Vous êtes sur la page 1sur 15

Introduction to Computer Security

Security Terminology, Password Guidelines, E-mail and Web Security

Common Security Terminology Password Security E-mail Security Web Security Peer-to-Peer Filesharing

Password Cracking
Password Cracker
An application that tries to obtain a password by repeatedly generating and comparing encrypted passwords or by authenticating multiple times to an authentication source.

Common Methods of Password Cracking

Brute Force = attempts all possible character combinations Dictionary = attempts pre-determined character combinations

Password Cracking (contd)
Passwords are usually stored in an encrypted form with a one way encryption algorithm
If this data is compromised, password cracking can be moved to a standalone system for easier control and speed of cracking

Science and technology of measuring and statistically analyzing biological data. When used in Information Technology it usually refers to the use of human traits for authentication This can include fingerprints, eye retinas and irises, voice patterns and a host of other consistent biological data

Public Key Cryptography
Two keys, a.k.a. certificates, are available for each resource, one public and one private As the names imply, the public key can be shared freely while the private key is kept secret Items encrypted using the public key are decrypted with the private key and conversely anything encrypted with the private key can be decrypted with the public key

Public Key Cryptography (contd)
This method of encryption is used to ensure secure communication is only between a valid, known, sender and recipient

Secure Sockets Layer Uses Public Key Cryptography Negotiates a method to encrypt communication between a client and server Allows other network protocols to connect over top of it, such as web browsing and e-mail protocols Transport Layer Security (TLS) is a variant of SSL used to negotiate encryption within the network protocol being used

Man-in-the-Middle Attack
A system between two hosts that either passively watches traffic to gain information used to replay a session or actively interferes with the connection, potentially imitating the remote system

Computer systems infected by a virus or trojan horse that allows the system to be remotely controlled for future exploits These systems may be used to send large amounts of spam email or take part in Distributed Denial of Service (DDoS) attacks

Denial of Service Attack
Sending large amounts of data and requests to a remote system in order to inundate the remote computer or network A Distributed DoS is a a coordinated effort by a number of systems to perform a DoS on a single host

Key Logging Software
Software installed on a system to capture and log all keystrokes

Security Exploit
A software bug, or feature, that allows access to a computer system beyond what was originally intended by the operator

Network device or software used to filter traffic to and from the connected resources Ranges from simple filters, blocking certain services and protocols, to more complex systems that plot traffic patterns Local operating system firewalls are referred to as personal firewall software


Where to find technology definitions
www.webopedia.com www.whatis.com www.techweb.com www.computeruser.com www.google.com

Password Security
According to CERT/CC (Computer Emergency Response Team / Coordination Center) approximately 80% of all network security issues are caused by bad passwords. Computer to Computer authentication can use large keysets and complex encryption while Human to Computer authentication relies on much easier methods

Password Security
How to deal with password limitations
Decreases chances of cracking passwords

Complexity Requirements
Decreases ability of automated attacks by increasing possible character combinations

Length Requirements
The longer the password the more possible character combinations

Password Security
How to deal with password limitations
Password Lockouts
If a certain number of login attempts fails within a given timeframe the account is locked for a preset time period Stops brute force authentication attempts

Dictionary Checks
Simple checks against common dictionaries are used to increase password complexity

Password Security
Are password rules too complex?
Computer hardware speed and price are always dropping Post-it Notes
Is your computer in a locked room? Who has physical access to your system? A majority of system attacks originate through the network.

Password Security
Suggestions for Complex Passwords
Think of a phrase and use the first characters of each word, mix case and use numbers and special characters
It is good to change your password every 6 months = Iig2cyPe6m UI Vandals are number one = UiVdlsR#1

Password Security
Future Password Requirements
Decreasing password expiration times Certificate authentication Biometrics Two part identification, password and physical item

Password Security
Passwords are like Underwear!
Dont leave yours lying around Dont share them with friends The longer the better (warmer?) Change yours often Be mysterious

Password Security

E-mail Security
E-mail Security
Common E-mail Protocols
POP Post Office Protocol
Older protocol for downloading messages from an INBOX

