We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byIndia Lady
Modified over 2 years ago
Gulf Computers Presentation Vulnerability Assessment: Steps to a More Secure Network Securing Your Network Fethi Amara –
6/1/ © Gulf Computers L.L.C. Gulf Computers Professional Services s Provider of multivendor, data network consulting services s Reference list in the region includes: Standard Chartered Bank (Dubai) Emirates Airlines / DNATA Group of Companies (Dubai) Sharjah Municipality (Sharjah) Town Planning Department (Abu Dhabi) Civil Defense (Abu Dhabi) GEC Marconi (Abu Dhabi) Ericsson (Oman) Sultan Qaboos University (Oman) Oman Refinery Company (Oman) Occidental (Dubai and Qatar) QAFCO (Qatar) Abdul Latif Jameel (Saudi Arabia) etc.
6/1/ © Gulf Computers L.L.C. The Twenty Most Critical Internet Security Vulnerabilities s s The SANS Institute (SysAdmin, Audit, Network, Security) s s The NIPC (National Infrastructure Protection Center) s s The FBI
6/1/ © Gulf Computers L.L.C. Top 10 Vulnerabilities to Windows Systems s s Internet Information Services (IIS) s s Microsoft Data Access Components (MDAC) -- Remote Data Services s s Microsoft SQL Server s s NETBIOS -- Unprotected Windows Networking Shares s s Anonymous Logon -- Null Sessions s s LAN Manager Authentication -- Weak LM Hashing s s General Windows Authentication -- Accounts with No Passwords or Weak Passwords s s Internet Explorer s s Remote Registry Access s s Windows Scripting Host
6/1/ © Gulf Computers L.L.C. Top 10 Vulnerabilities to Unix Systems s s Remote Procedure Calls (RPC) s s Apache Web Server s s Secure Shell (SSH) s s Simple Network Management Protocol (SNMP) s s File Transfer Protocol (FTP) s s R-Services -- Trust Relationships s s Line Printer Daemon (LPD) s s Sendmail s s BIND/DNS s s General Unix Authentication -- Accounts with No Passwords or Weak Passwords
6/1/ © Gulf Computers L.L.C. The 7 Top Management Errors that Lead to Computer Security Vulnerabilities s s Number Seven: Pretend the problem will go away if they ignore it. s s Number Six: Authorize reactive, short-term fixes so problems re-emerge rapidly s s Number Five: Fail to realize how much money their information and organizational reputations are worth. s s Number Four: Rely primarily on a firewall.
6/1/ © Gulf Computers L.L.C. The 7 Top Management Errors that Lead to Computer Security Vulnerabilities s s Number Three: Fail to deal with the operational aspects of security: make a few fixes and then not allow the follow through necessary to ensure the problems stay fixed s s Number Two: Fail to understand the relationship of information security to the business problem -- they understand physical security but do not see the consequences of poor information security. s s Number One: Assign untrained people to maintain security and provide neither the training nor the time to make it possible to do the job.
6/1/ © Gulf Computers L.L.C. Number of Vulnerabilities and incidents reported (According to Incidents reported in Year Q-2Q 2003 Incidents21,75652,65882,09476,404 Year Q-2Q 2003 Vulnerabi lities 1,0902,4374,1291,993 Vulnerabilities reported in
6/1/ © Gulf Computers L.L.C. The Virus Problem: major catastrophes s s 45 million users worldwide affected by LoveBug (Computer Economics, May 2000) s s LoveBug cost companies an estimated US$10 billion s s Dell stopped production for five days due to FunLove s s 32,000 copies of Melissa hit one company in 45 minutes s s No one is safe l l Microsoft, FBI, Houses of Parliament, Barclays, BT Lost productivity, but also loss of reputation
6/1/ © Gulf Computers L.L.C. The LoveBug world spread First 24 hours
6/1/ © Gulf Computers L.L.C. Vulnerability Scanning Definition s s Testing for areas that allow unauthorized access to networks, systems, and applications l l From outside enterprise l l From internal sources
6/1/ © Gulf Computers L.L.C. Frequency and Damage of Security Threats/Attacks
6/1/ © Gulf Computers L.L.C. Vulnerability Sources s s Networks l l Firewalls l l Devices, e.g., routers, switches s s Systems l l Servers l l Operating system services s s Applications l l Configuration problems l l Design flaws
6/1/ © Gulf Computers L.L.C. Why Conduct Vulnerability Scans? s Obvious l Find vulnerabilities s Not so obvious l Test intrusion detection l Test incident response l Test managed security provider s IDS is no substitute l Speed of attack problem, HoneyNet Project l Limited scope
6/1/ © Gulf Computers L.L.C. Vulnerability Targets s Permissible systems s All access points including l Wireless l Dial-up l VPNs
6/1/ © Gulf Computers L.L.C. Vulnerability Scan Steps s Multiple scanners for different targets l Firewalls l Web servers l Wireless network l Lotus Notes l Novell Netware l Many more s Attack signature database l Must be updatable s Identifies potential vulnerabilities l False positives expected
6/1/ © Gulf Computers L.L.C. Scanner Characteristics s Specialization - specific target s Number of tests - multiple targets s Reporting s Fix information s False positives s Other features, e.g., client/server
