Lecture 2 Page 1 CS 236 Online Prolog to Lecture 2 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Slides:

Advertisements

Similar presentations

Basic Computer Vocabulary

Advertisements

Microsoft ® Office Outlook ® 2007 Training Retrieve, back up, or share messages Sweetwater ISD presents:

Lecture 19 Page 1 CS 111 Online Protecting Operating Systems Resources How do we use these various tools to protect actual OS resources? Memory? Files?

Upgrading Software CIT 1100 Chapter4.

Lecture 12 Page 1 CS 111 Online Devices and Device Drivers CS 111 On-Line MS Program Operating Systems Peter Reiher.

PHYSICAL SECURITY Attacker. Physical Security Not all attacks on your organization's data come across the network. Many companies focus on an “iron-clad”

Computer Systems.

Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.

Chapter 7 Securing your Wireless Network (WIFI). Synopsis What is a wireless home network? What damage can a wireless network snoop do? Who are the snoopers?

Computers They're Not Magic! (for the most part)‏ Adapted from Ryan Moore.

CS101 Introduction to Computing Lecture 11 Operating Systems

Lecture 19 Page 1 CS 111 Online Security for Operating Systems: Cryptography, Authentication, and Protecting OS Resources CS 111 On-Line MS Program Operating.

Lecture 18 Page 1 CS 111 Online Design Principles for Secure Systems Economy Complete mediation Open design Separation of privileges Least privilege Least.

Lecture 4 Page 1 CS 236 Online Prolog to Lecture 4 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

BIT 286: Web Applications Work Breakdown Structure (WBS); Scheduling.

Lecture 10 Page 1 CS 236 Online Prolog to Lecture 10 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Chloe Miles IMPROVING PRODUCTIVITY USING IT. Menu Using Word Advantages Disadvantages Conclusion E-Safety Social Media Dangers of Social Media Sites Staying.

Lecture 15 Page 1 CS 236 Online Evaluating System Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Lecture 15 Page 1 Advanced Network Security Perimeter Defense in Networks: Firewalls Configuration and Management Advanced Network Security Peter Reiher.

CSCD 303 Essential Computer Security Spring 2013 Lecture 8 - Desktop Security OS Security Compared Reading: See References.

Lecture 13 Page 1 CS 236 Online Secure Programming CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Lecture 11 Page 1 Advanced Network Security Cryptography and Networks: IPSec and SSL/TLS Advanced Network Security Peter Reiher August, 2014.

Lecture 17 Page 1 CS 236 Online Privacy CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Lecture 19 Page 1 CS 236 Online 16. Account Monitoring and Control Why it’s important: –Inactive accounts are often attacker’s path into your system –Nobody’s.

Operating Systems Lesson Objective: Understanding the functions of an operating system. Learning Outcome: Answer some basic questions on operating systems.

Lecture 16 Page 1 CS 236 Online Web Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Technology Wednesday With Larry Heyman With Larry Heyman.

By: Victoria Cain CPU- the component of a computer system that PROCESSES basic operations of the system. Monitor- a cathode-ray tube used for display.

By: Sierra KileyBy: Sierra Kiley Computers. Why you should have a computer You can create documents, reports, & projects Can search the internet for information.

Lecture 13 Page 1 CS 236 Online Principles for Secure Software Following these doesn’t guarantee security But they touch on the most commonly seen security.

Chapter 1: Applying Computer Basics – Lesson 1 © 2010, 2006 South-Western, Cengage Learning.

Cover Letter YOUTH CENTRAL – Cover Letters & Templates

Lecture 15 Page 1 CS 236 Online Prolog to Lecture 15 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Lecture 19 Page 1 CS 236 Online Securing Your System CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Lecture 7 Page 1 CS 236 Online Authentication CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

CS101 Computer Software. Software Software is... Two main types of software are…

Today: Student will be able to describe the basics of their class and computing Tell me about you and how you use computers. Lesson 1 Slide 1.

Lecture 4 Page 1 CS 111 Online Modularity and Virtualization CS 111 On-Line MS Program Operating Systems Peter Reiher.

Lecture 17 Page 1 CS 236 Online Prolog to Lecture 17 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Lecture 3 Page 1 CS 236 Online Prolog to Lecture 3 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Lecture9 Page 1 CS 236 Online Operating System Security, Con’t CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Lecture 15 Page 1 CS 236 Online Evaluating Running Systems Evaluating system security requires knowing what’s going on Many steps are necessary for a full.

