SLAC COMPUTER SECURITY AntiVirus Process Marilyn Cariola Heather Larrieu (audio) Chris Mayfield October 14, 2008 1.

Slides:

Advertisements

Similar presentations

Let’s Talk About Cyber Security

Advertisements

For further information computersecurity.wlu.ca

Mr C Johnston ICT Teacher

Part 2 of Evil Lurking in Websites Data Security at the University of Wisconsin Oshkosh.

Safe IT – Protect your computer and Family from unwanted programs viruses and websites.

McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module H Computer Crime and Digital Forensics.

Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

IDENTITY THEFT ARE YOU SAFE?. HOW DOES THIS HAPPEN TO ME? Internet “Security “ When using a public computer, never access any vital accounts like banking.

Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.

Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Project By Ben Woodard ISC 110 Professor: Dr. Elaine Wenderholm.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Threats and ways you can protect your computer. There are a number of security risks that computer users face, some include; Trojans Conficker worms Key.

Fermi Computer Incident Response Team Computer Security Awareness Day March 8, 2005 Michael Diesburg.

Protecting Yourself Antivirus Programs By: Stephanie Shaughnessy.

Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.

eScan Total Security Suite with Cloud Security

First Community Bank Prevx Safe Online Rollout & Best Practice Presentation.

Week 5 IBS 520 Computer and Online Security. Cybercrime Online or Internet- based illegal acts What is a computer security risk? Computer crime Any illegal.

Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.

Security for Seniors SeniorNet Help Desk

Outline  Infections  1) r57 shell  2) rogue software  What Can We Do?  1) Seccheck  2) Virus total  3) Sandbox  Prevention  1) Personal Software.

Staying Safe. Files can be added to a computer by:- when users are copying files from a USB stick or CD/DVD - downloading files from the Internet - opening.

Virus & Anti-Virus Itthiwat Phiphopsukhawadee M.2/7 No.5 Saranpat Prasertthum M.2/7 No.17 Korakrit Laotrakul M.2/7 No.23 Pesan Kasemkitjanuwat M.2/7 No.25.

The Utility Programs: The system programs which perform the general system support and maintenance tasks are known as utility programs. Tasks performed.

Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,

 We all know we need to stay safe while using the Internet, but we may not know just how to do that. In the past, Internet safety was mostly about.

Windows Vista Security Center Chapter 5(WV): Protecting Your Computer 9/17/20151Instructor: Shilpa Phanse.

Administrator Protect against Malware by: Brittany Slisher and Gary Asciutto.

September 29, 2009Computer Security Awareness Day1 Fermilab.

 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.

PC MANAGER MEETING January 23, Agenda  Next Meeting  Training  Windows Policy  Main Topic: Windows AV Service Review.

A computer virus is a computer program that can replicate itself and spread from one computer to another. The term "virus" is also commonly, but erroneously.

Desktop computer security policies Applies to ALL computers connecting to the PathStone network irrespective of device ownership.

PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, WITH THANKS TO.

Return to the PC Security web page Lesson 5: Dealing with Malware.

We are here to help you… Fight something like this Brownies !

Phillip Dinh, Fofanova, 1301, UH Internet Security By Phillip Dinh 1301 Spring 2007 University of Houston.

INTERNET: The Good, The Bad and The Ugly

Malicious Software.

IT Computer Security JEOPARDY RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands.

Copyright © 2015 Cyberlight Global Associates Cyberlight GEORGIAN CYBER SECURITY & ICT INNOVATION EVENT 2015 Tbilisi, Georgia19-20 November 2015 Hardware.

Cyber Safety Mohammad Abbas Alamdar Teacher of ICT STS Ajman – Boys School.

1 Computer Technician Computer Software: Types, Setup, and Ethical Boundaries Copyright © Texas Education Agency, All rights reserved.

Spyware, Adware & Malware JEEP HOBSON JEEP HOBSON ITE-130 ITE-130 SPRING 2007 SPRING 2007.

Mr C Johnston ICT Teacher BTEC IT Unit 09 - Lesson 11 Network Security.

COMPUTER VIRUSES By James Robins. THE IMPACT OF VIRUSES By James 2.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,

DEVICE MANAGEMENT AND SECURITY NTM 1700/1702. LEARNING OUTCOMES 1. Students will manipulate multiple platforms and troubleshoot problems when they arise.

Information Systems CS-507 Lecture 32. Physical Intrusion The intruder could physically enter an organization to steal information system assets or carry.

