Presentation is loading. Please wait.

Presentation is loading. Please wait.

U N C L A S S I F I E D Defense-in-Depth By Richard Hammer LANL LA-UR-08-2558 Securing Your System Using a Layered Security Approach.

Published byWeston Tovey Modified over 9 years ago

Similar presentations

Presentation on theme: "U N C L A S S I F I E D Defense-in-Depth By Richard Hammer LANL LA-UR-08-2558 Securing Your System Using a Layered Security Approach."— Presentation transcript:

1 U N C L A S S I F I E D Defense-in-Depth By Richard Hammer LANL LA-UR-08-2558 Securing Your System Using a Layered Security Approach

2 U N C L A S S I F I E D Overview Relative Risks Threat Vectors What attackers need us to do Things Everyone Can do Client protections Summary

3 U N C L A S S I F I E D Goal! Secure your system so you: –Do not lose your identity if system is stolen –Feel comfortable storing and processing personal, financial, business, and sensitive information –Feel comfortable making online transactions

4 U N C L A S S I F I E D Old and New Threats

5 U N C L A S S I F I E D What attackers need from us! Need us to execute a program Need us to NOT securely configure our programs Need us to NOT pay attention Need us to NOT patch Need us to be careless, gullible or curious Need us to NOT understand the technology “It’s that easy because we allow it to be that easy” Frank Abagnale

6 U N C L A S S I F I E D Things we all can learn to DO! Compute as an Unprivileged User if possible Understand E-mail Understand Web Browsing Encrypt our Data Know what is connecting in/out Actually do it!

7 U N C L A S S I F I E D Hackers do not like unprivileged users They cannot change system settings They cannot install programs that change system settings They cannot undo security settings Reboot will normally put system back into secure state again.

8 U N C L A S S I F I E D Which is more secure? Storing your credit card in your wallet Or Storing your credit card number on your computer

9 U N C L A S S I F I E D Protecting data at rest (Powered Off) Physical Security Encryption Nothing else will work –Remove the disk –Reset password –Boot off cracker media –T up a Macintosh

10 U N C L A S S I F I E D Harddrive/File Encryption Truecrypt, Guardian Edge, WinMagic, PGP, Pointsec, Cypherix, Calibex, TrueCrypt, Many more! Hardware –Fortezza –Harddrives Windows EFS/BitLocker Apple FileVault Bcrypt Entrust ICE Entrust & PGP

11 U N C L A S S I F I E D Apple FileVault

12 U N C L A S S I F I E D Built-in Windows encryption

13 U N C L A S S I F I E D System Up and You Are Logged In (Includes Sleep Mode) No longer protecting Data –Full disk encryption –Hardware encryption –Windows EFS/BitLocker or FileVault Protecting data until password entered –Encrypted Disk Image (MacOSX) –Entrust, PGP, TrueCrypt, Bcrypt –Other 3 rd party encryption products

14 U N C L A S S I F I E D Entrust/PGP File Encrypt Options

15 U N C L A S S I F I E D Goals of Cryptosystems! Ensure: Confidentiality Integrity Authentication Non-Repudiation

16 U N C L A S S I F I E D Cryptosystems Problems? You might lock yourself out forever! Key Management Key Distribution Password/Passphrase Protection Can’t encrypt/decrypt offline? Speed? Export? (GOV export authorized)

17 U N C L A S S I F I E D What will Defeat Encryption Not protecting the password Sleep mode and fast switching Freeze spray, shutdown/leave Malware –Keyboard Loggers –E-mail Infections Not paying attention to warning messages Backups

18 U N C L A S S I F I E D Understanding e-mail Clear text e-mail is completely unreliable. How do you recognize bogus e-mail? What is URL redirection? How do you protect yourself? Outlook?

