SlideShare ist ein Scribd-Unternehmen logo

Internet Issues (How to Deal on Internet Security)

Als PPTX, PDF herunterladen
Hannah Jane del Castillo
Hannah Jane del Castillo

Our Performance Task in Computer III (First Quarter) Hope it helps :) and we hope you likeeee it ;)

Technologie
1 von 19
And how to deal on Internet Security Internet Issues 1
A Brief History of the World 2
Internet Issues Identity Issues Internet Conduct Security Issues Legal Issues Social Issues Privacy Issues ✓ 6 5 4 3 2 1
• What is security? • Why do we need security? • Who is at risk? • Common security attacks and countermeasures – Firewalls & Intrusion Detection Systems – Packet Sniffing – Social Problems Overview 4
• Dictionary.com says: – 1. Freedom from risk or danger; safety. – 2. Freedom from doubt, anxiety, or fear; confidence. – 3. Something that gives or assures safety, as: • 1. A group or department of private guards: Call building security if a visitor acts suspicious. • 2. Measures adopted by a government to prevent espionage, sabotage, or attack. • 3. Measures adopted, as by a business or homeowner, to prevent a crime such as burglary or assault: Security was lax at the firm's smaller plant. …etc. What is ?SECURITY 5
• Protect vital information while still allowing access to those who need it –Trade secrets, medical records, etc. • Provide authentication and access control for resources • Guarantee availability of resources Why do we need ?SECURITY 6
• Financial institutions and banks • Internet service providers • Pharmaceutical companies • Government and defense agencies • Contractors to various government agencies • Multinational corporations • ANYONE ON THE NETWORK Who is at risk? 7
Common Security Attacks and Their Countermeasures Templates 1 2 3 Finding a way into the network Packet Sniffing Firewall Social problems Education Encryption (SSH, SSL, HTTPS)
• Basic problem – many network applications and protocols have security problems that are fixed over time – Difficult for users to keep up with changes and keep host secure – Solution • Administrators limit access to end hosts by using a firewall • Firewall is kept up-to-date by administrators Firewalls 9
• A firewall is like a castle with a drawbridge • Can be hardware or software Firewalls 10
Internet DMZInternet Firewall Firewall Web server, email server, web proxy, etc Firewalls 11
• What does a firewall rule look like? • Other examples: Win XP & Mac OS X have built in and third party firewalls – Different graphical user interfaces – Varying amounts of complexity and power Firewalls 12
• What kinds of data can we get? • Asked another way, what kind of information would be most useful to a malicious user? • Answer: Anything in plain text Packet Sniffing 13
How can we protect ourselves? Packet Sniffing 14
• We can run a dictionary attack on the passwords – The passwords in /etc./password are encrypted with the crypt function (one-way hash) – Can take a dictionary of words, crypt them all, and compare with the hashed passwords • This is why your passwords should be meaningless random junk! Dictionary Attack 15
• People can be just as dangerous as unprotected computer systems. • People can be lied to, manipulated, bribed, threatened, harmed, to rtured, etc. to give up valuable information. • Most humans will breakdown once they are at the “harmed” stage, unless they have been specially trained. Social Problems 16
• There aren’t always solutions to all of these problems. • Humans will continue to be tricked into giving out information they shouldn’t. • Educating them may help a little here, but, depending on how bad you want the information, there are a lot of bad things you can do to get it. • So, the best that can be done is to implement a wide variety of solutions and more closely monitor who has access to what network resources and information • But, this solution is still not perfect. 17 Social Problems
• The Internet works only because we indirectly trust one another • It is very easy to exploit this trust • The same holds true for software • It is important to stay on top of the latest CERT security advisories to know how to patch any security holes Conclusions 18
THANK YOU!

Empfohlen

Cyber security awareness
Cyber security awarenessCyber security awareness
Cyber security awareness
Jason Murray
 
Ethical hacking & Information Security
Ethical hacking & Information SecurityEthical hacking & Information Security
Ethical hacking & Information Security
Ajay Dhamija
 
Internet Security
Internet SecurityInternet Security
Internet Security
Mitesh Gupta
 
Internet security powerpoint
Internet security powerpointInternet security powerpoint
Internet security powerpoint
Arifa Ali
 
Internet Security
Internet SecurityInternet Security
Internet Security
mjelson
 
New internet security
New internet securityNew internet security
New internet security
university of mumbai
 
Internet security
Internet securityInternet security
Internet security
Pokanati SatyaPraveen
 
Internet Security
Internet SecurityInternet Security
Internet Security
Peter R. Egli
 

Empfohlen

Cyber security awareness
Cyber security awarenessCyber security awareness
Cyber security awareness
Jason Murray
 
