Lecture 19 Page 1 CS 236 Online Securing Your System CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Slides:



Advertisements
Similar presentations
SESSION ID: Continuous Monitoring with the 20 Critical Security Controls SPO1-W02 Wolfgang Kandek CTO.
Advertisements

Day anti-virus anti-virus 1 detecting a malicious file malware, detection, hiding, removing.
CERT ® System and Network Security Practices Presented by Julia H. Allen at the NCISSE 2001: 5th National Colloquium for Information Systems Security Education,
Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Security Awareness: Applying Practical Security in Your World Chapter 6: Total Security.
Computer Security: Principles and Practice
SELECTING AND IMPLEMENTING VULNERABILITY SCANNER FOR FUN AND PROFIT by Tim Jett and Mike Townes.
Citadel Security Software Presents Are you Vulnerable? Bill Diamond Senior Security Engineer
Desktop Security: Worms and Viruses Brian Arkills, C&C NDC-Sysmgt.
Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
P6 - CONFIGURE THE SOFTWARE. CONFIGURE SOFTWARE Most software can be configured to suit an individual user, for example by changing the appearance of.
Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)
Staying Safe. Files can be added to a computer by:- when users are copying files from a USB stick or CD/DVD - downloading files from the Internet - opening.
What if you suspect a security incident or software vulnerability? What if you suspect a security incident at your site? DON’T PANIC Immediately inform:
Endpoint Control. Module Objectives By the end of this module participants will be able to: Define application detection lists to monitor applications.
Hands-On Microsoft Windows Server 2003 Administration Chapter 2 Managing Windows Server 2003 Hardware and Software.
E-Security: 10 Steps to Protect Your School’s Network NEN – the education network.
Administrator Protect against Malware by: Brittany Slisher and Gary Asciutto.
PATCH MANAGEMENT: Issues and Practical Solutions Presented by: ISSA Vancouver Chapter March 4, 2004.
Lecture 18 Page 1 CS 136, Spring 2014 Security Your System CS 136 Computer Security Peter Reiher June 5, 2014.
 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.
Lecture 15 Page 1 Advanced Network Security Perimeter Defense in Networks: Firewalls Configuration and Management Advanced Network Security Peter Reiher.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Rebecca Pritchard.
Unit 6b System Security Procedures and Standards Component 8 Installation and Maintenance of Health IT Systems This material was developed by Duke University,
Computer Security By Rachel Gaines. Computers are used for work, play, and everything in between. So here’s how to keep it fun and protected.
Lecture 16 Page 1 Advanced Network Security Perimeter Defense in Networks: Virtual Private Networks Advanced Network Security Peter Reiher August, 2014.
Lecture 13 Page 1 CS 236 Online Secure Programming CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
ISS SiteProtector and Internet Scanner LanAdmin Group Meeting 12/8/2005.
Lecture 11 Page 1 CS 236 Online Customizing and Evolving Intrusion Detection A static, globally useful intrusion detection solution is impossible –Good.
Office of Campus Information Security Driving a Security Architecture by Assessing Risk Stefan Wahe Sr. Information Security Analyst.
Lecture 19 Page 1 CS 236 Online 16. Account Monitoring and Control Why it’s important: –Inactive accounts are often attacker’s path into your system –Nobody’s.
Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.
Microsoft Management Seminar Series SMS 2003 Change Management.
HO © 2012 Fluor. All rights reserved. Quick Wins in Vulnerability Management Classification: Confidential Owner: Michael Holcomb Approver: Phil.
Lecture 15 Page 1 CS 236 Online Prolog to Lecture 15 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Security fundamentals Topic 2 Establishing and maintaining baseline security.
Lecture 2 Page 1 CS 236 Online Prolog to Lecture 2 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Security Vulnerability Identification and Reduction Linda Cornwal, JRA1, Brno 20 th June 2005
CHAPTER 2 Laws of Security. Introduction Laws of security enable user make the judgment about the security of a system. Some of the “laws” are not really.
Computer Security By Duncan Hall.
Lecture 13 Page 1 CS 236 Online Styles of Intrusion Detection Misuse intrusion detection –Try to detect things known to be bad Anomaly intrusion detection.
IPv6 security for WLCG sites (preparing for ISGC2016 talk) David Kelsey (STFC-RAL) HEPiX IPv6 WG, CERN 22 Jan 2016.
 Introduction  Tripwire For Servers  Tripwire Manager  Tripwire For Network Devices  Working Of Tripwire  Advantages  Conclusion.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
Lecture 15 Page 1 CS 236 Online Evaluating Running Systems Evaluating system security requires knowing what’s going on Many steps are necessary for a full.
Security Vulnerability Detection and reduction Linda Cornwall MWSG, CERN 24 Feb 2005
Lecture 13 Page 1 CS 236 Online Intrusion Detection Systems CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
Information Systems CS-507 Lecture 32. Physical Intrusion The intruder could physically enter an organization to steal information system assets or carry.
Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.
ASHRAY PATEL Securing Public Web Servers. Roadmap Web server security problems Steps to secure public web servers Securing web servers and contents Implementing.
Welcome Information Security Office Services Available to Counties Security Operations Center Questions.
Lecture 18 Page 1 CS 136, Spring 2016 Securing Your System Computer Security Peter Reiher June 2, 2016.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.
● The most common website platform ● User friendly-easy to edit ● Constantly improving-updates, plugins, themes Why WordPress?
Lecture 14 Page 1 CS 236 Online Secure Programming CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Lecture 19 Page 1 CS 236 Online 6. Application Software Security Why it’s important: –Security flaws in applications are increasingly the attacker’s entry.
Securing Your System Computer Security Peter Reiher March 16, 2017
Working at a Small-to-Medium Business or ISP – Chapter 8
Critical Security Controls
Common Methods Used to Commit Computer Crimes
Firewall Configuration and Administration
Putting It All Together
Putting It All Together
Leverage What’s Out There
Implementing and Auditing the Critical Controls
16. Account Monitoring and Control
6. Application Software Security
Presentation transcript:

