introduction to computer security. common security terminology password cracking biometrics public...
TRANSCRIPT
Introduction to Computer SecurityIntroduction to Computer Security
Common Security TerminologyCommon Security Terminology Password Cracking Biometrics Public Key Cryptography SSL Man-in-the-Middle Attack Zombies Denial of Service Attack Key Logging Software Firewalls Security Exploit
TerminologyTerminology Password Cracking
• Password Cracker– An application that tries to obtain a password by
repeatedly generating and comparing encrypted passwords or by authenticating multiple times to an authentication source.
– Repeatedly trying to access your accounts
• Common methods of Password cracking– Brute Force– Dictionary
TerminologyTerminology Password Cracking (cont’d)
• Passwords are usually stored in an encrypted form with a one way encryption algorithm
– If this data is compromised, password cracking can be moved to a standalone system for easier control and speed of cracking.
TerminologyTerminology Biometrics
• Science and technology of measuring and statistically analyzing biological data
• When used in Information Technology it usually refers to the use of human traits for authentication
• This method can include fingerprints, eye retinas and irises, voice patterns, and a host of other consistent biological data
TerminologyTerminology Public Key Cryptography
• Two Keys, “certificates”, are available for each resource, one public and one private
• As the names imply, the public key can be shared freely while the private key is kept secret
• Items encrypted using the public key are decrypted using the private key and conversely anything encrypted with the private key can be decrypted with the public key
• This method of encryption is used to ensure secure communication is only between a valid, “known”, sender and recipient
TerminologyTerminology SSL
• “Secure Sockets Layer”• Uses Public Key Cryptography• Negotiates a method to encrypt communication
between a client and server• Allows other network protocols to connect “over
top” of it, such as web browsing and e-mail protocols
• “Transport Layer Security” (TLS) is a variant of SSL used to negotiate encryption within the network protocol being used
TerminologyTerminology Man-in-the-Middle Attack
• A system between two hosts that either passively watches traffic to gain information used to “replay” a session or actively interferes with the connection, potentially imitating the remote system
TerminologyTerminology Zombies
• Computer system infected by a virus or Trojan horse that allows the system to be remotely controlled for future exploits
• These systems may be used to send large amounts of spam e-mail or take part in Distributed Denial of Service (DDoS) attacks
TerminologyTerminology Denial of Service Attack (DoS)
• Sending large amounts of data and requests to a remote system in order to inundate the remote computer or network
• A Distributed DoS is a coordinated effort by a number of systems to perform a DoS on a single host
TerminologyTerminology Key Logging Software / Hardware
• Software installed on a system to capture and log all keystrokes
• Hardware installed between the keyboard and computer used to capture and log all keystrokes
Security Exploit• A software bug, or feature, that allows access to
a computer system beyond what was originally intended by the operator or programmer
TerminologyTerminology Firewall
• Network hardware device or software used to filter traffic to and from the connected resources
• Ranges from simple filters, blocking certain services and protocols, to more complex systems that plot network traffic patterns
• Local operating system firewalls are referred to as “personal firewall software”
Firewall
Password SecurityPassword Security Password limitations
Reasons for complex passwords
Helpful suggestions for creating complex passwords
Future password requirements
Password SecurityPassword Security According to CERT/CC (Computer
Emergency Response Team / Coordination Center) approximately 80% of all network security issues are caused by bad passwords
Computer to Computer authentication can use large keysets and complex encryption while Human to Computer authentication relies on much easier methods
Password SecurityPassword Security Password Limitations and why they are in
place• Password Expiration
– Decreases the chances of your password being cracked
• Complex Passwords– Requiring complexity actually increases the possible
character combinations required by brute-force cracking
• Password Length Requirements– The longer your password the more possible
character combinations are present and the harder it is to crack
Password SecurityPassword Security Dealing with Password Limitations
• Password lockouts– If a certain number of login attempts fail within a
given timeframe the account is automatically locked out for a preset amount of time
– Using this limitation stops brute force authentication attempts
• Dictionary Checks– Simple checks against common dictionaries are used
to increase password complexity
Password SecurityPassword Security Are Password rules too complex?
• With the increase of computer hardware speed and the decrease of computer prices, we can use more advanced methods to keep security high
• Post-it Notes– Is your computer in a locked room?– Who has physical access to your system?– A majority of system attacks originate through the
network.
