r u n s a f e n.
Skip this Video
Loading SlideShow in 5 Seconds..
R.U.N.S.A.F.E. PowerPoint Presentation
Download Presentation


423 Views Download Presentation
Download Presentation


- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. R.U.N.S.A.F.E. JMU Security Briefing - August 2000

  2. Today’s Situation – Universal Access… • There are an estimated 600 million people with Internet access… • All 600 million of them can communicate with your JMU connected computer. • Any of the 600 million can rattle the door to your computer to see if its locked. • On the JMU network, someone tries several times a day. JMU Security Briefing - August 2000

  3. Today’s Situation – Vulnerable Computers… • A large number of computers are vulnerable to being taken over remotely because of: • Unfixed software defects • Operating and configuration errors • Core architectural vulnerabilities • Exploitation of vulnerable computers is increasingly trivial, quick, and almost risk-free by relatively unsophisticated individuals. One person or one program can wreak havoc. JMU Security Briefing - August 2000

  4. Today’s Situation – Opportunities for Abuse… • Fraud, vandalism, and other crimes have historically made use of communications and transportation systems as they’ve developed. • Crimes increase with opportunities created by accessibility and escape routes. JMU Security Briefing - August 2000

  5. Today’s Situation – Opportunities for Abuse… • To break into a safe, the safe cracker needs to know something about safes. • To break into a computer, the computer cracker often only needs to know where to download a program written by someone else who knows something about computers…. • …and they don’t need to go to the safe…they can break into a target computer from anywhere in the world. • Such programs are freely available all over the Net. JMU Security Briefing - August 2000

  6. Today’s Situation – Result • The complexity, anonymity, speed, and global reach of the Internet creates opportunities for abusers and nightmares for law enforcement. • Mass computer break-ins, vandalism, and abuse are a common occurrence. JMU Security Briefing - August 2000

  7. How Can the Situation Affect You?… • A compromised computer provides access to all accounts, keystrokes, and resident data. Account and keystroke information can be used to access other resources. • Operational Difficulties • Email and documents • Financial transactions • Identity Theft • Criminal Use of Computer JMU Security Briefing - August 2000

  8. What Are We Going to Do? JMU Security Briefing - August 2000

  9. Practical Aspects of Securing Our Computers… • Security is the process of reducing risk. We can never be risk free, hence we can never be 100% secure. • We can secure something so well that it is unusable. • “Security is a process, not a product.” Bruce Schneier • We can’t buy security. We have to live it. JMU Security Briefing - August 2000

  10. Available Options… • Education. • “A computer lets you make more mistakes faster than any invention in human history - with the possible exceptions of handguns and tequila.“ - Mitch Ratliffe • A computer’s actions are controlled completely by software which any operator is free to download, configure, and run. • Eliminate vulnerabilities. • To a large extent, vulnerabilities go hand in hand with functionality, complexity, and the pace of change. • It would be politically and practically impossible to completely mandate and control everybody’s computer configuration. • We need a way to detect vulnerable computers and encourage people to fix them. • Most common computer break-ins are accomplished through preventable vulnerabilities. JMU Security Briefing - August 2000

  11. …Available Options… • Eliminate access. • If the bad guys can’t get to the computers, they can’t break in. • Networks were created to communicate • Freedom to communicate is paramount in an academic community. • Nothing short of “no access” will provide 100% security. JMU Security Briefing - August 2000

  12. …Available Options • Detect and react to events as they occur. • In most day-to-day situations we don’t prevent crime – we deter it with reaction and response. • Effective detection and response of computer incidents requires automated tools. • Automated tools must be told what is “good” and what is “bad”. This is often not known, spelled out in policy, definable, or machine detectable. • Right now its like drinking from a fire hose. • Law enforcement is unable to handle the volume. Communications providers end up being pushed into acting as police and prosecutor in an uncertain legal climate. JMU Security Briefing - August 2000

  13. Why R.U.N.S.A.F.E. ?… • We can’t protect ourselves from a threat very well if we’re not aware of it. • Nobody can do it for us. Our ability to communicate with anyone around the world, our ability to load and configure our computers as we see fit, and our computers’ ability to perform any action based on the software we load means our security depends upon our behavior… • …unless we’re willing to give up some of that freedom JMU Security Briefing - August 2000

  14. …Why R.U.N.S.A.F.E…. ? • Our dependence on computers is increasing: • Communications • Functionality • Service Access • The way we operate our computers increasingly affects our network neighbors. JMU Security Briefing - August 2000

  15. …Why R.U.N.S.A.F.E. …? • A free society depends upon the cooperation and behavior of its members. So does an open network. Uncooperative members can disrupt and ruin it for all of us. • The Internet makes it easy for uncooperative members to strike quickly and anonymously. • How would our behavior change if our wallets, homes, and mail boxes could be accessed from around the world like our computers can? JMU Security Briefing - August 2000

  16. R.U.N.S.A.F.E. • REFUSE to Run Unknown Software • UPDATE Software Regularly • NULLIFY Unneeded Risks • SAFEGUARD Your Identity and Password • ASSURE Proper System Care • FACE Insecurity • EVERYBODY Needs to Do Their Part • JMU Security Briefing - August 2000

  17. Basic Security Recommendations… • There is no substitute for common sense. • Giving out bank or credit card numbers over the Internet is no different than giving them out over the telephone. • Taking action based on the apparent sender of email is little different than taking action based on the return address of a typewritten postcard. • Running a program from an unknown source is little different than eating food found on the street. • Not maintaining our computers is little different than not maintaining broken windows and doors. Unfortunately, computers need much more maintenance than the spiffy ads on TV suggest. JMU Security Briefing - August 2000

  18. Basic Security Recommendations… • An unprotected Windows computer will likely be infected or hacked within minutes of connecting it to the Internet. Follow StartSafe guidelines for setting up a computer. • Treat all email attachments with caution. • Executable or unfamiliar email attachments should be treated like hazardous waste! • Treat file downloads with caution. Remember the food on the road analogy. JMU Security Briefing - August 2000

  19. …Basic Security Recommendations… • If you receive unwanted email don’t reply to it. Just delete it. If it continues, save copies and notify your Internet Service Provider. If it is threatening, contact law enforcement. • Don’t believe everything you see on the Internet. Email addresses are easily falsified. Professional looking web pages can be put up by almost anyone these days. • Be careful where you type your passwords or any other personal information. Never do so on the basis of unsolicited e-mail. • Choose strong passwords. Use different passwords for different services. • Don’t ignore warnings from your computer. JMU Security Briefing - August 2000

  20. …Basic Security Recommendations… • Keep track of software defect announcements from your vendors. • If you install add-on software, you’ll be responsible to make sure that subsequent security updates are installed. Things like instant messaging, media players, P2P, and document viewers are as prone to security defects as other programs. • Be extremely careful with using or providing network file sharing JMU Security Briefing - August 2000

  21. Server Recommendations… • If you run a server, requirements for safe operation increase at least tenfold. • A Microsoft IIS web server, newly installed from a CD, will likely become infected with an Internet worm within minutes of being connected to the network and compromised by opportunistic criminals within days. • Many linux based servers are similarly vulnerable straight from the installation CD. JMU Security Briefing - August 2000

  22. …Server Recommendations. • Read and understand the R.U.N.S.A.F.E. guidelines pertaining to server operators and the best practices documents for the server software you’re running. If you are unable to follow the the recommendations because they are too technical or tedious, you probably shouldn’t be running a server without further training. If you bring up a server without proper care, your server, its data, and other networked computers are exposed to a high risk of compromise and/or abuse. Its your call…for now. JMU Security Briefing - August 2000