Recent Security Threats & Vulnerabilities Computer security Bob Cowles HEPiX, Fall 2004 – Brookhaven, NY, USA Work supported.

Slides:



Advertisements
Similar presentations
Recent Security Threats & Vulnerabilities Computer security Bob Cowles HEPiX, Spring 2004 – Edinburgh, UK Work supported by.
Advertisements

Thank you to IT Training at Indiana University Computer Malware.
Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
By Hiranmayi Pai Neeraj Jain
Day anti-virus anti-virus 1 detecting a malicious file malware, detection, hiding, removing.
7 Effective Habits when using the Internet Philip O’Kane 1.
Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.
How to avoid Viruses and Malware on your Computer Use a firewall Using a firewall is like locking the front door to your house—it helps keep intruders.
Windows Security Tech Talk 9/25/07. What is a virus?  A computer program designed to self replicate without permission from the end user  The program.
Don’t Lose Your Identity – Protect Yourself from Spyware Dan Frommer Sherry Minton.
Annual Safety & Security Briefing - 9/22/04 Teresa Downey – SLAC Computer Security Group & SCS Applications Group.
How You Can Protect Yourself from Cyber-Attacks Ian G. Harris Department of Computer Science University of California Irvine Irvine, CA USA
How to Protect Your PC Grayware Adware, Malware, Spyware.
What’s New in WatchGuard XCS 10.0 Update 3 WatchGuard Training.
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
Computer Security Update Bob Cowles, SLAC stanford.edu Presented at HEPiX - TRIUMF 23 Oct 2003 Work supported by U. S. Department of Energy.
Kaspersky Open Space Security: Release 2 World-class security solution for your business.
Security. Physical security Protection from fire/water Protection from dust and extremes of temperature.
GET CONTROL! Avoid The Headache… Five Simple Steps to a Safer Computer – NUIT Tech Talk.
1 Computer Security: Protect your PC and Protect Yourself.
Practical PC, 7 th Edition Chapter 9: Sending and Attachments.
Chapter Nine Maintaining a Computer Part III: Malware.
2851A_C01. Microsoft Windows XP Service Pack 2 Security Technologies Bruce Cowper IT Pro Advisor Microsoft Canada.
Microsoft October 2004 Security Bulletins Briefing for Senior IT Managers updated October 20, 2004 Marcus H. Sachs, P.E. The SANS Institute October 12,
SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.
Computer Security Update Bob Cowles, SLAC stanford.edu Presented at RAL 09 Dec 2002 Work supported by U. S. Department of Energy contract.
Trojan Horse Implementation and Prevention By Pallavi Dharmadhikari Sirisha Bollineni VijayaLakshmi Jothiram Vasanthi Madala.
Security for Seniors SeniorNet Help Desk
Cyber Patriot Training
Outline  Infections  1) r57 shell  2) rogue software  What Can We Do?  1) Seccheck  2) Virus total  3) Sandbox  Prevention  1) Personal Software.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Tutorial 11 Installing, Updating, and Configuring Software
Staying Safe Online Keep your Information Secure.
Windows Vista Security Center Chapter 5(WV): Protecting Your Computer 9/17/20151Instructor: Shilpa Phanse.
CERN’s Computer Security Challenge
Securing Your Home Computer Securing Your Home Computer Jay Ferron ADMT, CISM, CISSP, MCDBA, MCSE, MCT, NSA-IAM.
COMPREHENSIVE Windows Tutorial 5 Protecting Your Computer.
Understanding the Risks Is Safe Computing Possible? Bob Cowles TERENA Conference 2005 – Poznań, Poland Work supported by U.
CIS 460 – Network Design Seminar Network Security Scanner Tool GFI LANguard.
Honeypot and Intrusion Detection System
ITIS 1210 Introduction to Web-Based Information Systems Chapter 45 How Hackers can Cripple the Internet and Attack Your PC How Hackers can Cripple the.
1 Internet Browsing Vulnerabilities and Security ECE4112 Final Lab Ye Yan Frank Park Scott Kim Neil Joshi.
SMS 2003 Deployment and Managing Windows Security Rafal Otto Internet Services Group Department of Information Technology CERN 26 May 2016.
Computer viruses are small software programs that are made to spread from one computer to another and to interfere with computer operations. There are.
Network problems Last week, we talked about 3 disadvantages of networks. What are they?
1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.
Interception and Analysis Framework for Win32 Scripts (not for public release) Tim Hollebeek, Ph.D.
1 CERN’s Computer Security Challenges Denise Heagerty CERN Computer Security Officer Openlab Security Workshop, 27 Apr 2004.
Computer Security Update Bob Cowles, SLAC stanford.edu Presented to HEPiX at Fermilab 23 Oct 2002 Work supported by U. S. Department of Energy.
Client-based Application Attacks Adli Abdul Wahid Dept. of Comp. Science, IIUM
Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Backdoors and Rootkits.
Internet Security and Your Computer Welcome to Boot Camp.
Computer Security Status Update FOCUS Meeting, 28 March 2002 Denise Heagerty, CERN Computer Security Officer.
NetTech Solutions Protecting the Computer Lesson 10.
Internet Security. 2 Computers on the Internet are almost constantly bombarded with viruses, other malware and other threats.
Computer Security Status C5 Meeting, 2 Nov 2001 Denise Heagerty, CERN Computer Security Officer.
Recent Security Threats & Vulnerabilities Computer security Bob Cowles HEPiX, Fall 2005 – SLAC Work supported by U. S. Department.
Bay Ridge Security Consulting (BRSC). Importance in Securing System  If don’t keep up with security issues or fixes Exploitation of root access Installation.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Exchange and Anti-Virus Teresa Downey SLAC.
Vulnerabilities in Operating Systems Michael Gaydeski COSC December 2008.
SSH. 2 SSH – Secure Shell SSH is a cryptographic protocol – Implemented in software originally for remote login applications – One most popular software.
Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.
Internet security for the home Paul Norton MEng(Hons) MIEE Electronic engineer working for Pascall Electronics Ltd. on the Isle of Wight A talk on Internet.
NETWORK SECURITY LAB 1170 REHAB ALFALLAJ CT1406. Introduction There are a number of technologies that exist for the sole purpose of ensuring that the.
Three steps to prevent Malware infection
Home Computer Security
Protect Your Computer Against Harmful Attacks!
Information Security Session October 24, 2005
Presentation transcript:

