understanding information security l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
UNDERSTANDING INFORMATION SECURITY PowerPoint Presentation
Download Presentation
UNDERSTANDING INFORMATION SECURITY

Loading in 2 Seconds...

play fullscreen
1 / 35

UNDERSTANDING INFORMATION SECURITY - PowerPoint PPT Presentation


  • 600 Views
  • Uploaded on

UNDERSTANDING INFORMATION SECURITY Lee Ratzan, MCP, Ph.D. School of Communication, Information & Library Studies at Rutgers University Lratzan@scils.rutgers.edu VIRUSES, WORMS, HOAXES, And TROJAN HORSES IT’S A JUNGLE OUT THERE Network Worms Computer Viruses Trojan Horses

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'UNDERSTANDING INFORMATION SECURITY' - Mercy


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
understanding information security
UNDERSTANDING INFORMATION SECURITY

Lee Ratzan, MCP, Ph.D.

School of Communication, Information & Library Studies at Rutgers University Lratzan@scils.rutgers.edu

VIRUSES,

WORMS,

HOAXES,

And TROJAN HORSES

it s a jungle out there
IT’S A JUNGLE OUT THERE

Network Worms

Computer Viruses

Trojan Horses

Logic Bombs

Address Book theft

Hijacked Home Pages

DNS Poisoning

Denial of Service Attacks

Zombies, IP Spoofing

Buffer Overruns

Password Grabbers

Password Crackers

and the ever popular
AND THE EVER POPULAR:

Hoaxes

Ploys

Pop-Ups

Scams

Spam

in 1980 a computer cracked a 3 character password within one minute

DID YOU KNOW?

In 1980 a computer cracked a 3-character password within one minute.

In 1999 a team of computers cracked a 56-character password within one day.

In 2004 a computer virus infected 1 million computers within one hour.

definitions
DEFINITIONS

A computer program

Tells a computer what to do and how to do it.

Computer viruses, network worms,

Trojan Horse

These are computer programs.

salient differences
SALIENT DIFFERENCES

1) Computer Virus:

  • Needs a host file
  • Copies itself
  • Executable

2) Network Worm:

  • No host (self-contained)
  • Copies itself
  • Executable

3) Trojan Horse:

  • No host (self-contained)
  • Does not copy itself
  • Imposter Program
typical symptoms
TYPICAL SYMPTOMS
  • File deletion
  • File corruption
  • Visual effects
  • Pop-Ups
  • Erratic (and unwanted) behavior
  • Computer crashes
biological metaphors
BIOLOGICAL METAPHORS

1. Bacterial Infection Model:

  • Single bacterium
  • Replication
  • Dispersal

2. Virus Infected Model:

  • Viral DNA Fragment
  • Infected Cells
  • Replication
  • Dispersal

A computer virus spreads similarly, hence the name

why do we have this problem
WHY DO WE HAVE THIS PROBLEM?
  • Software companies rush products to the consumer market (“No program should go online before its time…”)
  • Recycling old code reduces development time, but perpetuates old flaws.
and a few more reasons
AND A FEW MORE REASONS
  • Market share is more important than security
  • Interface design is more important than security
  • New feature designs are more important than

security

  • Ease of use is more

important than security

hacker motivations
HACKER MOTIVATIONS

Attack the Evil Empire

(Microsoft)

Display of dominance

Showing off, revenge

Misdirected creativity

Embezzlement, greed

“Who knows what evil lurks in the hearts of men?”

networked systems vs secured systems
NETWORKED SYSTEMS VS SECURED SYSTEMS

Some platforms are more secure than others

NETWORKS

SECURITY

Open Communication

Closed Communication

Full Access

Full Lockdown

Managers must strike a balance

popular fallacies
POPULAR FALLACIES
  • If I never log off then my computer can never get a virus
  • If I lock my office door then my computer can never get a virus
  • Companies create viruses so they can sell anti-virus software
  • Microsoft will protect me

My ISP will protect me?

and a few more
AND A FEW MORE….
  • I got this disc from my (mother, boss, friend) so it must be okay
  • You cannot get a virus by opening an attachment from someone you know
  • But I only downloaded one file
  • I am too smart to fall for a scam
  • You can catch a cold from a computer virus
  • My friend who knows a lot about computers

showed me this really cool site…

things the library can do
THINGS THE LIBRARY CAN DO

ACTION PLAN:

  • Designate security support staff (and fund them)
  • Make security awareness a corporate priority (and educate your staff)
  • Enable real-time protection
  • Update all vendor security patches
  • Subscribe to several security alert bulletins
slide16

Periodically reboot or re-load all computers

  • Control, limit or block all downloads and installs
  • Install anti-virus software on computers (keep it current)

“It takes a carpenter to build a house but one jackass can knock it down”

(Variously attributed to Mark Twain, Harry Truman, Senator Sam Rayburn)

what can the librarian do
WHAT CAN THE LIBRARIAN DO?