IMAP Internet Message Access Protocol

Full featured mail folder access

SMTP Simple Mail Transfer Protocol

Standard for sending and receiving e-mail between clients and servers and from server to server

MAPI Mail Application Programming Interface

A set of communication methods and standards used predominately for communication between Microsoft e-mail clients and servers

E-mail Security
Secure e-mail protocols at the University
POPS POP over an SSL connection IMAPS IMAP over an SSL connection SMTP+TLS Negotiation of a TLS/SSL connection after connecting

All popular e-mail clients allow the use of these protocols

E-mail Security
Digital Signatures and Encryption
Uses Public Key Cryptography Allows secure signing of messages as well as complete encryption

E-mail Security
Digital Signatures
Creates a checksum of an email message and then encrypts the message information using the senders private key. The message is then sent, without encryption, along with the digital signature usually containing the senders public key. The recipient can decode the message information using the public key and confirm the message was not altered in transit

E-mail Security
Digital Encryption
Requires the sender to have the public key of the message recipient A message is encrypted completely by the sender using the recipients public key The recipient receives the message and uses their private key to decrypt the message

E-mail Security

E-mail Security
What does this look like in e-mail clients?
Outlook uses S/MIME natively for encrypting and decrypting messages. A signed message has an icon that looks like a red ribbon. An encrypted message has a lock icon. Thunderbird also uses S/MIME and will display a key for an encrypted message and a pen for a signed message. Many other e-mail clients use similar methods to denote these types of messages. You can usually click on the icons to display additional information about the encoding


Web Security
HyperText Transfer Protocol (HTTP)
Modern web browsers are capable of using multiple protocols to download content although most data transfers use HTTP

Uniform Resource Locator (URL)

web address protocol://server/resource http://www.uidaho.edu/registration/

Web Security
Very important on insecure networks such as wireless How to verify SSL in a Browser
https the web address begins with https meaning the connection is using HTTP over SSL Look for a Lock Icon Internet Explorer may display a Security Alert that you are about to view pages over a secure connection

Web Security
SSL (contd)
Certificate Authorities
A CA is an entity that issues certificates If you trust a CA you will trust the certificates issued by that CA Web browsers come with a standard collection of common certificate authorities including Verisign, Geotrust, Thawte and a number of others Be wary of untrusted certificates as it has the potential of being a man-in-the-middle attack


Web Security
SSL (contd)

Web Security
Spyware is software designed to intercept or take partial control of a computer without the express consent of the operator Adware is similar to spyware except it is used primarily for advertising purposes and may have provided the user with information about its operation Regardless of the network level security, when browsing, spyware will have access to your data

Web Security
Web Browser Software Updates
Update, update, update! Security exploits can use your web browser to access your system, install software, delete data, spread viruses


Peer-to-Peer Filesharing
Peer-to-Peer Filesharing, or P2P, is using software to facilitate the transfer of data between two systems without the need for a central file server Common P2P apps are:
Kazaa eDonkey Morpheus Gnutella Clients (Limewire, Bearshare)

Peer-to-Peer Filesharing
Issues to consider with P2P filesharing
Copyright issues Spyware/Adware Zombies
Remote Control

Key logging Security exploits Sharing unexpected information

Peer-to-Peer Filesharing
Install AntiVirus Software
Symantec Antivirus

Check for operating system and software updates regularly Install Spyware Detection Software
Microsoft Anti-Spyware Beta Spybot Adaware


Presentation Schedule
Tuesday November 29th 2005 Commons Crest 1:00pm Introduction to Computer Security

2:00pm 3:00pm

Securing Windows XP Desktop Systems Free Tools for Investigating PC Hacks


Wireless Network Security

Presentation Schedule
Wednesday November 30th 2005 Commons Horizon 9:00am 10:00am 1:00pm 2:00pm 3:00pm 4:00pm Update, Update, Update: Patching Windows and Office Tools for Finding and Removing Rootkits SEL Cybersecurity Solutions for the Electric Power System Using Helix for Recovering from PC Hacks ISP Liability for Copyright Violations by Their Customers Phishing, Dont Get Reeled In


Presentation Schedule
Thursday December 1st 2005 Commons Horizon 9:00am Got Backup?


Viruses, Worms and Trojans Oh My!