slide1 l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Securing your computer GADGET GURUS PowerPoint Presentation
Download Presentation
Securing your computer GADGET GURUS

Loading in 2 Seconds...

play fullscreen
1 / 29

Securing your computer GADGET GURUS - PowerPoint PPT Presentation


  • 305 Views
  • Uploaded on

Securing your computer GADGET GURUS Dr. Wayne Summers TSYS Department of Computer Science Columbus State University Summers_wayne@colstate.edu http://csc.colstate.edu/summers SQL Slammer

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Securing your computer GADGET GURUS' - Thomas


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
securing your computer gadget gurus

Securing your computerGADGET GURUS

Dr. Wayne Summers

TSYS Department of Computer Science

Columbus State University

Summers_wayne@colstate.edu

http://csc.colstate.edu/summers

sql slammer
SQL Slammer
  • “It only took 10 minutes for the SQL Slammer worm to race across the globe and wreak havoc on the Internet.”
  • “The worm, shut down some U.S. bank teller machines, doubled the number of computers it infected every 8.5 seconds.”
blaster
BLASTER
  • At least 500,000 computers worldwide infected
  • In eight days, the estimated cost of damages neared $2 billion.
sobig f
SOBIG.F
  • One of every 17 e-mails scanned was infected (AOL detected 23.2 million attachments infected with SoBig.F)
  • Worldwide, 15% of large companies and 30% of small companies were affected by SoBig - estimated damage of $2 billion.
goals
Goals
  • confidentiality (privacy) - limiting who can access assets of a computer system.
  • integrity - limiting who can modify assets of a computer system.
  • availability - allowing authorized users access to assets.
definitions
Definitions
  • vulnerability - weakness in the security system that might be exploited to cause a loss or harm.
  • threats - circumstances that have the potential to cause loss or harm. Threats typically exploit vulnerabilities.
  • control - protective measure that reduces a vulnerability or minimize the threat.
vulnerabilities
Vulnerabilities
  • “Today’s complex Internet networks cannot be made watertight…. A system administrator has to get everything right all the time; a hacker only has to find one small hole.”
    • Robert Graham, lead architect of Internet Security Systems
recent news
Recent News
  • “New Trojan horses threaten cell phones”
  • Keyloggers Jump 65% As Info Theft Goes Mainstream
  • Computers around the world are systematically being victimized by rampant hacking. This hacking is not only widespread, but is being executed so flawlessly that the attackers compromise a system, steal everything of value and completely erase their tracks within 20 minutes.
recent news12
Recent News
  • IM Worms could spread in seconds – “Symantec has done some simulations … and has found that half a million systems could be infected in as little as 30 to 40 seconds.”
  • Fraudulent e-mails designed to dupe Internet users out of their credit card details or bank information topped the three billion mark last month.
e mail from microsoft security@microsoft com
E-mail from “Microsoft” security@microsoft.com

{Virus?} Use this patch immediately !

Dear friend , use this Internet Explorer patch now!

There are dangerous virus in the Internet now!

More than 500.000 already infected!

malware and other threats
Malware and other Threats
  • Viruses / Worms (over 180,000 viruses – 4/2007)
    • 1987-1995: boot & program infectors
    • 1995-1999: Macro viruses (Concept)
    • 1999-2003: self/mass-mailing worms (Melissa-Klez)
    • 2001-???: Megaworms [blended attacks] (Code Red, Nimda, SQL Slammer, Slapper)
  • Trojan Horses
solutions
Solutions
  • Apply “defense in-depth”
    • Don't open email from strangers or attachments you weren't expecting—especially attachments with .exe extensions
    • Use good passwords
    • Back up important files
    • Run and maintain an antivirus product
    • Do not run programs of unknown origin
    • Deploy a firewall
    • Keep your patches up-to-date
password management
Password Management
  • Passwords should be at least 6-8 characters
  • Passwords should be alphanumeric with special characters like punctuation marks
  • Never use common words from the dictionary
  • Never tell anyone your password, not even to security personnel or to your best friend
  • Never send passwords through e-mails, as passwords are sensitive items
  • Never write a password down on scratch paper where someone might discover it
  • Never throw a password in the trash. A Dumpster Diver may discover it
password management22
Password Management
  • Potential passwords – which are good?
    • 11042007
    • abc
    • Fido
    • Wayne
    • WayneSummers
    • Password
    • Password1996
    • QuePasa?
    • W@yn3Summ3r$
slide24
“The most potent tool in any security arsenal isn’t a powerful firewall or a sophisticated intrusion detection system. When it comes to security, knowledge is the most effective tool…”

Douglas Schweizer – The State of Network Security, Processor.com, August 22, 2003.

caesar cipher key 3
Caesar cipher (key = 3)
  • The message

“caesar is a roman”

  • becomes

FDHVD ULVDU RPDQ

caesar cipher key dog
Caesar cipher (key = DOG)
  • The message

“caesar is a roman”

  • becomes

FOKVO XLGGU CSDB

popular cryptography
Popular Cryptography
  • Jules Verne's - decipherment of a parchment filled with runic characters in the Journey to the Center of the Earth.
  • Sir Arthur Conan Doyle's detective, Sherlock Holmes, was an expert in cryptography. The Adventure of the Dancing Men, involves a cipher consisting of stick men, each representing a distinct letter.
  • Edgar Allan Poe issued a challenge to the readers of Philadelphia's Alexander Weekly Messenger, claiming that he could decipher any mono-alphabetic substitution cipher. He successfully deciphered all of the hundreds of submissions. In 1843, he wrote a short story, "The Gold Bug”
computer security awareness week http cins colstate edu awareness april 16 20 2007
COMPUTER SECURITY AWARENESS WEEK(http://cins.colstate.edu/awareness/)April 16-20, 2007

ACCENTUATE THE POSITIVE