basics of it security
Post on 01-Jul-2015
226 Views
Preview:
TRANSCRIPT
IT SECURITY AWARENESS CAS - SUR
Hardware (Physical Assets) Software System interfaces (e.g., internal and externa
l connectivity) Data and information Persons who support and use the IT system System mission (e.g., the processes perform
ed by the IT system) System and data criticality (e.g., the system’
s value or importance to an organization) System and data sensitivity
NIST SP 800-30
Information is an asset which, like other important business assets, has value to an organization and consequently needs to be suitably protected
ISO/IEC17799: 2000
Business Requirements Client / customer / stakeholder Marketing Trustworthy Internal management tool
Legal Requirements Revenue Department Stock Exchange of Thailand Copyright, patents, ….
Information security protects information from wide range of threats in order toEnsure Business ContinuityMinimize Business DamageMaximize ROI and Business Opportunities
Business : Stable service to customer Education : Availability of resources and integrity of
information e.g. grade, profile, etc. ISO/IEC17799: 2000 page iii, Introduction
Security is preservation of confidentiality, integrity and availability of information
Confidentiality Ensuring that information is accessible only to those
authorized to have access Integrity
Safeguarding the accuracy and completeness of information and processing methods
Availability Ensuring that authorized users have access to
information and associated assets when required BS7799-2: 2002 page3, 3.1, 3.2, 3.3
Policy/Process/PocedureClearCoverageCompliance – Legal, Standard, guideline etc.
PeopleAwareness (e.g. Password on screen) Discipline
TechnologyEnablersManagement Tools
Could be anything that harm your system e.g.UserHacker/ crackerVirusSpamEtc.
Non-Computerized systemMasqueradeSocial EngineeringTheftSystem malfunction (disaster, power
interruption) IT Network Threat
Network LevelApplication Level
Denial of ServicesServices has been disable by excessive
workload. Information sniffing
Information has been tapped and viewed by unauthorized person
Unauthorized accessLow level worker can access to critical
information.
Snooping
- - - - - - - - -m y p a s s w o r d
Telnet 203.152.145.121username:daengpassword:
203.152.145.121
202.104.10.5
3-way handshake
SYN REQ
SYN ACK
ACK
DATA TRANSFER
WWW
- 3 way handshake
SYN attack
WWWInternet
203.152.145.121
Attacker
SYN REQ D=203.152.145.121 S=202.104.10.5
202.104.10.5SYN ACK D=202.104.10.5 S=203.152.145.121
WAIT
1
2
Smurf Attack
192.168.1.0
1921681255 2031521492ICMP REQ D= . . . S= . . .
2031521491 19216811ICMP REPLY D= . . . S= . . .
2031521491 19216812ICMP REPLY D= . . . S= . . .
2031521491 19216813ICMP REPLY D= . . . S= . . .
2031521491 19216815ICMP REPLY D= . . . S= . . .
2031521491 19216814ICMP REPLY D= . . . S= . . .
2031521491 19216816ICMP REPLY D= . . . S= . . .
2031521491 19216817
2031521491 19216818ICMP REPLY D= . . . S= . . .
203.152.149.1
Internet
Virus vs Worms..? Virus
Viruses are computer programs that are designed to spread themselves from one file to another on a single computer.
A virus might rapidly infect every application file on an individual computer, or slowly infect the documents on that computer,
but it does not intentionally try to spread itself from that computer to other computers.
Worms Worms, on the other hand, are insidious because they rely less (or not at all) upon human
behavior in order to spread themselves from one computer to others.
The computer worm is a program that is designed to copy itself from one computer to another over a network (e.g. by using e-mail).
E-mail spoofingPretend to be someone e.g.
bill_gate@microsoft.com, Spam Mail
Unsolicited or unwanted e-mail or Phising
Desktop Threat Viruses, worms, Trojan, Backdoor Cookies Java Script and Java Applet Zombies network Key logger (Game-Online)
We need “control” which are Policy & Process security control to provide
guideline and framework People to control user behaviorTechnology will be a tool in order to
enforced Policy throughout the organization effectively.
Policy Compliance ISO 17799
Compliance CheckingCobiT Audit Tools
NIST security standard guidelineNIST – 800 series
Organization ControlBusiness Continuity Plan
Security Awareness Training Security Learning Continuum
Awareness, Training, Education Responsibility Control
Need to know basis
Computer Security is the process of preventing and detecting unauthorized use of your computer
Prevention measures help you to stop unauthorized users (intruders) from accessing any part of you computer network
Detection helps you to determine whether or not someone attempted to break into your system, if they were successful, and what they may have done.
Network and Host Based Security Security Devices (Hardware) or Security Software
Firewall (Access control) IDS/IPS VPN & SSL VPN (Data Encryption) Anti-Spam (preventing un-wanted email) QoS (Quality of Services - Bandwidth
Management) Web Content Filtering IM & P2P
Web Traffic— customers, partners, employees
Email Traffic
Applications/Web Services Traffic partners, customers, internal
VPN Trafficremote and mobile users
Internal security threatContractors/disgruntled employees
Remote user
Type of firewallPacket filteringApplication FirewallStateful Inspection
Type of implementationPacket FilterScreened host Dual home HostScreen Subnet (DMZ)
References: CISSP Certification
Packet Filter
Screened Host
Dual home Host
Screened Subnet
Known
Attacks DOS/DDOS
Zero-day
Attacks
Laptop Desktop Server Core Edge Branch Office
Host IPS Network IPS
Detection & Prevention System Signature & Behavior & Anomaly based
Encryption & Decryption Public Key & Private Key Encryption Technology
DES3DESAES
Source: Symantec/ Brightmail
Why do they spam?0.0005$ vs 1.21$ -> 0.02B vs 48.4B1/100,000 count as success
How much does spam is? <spamcorp.net>~6 e-mail/sec 360 e-mail/min 21,600
e-mail/hr How do they get my e-mail?
Webboard, forum, etc. Does spam legal? How to Protect yourself from getting
spam?
Cracks and Hacks Tools WebsiteSpyware, Trojan, Virus, etc.
Banner & AdvertisingAdware, Toolbar, Spam – Subscribe, Credit
card no., etc. Drugs, Gambling, Weapon, etc. Pornography, Nude, Adult Materials Shopping Online (Credit card issues)
Anti – Virus VPN - Client Personal Firewall IDS Web-Filtering
Small group, Home used, Computer Laboratory, etc.
IMVirusExploitVoice Chat
P2PBandwidth UsageSpywareBackDoor
Questions
top related