login name in any form (as is, reversed, capitalized, doubled, etc.) DON'T use your first, middle, or last name in any form or use your spouse's or child's name DON'T use other information easily obtained about you. This includes license plate numbers, telephone numbers, social security numbers, the make of your automobile, the name of the street you live on, etc school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-32 Passwords DON'T use a password of all digits, or all the same letter DON'T use a word contained in English or foreign language dictionaries, spelling lists, or other lists of words DON'T use a password shorter than six characters school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-33 Passwords DO use a password with mixed-case alphabetics DO use a password with non-alphabetic characters (digits or punctuation) DO use a password that is easy to remember, so you don't have to write it down school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-34 Types of Attacks You are sitting in your office when your mail server becomes unreachable. You eventually have to reboot the machine because it has locked up. An hour later it happens again. This time you notice some weird network behavior right before it locks up. school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-35 Denial of Service Attacks SYN attacks take advantage of an inherent problem in TCP/IP, and can cause a machine or a specific port on the machine to stop responding PING Floods can bring down your entire network Any attack designed to make a service unusable school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-36 Denial of Service Attacks A firewall can block most denial of service attacks A router can also be used to hand block the IPs that are doing the denial of service Contacting your Internet Service provider to have them trace and block the attack Denial of service attacks can be difficult to stop school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-37 Types of Attacks Your PC on your desk begins acting strangely, files are disappearing and it keeps locking up. You do a virus scan and find you have a virus. Prevention? What to do? school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-38 Viruses (Symptoms) Erratic behavior Slow performance Strange activity Dropping letters, file name changes, etc. Lost files or directories Positive report from your antiviral scanner school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-39 Viruses (Prevention) Have a good backup. For some reason viruses appear less when they know there is a backup Scan all new floppies Scan your system daily Dont allow home disks to be used without proper scanning school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-40 Viruses (What to do) DONT PANIC User your antiviral tools Remember you have backups Contact your Security Administrator if you need help school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-41 Types of Attacks A student brings you a list of accounts and passwords that she found in a computer pod laying by a PC. They appear to have been gotten with a sniffer. Prevention? What to do? school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-42 Sniffer (Prevention) Make sure publicly accessible PCs are protected in some way Dont let normal users install packages on them Make each user sign up to use the PC Authenticate the user before they are allowed to use the PC This will help you track who did what if something does happen school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-43 Sniffer (Prevention) Having a security policy will make it possible to take action against parties that run sniffers Remember that a sniffer can only watch its leg of a switched network and cant watch across a router either There are vendors that provide Secure connections to Unix hosts. Probably to other hosts as well. school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-44 Sniffer (What to do) Contact the list of users and have them change their passwords Begin monitoring that list of users to see if anybody attempts to break into those accounts school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-45 Security Policy The first rule of security is basically whatever you did not expressly say I could not do I am allowed to do. A good security policy should start by denying all access and then expressly add back access for specific needs. Consider the goals and the mission of your site A military site will have different requirements than an educational site, as well as departments within each site school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-46 Security Policy The site policy will have to conform with existing policy so identify any existing policy before you begin. You will need to address the global picture in the policy by addressing not only security issues developing at your local site from remote users but security issues caused by your local users on a remote site. school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-47 Security Policy Policy creation should be done by may different people within the organization such as decision makers, technical people, and the end user. A site security policy which is unusable, unimplementable, or unenforceable is useless. school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-48 Security Policy Create a list of assets that need to be protected Hardware Software Data Documentation Supplies school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-49 Risk Assessment What are your risks? What type of data are you protecting? What are you protecting it from? There are companies and consultants that can do this for you school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-50 Risk Assessment The process of examining all of your risks, and ranking those risks by level of severity. This process involves making cost-effective decisions on what you want to protect. school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-51 Risk Assessment - Possible Risks Unauthorized usage Unavailable service Theft of data school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-52 Risk Assessment Use a scheme to weight the risks against the importance of the data. This will allow the policy to be tailored towards what you need to protect most. school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-53 Acceptable Use Who can use? What can they use it for? Who can grant use? Resource consumption? What is abuse of the systems? Users permitted to share accounts? Who provides backups? school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-54 Acceptable Use Email privacy? Policy on obscenity? Policy on mail forgery? What else? Who will interpret this policy? A committee or a person or? school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-55 Auditing Use the tools on your machines to look at log files Check for non standard times for users to log in Check for users logging in from different sites than normal Check for failed logins Check for a large number of error messages school.edhole.com Copyright 1997, The University of New Mexico The University of New Mexico I-56 Review If you dont review you will get passed by with the latest way to be broken into. At a specific interval you should review and reassess your risk. Things change often! school.edhole.com