Recent Security Threats & Vulnerabilities Computer security Bob Cowles HEPiX, Fall 2004 – Brookhaven, NY, USA Work supported by U. S. Department of Energy contract DE-AC02-76SF00515

18 October 2004HEPiX - Fall Windows uRecent Windows Vulnerabilities uWindows patching uPhishing and viruses uWeb exposures (IE) uSpyware uXP SP2

18 October 2004HEPiX - Fall Recent Windows Vulnerabilities uASP.NET path vulnerability uGDI+ jpeg (can’t just block jpegs) uIE patches – lots; Outlook Express update uNetDDE (not enabled by default) uWindows shell (exploit thru web) uIIS (document footer javascript) uAllows code execution: NNTP; SMTP, zipped folders; Excel; WP converter; HTML Help; Task Scheduler; POSIX (old sys)

18 October 2004HEPiX - Fall Windows Patching uPatches do _NOT_ get ed to you! uWindows systems in Active Directory can be patched automatically (mostly) uOffsite users must do their own patching uMay investigate ”bigfix” as partial solution l Support for Linux / Macintosh l Non-Ad users l Non Microsoft software (winzip, realplayer, acrobat) l

18 October 2004HEPiX - Fall 20045

18 October 2004HEPiX - Fall Recent Phishing

18 October 2004HEPiX - Fall Attacks & Protection uPhishing = s (and phonecalls) engineered to get information from you or just to get you to click and download virus uNeed to have Multi-Level Protection l gateways strip attachments l Exchange/desktop AV detects & removes l Gateway tags as [SPAM:###] if a link in the e- mail would download malicious code

