WAN Security & VPN Kaman Ng TEL660 19 Jan 2006 Need for Security? Online Trading Etrade, Schwab, TDWaterhouse, Fidelity, Ameritrade Online Banking Commerce Bank, Citibank, HSBC Online Purchases Ebay, BestBuy.com, BarnesandNobles.com Online Information
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
19 Jan 2006
Five Types of Risks
Main purposes are to cause outages and corruption/deletion of data.
Around Christmas time in 1987, the first major WAN virus appeared and was immediately dubbed the Christmas virus. The Christmas Virus was a REXX (CMS) script that drew a Christmas tree on the user's screen. Meanwhile, it would look in the user's NAMES file and find the addresses of other network users. Once these addresses were found, the virus would send copies of itself to this users. This virus bought VNET, IBM's internal network, to its knees.
Sometime around 6 PM EST on November 2, 1988 the most famous computer worm in history was introduced into the Internet by Robert Morris, the son of a famous computer security analyst working for the NSA. The worm spread like wildfire infecting hundreds if not thousands of computers in a matter of hours. The only computers that were suspectable were Sun 3 systems and VAXes running BSD 4.3 Unix. Many sites cut themselves off the network to protect themselves against the worm. Full Internet connectivity was not restored for weeks after this.
It is the first computer security incident response team. CERT is an organization devoted to ensuring that appropriate technology and systems management practices are used to resist attacks on networked systems and to limiting damage and ensure continuity of critical services in spite of successful attacks, accidents, or failures. CERT is located at the Software Engineering Institute (SEI), a federally funded research and development center (FFRDC) operated by Carnegie Mellon University.
The Verizon Security - Computer Intrusion Response Team (CIRT) requests your immediate action to the following security advisory if it adversely affects the network/system you support. Email any questions or concerns to email@example.com.
Please see below for the CIAC BULLETIN Q-090 Vulnerability in Graphics Rendering Engine. A remote code execution vulnerability exists in the Graphics Rendering Engine because of the way that it handles Windows Metafile (WMF) images. This HIGH-risk vulnerability can be mitigated by downloading and installing the updates listed in Microsoft Security Bulletin MS06-001 (912919). The URL for this bulletin is http://www.microsoft.com/technet/security/Bulletin/MS06-001.mspx
Subject: CIAC BULLETIN Q-090 Vulnerability in Graphics Rendering Engine
The U.S. Department of Energy Computer Incident Advisory Capability
Vulnerability in Graphics Rendering Engine
[Microsoft Security Bulletin MS06-001 (912919)]
January 5, 2006 20:00 GMT Number Q-090
PROBLEM: A remote code execution vulneraiblity exists in the Graphics
Rendering Engine because of the way that it handles Windows
Metafile (WMF) images.
PLATFORM: Affected Software:
* Microsoft Windows 2000 Service Pack 4
* Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
* Microsoft Windows XP Professional x64 Edition
* Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
* Microsoft Windows Server 2003 for Itanium-based Systems and
* Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
* Microsoft Windows Server 2003 x64 Edition
* Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE),
and Microsoft Windows Millennium Edition (ME)
- Review the FAQ section of this bulletin for details about these operating systems.
DAMAGE: An attacker who successfully exploited this vulnerability could take complete control of an affected system.
SOLUTION: Download and install updates indicated in the Microsoft Bulletin.
Corporate policies aimed to be flexible enough to balance the level of productivity and openness against the level of security control. If policies are too restrictive, people either find ways to circumvent them or won’t enforce them.
Microsoft Security Update Scanner services
Computers use cryptography to scramble ordinary text into ciphertext (encryption).
The sender and receiver of a message share a single key to encrypt and decrypt the message.
The sender and receiver uses a single secret key that is known only to the two people that exhange messages. Risk is if the private key is lost, the data is essentailly lost because it cannot be decrypted.
A public key is use by the sender and a private key is use by the receiver. Digital signature is used to ensure original content of message has not been modified. To decode the message, the receiver must use both the public key and its own private key.
The key in public key encryption uses a hash algorithm. Public keys using 128bit numbers have 2128 possible combinations, making them extremely difficult to crack.
VPNs rely on tunneling to create a private network that reaches across the Internet. Essentially, tunneling is the process of placing an entire packet within another packet and sending it over a network. The protocol of the outer packet is understood by the network and both points, called tunnel interfaces, where the packet enters and exits the network.
20,000 Verizon corporate users part-time or full-time remote users. We utilitize VPN for security and transparency.
RSA Securid Card with Nortel VPN Client software
Six digit dynamic
Two digit unique