Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introduction to Secure Shell Greg Porter Data Processing Manager USPFO For California.

Similar presentations


Presentation on theme: "Introduction to Secure Shell Greg Porter Data Processing Manager USPFO For California."— Presentation transcript:

1 Introduction to Secure Shell Greg Porter Data Processing Manager USPFO For California

2 What Me, Worry? Network based attacks on the upswing DOD systems are a particular focus –‘Innocuous Hackers’ - Bored teenagers? –‘Military Hackers’ - Hostile nations attack critical infostructures –‘Professional or Contract Hackers’ - May focus on financial or procurement systems to gain an competitive edge

3 Current System Communication Critical infostructures, particularly at the USPFO, rely upon network protocols not designed for security Specifically, Telnet and FTP exchange passwords and information in cleartext

4 The Net Reacts… Telnet, FTP and other insecure services replaced by Secure Shell Open Protocol - Internet Draft Implemented both commercially and Open Source

5 What Secure Shell Does Log into, execute commands on, and moves files from/to a remote computer Provides strong authentication –Not tied to a particular authentication method, can use most common ones Provides secure communication –Not tied to a particular encryption method, can use most common ones

6 Secure Shell Protects Against: Interception of cleartext passwords and data IP Spoofing, where an intruder pretends to be a trusted host IP Source Routing, where intruder packets masquerade with a friendly source address DNS Spoofing, where an intruder forges name server records SSH never trusts the net; somebody hostile who has taken over the network can only force SSH to disconnect, but cannot decrypt or play back the traffic, or hijack the connection

7 Implementation Server side –Unix implementation free and straightforward –Other platforms commercially supported Client side –Unix clients - Free and readily available –Windows clients - Available commercially

8 Recommendations Direct affected users to implement Secure Shell. Fund nationwide purchase of Windows clients. Explore replacing services on other platforms (i.e. NT) with Secure Shell. California has extensively tested the Secure NetTerm Windows client (www.securenetterm.com). This works with all NGB applications in common use at USPFOs. Cost: About $25 a seat (for 500 clients). Bulk discounts available.


Download ppt "Introduction to Secure Shell Greg Porter Data Processing Manager USPFO For California."

Similar presentations


Ads by Google