Ethical hacking & Information Security
Ethical hacking & Information SecurityEthical hacking & Information Security
Ethical hacking & Information Security
Ajay Dhamija
 
Internet Security
Internet SecurityInternet Security
Internet Security
Mitesh Gupta
 
Internet security powerpoint
Internet security powerpointInternet security powerpoint
Internet security powerpoint
Arifa Ali
 
Internet Security
Internet SecurityInternet Security
Internet Security
mjelson
 
New internet security
New internet securityNew internet security
New internet security
university of mumbai
 
Internet security
Internet securityInternet security
Internet security
Pokanati SatyaPraveen
 
Internet Security
Internet SecurityInternet Security
Internet Security
Peter R. Egli
 
NewIinternet security
NewIinternet securityNewIinternet security
NewIinternet security
university of mumbai
 
Ethical hacking and cyber security intro
Ethical hacking and cyber security introEthical hacking and cyber security intro
Ethical hacking and cyber security intro
Abhilash Ak
 
It
ItIt
It
Volkswagen Thane
 
Tutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the WebTutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the Web
dpd
 
Computer Security 101
Computer Security 101Computer Security 101
Computer Security 101
Progressive Integrations
 
Cyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-ProCyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-Pro
Ronald Soh
 
Computer & internet Security
Computer & internet SecurityComputer & internet Security
Computer & internet Security
Gerard Lamusse
 
Cyber security # Lec 1
Cyber security # Lec 1Cyber security # Lec 1
Cyber security # Lec 1
Kabul Education University
 
Cyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat LandscapeCyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat Landscape
Aaron White
 
Computer security
Computer securityComputer security
Computer security
Univ of Salamanca
 
Cyber Attack Analysis
Cyber Attack AnalysisCyber Attack Analysis
Cyber Attack Analysis
codefortomorrow
 
Computer security and privacy
Computer security and privacyComputer security and privacy
Computer security and privacy
eiramespi07
 
Ethical hacking
Ethical hacking Ethical hacking
Ethical hacking
Institute of Information Security (IIS)
 
Cyber Security Awareness (Reduce Personal & Business Risk)
Cyber Security Awareness (Reduce Personal & Business Risk)Cyber Security Awareness (Reduce Personal & Business Risk)
Cyber Security Awareness (Reduce Personal & Business Risk)
Gian Gentile
 
Internet Security
Internet SecurityInternet Security
Internet Security
Chris Rodgers
 
It security &_ethical_hacking
It security &_ethical_hackingIt security &_ethical_hacking
It security &_ethical_hacking
satish kumar
 
Network Security
Network SecurityNetwork Security
Network Security
Manoj Singh
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Keith Brooks
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentation
Georgekutty Francis
 
Cyber security mis
Cyber security misCyber security mis
Cyber security mis
Aditya Singh Rana
 
Internet issues
Internet issuesInternet issues
Internet issues
CJ900
 
Information Security
Information SecurityInformation Security
Information Security
Dr. Himanshu Gupta
 

Weitere ähnliche Inhalte

Was ist angesagt?

Tutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the WebTutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the Web
dpd
 
Cyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat LandscapeCyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat Landscape
Aaron White
 

Was ist angesagt? (20)

NewIinternet security
NewIinternet securityNewIinternet security
NewIinternet security
 
Ethical hacking and cyber security intro
Ethical hacking and cyber security introEthical hacking and cyber security intro
Ethical hacking and cyber security intro
 
It
ItIt
It
 
Tutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the WebTutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the Web
 
Computer Security 101
Computer Security 101Computer Security 101
Computer Security 101
 
Cyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-ProCyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-Pro
 
Computer & internet Security
Computer & internet SecurityComputer & internet Security
Computer & internet Security
 
Cyber security # Lec 1
Cyber security # Lec 1Cyber security # Lec 1
Cyber security # Lec 1
 
Cyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat LandscapeCyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat Landscape
 
Computer security
Computer securityComputer security
Computer security
 
Cyber Attack Analysis
Cyber Attack AnalysisCyber Attack Analysis
Cyber Attack Analysis
 
Computer security and privacy
Computer security and privacyComputer security and privacy
Computer security and privacy
 
Ethical hacking
Ethical hacking Ethical hacking
Ethical hacking
 
Cyber Security Awareness (Reduce Personal & Business Risk)
Cyber Security Awareness (Reduce Personal & Business Risk)Cyber Security Awareness (Reduce Personal & Business Risk)
Cyber Security Awareness (Reduce Personal & Business Risk)
 
Internet Security
Internet SecurityInternet Security
Internet Security
 
It security &_ethical_hacking
It security &_ethical_hackingIt security &_ethical_hacking
It security &_ethical_hacking
 
