Upload
bruce-butler
View
214
Download
0
Embed Size (px)
Citation preview
A Basic Introduction to A Basic Introduction to Computer SecurityComputer Security
John H. Porter John H. Porter University of VirginiaUniversity of Virginia
Department of Environmental SciencesDepartment of Environmental Sciences
Achieving Absolute Computer Achieving Absolute Computer
SecuritySecurity
There is only one method that can assure There is only one method that can assure absolute security for the data and programs absolute security for the data and programs on your computeron your computer
Unplug it from the Unplug it from the power outlet!!!power outlet!!!
The Bad GuysThe Bad Guys
Trojan HorsesTrojan Horses• Software that does other things than it says Software that does other things than it says
it does – often maliciousit does – often malicious WormsWorms
• Attempt to circumvent controls on network Attempt to circumvent controls on network accessaccess
VirusesViruses• Attempt to modify programs on your Attempt to modify programs on your
computer to add malicious codecomputer to add malicious code
The Bad GuysThe Bad Guys
SniffersSniffers• Tap network lines to capture data and Tap network lines to capture data and
passwordspasswords ThievesThieves
• Stolen computersStolen computers Bad LuckBad Luck
• Floods, fire, lightning, power surgesFloods, fire, lightning, power surges
Achieving Relative SecurityAchieving Relative Security
BackupsBackups Boundary DefenseBoundary Defense Defense on the homefrontDefense on the homefront
BackupsBackups
All computers will, at some point, All computers will, at some point, experience a security breachexperience a security breach• Backups let you recover lost data Backups let you recover lost data
Off-site backups protects you Off-site backups protects you against data loss due to violations against data loss due to violations of physical securityof physical security• Try getting your data back off a stolen Try getting your data back off a stolen
or burned hard drive!or burned hard drive!
Boundary DefenseBoundary Defense
Boundary defenses focus on Boundary defenses focus on keeping malicious users or keeping malicious users or programs from having access to programs from having access to files on your computerfiles on your computer• PasswordsPasswords• Control of Internet PortsControl of Internet Ports• Restricting ways files may be stored Restricting ways files may be stored
on your computeron your computer
PasswordsPasswords
Not all passwords are created Not all passwords are created equal – some are easier to crackequal – some are easier to crack• Ones based on publically available Ones based on publically available
information about you (e.g., your information about you (e.g., your name)name)
• Passwords based on dictionary rulesPasswords based on dictionary rules• Passwords that are too short or use Passwords that are too short or use
repeating charactersrepeating characters
Strong PasswordsStrong Passwords
One easy way to create strong One easy way to create strong passwords is to take the first letter off passwords is to take the first letter off each word in a sentence and add some each word in a sentence and add some punctuationpunctuation• E.g., Iwtbot, - “It was the best of times,”E.g., Iwtbot, - “It was the best of times,”• 2b,ON2b – “To Be, or Not to be”2b,ON2b – “To Be, or Not to be”
Also, varying capitalization can helpAlso, varying capitalization can help• JHwaPDM!JHwaPDM!
Protecting PasswordsProtecting Passwords
Even the most “secure” password Even the most “secure” password is vulnerable if communication lines is vulnerable if communication lines are compromisedare compromised• E.g., “sniffers”E.g., “sniffers”
Use of encrypted connections (ssl, Use of encrypted connections (ssl, https) can eliminate or greatly https) can eliminate or greatly reduce this riskreduce this risk
Know What You are SharingKnow What You are Sharing
Your computer provides a number of Your computer provides a number of Internet PortsInternet Ports• You want to eliminate access to ports that You want to eliminate access to ports that
are not serving a legitimate purposeare not serving a legitimate purpose You can test at sites like ShieldsUp:You can test at sites like ShieldsUp:
https://grc.com/x/ne.dll?bh0bkyd2https://grc.com/x/ne.dll?bh0bkyd2Not all access is bad, but you want to Not all access is bad, but you want to
KNOW what is exposed!KNOW what is exposed!
Limit the Places that can Limit the Places that can Access your ComputerAccess your Computer
Most SQL databases support Most SQL databases support restricting access to particular restricting access to particular network domains, or even network domains, or even individual machinesindividual machines• If your web and database servers are If your web and database servers are
on the same host, you may be able to on the same host, you may be able to eliminate ALL network access to the eliminate ALL network access to the database, since all interactions are database, since all interactions are mediated by your web servermediated by your web server
Keep your Eyes Open!Keep your Eyes Open!
Just as you would not walk down a Just as you would not walk down a darkened alley without paying attention darkened alley without paying attention to your surroundings, you need to be to your surroundings, you need to be alert to strange computer behaviors that alert to strange computer behaviors that may indicate a security problemmay indicate a security problem
Check your software support pages Check your software support pages frequently for news about vulnerabilities frequently for news about vulnerabilities and fixes and fixes
Defense on the HomefrontDefense on the Homefront
Limit access of your computer to trusted Limit access of your computer to trusted individualsindividuals• Usually not too much trouble at field Usually not too much trouble at field
stationsstations• Is especially an issue for web pages that Is especially an issue for web pages that
contain DBMS login information in free textcontain DBMS login information in free text Get a good virus checker and update it Get a good virus checker and update it
frequently frequently (daily if possible, at least (daily if possible, at least weekly)weekly)
Defense on the HomefrontDefense on the Homefront
Keep updates to Windows currentKeep updates to Windows current• As security holes are detected, fixes will As security holes are detected, fixes will
become availablebecome available• Windows provides for automatic updatesWindows provides for automatic updates• Recent worms (e.g., Blaster) utilized a flaw Recent worms (e.g., Blaster) utilized a flaw
in the RPC module of Windows to infect in the RPC module of Windows to infect large numbers of otherwise protected large numbers of otherwise protected computers before a fix was availablecomputers before a fix was available
Protecting the HomefrontProtecting the Homefront
Monitor your logs to detect attempts to Monitor your logs to detect attempts to attack your systemattack your system• Window’s Events logsWindow’s Events logs• Web server logsWeb server logs
Exercise good judgment on Exercise good judgment on downloading filesdownloading files• Every file downloaded is a potential Every file downloaded is a potential
security intrusionsecurity intrusion
Security is RelativeSecurity is Relative
Security is always relative, but it is Security is always relative, but it is possible to create a reasonable level of possible to create a reasonable level of securitysecurity
The more obscure a resource is, either The more obscure a resource is, either because it uses “unusual” software or is because it uses “unusual” software or is inconspicuous on the web, the less inconspicuous on the web, the less likely someone is to try to break into itlikely someone is to try to break into it
Useful Places to LookUseful Places to Look
http://www.cert.org/http://www.cert.org/ - Computer - Computer Emergency Response TeamEmergency Response Team
http://grc.com/default.htmhttp://grc.com/default.htm - home of - home of ShieldsUp and othersShieldsUp and others
http://www.sarc.com/http://www.sarc.com/ - Symantec anti- - Symantec anti-virus sitevirus site
http://guide.vsnl.net.in/tcpip/columns/http://guide.vsnl.net.in/tcpip/columns/security_internet/index.html - a general security_internet/index.html - a general guide to Internet Security issuesguide to Internet Security issues