8: basic security networking for home & small business
TRANSCRIPT
Network Intrusion
• Attacks can be devastating– Cost money, time, theft of
files, etc
• HACKERS– Intruders who gain
access by modifying software or exploiting software vulnerabilities
4 Threats from the Hacker
• Stealing Confidential Info– Credit card #’s– Private Company info such as a project in
development– Could be sold
4 Threats from the Hacker
• Destroy or Alter Records– Send a virus that reformats HD– Changing your grades– Change store prices
4 Threats from the Hacker
• Identity Theft– Stealing info to take on identity– Applying for credit cards & buying stuff– Obtain DL’s
4 Threats from the Hacker
• Disrupting Service– Preventing user from accessing services such
as Internet
Where’d He Come From?
• Internal Threat– Has authorized access
• Knows people & network• Knows what info is valuable
– OR someone may have just picked up a virus
• According to the FBI, internal access and misuse of computers systems account for approximately 70% of reported incidents of security breaches.
Social Engineering
• Deceiving internal users into performing actions or revealing confidential info– Takes advantage of them– Usually don’t meet them face-to-face
Fight Intrusion
• http://www.us-cert.gov/reading_room/before_you_plug_in.html
• http://www.us-cert.gov/reading_room/distributable.html
Other Attacks
• Viruses, Worms and Trojan horses– Malicious software put on hosts– Damage system, destroy data, deny access– They can forward data to thieves– Can replicate to other hosts
Simplified
Virus Attaches to a program
Can reproduce Causes havoc!
Worm Self-replicating Sends copies of itself to other comp. w/ security holes
Cause harm to network; ties up bandwidth
Trojan Horse
Computer program disguised
Does damage when run
Can’t replicate
Let’s See…
• GCIT
• Who wants to play…– ID Theft Faceoff?– Invasion of the Wireless Hackers?– Phishing Scams?
• Quiz Time for all!– http://www.sonicwall.com/phishing/
Just Being Evil!
• Sometimes the goal is to shut a network down & disrupt the organization– Can cost a business lots of money!!
Denial of Service (DoS)
• In general, DoS attacks seek to:– Flood a system or network with traffic to
prevent legitimate network traffic from flowing – Disrupt connections between a client and
server to prevent access to a service– Some are not used much anymore, but can be
• SYN flooding
• Ping of Death
DDoS
• DDoS– Attack by multiple systems infected with DDoS
code– Sends useless data to server– Overwhelms system & it crashes
Brute Force
• Fast computer used to guess passwords or decipher encryption code
• Brute force attacks can cause a denial of service due to excessive traffic to a specific resource or by locking out user accounts
• Try 8.2.2.3
Review
• Name 3 types of social engineering.– Pretexting, Phishing, Vishing
• How are you targeted in a pretexting attack?– Over the phone
• You click on a pop-up window to claim a “prize.” A program was installed w/out you knowing & now an attacker has access to your system. What is this called?– Trojan Horse
Review
• Which attack doesn’t need activation and copies itself across the network?– Worm
• A server is busy responding to a SYN with an invalid source IP address. What’s the attack?– SYN Flooding
Other Threats
• Not all threats do damage– Some collect info
• Spyware
• Tracking Cookies
• Adware
• Pop-ups
Spyware
• Program that gathers personal info w/out your permission– Info sent to advertisers
• Usually installed unknowingly– Downloaded, installing a
program, click on pop-up
• Can slow computer down or make settings changes
• Can be difficult to remove
Tracking Cookies
• Form of spyware– Not always bad
• Records info about user when they visit web sites– Allows personalization– Many sites require them
Adware
• Form of spyware
• Records info about user when they visit web sites
• For advertising purposes– Pop-ups & pop-ups of ads
Pop-Ups (and Pop-Unders)
• Adware EXCEPT doesn’t collect any info
• Pop-ups– Open in front of the current browser window
• Pop-unders– Open behind the current browser window
Spam
• Unwanted bulk mail from advertisers• Spammer sends
– Often sent through unsecured servers– Can take control of computers– Then sent from that computer to others
• On average, how many spam emails are sent to a person per year?– 3000
Review
• You visit a web site and see this annoying advertising tactic that appears in a new window. What is it?– Pop-up
• This type of advertising is sent to many, many people. The advertiser uses no marketing scheme.– Spam
• This form of spyware is not always bad & can be used for personalization of a site.– Cookies
Security Measures
• You can’t eliminate security breaches– You can minimize the risks
• Policy
• Procedures
• Tools & Applications
Security Policy• Formal statement of rules when using tech
– Acceptable use policy– Detailed handbook
• What should be included?
More Security Procedures
• The procedures help implement the policies
• Some of the security tools and applications used in securing a network include:
Rut Roh!
• Computer starts acting abnormally• Program does not respond to mouse and
keystrokes.• Programs starting or shutting down on their own. • Email program begins sending out large
quantities of email• CPU usage is very high • There are unidentifiable, or a large number of,
processes running. • Computer slows down significantly or crashes
Anti-Virus Software
• Preventive & Reactive tool
• Features– Email checker– Dynamic Scanning (checks files when
accessed)– Scheduled scans– Auto update
• When a virus is known, they will update it
Anti-Spam
• Spam sends unwanted emails– Code takes over PC to send more
• The software ID’s it & places it in junk folder or deletes it
• On PC or on email server– ISP may have a spam filter
Other ways to prevent spam
• Keep anti-virus up to date
• Don’t forward suspect emails
• Ignore the virus warning email
• Report spam to admin to be blocked
• Don’t open attachment from people you don’t know
Anti-Spyware
• Spyware & Adware cause virus-like symptoms– Use computer resources
• This software can detect & delete them
• Pop-Up Blockers
What’s a firewall?• Resides between two or more networks and
controls the traffic between them as well as helps prevent unauthorized access
• Packet Filtering– Based on IP or MAC addresses
• Application / Web Site Filtering– Based on the application.– Websites can be blocked by URL or keywords
• Stateful Packet Inspection (SPI) – Must be responses from internal host– DoS saver
Firewall & DMZ at home/ Port Forwarding/ Wireless AP internal
• Let’s say you have a web server
• It needs to handle web request while you still protect you internal network
• Create a DMZ with the Linksys
Is Your Network Vulnerable?
• Tools to help identify where attacks can occur– Number of hosts on a network– The services hosts are offering– The OS and update versions on hosts– Packet filters and firewalls in use
• Lab 8.4.3.2?– Vulnerability Analysis