Network Security
Network SecurityNetwork Security
Network Security
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentation
 
Cyber security mis
Cyber security misCyber security mis
Cyber security mis
 

Andere mochten auch

Internet issues
Internet issuesInternet issues
Internet issues
CJ900
 
Waiting line
Waiting lineWaiting line
Waiting line
E P John
 

Andere mochten auch (11)

Internet issues
Internet issuesInternet issues
Internet issues
 
Information Security
Information SecurityInformation Security
Information Security
 
Wireless Device and Network level security
Wireless Device and Network level securityWireless Device and Network level security
Wireless Device and Network level security
 
network security, cryptography,steganography
network security, cryptography,steganographynetwork security, cryptography,steganography
network security, cryptography,steganography
 
Waiting line
Waiting lineWaiting line
Waiting line
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
 
Network security ppt
Network security pptNetwork security ppt
Network security ppt
 
Social Problems
Social ProblemsSocial Problems
Social Problems
 
Network security
Network securityNetwork security
Network security
 
Research problem
Research problemResearch problem
Research problem
 
Network Security and Cryptography
Network Security and CryptographyNetwork Security and Cryptography
Network Security and Cryptography
 

Ähnlich wie Internet Issues (How to Deal on Internet Security)

Ns lecture5: Introduction to Computer, Information, and Network Security.
Ns lecture5: Introduction to Computer, Information, and Network Security.Ns lecture5: Introduction to Computer, Information, and Network Security.
Ns lecture5: Introduction to Computer, Information, and Network Security.
Aksum Institute of Technology(AIT, @Letsgo)
 
itsecurityawareness-v1-230413174238-5e7cba3c.pdf
itsecurityawareness-v1-230413174238-5e7cba3c.pdfitsecurityawareness-v1-230413174238-5e7cba3c.pdf
itsecurityawareness-v1-230413174238-5e7cba3c.pdf
MansoorAhmed57263
 
DRC -- Cybersecurity concepts2015
DRC -- Cybersecurity concepts2015DRC -- Cybersecurity concepts2015
DRC -- Cybersecurity concepts2015
T. J. Saotome
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness Training
Randy Bowman
 
Webinar - Keep Your Connected Nonprofit or Library Secure - 2015-10-01
Webinar - Keep Your Connected Nonprofit or Library Secure - 2015-10-01Webinar - Keep Your Connected Nonprofit or Library Secure - 2015-10-01
Webinar - Keep Your Connected Nonprofit or Library Secure - 2015-10-01
TechSoup
 
MIS part 4_CH 11.ppt
MIS part 4_CH 11.pptMIS part 4_CH 11.ppt
MIS part 4_CH 11.ppt
EndAlk15
 

Ähnlich wie Internet Issues (How to Deal on Internet Security) (20)

Ns lecture5: Introduction to Computer, Information, and Network Security.
Ns lecture5: Introduction to Computer, Information, and Network Security.Ns lecture5: Introduction to Computer, Information, and Network Security.
Ns lecture5: Introduction to Computer, Information, and Network Security.
 
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
 
Afghanistan IGF 2023: The ABCs and importance of cybersecurity
Afghanistan IGF 2023: The ABCs and importance of cybersecurityAfghanistan IGF 2023: The ABCs and importance of cybersecurity
Afghanistan IGF 2023: The ABCs and importance of cybersecurity
 
itsecurityawareness-v1-230413174238-5e7cba3c.pdf
itsecurityawareness-v1-230413174238-5e7cba3c.pdfitsecurityawareness-v1-230413174238-5e7cba3c.pdf
itsecurityawareness-v1-230413174238-5e7cba3c.pdf
 
IT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptIT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.ppt
 
DRC -- Cybersecurity concepts2015
DRC -- Cybersecurity concepts2015DRC -- Cybersecurity concepts2015
DRC -- Cybersecurity concepts2015
 
Insider threat v3
Insider threat v3Insider threat v3
Insider threat v3
 
ch07-Security.pptx
ch07-Security.pptxch07-Security.pptx
ch07-Security.pptx
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness Training
 
Staying safe on the internet
Staying safe on the internetStaying safe on the internet
Staying safe on the internet
 
lec security
lec securitylec security
lec security
 
Computer Security
Computer SecurityComputer Security
Computer Security
 
What is Information Security and why you should care ...
What is Information Security and why you should care ...What is Information Security and why you should care ...
What is Information Security and why you should care ...
 