18 October 2004HEPiX - Fall Don’t Take the Bait

18 October 2004HEPiX - Fall Forged FDIC

18 October 2004HEPiX - Fall Fake FDIC Website

18 October 2004HEPiX - Fall Real FDIC Website

18 October 2004HEPiX - Fall With Virus Attached

18 October 2004HEPiX - Fall AD & SUS->WUS uProblematic patching l Office vs.Windows Update l Require product CD? uXP will have improvements (someday) l Who let them name it WUS? l But sites still must address non-MS software

18 October 2004HEPiX - Fall Viruses uMore sophistication uRun automatically uLeave backdoors; smtp for spam uKeyboard loggers uAlert Oct 18, 2004 – bypass AV for McAfee, CA, Sophos, Kaspersky, Eset, RAV zip file checking

18 October 2004HEPiX - Fall IE Exposures uUnpatched vulnerabilities uCannot escape IE (but can control) uXP SP2 has fixed some problems uThere is still problem of user knowledge

18 October 2004HEPiX - Fall Spyware uInvade privacy uKeyloggers compromise security uAllowed by some AV products l User agrees to software’s actions through license agreement uUS state and federal legislation will solve the problem (just like with SPAM) - NOT

18 October 2004HEPiX - Fall XP SP2 uProblem areas l Spyware causes bluescreen l Popup blocking causes problems w/ some sites l Multiple firewalls cause conflicts uNeed to allow vulnerability scanning l ICMP off by default (no ping response) l Open ports fo file / print sharing or l Run software agent that can be “contacted”

18 October 2004HEPiX - Fall Unix & Linux uLocal Exploits = Remote Exploits uSamba uLSF – rtok lsadmin eauth uPHP in web servers uchown udrivers (sparse code chking tool) usendmail usshd – scanning for weak passwords

18 October 2004HEPiX - Fall Fedora uSupports RH 7.3 and RH 9 uSecurity fixes can take several months after vulnerability is announced uLarge pkg of fixes released Oct 18, 2004 uISO9660, Soundblaster, file offset pointers, nfs group ID, drivers, several integer oveflows, other DOS, memory leaks, information leaks.

18 October 2004HEPiX - Fall Universities & Labs uExploits against Solaris, AIX, Linux uAttacker(s) are knowledgeable uInstall SK rootkit on Linux uInstall trojaned sshd l gets passwords from keyboard/tty entry l accesses RSA keys l CERN break-in (LXPLUS) recent example (LSF) uAre one time password tokens in your future?

18 October 2004HEPiX - Fall Universities and Labs (cont) uUser “klogd” scans for open X sessions uForwards captured passwds thru port 8181 uUsed on patched machines uJust notified sites in US (USC, UCSB, NYU, Princeton, PSU, etc) of problems. uAlso RAL, Fermilab, SLAC, Cornell, Bristol, INFN, Stanford

18 October 2004HEPiX - Fall Cisco uCatOS – Telnet, HTTP, SSH uBGP – another DOS

18 October 2004HEPiX - Fall Macintosh uSafari – open in browser; javascript uDisk image mounter ulibpng ukerberos ursync uOpenSSH uiChat uQuickTime

18 October 2004HEPiX - Fall Other Vulnerabilities uAXIS video camera and server uIM – gaim, AIM & Yahoo Messenger uCVS uRealPlayer uWinzip uWeb HP JetAdmin uAcrobat Reader 6.0 uFirewire (announced Nov 11)

18 October 2004HEPiX - Fall uEvils of HTML l It’s big & it hides bad stuff uPhishing scams l Citibank, eBay, PayPal, Wells Fargo uOutlook 2003 setting (reg for Outlook XP) uNew default for Outlook Express

18 October 2004HEPiX - Fall Outlook 2003 Tools -> Options -> Preferences

18 October 2004HEPiX - Fall Final Thoughts uAttacks coming faster; attackers getting smarter uNo simple solution works l Patching helps l Firewalls help l AV & attachment removal help l Encrypted passwords/tunnels help uYou can’t be “secure”; only “more secure” uWe must share information better

What is the Most Important Component of Computer Security? YOU!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.