Presentation is loading. Please wait.

Presentation is loading. Please wait.

Your Users, Friend or Foe? Matthew Sullivan IT Security Manager, the University of Canberra Creator, the Spam and Open Relay Blocking System (SORBS)

Published byKylee Stair Modified over 9 years ago

Similar presentations

Presentation on theme: "Your Users, Friend or Foe? Matthew Sullivan IT Security Manager, the University of Canberra Creator, the Spam and Open Relay Blocking System (SORBS)"— Presentation transcript:

1

2 Your Users, Friend or Foe? Matthew Sullivan IT Security Manager, the University of Canberra Creator, the Spam and Open Relay Blocking System (SORBS)

3 About this Talk Provoking discussion. The Network Security Problem. To firewall, or not? Old school, or just forgotten? Some examples. How does it affect you?

4 Provoking Discussion These slides are not to teach they are to remind. We hear lots of talk about what we should and shouldn’t do, why don’t we ask? Windows Vista –Great new time saving product, –New smarter and, more secure OS, –Or cash cow designed to line the pockets of shareholders? –Or even something to drive the American Economy?

5 The Network Security Problem Securing against outside attack the priority? Securing against inside attack? Security of the desktop? Securing against stupidity?

6 To Firewall or not? Everyone has a firewall, or do they? Who thinks they are secure because they are firewalled? Who thinks they are not secure without one?

7 Old School, or just forgotten? Head count: How many hosts ( 1k)? How many seats ( 1k)? Who is firewalling? Who has email gateways? Who has had a host hacked ( 1yr)? Firewalls are only needed to prevent stupidity Without stupid people we wouldn’t need them. Without nasty people we wouldn’t need them either….

8 An example (home user). Senior Unix Admin working for Customs Can’t make Zone Alarm work with program. Installs VNC for help. Opens VNC port in firewall. Doesn’t set password. 18 hours later, “hacker attack” RootkitRevealer reveals nothing. Machine under full remote control.

9 An Example (Professional) Professor, external project. Has 2 servers, RedHat, and Windows 2003 Machines are “Servers” for custom app. ITSec alerted to scanning at 03:30 5 th Feb ‘07 10:00 “Networks” blocked external access. 15:30 6 th Feb ‘07 machine and owner located. Operator and Professor wondering why Windows 2003 was ‘having problems’ 15:35 6 th Feb, machine removed from internal network. 13:00 8 th Feb ITSec asked to examine machine. RootkitRevealer indicated unidentified RootKit. 9 th Feb machine re-installed.

10 So what’s the Problem? Unix Admin, opens a port in firewall, doesn’t secure service. Professor hasn’t patched Win 2003 server, common IIS exploit used to ‘Root’ server. Both ask ITSec why firewall didn’t stop the “hacker”…?

11 How does this affect you? So what are the risks here…? A server hacked on the corporate network? A home user, with their computer hacked? A mobile user with a laptop? Another example, the Chinese Laptop.. Staff member takes laptop to China Laptop gets infected with ‘Drive/Share’ virus. Staff member hands USB drive around. 5+ machines get infected…

12 Conclusion Firewalls don’t make you secure. Good network practices keep you secure. Successful attacks often start inside. Getting inside is the biggest hurdle. Using your staff against you make it easier. VPNs need to be considered carefully. »Enforce controls about what can connect. »Ensure good home hygiene if you use VPNs Monitor your internal network. Consider your internal network “Hostile” if you allow external access. Laptops are equivalent to home machines.

13 The Last Word Be proactive. Look for problems. »Use scanning tools internally. »Use IDSs. »Give access to those who need it. Don’t make things too difficult for users. »Making it more difficult for users will result in users making it easier for themselves.

14 Thank You Matthew Sullivan

Download ppt "Your Users, Friend or Foe? Matthew Sullivan IT Security Manager, the University of Canberra Creator, the Spam and Open Relay Blocking System (SORBS)"

Similar presentations

7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
Introducing Kaspersky OpenSpace TM Security Introducing Kaspersky ® OpenSpace TM Security Available February 15, 2007.

Introducing Kaspersky OpenSpace TM Security Introducing Kaspersky ® OpenSpace TM Security Available February 15, 2007.
Trojan Horse Program Presented by : Lori Agrawal.

Trojan Horse Program Presented by : Lori Agrawal.
Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.

Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
Firewalls and Intrusion Detection Systems

Firewalls and Intrusion Detection Systems
Malicious Attacks By: Albert, Alex, Andon, Ben, Robert.

Malicious Attacks By: Albert, Alex, Andon, Ben, Robert.
Exam ● On May 15, at 10:30am in this room ● Two hour exam ● Open Notes ● Will mostly cover material since Exam 2 ● No, You may not take it early.

Exam ● On May 15, at 10:30am in this room ● Two hour exam ● Open Notes ● Will mostly cover material since Exam 2 ● No, You may not take it early.
Annual Safety & Security Briefing - 9/22/04 Teresa Downey – SLAC Computer Security Group & SCS Applications Group.

Annual Safety & Security Briefing - 9/22/04 Teresa Downey – SLAC Computer Security Group & SCS Applications Group.
SIRT Contact Orientation Security Incident Response Team Departmental Security Contacts April 16, 2004.

SIRT Contact Orientation Security Incident Response Team Departmental Security Contacts April 16, 2004.
EMU/ICT Incident Response Team Firewall Access Session Presenter: IRT TEAM Member.

EMU/ICT Incident Response Team Firewall Access Session Presenter: IRT TEAM Member.
Kaspersky Open Space Security: Release 2 World-class security solution for your business.

Kaspersky Open Space Security: Release 2 World-class security solution for your business.
Morris Bennett Altman Director of Network Services Internet Security Officer Queens College, CUNY Are You Exposed? Network Security.

Morris Bennett Altman Director of Network Services Internet Security Officer Queens College, CUNY Are You Exposed? Network Security.
Automating Endpoint Security Policy Enforcement Computing and Networking Services University of Toronto.

Automating Endpoint Security Policy Enforcement Computing and Networking Services University of Toronto.
Social impacts of the use of it By: Mohamed Abdalla.

Social impacts of the use of it By: Mohamed Abdalla.
CS101 Lecture 14 Security. Network = Security Risks The majority of the bad things that can be done deliberately to you or your computer happen when you.

CS101 Lecture 14 Security. Network = Security Risks The majority of the bad things that can be done deliberately to you or your computer happen when you.
10 Tips for keeping MCL safe 1. Set up your defenses. Do you have adequate firewalls and antivirus software to protect you from hackers who could steal.

10 Tips for keeping MCL safe 1. Set up your defenses. Do you have adequate firewalls and antivirus software to protect you from hackers who could steal.
Stuart Cunningham - Computer Platforms - 2003 COMPUTER PLATFORMS Computer & Network Security & User Support & Training Week 11.

Stuart Cunningham - Computer Platforms COMPUTER PLATFORMS Computer & Network Security & User Support & Training Week 11.
PPD & CLRC's response to the (IS) Security Threat Gareth Smith PPD/CG Christmas Lectures 2002.

PPD & CLRC's response to the (IS) Security Threat Gareth Smith PPD/CG Christmas Lectures 2002.
UNM IT Managed Workstations. Benefits of Managed Workstations  Standard software with uniform configuration ensures end users have the same set of applications.

UNM IT Managed Workstations. Benefits of Managed Workstations  Standard software with uniform configuration ensures end users have the same set of applications.

Similar presentations

Ads by Google