19 U N C L A S S I F I E D Why you should not Trust Clear Text e- mail Do not know who sent it Do not know who sees it Do not know where it went Do not know who read it Do not know if content changed Still on server, backups? Sys Admins have full access

20 U N C L A S S I F I E D Encrypting e-mail? Only Intended Recipients can read messages or open files Data has not been modified Data is from the expected source Not seen on the wire Not just SSL/TLS to server PGP/SMIME/Entrust

21 U N C L A S S I F I E D Entrust Encryption Example?

22 U N C L A S S I F I E D PGP/SMIME Encryption Example?

23 U N C L A S S I F I E D SMIME/PGP/Entrust e-mail

24 U N C L A S S I F I E D Phishing right here in LA! Guy Lisella “Anytime they ask for personal information, it’s a scam.” Legitimate businesses will NEVER ASK for personal information to be transmitted over clear text e-mail! If unsure, call them.

25 U N C L A S S I F I E D How do you recognize bogus e-mail? Do you know the sender? Is the offer “too good to be true?” Embedded links that point to an address that doesn’t appear right. Your email address is not listed on the “TO” or “CC”. The “FROM” & “Return-Path” don’t match. Unexpected attachments.

26 U N C L A S S I F I E D What is wrong?

27 U N C L A S S I F I E D Understanding URLs/Redirection http://computername.domainname/directoryname/indexfile.html Where you thought you were going: http://www.dncu.com/login.aspx?update http://63.214.247.170/login.aspx?update Where you are redirected: http://www.dncu.org.hi-position.com/register/login.html Computer name – www Domainname – dncu.org.hi-position.com IP Address – No longer registered, but was 202.168.210.1XX Directory – register Index file – login.html

28 U N C L A S S I F I E D Look at the e-mail header Eudora – Blah, Blah, Blah Outlook – View Options or Right Click Options Webmail – Click on Full Headers Thunderbird – Menu Bar, VIEW/HEADER, ALL

29 U N C L A S S I F I E D Give me the money

30 U N C L A S S I F I E D Stop Right There!

31 U N C L A S S I F I E D E-mail client configuration Do NOT auto execute anything Do NOT automatically download HTML graphics Do NOT display graphics in message Do NOT allow executable html content Do NOT display emotions as a graphic Do NOT use Microsoft viewer.

32 U N C L A S S I F I E D Entourage Settings

33 U N C L A S S I F I E D Before and After (Mac Mail)

34 U N C L A S S I F I E D What’s Wrong? Unknown sender, not addressed to me, has an attachment I did not expect.

35 U N C L A S S I F I E D Virus protection caught it three weeks later, don’t be the first to open it!

36 U N C L A S S I F I E D Which is more secure? Paying for a dinner with a credit card Or Online purchase

37 U N C L A S S I F I E D Compare the two!

38 U N C L A S S I F I E D Web Browser Security Understand how it works SSL/TSL Privacy Settings Security Settings “Warn me” is always a good option when not sure Scripts Understand Threats Internet Explorer?

39 U N C L A S S I F I E D Web Access (SSL/TLS) SSL Developed by Netscape (1994) Certificate Exchange System to System Certificate Authority Should only use SSL 3.0 or TLS 1.0 Is it secure? Redirection Man-in-Middle Attack

40 U N C L A S S I F I E D Keeping Track of State SessionID https://ucfy.ucop.edu/ucfy/BaseServlet;jsessio nid=0000q9ZvjIPe7xWTjxeftFjTqBy:-1 Cookie –Persistent –Non- Persistent Hidden Form Element

41 U N C L A S S I F I E D Firefox Security Settings

42 U N C L A S S I F I E D Man-in-Middle

43 U N C L A S S I F I E D Warning, should I proceed?

44 U N C L A S S I F I E D Secure ???

45 U N C L A S S I F I E D Clearing Privacy Settings (Firefox)

46 U N C L A S S I F I E D Security Settings (Firefox)

47 U N C L A S S I F I E D Firefox - noscript

48 U N C L A S S I F I E D Firefox – noscript (2)

49 U N C L A S S I F I E D Secure Web Transactions Open New Browser Ensure SSLv3/TLS You initiate connection Only go to sites associated with transaction Use noscript and only allow needed scripts Pay attention to error messages Logout when done Close browser and clear settings

50 U N C L A S S I F I E D Personal Application layer firewalls ZoneAlarm Little Snitch/Apple Firewall combo In/Out protection Can distinguish between different programs connecting out on same port Will teach you which applications really connect out from your system

51 U N C L A S S I F I E D Connecting out, Really?

52 U N C L A S S I F I E D Same Port, different program

53 U N C L A S S I F I E D Client Protection Summary User vs Admin Privilege Virus Protection Spyware/Adaware Protection Keep Systems & Applications patched Backup your data Secure Program Settings, don’t Auto execute and turn off autoplay.