Lecture 19 Page 1 CS 236 Online Securing Your System CS 236 On-Line MS Program Networks and Systems Security Peter Reiher

Lecture 19 Page 2 CS 236 Online Putting It All Together We’ve talked a lot about security principles And about security problems And about security mechanisms And about bad things that have really happened How do you put it all together to secure your system?

Lecture 19 Page 3 CS 236 Online Things That Don’t Work Just installing your machines and software and hoping for the best Simply buying a virus protection program and a firewall Running US government FISMA compliance procedures –Or any other paperwork-based method

Lecture 19 Page 4 CS 236 Online So What Will Work? One promising approach is outlined by SANS Institute Based on experiences of highly qualified security administrators The 20 Critical Security Controls –A checklist of things to watch for and actions to take –Technical, not policy or physical

Lecture 19 Page 5 CS 236 Online The 20 Critical Security Controls Developed primarily by US government experts Put into use in a few government agencies –With 94% reduction in one measurement of security risk Rolling out to other government agencies But nothing in them is specific to US government Prioritized list

Lecture 19 Page 6 CS 236 Online Nature of Controls General things to be careful about –Not specific bug fixes With more detailed advice on how to deal with each –Including easy things to do –And more advanced things if schedule/budget permits Mostly ongoing, not one-time

Lecture 19 Page 7 CS 236 Online How The SANS List Is Organized For each control, –Why it’s important –Quick win –Visibility/attribution –Configuration/Hygiene –Advanced With a little text on each Not all categories for all controls

Lecture 19 Page 8 CS 236 Online 1. Inventory of Devices on Your System Why is this important: –If you don’t know what you have, how can you protect it? –Attackers look for everything in your environment –Any device you ignore can be a point of entry –New devices, experimental devices, “temporary” devices are often problems –Users often attach unauthorized devices

Lecture 19 Page 9 CS 236 Online Quick Win Install automated tools that look for devices on your network Active tools –Try to probe all your devices to see who’s there Passive tools –Analyze network traffic to find undiscovered devices

Lecture 19 Page 10 CS 236 Online 2. Inventory of Software on Your System Why it’s important: –Most attacks come through software installed on your system –Understanding what’s there is critical to protecting it –Important for removing unnecessary programs, patching, etc.

Lecture 19 Page 11 CS 236 Online Quick Win Create a list of approved software for your systems Determine what you need/want to have running May be different for different classes of machines in your environment –Servers, clients, mobile machines, etc.

Lecture 19 Page 12 CS 236 Online 3. Secure Configurations for Hardware and Software Why it’s important: –Most HW/SW default installations are highly insecure –So if you use that installation, you’re in trouble the moment you add stuff –Also an issue with keeping configurations up to date

Lecture 19 Page 13 CS 236 Online Quick Wins Create standard secure image/configuration for anything you use If possible, base it on configuration known to be good –E.g., those released by NIST, NSA, etc. Validate these images periodically Securely store the images Run up-to-date versions of SW

Lecture 19 Page 14 CS 236 Online 4. Continuous Vulnerability Assessment and Remediation Why it’s important: –Modern attackers make use of newly discovered vulnerabilities quickly –So you need to scan for such vulnerabilities as soon as possible –And close them down when you find them

Lecture 19 Page 15 CS 236 Online Quick Wins Run a vulnerability scanning tool against your systems –At least weekly, daily is better Fix all flaws found in 48 hours or less Examine event logs to find attacks based on new vulnerabilities –Also to verify you scanned for them

Lecture 19 Page 16 CS 236 Online 5. Malware Defenses Why it’s important: –Malware on your system can do arbitrary harm –Malware is becoming more sophisticated, widespread, and dangerous

Lecture 19 Page 17 CS 236 Online Quick Wins Run malware detection tools on everything and report results to central location Ensure signature-based tools get updates at least daily Don’t allow autorun from flash drives, CD/DVD drives, etc. Automatically scan removable media on insertion Scan all attachments before putting them in user mailboxes

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.