Presentation on theme: "Network Security aka CyberSecurity Monitor and manage security risks at the network level for the entire Johns Hopkins Network."— Presentation transcript:
Network Security aka CyberSecurity Monitor and manage security risks at the network level for the entire Johns Hopkins Network.
Everyone & Everything is Connected Radio – 35 years to reach 50 million TV – 15 years to reach 50 million W.W.W. – 5 years to reach 50 million
Risky Business Johns Hopkins Network is appr. 75,000 nodes Approximately 20% are unsecure Approximately 50,000 hits on our top 10 IDS rules
Hackers/Crackers/Script Kiddies ? Script kiddies Less skilled than traditional hackers. These “skiddies” often use tools developed by others without completely understanding the basics. Cracker Computer-savvy programmer creates attack software Hacker A hacker is a person who breaks into computers and computer networks for profit, as a protest or for the challege
Social Engineering I need a password reset. What is the password set to? This is John, the System Admin. What is your password? Email: ABC Bank has noticed a problem with your account… I have come to repair your machine… and have some software patches
Phishing = Fake Email! ABC Bank Your account has been compromised. We need you to click the following link and verify your password, pin number and social security number Phishing Phishing is a way of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity Victim My account was what?!
Pharming = Fake Webpages Pharming Like phishing, malicious users will create web pages that look exactly the same as legitimate ones. The only difference is where your data is going!
Worms Network worms are self-replicating malware which uses the computer network to send copies of itself to other computers Some worms come in the form of a phishing email. When the victim clicks the link inside, it begins to infect the victim machine. Then sends the link to all the accounts in the users address book
How are we protecting you? Defense in Depth Border Router Perimeter firewall Internal firewall Intrusion Detection System Policies & Procedures & Audits Authentication Access Controls
Firewalls The good, the bad & the ugly… Filter The bad & the ugly The Good Route Filter: Verifies sources and destination of IP addresses Packet Filter: Scans headers of packets and discards if ruleset failed (e.g., Firewall or router) Content Filter: Scans contents of packets and discards if ruleset failed (e.g., Intrusion Prevention System or firewall)
Intrusion Detection/Prevention Systems Network IDS=NIDS Examines packets for attacks Can find worms, viruses, org-defined attacks Warns administrator of attack