UNDERSTANDING INFORMATION SECURITY Lee Ratzan, MCP, Ph.D. School of Communication, Information & Library Studies at Rutgers University Lratzan@scils.rutgers.edu VIRUSES, WORMS, HOAXES, And TROJAN HORSES IT’S A JUNGLE OUT THERE Network Worms Computer Viruses Trojan Horses
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
Lee Ratzan, MCP, Ph.D.
School of Communication, Information & Library Studies at Rutgers University Lratzan@scils.rutgers.edu
And TROJAN HORSES
Address Book theft
Hijacked Home Pages
Denial of Service Attacks
Zombies, IP Spoofing
In 1999 a team of computers cracked a 56-character password within one day.
In 2004 a computer virus infected 1 million computers within one hour.
A computer program
Tells a computer what to do and how to do it.
Computer viruses, network worms,
These are computer programs.
1) Computer Virus:
2) Network Worm:
3) Trojan Horse:
1. Bacterial Infection Model:
2. Virus Infected Model:
A computer virus spreads similarly, hence the name
important than security
Attack the Evil Empire
Display of dominance
Showing off, revenge
“Who knows what evil lurks in the hearts of men?”
Some platforms are more secure than others
Managers must strike a balance
My ISP will protect me?
showed me this really cool site…
“It takes a carpenter to build a house but one jackass can knock it down”
(Variously attributed to Mark Twain, Harry Truman, Senator Sam Rayburn)
Set bookmarks to authoritative:
Provide patrons with: up-to-date information about viruses, etc.
that desktops have the latest anti-virus updates
who gave it to you
“Doveryay, No Proveryay” (Trust but Verify)
2) Look up the message in an
authoritative anti-virus site (demo)
3) Reboot the machine
IF THE MESSAGE:
IF IN DOUBT, CHECK IT OUT
Confirm the hoax by checking it against authoritative hoax sites
Inform other staff so the hoax does not propagate
Tricks users into deleting a file
The Horse must be “invited in” ….
How does it get in?
Downloading a file
Installing a program
Opening an attachment
Opening bogus Web pages
Copying a file from someone else
A Trojan Horse exploits computer ports letting its “friends” enter, and
“once a thief gets into your house he opens a rear window for his partners”
Security patches often close computer ports and vulnerabilities
out of date
(or contain trojan Horses)
Authoritative Hoax Information
Authoritative Anti-Virus Vendor Information
Authoritative Security Alert Information
(Computer Emergency Response Team-CMU)
(CIAC-Department of Energy)
(Server and Network Security)
(Forum of Incident Response and Security Teams)
(Computing Incident Response Team-Rutgers)
System and Network Security Practices,
Addison-Wesley, New York
Addison-Wesley, New York
libraries, SC Magazine (Secure Computing
Magazine), page 26
THANK YOU ALL