Recent Security Threats & Vulnerabilities Computer security Bob Cowles HEPiX, Fall 2005 – SLAC Work supported by U. S. Department.

Slides:



Advertisements
Similar presentations
Security in the NT Environment at SLAC HEPNT at CERN December 4, 1998 Bob Cowles, SLAC.
Advertisements

Day anti-virus anti-virus 1 detecting a malicious file malware, detection, hiding, removing.
Grid Security Users, VOs, Sites OSG Collaboration Meeting University of Washington Bob Cowles August 23, 2006 Work supported.
Recent Security Threats & Vulnerabilities Computer security Bob Cowles HEPiX, Fall 2004 – Brookhaven, NY, USA Work supported.
IDENTITY THEFT ARE YOU SAFE?. HOW DOES THIS HAPPEN TO ME? Internet “Security “ When using a public computer, never access any vital accounts like banking.
Annual Safety & Security Briefing - 9/22/04 Teresa Downey – SLAC Computer Security Group & SCS Applications Group.
What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:
Windows Malware: Detection And Removal TechBytes Tim Ramsey.
Coming Soon ! Google Prepared by Frank Saraceno.
Identity Theft and Safe Computing Keeping yourself You by good habits and good technology.
INTERNET THREATS AND HOW TO PROTECT YOUR COMPUTER -BRIAN ARENDT.
Computer Security Update Bob Cowles, SLAC stanford.edu Presented at HEPiX - TRIUMF 23 Oct 2003 Work supported by U. S. Department of Energy.
Title: The Internet LO: Security risks. Security risks Types of risks: 1.Phishing 2.Pharming 3.Spamming 4.Spyware 5.Cookies 6.Virus.
Trend Micro Deployment Kelvin Hwang IT Services University of Windsor.
Internet Security In the 21st Century Presented by Daniel Mills.
IT Academy (part of the University of York ). Cybercrime... Fact or CSI SciFi?
Computer Security Update Bob Cowles, SLAC stanford.edu Presented at RAL 09 Dec 2002 Work supported by U. S. Department of Energy contract.
Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.
Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.
Security for Seniors SeniorNet Help Desk
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
A First Course in Information Security
Outline  Infections  1) r57 shell  2) rogue software  What Can We Do?  1) Seccheck  2) Virus total  3) Sandbox  Prevention  1) Personal Software.
CS101 Lecture 14 Security. Network = Security Risks The majority of the bad things that can be done deliberately to you or your computer happen when you.
Computer and Information Security Protecting yourself and your clients in the wild and wooly online world.
Class 20 Usability CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman
Web Browser Security Prepared By Mohammed EL-Batta Mohammed Soubih Supervised By Eng. Eman alajrami Explain Date 10. may University of Palestine.
Securing the Human. Presented by Thomas Nee, Computer Coordinator Town of Hanover, Massachusetts hanover-ma.gov/information-technology October is Cyber.
CERN’s Computer Security Challenge
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
Trend Micro Confidential 9/23/2015 Threat Rules Sharing Advanced Threats Research.
Understanding the Risks Is Safe Computing Possible? Bob Cowles TERENA Conference 2005 – Poznań, Poland Work supported by U.
Common Cyber Defenses Tom Chothia Computer Security, Lecture 18.
Bots Used to Facilitate Spam Matt Ziemniak. Discuss Snort lab improvements Spam as a vehicle behind cyber threats Bots and botnets What can be done.
SMS 2003 Deployment and Managing Windows Security Rafal Otto Internet Services Group Department of Information Technology CERN 26 May 2016.
GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.
Denial of Service (DoS) DoS attacks are aggressive attacks on an individual computer or groups of computers with the intent to deny services to intended.
SPAM Settings. The ExchangeDefender Admin Site is a powerful tool that gives you access to all of the benefits ExchangeDefender has to offer, from the.
Computer Security Update Bob Cowles, SLAC stanford.edu Presented to HEPiX at Fermilab 23 Oct 2002 Work supported by U. S. Department of Energy.
Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.
Whitelist Management. The ExchangeDefender Admin Site is a powerful tool that gives you access to all of the benefits ExchangeDefender has to offer, from.
Incident Response Plan for the Open Science Grid Grid Operations Experience Workshop – HEPiX 22 Oct 2004 Bob Cowles – Work.
 Introduction to Computing  Computer Programming  Terrorisom.
What is Spam? d min.
, IM, and File sharing specialist By: Sophie Gordon.
On the Road to Eliminating Cleartext Reusable Passwords HEPNT and HEPiX 06 October 1999 Bob Cowles, SLAC Computer Security Officer
Recent Security Threats & Vulnerabilities Computer security Bob Cowles HEPiX, Spring 2006 – CASPUR Work supported by U. S.
ID8 TEAM 2012 Caroline Amaba Ryan Gavin Mike Hegadorn Greg McLeod John Scire Nirmal Rajan.
Securing the Human. Presented by Thomas Nee, Computer Coordinator Town of Hanover, Massachusetts hanover-ma.gov/information-technology October is Cyber.
General Information: This document was created for use in the "Bridges to Computing" project of Brooklyn College. You are invited and encouraged to use.
Advancing Workplace Technologies An MCCA Workshop presented by: Ed Weber, President Weber Enterprises, Inc. in association with: East Central College.
Class Name: Online Safety & Privacy Basics
Unit 4 IT Security.
ISYM 540 Current Topics in Information System Management
SHAW ACCOUNT RECOVERY !. WHAT IS SHAW ? 1. Shaw is one of the best service provider. 2. Shaw is a cloud based service. it.
Cyber Security Awareness Workshop
Norton Antivirus Password Not Working Norton technical support phone number
Norton Antivirus Technical Support Number Norton toll free number
Jon Peppler, Menlo Security Channels
Want to know how to Fix AT&T Error Code 475?
Norton technical support Norton.com/Setup | Norton Setup and Install with Product Key Norton Antvirus Activation For protection against.
Trend Micro Antivirus + Security To Buy Visit : Or Contact : (855)
4 ways to stay safe online 1. Avoid viruses and phishing scams
Cybersecurity Strategy
Real World Advanced Threat Protection
Implementing Client Security on Windows 2000 and Windows XP Level 150
Matt Langford, UNC Mike Hart, MSU Denver
Securing and Protecting Citizens' Data

