Upload File

dark alleys-2015

18
Dark Alleys of the Internet Updated 2015 For System and Network Administrators Do the Right Thing!

Upload: greg-parmer

Post on 13-Jan-2017

91 views

Category:

Technology


0 download

Report

TRANSCRIPT

Page 1: Dark alleys-2015

Dark Alleys of the Internet

Updated 2015For System and Network

Administrators

Do the Right Thing!

Page 2: Dark alleys-2015

Attack Statistics» AU Border Firewall

» Over 34,000 blocked connections per minute (taken 7/28/2015 at 2pm)

» WordFence for WordPress• 100+ blocked login attempts (10 per incident)

per day to a personal, unpublicized WP site over 3 days

Page 3: Dark alleys-2015

Passwords on a Sticky Note?How to stop the sharing

madness

Page 4: Dark alleys-2015

Passwords» No reason to share passwords

because you can use:• Shared files/folders• Permissions settings• Remote Desktop• E-mail Proxy• Web 2.0 products

Page 5: Dark alleys-2015

Managing Passwords» Trade-offs

• Different passwords for different systems• Require passwords to change

» Password Managers• KeePass• LastPass• LifeHacker Choices

• http://lifehacker.com/lifehacker-faceoff-the-best-password-managers-compare-1682443320

» Creating memorable passphrases• “1wb0rniDaleCH.” (I was born in Dale County

Hospital.)

Page 6: Dark alleys-2015

Network ProtocolsHelp protect users

Page 7: Dark alleys-2015

Secure All Protocols

»Telnet -> SSH»FTP -> SFTP»SSL Certificates

• LDAP -> LDAPS• HTTP -> HTTPS

»Require Secure Protocols for authenticated Applications

Page 8: Dark alleys-2015

Plain-text Protocols

Page 9: Dark alleys-2015

Secure Protocol

Page 10: Dark alleys-2015

SSL Certificates» Recognized

Certificate Authority -$$

» Pre-installed• Verisign• CyberTrust• Thawte

» Self-signed Certificates – free

» Manual Install• eXtension• AU

VS

Page 11: Dark alleys-2015

Root Certificates

» Internet Explorer• Internet

Options• Content• Certificates

Page 12: Dark alleys-2015

Self-Signed Certificates

» Products• Microsoft Certificate Authority• Mac OS - Keychain• Linux - OpenSSL

» Trouble is that people do BYOD and then get certificate errors. Training people to accept errors is bad.

Page 13: Dark alleys-2015

Secure Network Access

For the Road Warriors

Page 14: Dark alleys-2015

Virtual Private Network

» VPN provides unlimited access to campus network

» Prevent eavesdropping» Treat off-campus just like WiFi

An insecure transmission medium

Page 15: Dark alleys-2015

Public/Private WiFi» Restrict open WiFi ports/protocols» Encourage VPN

• Better encryption• Unrestricted access• Restrict OS announcements• Gain benefit of University border firewall• Restrict services to internal Ips

» Enable Security• Prevent stealing bandwidth• Add some security to insecure sites

Page 16: Dark alleys-2015

Remote Access» Remote Desktop» Bomgar, LogMeIn, etc» Shared space access» Printer access» Internal websites

Page 17: Dark alleys-2015

Other References» Bruce Schneier’s

http://www.schneier.com» SANS’ “@RISK: The Consensus

Security Alert”

Page 18: Dark alleys-2015

Thank YouUntil it goes missing, security is a boring obstacle to productivity in the minds of most people. Don’t be most people.


Your Personal Safety Guide · Street Sense Always stay alert to your surroundings and avoid locations/situations that make you more vul- nerable to crime such as alleys or dark parking

Legume Cover in Orchard Drive Alleys - USDA · Legume Cover in Orchard Drive Alleys Pamela L.S. Pavek1, Conservation ... Ogle et al., 2012; USDA PLANTS, 2015 and the seed supplier

Mustang Alleys Menu

Marbles, Alleys, Mibs, and Guli! - Pearson Australia

3 alleys The Tale of Three Alleys - American Society of ... · 3 alleys 0 / Session Summary Alley projects are hot topics in many cities and for good reason. They can create open

Poetnographies: trieiros and alleys between Afro

Activating Alleys for a Lively City

Dark Alleys Part2

The forgotten and the future: reclaiming back alleys for a ......Introduction Alleys are common features of many North American cities. For example, in Los Angeles, California, alleys

Indian Chief Dark Horse 2015

CHAPTER V STREETS, ALLEYS AND SIDEWALKS

stormthecastle.comstormthecastle.com/.../dark-repulser/dark-repulser-template.pdf · Make Dark Repulser from Sword Art Online Copyright©2015 — StormTheCastle.com — All Rights

V ALLEYS REGIONAL PARK - Cardiff University

Waste Management Clear Alleys User Guidelines

MiG Alleys BowlinG Center snACk BAr MiG Alleys

What You Need to Know about Opiooids - WorkExcel.com · The current epidemic didn’t start in dark alleys on the wrong side of town, but in well-meaning doctors’ offices. Originally,

Lighting the Dark Alleys of the Internet

Bowling Alleys - ACCG

FROM ALLEYS TO VALLEYS: CREATING INNOVATION …

Activating Austin's Downtown Alleys as Public Spaces

Reference Guide 507 Barracks, Bakeries, and Bowling Alleys

Hardware Lane Melbourne Imagine Alleys - … Arcade Ann Arbor, Michigan Imagine Alleys. Sacramento Imagine Alleys. ... Pearl District Portland, OR Imagine Alleys. Melbourne Imagine

Downtown Lincoln Nebraska alleys and passages study

Alleys as Community Resources: White Paper - Austin, …austintexas.gov/sites/default/files/files/Alleys... · Alleys as Community Resources: White Paper . ... Rethink White Papers

Tempe_Context to Alleys w/ bg

Now It's Dark - March 2015

Right Of Way (Streets/Alleys) Vacation Request Procedure

P a g e | Vineyard 101: Discovering the Kingdom of God …storage.cloversites.com/doralvineyard/documents/New Vineyard 101...“God rescued us from dead-end alleys and dark ... The

Alleys in the Cities of India

Dark alleys

Hunting in the Dark - HTCIA 2015

Dark Alleys Part1740

Dark - New Darlings 2015

Now It's Dark - January 2015

Top30Famous Alleys in Seoul English