Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computer Security Status Update FOCUS Meeting, 28 March 2002 Denise Heagerty, CERN Computer Security Officer.

Published byMarion Thompson Modified over 8 years ago

Similar presentations

Presentation on theme: "Computer Security Status Update FOCUS Meeting, 28 March 2002 Denise Heagerty, CERN Computer Security Officer."— Presentation transcript:

1 Computer Security Status Update FOCUS Meeting, 28 March 2002 Denise Heagerty, CERN Computer Security Officer

2 Incident Summary, 31 Dec 2001 20002001 Incident Type 859 Security holes exploited (includes worms) 36 web servers, 11 linux kernels, 8 ssh, 4 ftp servers 8642 Compromised CERN accounts sniffed or guessed passwords 8(26) DoS (Denial of Service) attacks 25 caused by Code Red Worm (counted above) 1813 Unauthorised use of file servers insufficient access controls 915 Serious SPAM incidents CERN email addresses are regularly forged 911 Serious Viruses several new viruses are released each day 1711 Miscellaneous security alerts 155151 Total Incidents

3 Conclusions  Security holes and discovered passwords are CERN’s biggest security risks  Security related actions reduced the number and impact of incidents at CERN Incidents remained constant at CERN whilst they doubled across the Internet as a whole in 2001 Code Red and Nimda worms were eliminated in less than half a day due to effective security tools CERN avoided disruptive worms, e.g. Code Red II Intensive security campaigns from Aug-Dec 2001: Code Red, Nimda, Linux kernel, ftp, ssh Disconnecting insecure systems has been essential for assuring CERN’s Internet access (e.g. Xmas)  Security needs to become integrated throughout CERN’s working methods

4 Open Issues  Ensuring software is secured and patches are regularly applied systems directly visible in the firewall expose the site All systems are at risk (worms traverse firewalls) Outdated/unsupported systems are a serious security risk!  Risk from privately installed software Often directly visible to the general Internet (high port nos) Can offer unauthorised access (e.g. file sharing) Can contain viruses and backdoor access for intruders  Passwords need to be encrypted for all applications telnet, ftp, X, mail applications expose password in clear text  Protecting CERN’s critical systems Currently at risk on a regular basis  Ensuring correct data is registered and updated for systems on the CERN network Contact name who can react quickly MAC address required for mobile devices  Ensuring an audit trail to identify causes of incidents  Protecting the site during Xmas shutdown Volunteer effort is not sufficient

5 Security proposals currently under discussion  Strengthen firewall protection protect access to sensitive high numbered ports  Improve computer security information and its dissemination knowledge of security is an important tool  Define minimum rules for connecting systems to CERN’s network correct registration data, configuration checklist, …  Require regular successful security checks for systems directly visible in the firewall frequent security scans of systems with INCOMING access  Require security reviews for systems considered as critical for CERN’s mission need to ensure these are and remain sufficiently protected  Define an agreed procedure to block network access for insecure systems attempt to inform an agreed set of people

Download ppt "Computer Security Status Update FOCUS Meeting, 28 March 2002 Denise Heagerty, CERN Computer Security Officer."

Similar presentations

The Approach to Security in CLRC Gareth Smith With acknowledgements to all the members of the CLRC Computer Network and Security Group, especially Trevor.

The Approach to Security in CLRC Gareth Smith With acknowledgements to all the members of the CLRC Computer Network and Security Group, especially Trevor.
Computer Security set of slides 10 Dr Alexei Vernitski.

Computer Security set of slides 10 Dr Alexei Vernitski.
For further information computersecurity.wlu.ca

For further information computersecurity.wlu.ca
Mr C Johnston ICT Teacher

Mr C Johnston ICT Teacher
1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.

1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.
Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.

Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.
CERT ® System and Network Security Practices Presented by Julia H. Allen at the NCISSE 2001: 5th National Colloquium for Information Systems Security Education,

CERT ® System and Network Security Practices Presented by Julia H. Allen at the NCISSE 2001: 5th National Colloquium for Information Systems Security Education,
Denise Heagerty, CERN, HEPiX Meeting Oct 20031 HEPiX Security Workshop Overview of talks Some extracts of general interest LCG Security Group FNAL, KEK,

Denise Heagerty, CERN, HEPiX Meeting Oct HEPiX Security Workshop Overview of talks Some extracts of general interest LCG Security Group FNAL, KEK,
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.

Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
Vulnerability Analysis Borrowed from the CLICS group.

Vulnerability Analysis Borrowed from the CLICS group.
Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.

Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.
INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.
SIRT Contact Orientation Security Incident Response Team Departmental Security Contacts April 16, 2004.

SIRT Contact Orientation Security Incident Response Team Departmental Security Contacts April 16, 2004.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
100% Security “ The only system which is truly secure is one which is switched off and unplugged, locked in a titanium lined safe, buried in a concrete.

100% Security “ The only system which is truly secure is one which is switched off and unplugged, locked in a titanium lined safe, buried in a concrete.
Payment Card Industry (PCI) Data Security Standard

Payment Card Industry (PCI) Data Security Standard
COEN 252: Computer Forensics Router Investigation.

COEN 252: Computer Forensics Router Investigation.
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.

Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.
Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.

Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.

Similar presentations

Ads by Google