Presentation is loading. Please wait.

Presentation is loading. Please wait.

AIS, 20141 Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)

Published byGavin Welch Modified over 8 years ago

Similar presentations

Presentation on theme: "AIS, 20141 Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)"— Presentation transcript:

1 AIS, 20141 Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)

2 AIS, 20142 Passwords Long, at least 8 characters Alphanumeric Hashed (one-way scrambling) System should allow only a few attempts before locking out account

3 AIS, 20143 Password Cracking Methods Random trials – haphazard, low chance but easier Dictionary attacks – try scrambling the common names and all dictionary words Brute force – try scrambling all possible combinations of characters, most time consuming Systematic deduction – try name followed by month, etc.

4 AIS, 20144 Passwords An 8-letter password is 676 times stronger than a 6- letter password. A 6-character alphanumeric password is 6 times stronger than a 6-letter password. A completely random 8-character alphanumeric is virtually uncrackable with a modern PC, takes about 1 year. Strength should depend on user’s privilege and locality of system.

5 AIS, 20145 Two-factor Authentication (general or application) Used to compensate for the inherent weaknesses of passwords, i.e., guessing and hacking. Uses what the user has and what the user knows. Examples are to use a token with a dynamic password and ATM.

6 AIS, 20146 Biometrics (general or application) Can include fingerprint, hand geometry, voice etc. Held back by privacy concerns. Not recognised legally in place of signature

7 AIS, 20147 Operating System Security (general control) Use a standard checklist for configuration Locks down workstation access by employees to prevent unauthorized installation of software Use scanning software to detect vulnerabilities before implementation and periodically Use automated patching tools to install security fixes.

8 Operating System Security The standard configuration checklist should comply with the workstation and server security standards in the organization. It is called hardening. It should enable only minimal services. A service is a system program in the OS that performs repetitive functions like remote connection to a server. AIS, 20148

9 9 Operating System Security Have a server profile to define security parameters for the entire server, e.g., password length. Define the access control list to each file on the server (program and data), who can access what file and “read or write or delete”; the “who” may be a person, a class of users or a program.

10 AIS, 201410 Firewall (general control) Can be hardware based only, e.g., a router. Can be a server with sophisticated software, more granular and reliable than a router, provides better logs. Can use artificial intelligence to check for patterns.

11 AIS, 201411 Firewall Every organization that hosts a web site should have a firewall to protect its internal network from hackers The firewall would block traffic that is definitely unacceptable.

12 AIS, 201412 Firewall A typical firewall uses rules to determine whether traffic is acceptable, e.g., port scanning is not allowed by some organizations. A data packet typically consists of a source Internet Protocol (IP) address, a port and a destination Internet Protocol address.

13 AIS, 201413 Firewall A port is a logical connection point in a network device including a computer. It is used to standardize Internet traffic, e.g., web browsing uses port 80, e-commerce uses port 443.

14 Firewall to Prevent Spoofing Should not allow own IP addresses from coming in. Should load the “unassigned” addresses from Internet Assigned Numbers Authority (IANA) on firewall. AIS, 201414

15 AIS, 201415 Firewalls, Intrusion Detection Systems, and Antivirus Software (continued) Network address translation (NAT) – Provides an additional layer of protection – Conceals the IP address of the host computer to sniffer programs. TECHNOLOGIES AND TOOLS FOR SECURITY AND CONTROL

16 AIS, 201416 Firewall Management Firewall should not be remotely administerable in order to reduce the risk of hacking. Firewall logs should be reviewed frequently to avoid the log getting full and firewall collapsing.

Download ppt "AIS, 20141 Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)"

Similar presentations

Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.
5-Network Defenses Dr. John P. Abraham Professor UTPA.

5-Network Defenses Dr. John P. Abraham Professor UTPA.
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:

Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.
Business Data Communications, Fourth Edition Chapter 10: Network Security.

Business Data Communications, Fourth Edition Chapter 10: Network Security.
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.

Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Chapter 8 Information Systems Controls for System Reliability— Part 1: Information Security Copyright © 2012 Pearson Education, Inc. publishing as Prentice.

Chapter 8 Information Systems Controls for System Reliability— Part 1: Information Security Copyright © 2012 Pearson Education, Inc. publishing as Prentice.
Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.

Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Prepared by:Nahed AlSalah Data Security 2 Unit 19.

Prepared by:Nahed AlSalah Data Security 2 Unit 19.
Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau (20086034) Lee Shirly (20095815) Ong Ivy (20095040)

Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau ( ) Lee Shirly ( ) Ong Ivy ( )
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.

1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

Similar presentations

Ads by Google