Lecture 8 Page 1 CS 236 Online Prolog to Lecture 8 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Lecture 3 Page 1 CS 236 Online Security Mechanisms CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Lecture 13 Page 1 CS 236 Online Intrusion Detection Systems CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Lecture 8 Page 1 CS 236, Spring 2008 Operating System Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.

Lecture 10 Page 1 CS 111 Online Memory Management CS 111 On-Line MS Program Operating Systems Peter Reiher.

Lecture 12 Page 1 CS 136, Spring 2009 Network Security: Firewalls CS 136 Computer Security Peter Reiher May 12, 2009.

Lecture 2 Page 1 CS 236 Online Security Policies Security policies describe how a secure system should behave Policy says what should happen, not how you.

Lecture 10 Page 1 CS 236 Online Encryption and Network Security Cryptography is widely used to protect networks Relies on encryption algorithms and protocols.

Lecture 18 Page 1 CS 236 Online Prolog to Lecture 18 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Lecture 9 Page 1 CS 236 Online Firewalls What is a firewall? A machine to protect a network from malicious external attacks Typically a machine that sits.

Lecture 19 Page 1 CS 236 Online 6. Application Software Security Why it’s important: –Security flaws in applications are increasingly the attacker’s entry.

Outline Basic concepts in computer security

Protecting Memory What is there to protect in memory?

DDoS In the Real World Do DDoS attacks really happen?

Protecting Memory What is there to protect in memory?

Firewall Configuration and Administration

Secure Software and the Law

Putting It All Together

Putting It All Together

DDoS In the Real World Do DDoS attacks really happen?

Where Malware Lives Most people expect malware in only one place –

Malcolm Days Mark Miners James Farnhill

Chapter 1: Applying Computer Basics – Lesson 1

Prolog to Lecture 2 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.

6. Application Software Security

Outline Introduction Memory protection Buffer overflows

Outline The concept of perimeter defense and networks Firewalls.

Presentation transcript:

Lecture 2 Page 1 CS 236 Online Prolog to Lecture 2 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher

Lecture 2 Page 2 CS 236 Online What’s This Prolog Stuff? When I can, I will add a short presentation to each lecture Discussing application of material from the previous or recent lectures Generally stuff that’s pretty timely

Lecture 2 Page 3 CS 236 Online Do We Really Care About Security? Security gets a lot of lip-service But is the community out there really behind it? –Particularly the industrial community that builds our software? Three recent stories suggest maybe not

Lecture 2 Page 4 CS 236 Online 1. Fun With Firewire Many computers have firewire interfaces –Especially laptops These interfaces allow direct access to memory –No access control –No nuthin’

Lecture 2 Page 5 CS 236 Online What’s That Mean? Anyone who hooks up a firewire device to your laptop doesn’t need to log in He can just read and alter the memory Proof-of-concept tool 1 allows you to own Windows machine in seconds – 1

Lecture 2 Page 6 CS 236 Online What’s the Response? “Well, duh, that’s what Firewire is supposed to do” In other words, we designed your computer to let anyone take it over –If they have physical access All this login stuff is just window dressing to impress the rubes

Lecture 2 Page 7 CS 236 Online 2. Backdoor Processors Many devices come with complete processors “hidden” inside –Printers, routers, storage devices, etc. They’re installed with complete OSes –Often very badly configured Allowing anyone access E.g., Samsung printers had default admin account (2012)

Lecture 2 Page 8 CS 236 Online The Implications If attacker knows about these, And you don’t, He’s got a hidden backdoor into your system Often these processors have network capabilities And can access the CPU you already knew you had

Lecture 2 Page 9 CS 236 Online What’s That Mean? The people who put these processors in neither knew nor cared about security System management (the purpose of them) was more important They didn’t care enough to even mention they were there

Lecture 2 Page 10 CS 236 Online 3. Apple Patching Everyone knows Macs are “more secure” than Windows machines Well, they’re not Study 1 shows Apple: –Has more vulnerabilities –Takes longer to patch them –Suffers more attacks on unpatched flaws 1

Lecture 2 Page 11 CS 236 Online What’s That Mean? Apple wasn’t entirely honest about really caring about security They weren’t spending the money to patch flaws –And they have plenty to patch They’re talking the talk, not walking the walk

Lecture 2 Page 12 CS 236 Online The General Lesson Just because people say they care about security doesn’t mean they do Many decisions seem to be made without even considering security implications