Presentation transcript:

Recent Security Threats & Vulnerabilities Computer security Bob Cowles HEPiX, Fall 2005 – SLAC Work supported by U. S. Department of Energy contract DE-AC03-76SF00515

11 October 2005HEPiX - Fall Final Thoughts – Spring 2005 uAll operating systems are vulnerable uAll browsers are vulnerable (firefox vulnerability) uNo simple solution – security still to complex l Patching helps l Firewalls help l AV & attachment removal & spam filters help l Encrypted passwords/tunnels help – if used!! uYou can’t be “secure”; only “more secure” uWe must share information better l HEPiX Security list

11 October 2005HEPiX - Fall More Sophisticated Tools

11 October 2005HEPiX - Fall More Sophisticated Tools - 2

11 October 2005HEPiX - Fall More Sophisticated Tools - 3

11 October 2005HEPiX - Fall Passwords (from Monday) uPOP3 l peggyy,kcoct21,dec3.1 41, baum2kid, abouki99, jasperD9, pi16tchou uIMAP l omeRun75, Bruck5BD, uonsF9 uSMTP l $JPsiMeson, 0~, ha66il33 uICQ l gg14723 uFTP l aw3edcft6

11 October 2005HEPiX - Fall Passwords (http) - 2 ud115872m uHammerhead uS0ph0S u268jld823 ubravodb umonkies uD ufabien ufigarek u637xre286 uaK`5huHn ue4077a97 upeggy101 uguest ucisco ufin_maggie ufrump upingpass uanais uadmin ucband utig4yet upincopallino uMammoths

11 October 2005HEPiX - Fall On the Increase uphishing (including IM) upharming uspyware (p2p) uTailored viruses uIdentity theft (in general)

11 October 2005HEPiX - Fall Bad Practices

11 October 2005HEPiX - Fall New Technologies ubluetooth l voice recognition uRFID uVoIP (skype, googletalk, …) usmartcards, OTP uWill they make a difference?

11 October 2005HEPiX - Fall Advances in Security uCommon Malware Enumeration uCommon Vulnerability Scoring System uMS Office 2003 SP2 – anti-phishing Extra click to activate links in

11 October 2005HEPiX - Fall Map of Bots

11 October 2005HEPiX - Fall DOE Site Assistance Visit uWe’re from the government and here to help uHelp with documentation required by new government standards (NIST 800-xx) uIncluded penetration test

11 October 2005HEPiX - Fall Penetration Test - results uWin 2000 SP3 server uMS dropped support as of June 30 uNo warning of August vulnerability uLM hashes for local admin password l Rainbow tables l 64GB – 99.9% success at LM passwords uAdmin account shared with other servers

11 October 2005HEPiX - Fall No Final Thoughts Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.