54 U N C L A S S I F I E D Client Protection Summary DO NOT open attachments unless you expect them. Don’t click on embedded links Pay attention to warning messages POP-UP blockers Clear privacy settings noscript

55 U N C L A S S I F I E D Client Protection Summary If it’s “too good to be TRUE,” it is! When configuring programs keep personal information to a minimum. Remove programs you don’t need Stay away from shady web sites One-time Credit Card Numbers Shutdown when not using Disconnect from network if you don’t need to be on it.

56 U N C L A S S I F I E D Client Protection Summary Encrypt sensitive information Application Layer Personal Firewall Outlook and Internet Explorer: –Consider replacing these programs. –Keep them patched.

57 U N C L A S S I F I E D Educate Yourself!

Download ppt "U N C L A S S I F I E D Defense-in-Depth By Richard Hammer LANL LA-UR-08-2558 Securing Your System Using a Layered Security Approach."

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Wichita Public Library Rex Cornelius Electronic Resources Webliography online at:

Wichita Public Library Rex Cornelius Electronic Resources Webliography online at:
Working with the Internet

Working with the Internet
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Internet Safety Gleneagles Computer Club February 16, 2015 by Deborah Benson.

Internet Safety Gleneagles Computer Club February 16, 2015 by Deborah Benson.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Bsharah Presentation Threats to Information Security Protecting Your Personal Information from Phishing Scams.

Bsharah Presentation Threats to Information Security Protecting Your Personal Information from Phishing Scams.
Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.

Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.
Phishing (pronounced “fishing”) is the process of sending e-mail messages to lure Internet users into revealing personal information such as credit card.

Phishing (pronounced “fishing”) is the process of sending messages to lure Internet users into revealing personal information such as credit card.
Don’t Lose Your Identity – Protect Yourself from Spyware Dan Frommer Sherry Minton.

Don’t Lose Your Identity – Protect Yourself from Spyware Dan Frommer Sherry Minton.
Tutorial 5 Downloading and Storing Data. XP Objectives Learn what FTP is and how it works Explore how to use a Web browser to transfer files Navigate.

Tutorial 5 Downloading and Storing Data. XP Objectives Learn what FTP is and how it works Explore how to use a Web browser to transfer files Navigate.
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.
Email Security Jonathan Calazan December 12, 2005.

Security Jonathan Calazan December 12, 2005.
Sensitive Data Accessibility Financial Management College of Education Michigan State University.

Sensitive Data Accessibility Financial Management College of Education Michigan State University.
FIRST COURSE Computer Concepts Internet and Email Microsoft Office Get to Know Your Computer.

FIRST COURSE Computer Concepts Internet and Microsoft Office Get to Know Your Computer.
Title: The Internet LO: Security risks. Security risks Types of risks: 1.Phishing 2.Pharming 3.Spamming 4.Spyware 5.Cookies 6.Virus.

Title: The Internet LO: Security risks. Security risks Types of risks: 1.Phishing 2.Pharming 3.Spamming 4.Spyware 5.Cookies 6.Virus.
Security. Physical security Protection from fire/water Protection from dust and extremes of temperature.

Security. Physical security Protection from fire/water Protection from dust and extremes of temperature.
Quiz Review.

Quiz Review.
Lesson 46: Using Information From the Web copy and paste information from a Web site print a Web page download information from a Web site customize Web.

Lesson 46: Using Information From the Web copy and paste information from a Web site print a Web page download information from a Web site customize Web.
Lesson 46: Using Information From the Web copy and paste information from a Web site print a Web page download information from a Web site customize Web.

Lesson 46: Using Information From the Web copy and paste information from a Web site print a Web page download information from a Web site customize Web.

Similar presentations

Ads by Google