Presentation is loading. Please wait.

Presentation is loading. Please wait.

ATS 6 - 1 The Art of Tech Support John Abbott College InfoSec for Tech Support -- Part 1 M. E. Kabay, PhD, CISSP Director of Education, NCSA President,

Similar presentations

Presentation on theme: "ATS 6 - 1 The Art of Tech Support John Abbott College InfoSec for Tech Support -- Part 1 M. E. Kabay, PhD, CISSP Director of Education, NCSA President,"— Presentation transcript:


2 ATS The Art of Tech Support John Abbott College InfoSec for Tech Support -- Part 1 M. E. Kabay, PhD, CISSP Director of Education, NCSA President, JINBU Corp Copyright © 1997 JINBU Corp. All rights reserved

3 ATS Security for Technical Support Personnel l Basic concepts of security l Information Warfare l Hardware security l Software security l Communications security l Problems for People l Operations Security l Solutions

4 ATS Definitions Classical definitions l Protection of information from unauthorized or accidential modification, destruction and disclosure. l C - I - A: InfoSec protects confidentiality, integrity and availability of data.

5 ATS Definitions (contd) Donn B. Parkers Hexad l Confidentiality and possession l Integrity and authenticity l Availability and utility

6 ATS Confidentiality Restricting access to data l Protecting against unauthorized disclosure of existence of data – E.g., allowing industrial spy to deduce nature of clientele by looking at directory names l Protecting against unauthorized disclosure of details of data – E.g., allowing 13-yr old girl to examine HIV+ records in Florida clinic

7 ATS Possession Control over information l Preventing physical contact with data – E.g., case of thief who recorded ATM PINs by radio (but never looked at them) l Preventing copying or unauthorized use of intellectual property – E.g., violations by software pirates

8 ATS Integrity Internal consistency, validity, fitness for use l Avoiding physical corruption – E.g., database pointers trashed or data garbled l Avoiding logical corruption – E.g., inconsistencies between order header total sale & sum of costs of details

9 ATS Authenticity Correspondence to intended meaning l Avoiding nonsense – E.g., part number field actually contains cost l Avoiding fraud – E.g., senders name on is changed to someone elses

10 ATS Availability Timely access to data l Avoid delays – E.g., prevent system crashes & arrange for recovery plans l Avoid inconvenience – E.g., prevent mislabelling of files

11 ATS Utility Usefulness for specific purposes l Avoid conversion to less useful form – E.g., replacing dollar amounts by foreign currency equivalent l Prevent impenetrable coding – E.g., employee encrypts source code and forgets decryption key

12 ATS E&O Fire Water Dishonest Disgruntled Outsider Threats Rough Guesses About Damage to Computer Systems & Data Virus

13 ATS VIDEO: Locking the Door Commonwealth Films Boston, MA Take detailed notes on the following video and submit a one- page or longer summary covering the six case studies and what lesson you learned from each. Submit your report as part of your homework.

14 ATS Information Warfare l Tools of Attack l Levels of InfoWar – Interpersonal – Intercorporate – International 13

15 ATS Tools of Infowar l Penetration – Breaking into computer systems and networks l Disruption – Programmatic Attacks – Physical Interference 14

16 ATS Penetration Techniques Breaching security perimeters l Social engineering l Eavesdropping l Weak access controls l Brute-force attack l Traffic analysis l Data leakage 15

17 ATS Breaching Perimeters Social engineering l Dumpster diving l Impersonation l Piggybacking l Shoulder surfing l Seduction l Extortion l Blackmail l Bribery 16

18 ATS Breaching Perimeters Eavesdropping l Surveillance equipment l Wiretaps l LAN sniffers l Internet sniffers l Trojan login programs 17

19 ATS Breaching Perimeters Weak access controls l Bad password policies – Canonical passwords – JOE accounts – Restricted keyspace l Wide-open modems 18

20 ATS Breaching Perimeters Brute-force attack l Login guidance l Fast logins l Dictionary guessing l Cracker programs 19

21 ATS Breaching Perimeters Traffic analysis l Communications bandwidth l Directory names l Filenames l Public security restrictions 20

22 ATS Breaching Perimeters Data leakage l Poor PC data security l Standardized data formats l High-capacity miniature storage media l Limited or no physical controls l Steganography 21

23 ATS Malicious Code l Trojan Horses l Worms l Viruses – boot sector – program infectors – macro l Memes 22

24 ATS Trojan Horses Programs that pretend to be useful but actually cause harm l 1988: Flu-Shot-3 (good) vs Flu-Shot-4 (Trojan) l 1989: PC Cyborg (AIDS Info) Trojan l 1994: Trojan login programs for UNIX l 1995: PKZIP300.EXE & AOL-GOLD programs 23

25 ATS Worms l Free-standing programs that replicate or spread in network l 2 Nov 1988: R. T. Morris launches the Morris Worm – 9000 systems went down – Internet grossly disrupted – Morris sentenced to 400 hrs + 3 yr probation + $10,000 fine 24