Set bookmarks to authoritative:

  • anti-virus Web pages
  • virus hoax Web pages
  • public free anti-virus removal tools

Provide patrons with: up-to-date information about viruses, etc.

Confirm:

that desktops have the latest anti-virus updates

back it up
BACK IT UP
  • Offline copies: Grandfather/father/son (monthly/weekly/daily)
  • Online copies: Shared network drive
  • Changes only: Incremental/differential
  • Do not back up a file on the same disc as the

original!

  • Assume every disc, CD, etc is suspect, no matter

who gave it to you

“Doveryay, No Proveryay” (Trust but Verify)

machine infected
MACHINE INFECTED?

ACTION PLAN:

  • Write down the error or alert message
  • verbatim
  • inform your tech support team
  • quarantine the machine

2) Look up the message in an

authoritative anti-virus site (demo)

  • diagnose the problem
  • take recommended remedial action
slide20

Download, install, run the anti-virus

  • removal tool (demo)

If appropriate:

  • Apply all missing critical security patches
  • (demo)

3) Reboot the machine

  • Run a full system scan before placing the machine back in service
the hoax stops here
THE HOAX STOPS HERE

IF THE MESSAGE:

  • tells you to do something
  • tells you to take immediate action
  • cites a recognizable source to give itself
  • credibility (“Microsoft has warned that…”)
  • does not originate from a valid computer vendor
slide22

AND:

  • lacks specific verifiable contact information

IF IN DOUBT, CHECK IT OUT

Confirm the hoax by checking it against authoritative hoax sites

Inform other staff so the hoax does not propagate

popular hoaxes include
POPULAR HOAXES INCLUDE:
  • JDBGMGR (teddy-bear icon)

Tricks users into deleting a file

Money scam

  • NIGERIA

Pyramid scheme

  • $800 FROM MICROSOFT
stopping the trojan horse
STOPPING THE TROJAN HORSE

The Horse must be “invited in” ….

How does it get in?

By:

Downloading a file

Installing a program

Opening an attachment

Opening bogus Web pages

Copying a file from someone else

slide25

MORE ON THE HORSE…….

A Trojan Horse exploits computer ports letting its “friends” enter, and

“once a thief gets into your house he opens a rear window for his partners”

Security patches often close computer ports and vulnerabilities

note 1
NOTE #1
  • Search engines are NOT reliable sources of virus information
  • Information may be inaccurate, incomplete or

out of date

  • Search engines generate huge numbers of

indiscriminate hits

  • Some anti-virus Web sites are scams

(or contain trojan Horses)

  • Go directly to authoritative anti-virus sites
note 2
NOTE #2
  • Computer companies are NOT reliable sources of virus information

Computer companies:

  • Usually refer you to an anti-virus vendor
  • are not in the anti-virus business
  • themselves are victims!
online resources
ONLINE RESOURCES

Authoritative Hoax Information

  • securityresponse.symantec.com/avcenter/hoax.html
  • vil.mcafeesecurity.com/vil/hoaxes.asp

Authoritative Anti-Virus Vendor Information

  • securityresponse.symantec.com/avcenter/vinf odb.html
  • www.mcafeesecurity.com/us/security/vil.htm
references
REFERENCES

Authoritative Security Alert Information

  • securityresponse.symantec.com/ (Symantec)
  • www.microsoft.com/security

(Microsoft)

  • www.apple.com/support/security/

(Apple)

slide30
Authoritative Anti-Virus Organizations
  • www.cert.org

(Computer Emergency Response Team-CMU)

  • www.ciac.org/ciac

(CIAC-Department of Energy)

  • www.sans.org/aboutsans.php

(Server and Network Security)

  • www.first.org

(Forum of Incident Response and Security Teams)

  • www.cirt.rutgers.edu

(Computing Incident Response Team-Rutgers)

slide31
Authoritative Free Public Anti-Virus Removal Tool Information
  • securityresponse.symantec.com/avcenter/tools.list.html
  • vil.nai.com/vil/averttools.asp
  • mssg.rutgers.edu/documentation/viruses (Rutgers)
  • some professional library sites have pointers to reliable anti-virus information
print resources
PRINT RESOURCES
  • Allen, Julia, (2001) The CERT Guide to

System and Network Security Practices,

Addison-Wesley, New York

  • Crume, Jeff, (2000) Inside Internet Security,

Addison-Wesley, New York

  • Ratzan, Lee, (January 2005) A new role for

libraries, SC Magazine (Secure Computing

Magazine), page 26

slide33
Ratzan, Lee, (2004) Understanding Information Systems, American Library Association, Chicago
the author acknowledges
THE AUTHOR ACKNOWLEDGES
  • The cooperation of InfoLink (www.infolink.org) for promoting library professional development programs
  • The Monroe Public Library for the use of its facilities
  • SC Magazine for publishing an essay on libraries being at the forefront of information security
  • Lisa DeBilio for her production of the PowerPoint slides.

THANK YOU ALL