Zeus Virus By: Chris Foley. Overview  What is Zeus  What Zeus Did  The FBI investigation  The virus for phones  Removal and detection  Conclusion.

Android and IOS Permissions Why are they here and what do they want from me?

General Information: This document was created for use in the "Bridges to Computing" project of Brooklyn College. You are invited and encouraged to use.

1. Definition : Malicious code refers to a program that is covertly inserted into another program with the intent to Malicious activities. 2.

For more information on Rouge, visit:

Botnets A collection of compromised machines

Managing Windows Security

Three steps to prevent Malware infection

Detailed Info for Auto-Protect Feature of Norton Antivirus.

A Trojan is a computer program that contains the malicious code and it misleads users and user's computer. It aims to designed to perform something is.

Botnets A collection of compromised machines

Get Rid of a Trojan Horse? Even with a competent anti-virus installed, PCs could still be susceptible to malicious programs such.

How to keep the bad guys out and your data safe

1.2.2 Security aspects • Show understanding of the security aspects of using the Internet and understand what methods are available to help minimise the.

IP Addresses & Ports IP Addresses – identify a device on a network

Presentation transcript:

SLAC COMPUTER SECURITY AntiVirus Process Marilyn Cariola Heather Larrieu (audio) Chris Mayfield October 14,

SLAC COMPUTER SECURITY Computer Security AntiVirus Source: Quarterly Report PandaLabs – July-Sept 08

SLAC COMPUTER SECURITY Malicious Software More trojan attacks Coming via web browsing Using SQL injections techniques Battery of exploit attempts –3 rd party applications –OS vulnerabilities Goal is Silent Infection –Trojan.ZLOB –Trojan.PANDEX –Trojan.ASPROX 3

SLAC COMPUTER SECURITY What you see 4

SLAC COMPUTER SECURITY Virus Alert Alert: Virus Found Computer: XXXXXXXXXXXXX Virus: Trojan Horse Path: C:\WINDOWS\Temp\VBR49FD.exe Date: 9/29/2008 Time: 9:54:46 AM Severity: Critical Requested Action: Clean Action Taken: Leave Alone User: XXXXXXXXXXXXX Source: Symantec AntiVirus Corporate Edition 5

SLAC COMPUTER SECURITY AV Process & Actions Type (1) Actions AVCyberAdminUser Trojan horse, SpywareLeave alone, access denied, undefined Isolate/ Scan (2) format and rebuild (3) Change password AdwareLeave alone, access denied, undefined Scan (2) Chg pwd WormLeave alone, access denied, undefined Scan (2) Chg pwd VirusLeave alone, access denied, undefined Scan (2) Chg pwd Trojan horse, SpywareClean, quarantine, delete Scan (2) Chg pwd AdwareClean, quarantine, deleteNone WormClean, quarantine, deleteNone VirusClean, quarantine, deleteNone Notes: 1.The results of malware research could change the actions to be taken 2.All scans must be full AV scans in safe mode with system restore turned off. a)Results need to be shared with Cyber, screen captures or exported files. b)Depending on the results of the scan, further actions could include format and rebuild or Cyber taking the computer or hard drive for further investigation. 3.Computer security may not request a rebuild if the virus is found in cache. 4.Computers used to access personally identifiable information (PII) will receive more scrutiny when they generate virus alerts.. 6

SLAC COMPUTER SECURITY Other Actions Additional viruses or issues –Isolate / scan / rebuild Several (3 or more) alerts on same computer / same day –Isolate / scan / rebuild Unauthorized / prohibited software –Must be removed –Some cases sent to HR 7

SLAC COMPUTER SECURITY Further Review Affirmative duty to report abuse of SLAC resources Device taken, including USB devices –Illegally licensed software –Hacker tools Key generators, password sniffing, vulnerability assessment –Illicit material Pornography, gambling, evidence of running a personal business Reported to HR 8

SLAC COMPUTER SECURITY 9

SLAC COMPUTER SECURITY References 10 Computer Security website –Restricted/Prohibited softwareRestricted/Prohibited software Policies –Limited Personal Use of Government Office Equipment including Information TechnologyLimited Personal Use of Government Office Equipment including Information Technology –Use of SLAC Information ResourcesUse of SLAC Information Resources

SLAC COMPUTER SECURITY Questions / answers / discussion 11 What would happen if we didn’t do this? –A computer gets compromised Becomes a bot for additional attacks Information is lost –During a Site Assessment Non-job related data is found –Unlicensed / illegal software –Pornography SLAC fined, lose contract?