Webinar - Keep Your Connected Nonprofit or Library Secure - 2015-10-01
Webinar - Keep Your Connected Nonprofit or Library Secure - 2015-10-01Webinar - Keep Your Connected Nonprofit or Library Secure - 2015-10-01
Webinar - Keep Your Connected Nonprofit or Library Secure - 2015-10-01
 
PBL Encryption project.pptx
PBL Encryption project.pptxPBL Encryption project.pptx
PBL Encryption project.pptx
 
Introduction to cyber security amos
Introduction to cyber security amosIntroduction to cyber security amos
Introduction to cyber security amos
 
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
 
Introduction to Cybersecurity - Secondary School_0.pptx
Introduction to Cybersecurity - Secondary School_0.pptxIntroduction to Cybersecurity - Secondary School_0.pptx
Introduction to Cybersecurity - Secondary School_0.pptx
 
The EU Data Protection Regulation and what it means for your organization
The EU Data Protection Regulation and what it means for your organizationThe EU Data Protection Regulation and what it means for your organization
The EU Data Protection Regulation and what it means for your organization
 
MIS part 4_CH 11.ppt
MIS part 4_CH 11.pptMIS part 4_CH 11.ppt
MIS part 4_CH 11.ppt
 

Kürzlich hochgeladen

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 

Kürzlich hochgeladen (20)

How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 

Internet Issues (How to Deal on Internet Security)

  • 1. And how to deal on Internet Security Internet Issues 1
  • 2. A Brief History of the World 2
  • 3. Internet Issues Identity Issues Internet Conduct Security Issues Legal Issues Social Issues Privacy Issues ✓ 6 5 4 3 2 1
  • 4. • What is security? • Why do we need security? • Who is at risk? • Common security attacks and countermeasures – Firewalls & Intrusion Detection Systems – Packet Sniffing – Social Problems Overview 4
  • 5. • Dictionary.com says: – 1. Freedom from risk or danger; safety. – 2. Freedom from doubt, anxiety, or fear; confidence. – 3. Something that gives or assures safety, as: • 1. A group or department of private guards: Call building security if a visitor acts suspicious. • 2. Measures adopted by a government to prevent espionage, sabotage, or attack. • 3. Measures adopted, as by a business or homeowner, to prevent a crime such as burglary or assault: Security was lax at the firm's smaller plant. …etc. What is ?SECURITY 5
  • 6. • Protect vital information while still allowing access to those who need it –Trade secrets, medical records, etc. • Provide authentication and access control for resources • Guarantee availability of resources Why do we need ?SECURITY 6
  • 7. • Financial institutions and banks • Internet service providers • Pharmaceutical companies • Government and defense agencies • Contractors to various government agencies • Multinational corporations • ANYONE ON THE NETWORK Who is at risk? 7
  • 8. Common Security Attacks and Their Countermeasures Templates 1 2 3 Finding a way into the network Packet Sniffing Firewall Social problems Education Encryption (SSH, SSL, HTTPS)
  • 9. • Basic problem – many network applications and protocols have security problems that are fixed over time – Difficult for users to keep up with changes and keep host secure – Solution • Administrators limit access to end hosts by using a firewall • Firewall is kept up-to-date by administrators Firewalls 9
  • 10. • A firewall is like a castle with a drawbridge • Can be hardware or software Firewalls 10
  • 12. • What does a firewall rule look like? • Other examples: Win XP & Mac OS X have built in and third party firewalls – Different graphical user interfaces – Varying amounts of complexity and power Firewalls 12
  • 13. • What kinds of data can we get? • Asked another way, what kind of information would be most useful to a malicious user? • Answer: Anything in plain text Packet Sniffing 13
  • 14. How can we protect ourselves? Packet Sniffing 14
  • 15. • We can run a dictionary attack on the passwords – The passwords in /etc./password are encrypted with the crypt function (one-way hash) – Can take a dictionary of words, crypt them all, and compare with the hashed passwords • This is why your passwords should be meaningless random junk! Dictionary Attack 15
  • 16. • People can be just as dangerous as unprotected computer systems. • People can be lied to, manipulated, bribed, threatened, harmed, to rtured, etc. to give up valuable information. • Most humans will breakdown once they are at the “harmed” stage, unless they have been specially trained. Social Problems 16
  • 17. • There aren’t always solutions to all of these problems. • Humans will continue to be tricked into giving out information they shouldn’t. • Educating them may help a little here, but, depending on how bad you want the information, there are a lot of bad things you can do to get it. • So, the best that can be done is to implement a wide variety of solutions and more closely monitor who has access to what network resources and information • But, this solution is still not perfect. 17 Social Problems
  • 18. • The Internet works only because we indirectly trust one another • It is very easy to exploit this trust • The same holds true for software • It is important to stay on top of the latest CERT security advisories to know how to patch any security holes Conclusions 18