6/1/ © Gulf Computers L.L.C. Open Source vs. Commercial Scanners Free Frequent updates More vulnerabilities Can be customized Easy to install/operate Enhanced report generation Fully supported Nessus Sara Cybercop ISS Limited support Lots of false positives Linux expertise needed Cost can be high Cost of support Pros Cons Examples Open Source Commercial
6/1/ © Gulf Computers L.L.C. How Long Does it Take? s It depends l Number of subnets l Number of hosts l Blocks in place –UDP –Firewalls play dead mode s Thoroughness
6/1/ © Gulf Computers L.L.C. Conducting the Scan s Arrange time for scan l Delay start to avoid scapegoating s Special scan for potential trouble systems s Be available 24x7
6/1/ © Gulf Computers L.L.C. Data Analysis s Challenges l Lots of false positives l Meaningful data not always easy to identify s Know your audience l Severity classification l Department focus s Reporting results l Common Vulnerability and Exposures (CVE)
6/1/ © Gulf Computers L.L.C. Report Styles
6/1/ © Gulf Computers L.L.C. Hidden Benefits s Study how security is implemented s Find unknown hosts s Learn about change control process s Good basis for a security policy if one doesn't exist s Policy enforcement
6/1/ © Gulf Computers L.L.C. s s Scan for vulnerabilities in networks, systems & applications s s Choose the right target and matching scanner(s) s s Conduct scan in defined timeframe s s Sift data for relevancy The Bottom Line
6/1/ © Gulf Computers L.L.C. Gulf Computers Professional Security Services s Evaluation l Penetration testing, assessment, audit, vulnerability analysis s Strategic l Incident response, programs, policies, training s Technical l PKI, VPNs, Firewalls, IDS, AAA integration, PDIO
6/1/ © Gulf Computers L.L.C. Question and Answer
Introduction to Network Security INFSCI 1075: Network Security Amir Masoumzadeh.
November 7th, 2003 John Bruggeman - EDUCAUSE 2003 Conference 1 Defining Risk and Fixing the Top 20 Security 101 for a small school.
1 Network Security Workshop BUSAN 2003 Rahmat Budiarto
UNIT 2: Firewalls Content : Firewalls in general basic operation and architecture Main border firewalls using stateful inspection Screening firewalls.
Trends in Endpoint Security by Richard Lau Trends in Endpoint Security by Richard Lau 29 September 2005.
Chapter 11 E-Commerce Security. Electronic CommercePrentice Hall © Learning Objectives 1.Document the trends in computer and network security attacks.
Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall 14-1 MANAGING INFORMATION TECHNOLOGY 7 th EDITION CHAPTER 14 INFORMATION SECURITY.
1 Security Awareness 101 ……and Beyond 20th Annual Computer Security Applications Conference December 6, 2004 Tucson, Arizona Kelley Bogart Melissa Guenther.
Principles of Information Security, 3rd Edition 2 Explain what contingency planning is and how incident response planning, disaster recovery planning,
1 Seminar 4A - Effective Security Practices Eoghan Casey, Security Consultant Jack Suess, CIO, UMBC EDUCAUSE Mid-Atlantic Regional Conference - Baltimore,
1 E-Commerce Servers Internet, Web and Database server architectures for e-commerce.
1 / 99 E - Banking 2 / 99 Outline Introduction to e-Banking What is an e-Bank and why to do e-Banking Some facts about e-Banking Bankers’ Point of.
Application Security Best Practices At Microsoft Ensuring the lowest possible exposure and vulnerability to attacks Published: January 2003.
PCTI Limited - A Unique Name For Quality Education CS-75 INTRANET ADMINISTRATION By: Vinay Aggarwal.
Copyright 2011 John Wiley & Sons, Inc Business Data Communications and Networking 11th Edition Jerry Fitzgerald and Alan Dennis John Wiley & Sons, Inc.
Logical IT Security By Prashant Mali.
Database Controls 2012 National State Auditors Association Information Technology Conference September 2012.
E. Gelbstein A. Kamal Information Insecurity Part I: The Problem Next slide: PgDn or Click Previous slide: PgUp To quit the presentation: Esc 1 of 49 Information.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.
1 27-Dec-13 © Intellinx Ltd. All Rights Reserved.Intellinx Ltd. All Rights Reserved Intellinx Ltd. Intellinx The Enterprise Fraud and Monitoring Solution.
1 Gramm-Leach-Bliley Act (GLBA) Implementation of the Safeguards Rule Information Security Program University of Minnesota (Adapted from the Federal Trade.
1 Kaspersky CCleaner VerbAce WinRar. 2 About VerbAce 2008 Freeware VerbAce 2008 freeware is a translation software with a Arabic-English-Arabic dictionary.
IT Security Auditing. Topics Defining IT Audit Risk Analysis Internal Controls Steps of an IT Audit Preparing to be Audited Auditing IT Applications Who.
1 Copyright © 2011 M. E. Kabay. All rights reserved. Wireless LANs CSH5 Chapter 33 Wireless LAN Security Gary L. Tagg.
1 Services. 2 Agenda Overview –Managing the Transitions of The Networked Learning Environment Blackboard Consulting –Who We Are and What We Do Blackboard.
1 CHAPTER 9 INFORMATION SECURITY Management Information Systems, 9 th edition, By Raymond McLeod, Jr. and George P. Schell © 2004, Prentice Hall, Inc.
SWE 681 / ISA 681 Secure Software Design & Programming Lecture 1: Introduction Dr. David A. Wheeler
1 Notes content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved. Critical Systems Specification.
© 2016 SlidePlayer.com Inc. All rights reserved.