26 ATS Viruses l Boot sector l Program infectors l Macro 25

27 ATS VIDEO: Computer Viruses NCSA Carlisle, PA Take detailed notes on the following video and submit a one- paragraph or longer summary of what you learned. Submit your report as part of your homework. 26

28 ATS Viruses l Boot sector

29 ATS Viruses l Program infectors

30 ATS Viruses l Macro

31 ATS Memes Rumours spread fast on the Net l Meme (Richard Dawkins) is self- reproducing idea (with help from people) l Good Times Virus hoax (Nov 1994-present) l Deeyenda Virus (Nov ?) l Craig Shergold avalanche of postcards l Chain letters l DO NOT FORWARD UNVERIFIED RUMOURS 30

32 ATS Disruption Physical interference l Theft of equipment and components – RAM – Processors l Sabotage l HERF guns l EMPT bombs 31

33 ATS Hardware Security l Configuration Problems l Uncontrolled Access to Data l Theft of Equipment 32

34 ATS Hardware: Configuration l Unrecorded changes to RAM, disk size, I/O interfaces l Unauthorized changes (Midnight requisitions) l Problems for Tech Support – difficulty solving problems with wrong info – misleading information (e.g., No, nothing has changed but actually half the RAM is gone) – waste of time for everyone (multiply hours by salary and add lost customers = cost) 33

35 ATS Hardware: Points of Data Access l Proliferation of workstations (personal computers) increases access to corporate data l Most PCs not secured: anyone can use them l Most PCs left logged into to network--open door for abuse 34

36 ATS Hardware: Theft l Losses of office equipment are common and expensive l 7% of all laptop computers are stolen every year l Cost of hardware replacement is one (minor) component of loss l More serious is loss of data – almost no data are encrypted – systems have no access controls – confidential info can be used or broadcast – may be subject of extortion attempts

37 ATS Software Security l Compatibility l Data Integrity l Theft 36

38 ATS Software: Compatibility l Many different software tools in use l Each has different schedule of patches, upgrades and new versions l Major logistics nightmare to keep all systems up to date l Incompatibilities lead to difficulties – persistence of tech support problems that have been solved by new versions – interference with problem solution because of faulty assumptions about versions – repeated extra work to convert files for interchange among users 37

39 ATS Software: Data Integrity l Errors creep into data during data entry – people dont verify their data – do not permit transcription of data l Multiple copies of data tend to diverge – e.g., spreadsheets may use data from different dates – can cause embarrassment and serious error l Accidental errors can change information l Deliberate damage to data by angry employees or by outsiders 38

40 ATS Software: Theft l Intellectual property rights frequently violated l Software purchased from vendor is usually a license to use a specific number of copies in a particular way on particular machines l Making copies without authorization is potentially a felony (jail time) l Upgrades to existing copies do not entitle licensee to give away or sell copies of previous version l More on this topic in section on Ethics 39

41 ATS Communications Security l Non-encrypting LANS – sniffers pick up data in the clear l Modems – dont usually encrypt data – provide uncontrolled – disable auto-answer until required l Wireless technology broadcasts data – radio – cellular – fundamentally insecure 40

42 ATS Internet Security l Sniffing l Spoofing l Denial of Service l Attacks on Web Sites 41

43 ATS Internet: Sniffing l Widely available software for TCP/IP capture of data packets l Trojan Horse versions of login programs l Consider all information sent through Internet to be potentially readable l But in fact very little evidence of credit-card theft through Net communications 42

44 ATS Internet: Spoofing Anonymity and pseudonymity account for most problems on the Net l No requirement at present for strong identification and authentication l Many ISPs allow pseudonyms for l Often impossible to track down anonymous or pseudonymous abusers of the Net l Criminal hackers almost universally use pseudonyms l Some criminal hackers and some spammers alter headers 43

45 ATS Internet: Denial of Service Serious problem facing the Net l Mail-bombing (e.g., vs Canter & Siegel) l USENET subscription bombing (e.g, Johnny [X]chaotic) l Syn-flooding (e.g., PANIX) l JAVA and JAVAscript bugs (e.g., multiple windows page) l ActiveX bugs (e.g., crashing Windows95) 44

46 ATS Internet: Attacks on Web Sites l Vandals deface public Web pages l Poor security over files l Recent highly-publicized cases: – Department of Justice (swastikas, porn) – CIA (Central Stupidity Agency) l Political sites at risk 45

47 ATS Problems for People l Multiple systems l Multiple logons l Multiple passwords l Lack of coordination l Corporature culture vs politeness 46

48 ATS Operations Security l Version control--see above in Software Compatibility l License control--see above in Software Theft l Audit trails--need to track access and changes l Quality control--verify that programs working as planned 47

49 ATS Homework: Readings in Wilsons text l Read Chapter 7, A Users Guide to Tech Support and prepare a summary of the key points in this chapter l Answer all the review questions from the instructor l Submit your chapter summaries, video summaries (2) and review questions after the quiz at the start of lecture 7

50 ATS

Download ppt "ATS 6 - 1 The Art of Tech Support John Abbott College InfoSec for Tech Support -- Part 1 M. E. Kabay, PhD, CISSP Director of Education, NCSA President,"

Similar presentations

Ads by Google