Password SecurityPassword Security Suggestions for Complex Passwords
• Think of a phrase and use the first characters of each word, mixing case and adding numbers and special characters
– It is good to change your password every 6 months = Iig2cyPe6m
– UI vandals are number one = UiVdlsR#1
• Using a favorite word or phrase and breaking it up with numbers and special characters
– Happy = Hap3py1– Motorcycle = M0tor6cyc!e
Password SecurityPassword Security Possible Future Password Requirements
• Decreasing password expiration time
• Certificate authentication
• Use of Biometrics
• Two part identification, where you use a password and another physical item
Password SecurityPassword Security Passwords are like Underwear!
• Don’t leave yours lying around
• Don’t Share them with friends
• The longer the better (cold weather)
• Change yours often
• Be mysterious
E-mail SecurityE-mail Security Some common E-mail protocols
Secure E-mail protocols at the UI
E-mail SecurityE-mail Security Common E-mail protocols
• POP– Post Office Protocol
Older protocol for downloading messages from an INBOX
• IMAP– Internet Message Access Protocol
Full featured mail folder access
• SMTP– Simple Mail Transfer Protocol
Standard for sending and receiving e-mail between clients and servers, and from server to server
• MAPI– Mail Application Programming Interface
A set of communication methods and standards used predominately between Microsoft e-mail clients and servers
E-mail SecurityE-mail Security Secure protocols in place at the University of
Idaho• POPS
– Pop mail over an SSL connection
• IMAPS– IMAP over an SSL connection
• SMTP+TLS– Negotiation of a TLS/SSL connection after connecting
• All popular e-mail clients support the use of these protocols
Web SecurityWeb Security Web specific definitions
• HTTP• URL• SSL• Spyware / Adware• Web browser updates
Some common methods of Web Security
Web SecurityWeb Security HTTP (Hyper Text Transfer Protocol)
• Modern web browsers are capable of using multiple protocols to download content although most data transfers use HTTP
URL (Uniform Resource Locator)• “Web Address”• protocol://server/resource• http://www.uidaho.edu/registrar
Web SecurityWeb Security SSL (Secure Sockets Layer)
• Very important on insecure networks such as wireless
• How to verify SSL in a browser– https: -- the web address begins with https meaning
the connection is using HTTP over SSL– Look for a lock icon – Internet Explorer may display a Security Alert that
states “you are about to view pages over a secure connection”
Web SecurityWeb Security SSL (cont’d)
• Certificate Authorities– A “CA” is an entity that issues certificates
– If you “trust” a CA you will trust the certificates issued by that CA
– Web browsers come with a standard collection of common certificate authorities including Verisign, Geotrust, Thawte, and a number of others
– Be wary of untrusted certificates as it has the potential of being a man-in-the-middle attack
Web SecurityWeb Security SSL (cont’d)
Web SecurityWeb Security Spyware / Adware
• Spyware is software designed to intercept or take partial control of a computer with out the express consent of the operator
• Adware is similar to spyware except it is used primarily for advertising purposes and may have provided the user with information about its operation
• Regardless of the network level security, when browsing, spyware will have access to your data
Web SecurityWeb Security Web Browser Software Updates
• Update, Update, Update
• Security exploits can use your web browser to access your system, install software, delete data, spread viruses, and much, much more.
Peer-to-Peer File sharingPeer-to-Peer File sharing What is Peer-to-Peer File sharing
Common applications
Common issues to consider when using P2P
How to protect yourself when using P2P
Peer-to-Peer File sharingPeer-to-Peer File sharing Peer-to-Peer File sharing, or P2P, is using
software to facilitate the transfer of data between two systems without the need for a central file server
Common P2P applications are:• Kazaa• eDonkey• Morpheus• Gnutella Clients (Limewire, Bearshare)
Peer-to-Peer File sharingPeer-to-Peer File sharing Common issues with P2P file sharing
• Copyright issues
• Spyware / Adware
• Zombies– Remote control
• Key logging
• Security exploits
• Sharing unexpected information
Peer-to-Peer File sharingPeer-to-Peer File sharing How to protect yourself when using P2P
• Install Antivirus– Symantec Antivirus
• Check for operating system and software updates regularly
• Install Spyware Detection Software– Microsoft Defender Beta 2– Spybot– Adaware