introduction to security
DESCRIPTION
Introduction to Security. What’s the weakest link?. You. Social Engineering. Exploiting humans willingness to help Exploiting our two most powerful emotions, Regret and fear Kevin Mitnick Stealing the Network series The Real Hustle. social engineering. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/1.jpg)
Introduction to Security
![Page 2: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/2.jpg)
What’s the weakest link?
You
![Page 3: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/3.jpg)
Social Engineering
• Exploiting humans willingness to help• Exploiting our two most powerful
emotions, Regret and fear• Kevin Mitnick • Stealing the Network series• The Real Hustle
![Page 4: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/4.jpg)
social engineering• ten common techniques of social
engineering– impersonation
• pretend to be some from inside the company to obtain passwords
• usually coupled with research regarding IT personnel
– sympathy• usually request access to hardware: server room or
PC• usually coupled with dire consequences if unable
to complete the task
![Page 5: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/5.jpg)
social engineering• ten common techniques (cont'd)
– wooing• develop a trust relationship with the victim• to obtain a wide range of information
– intimidation• for victims who do not respond well to sympathy or
wooing• pretense: company official, government official,
inspector
![Page 6: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/6.jpg)
social engineering• ten common techniques (cont'd)
– greed• money or goods in exchange for information
– confusion• create a diversion which vacates an office• access logged-on session
![Page 7: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/7.jpg)
social engineering
• ten common techniques (cont'd)– shoulder surfing
• passive observation of typing– either by physical presence as a trusted individual– or by using some form of eavesdropping
– dumpster diving• searching garbage for useful information
– either discarded papers– or removable media
![Page 8: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/8.jpg)
social engineering• ten common techniques (cont'd)
– phishing• request for victim to visit a false web site• for purpose of updating invalid / obsolete
information– reverse social engineering
• present oneself as an expert who can fix a problem• results in a reversal of roles:
– victim asks the questions– social engineer provides the answers
» often being granted access to the computer systems
![Page 9: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/9.jpg)
5 Deadliest Viruses• Mydoom fastest spreading worm, SCO &
Microsoft offer $250,000 reward• NIMDA after Sept11, terrorist attack?• CODERED Microsoft IIS• SLAMMER Infected 75,000 in minutes• 365 byte footprint, doubles every8.5 sec• ILOVEYOU caused $5 billion in damages Ford, the Pentagon, British Parliament
![Page 10: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/10.jpg)
Top Hoaxes and Pranks• GOOD TIMES users warned that opening
email would…. and kill your dog• 48 Hours claimed hovering mouse over
email would…. And kill your dog• LIFE IS BEAUTIFUL Powerpoint• HONOR SYSTEM contained no payload
told users to delete there hard drives• LION’s DEN warning of deadly virus,
instead linked to porn site
![Page 11: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/11.jpg)
![Page 12: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/12.jpg)
![Page 13: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/13.jpg)
![Page 14: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/14.jpg)
![Page 15: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/15.jpg)
![Page 16: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/16.jpg)
![Page 17: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/17.jpg)
![Page 18: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/18.jpg)
Proactive measures
• Download Product updates• Service packs, patches, fixes etc• Application updates, Office, Browsers, etc• Virus definitions updates • Spyware definitions
![Page 19: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/19.jpg)
Passwords
• No dictionary words, names• Dogs name, address, birthdates• Use pass phrases• Encrypt important doc’s, password files• Use Truecrypt http://www.truecrypt.org/
![Page 20: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/20.jpg)
Most common passwords• password • 123456 • qwerty • abc123 • letmein • monkey • myspace1 • password1 • link182 • (your first name)
