1 / 18

System Defense

System Defense. Defending Home Networks. Introduction. Computer Security What it’s not Person, Place or Thing What it is Independent Of Network OS Of Host OS Of Application Process Achievable. Why Computer Security?. Data Integrity Confidentiality Availability Non Repudiation

martha-horn
Download Presentation

System Defense

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. System Defense Defending Home Networks

  2. Introduction • Computer Security • What it’s not • Person, Place or Thing • What it is • Independent • Of Network OS • Of Host OS • Of Application • Process • Achievable

  3. Why Computer Security? • Data Integrity • Confidentiality • Availability • Non Repudiation • Identification • Authentication

  4. Identify Risk • Physical Access • Humans • Application Runtime • Browser • Email • IM • Network Access

  5. Risk Vectors

  6. Defend Yourself • Know your system • What it is • What’s on it • What Changes on it • Who is using it • Who can use it • Patch vulnerabilities

  7. The Onion of Security

  8. File System Physical Protection BIOS Password File Integrity Anti Virus Scanner File System Encryption

  9. Host Defenses Host based Firewall Host based IDS Configuration Management Auditing Patch Maintenance IP Restrictions Backup

  10. Application Defenses Configuration Patch Encrypt Auditing Access Control

  11. LAN Defenses LAN Based IDS Ensure Hosts Authenticate Router Based ACL

  12. WAN Defenses Firewall Implement NAT Router Based ACL Filter Both Directions

  13. Resources • Firewalls • Linux • Back it up with an IDS • Tiny Firewall – www.tinysoftware.com • Zonelabs – www.zonelabs.com • Netscreen - www.netscreen.com

  14. Resources • IDS • Port Sentry - www.psionic.com • Snort – www.snort.org • AracNIDS - http://www.whitehat.org

  15. Resources • Configuration advice • Microsoft – www.microsoft.com/technet/treeview/default.asp?url=/technet/security/tools/tools.asp • Linux –www.cert.org/security-improvement/index.html • Benchmark – www.cisecurity.org

  16. Resources • Vulnerability Awareness. • www.securityfocus.com - Bugtrak. • www.nessus.org – Nessus Scanner. • www.sans.org/top20.htm- SANS/FBI Top 20 Vulnerabilities. • www.cert.org - Carnegie Mellon CERT. • www.nipc.gov/warnings/computertips.htm - The National Infrastructure Protection Center. • Best Newsletter - http://www.neohapsis.com/. • http://www.cio.com/research/security.

  17. Resources • Encryption • OpenPGP – www.openpgp.org • File integrity • MD5 • Tripwire - www.tripwire.com/products/linux/ • www.tripwire.org • Port Scanner - NMAP – www.nmap.org • AV Software - McAfee • Pest Patrol

  18. Q&A

More Related