![Page 21: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/21.jpg)
Password suggestions• Application / magic phrase / date• Magic phrase / date / application • Date / Application / magic phrase
• GmailPassPhrasesStinkJan• PassPhrasesStinkGmailJun• JulGmailPassPhrasesStink• 01gmailpa$$phra$e$$tink
![Page 22: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/22.jpg)
Spyware• Malicious software to spy and datamine your
surfing habits• ??? Invasion of privacy ???• Information is collected and used to harass you
with pop-up ads, indirect web searches, browser homepage you can’t change, etc
• Spyware masks itself, seems like legitimate software (toolbars, desktop buddies)
![Page 23: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/23.jpg)
Removing Spyware
• Uninstall browser toolbars, desktop buddies, search helps from control panel
• Scan to remove from startup / reinstalling issues using windows defender http://www.microsoft.com/athome/security/spyware/software/default.mspx#
![Page 24: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/24.jpg)
Other SW Scanners • A-Squared
http://www.emsisoft.com/en/software/free/• Spybot S&D $0 h
ttp://www.safer-networking.org• Ad-Aware $0 http://www.lavasoftusa.com/• AVG Anti-Spyware $0
http://free.grisoft.com/• Spy Sweeper $30
http://www.webroot.com/
![Page 25: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/25.jpg)
Spyware continued
• HijackThis scanner• http://www.spywareinfo.com/• ccleaner
![Page 26: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/26.jpg)
Virus • Can turn your PC into remote-controlled
zombie for Denial of Service attacks• Record key strokes, passwords, banking • Wreak havoc, erase data, damage HW• Install Antivirus software AVG etc• Clamwin http://www.clamwin.com/• alt web-based scanner $0 (scanfromIE)• www.pandasecurity.com/usa
![Page 27: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/27.jpg)
WARNING
• OK to install multiple spyware scanners on same system
• DO NOT install multiple Anti VIRUS software on the same system. They will work against each other.
![Page 28: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/28.jpg)
Rootkits
• Integate into the OS’s kernel• Difficult to detect with conventional
scanners• Blacklight (free for now)
http://www.f-secure.com/blacklight• AVG’s Anti-Rootkit program
http://free.grisoft.com/doc/5390#avg-anti-rootkit-free
![Page 29: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/29.jpg)
Change your Boots
• If Op Sys is render unusable• Boot into safe mode (hit F8 before
windows splash screen)• Select Safe Mode with Networking • Loads Windows with basic drivers allowing
you to disinfect your system while offending programs are dormant
• With NW option you can update scanners
![Page 30: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/30.jpg)
Boot CD
• If you can’t get to Safe Mode• Build a BartPE CD (bootable live CD)
http://nu2.nu/pebuilder/• Installer + Windows CD + optional
pluggins• Such as Spybot S&D, ClamWin
![Page 31: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/31.jpg)
Defensive Measures
• Surf security use Firefox if using IE put sticky on forehead saying “steal from me!”
• Shield against spyware (real time monitoring) Webroots Spy Sweeeper $30 www.webroot.com
• Install Virus Scanner AVG, Avast, AntiVir, Clamwin, ClamAV• Firewall Zone alarms
![Page 32: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/32.jpg)
Change Habits
• AVOID ATTACHMENTS• Don’t Be BAITED (Phishing) Never use
links from emails to ebay, banks, CC, etc• Download responsibly P2P, BitTorrents,
Warez • Use MD5 generators, MD5summer, etc • Surf net as a restricted user
![Page 33: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/33.jpg)
Read – white papers etc
• Spyware Quiz http://www.siteadvisor.com/quizzes/spyware_0306.html
![Page 34: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/34.jpg)
Checklist for Windows
• http://www.securityfocus.com/columnists/220
![Page 35: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/35.jpg)
Resource’s • Freeware
– http://www.econsultant.com/i-want-freeware-utilities/index.html
• PC– http://www.majorgeeks.com/
• Security– http://www.sans.org/– http://www.blackhat.com/– http://www.securityfocus.com/– Open Source– http://sourceforge.net/– http://freshmeat.net/
![Page 36: Introduction to Security](https://reader035.vdocuments.site/reader035/viewer/2022062816/56813f03550346895da9861a/html5/thumbnails/36.jpg)
Credits
• Data taken from xforce report• http://www-935.ibm.com/services/us/iss/ht
ml/xforce-threat-insight.html