COMPUTER SECURITY Ashesi University College Benson Wachira Julateh Mulbah.

Slides:

Advertisements

Similar presentations

Overview of local security issues in Campus Grid environments Bruce Beckles University of Cambridge Computing Service.

Advertisements

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.

Understand Database Security Concepts

1 Web Servers / Deployment Alastair Dawes Original by Bhupinder Reehal.

1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.

Introduction The concept of “SQL Injection”

IP Address Management and Request Service Kim Huynh CS491B.

Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.

Enterprise Network Security Accessing the WAN Lecture week 4.

Internet Relay Chat Chandrea Dungy Derek Garrett #29.

Web Application Vulnerabilities Checklist. EC-Council Parameter Checklist  URL request  URL encoding  Query string  Header  Cookie  Form field 

Web-based Document Management System By Group 3 Xinyi Dong Matthew Downs Joshua Ferguson Sriram Gopinath Sayan Kole.

Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.

1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.

CSCI 6962: Server-side Design and Programming

Brad Baker CS526 May 7 th, /7/ Project goals 2. Test Environment 3. The Problem 4. Some Solutions 5. ModSecurity Overview 6. ModSecurity.

Analysis of SQL injection prevention using a proxy server By: David Rowe Supervisor: Barry Irwin.

CSCI 6962: Server-side Design and Programming Secure Web Programming.

About Dynamic Sites (Front End / Back End Implementations) by Janssen & Associates Affordable Website Solutions for Individuals and Small Businesses.

A Security Review Process for Existing Software Applications

Csci5233 Computer Security1 Bishop: Chapter 27 System Security.

Attacks Against Database By: Behnam Hossein Ami RNRN i { }

Development Strategies for Web Applications Jonathan Babbage National Superconducting Cyclotron Laboratory.

Common Cyber Defenses Tom Chothia Computer Security, Lecture 18.

The Microsoft Baseline Security Analyzer A practical look….

Joomla An Open Source Content Management System. Scope of Workshop Definition and background of Joomla Explanation of Joomla’s abilities and strengths,

SYST Web Technologies SYST Web Technologies Databases & MySQL.

Web Application Security ECE ECE Internetwork Security What is a Web Application? An application generally comprised of a collection of scripts.

1 IT420: Database Management and Organization Database Security 5 April 2006 Adina Crăiniceanu

 Chapter 14 – Security Engineering 1 Chapter 12 Dependability and Security Specification 1.

Prof Frankl, Spring 2008CS Polytechnic University 1 Overview of Web database applications with PHP.

APPLICATION PENETRATION TESTING Author: Herbert H. Thompson Presentation by: Nancy Cohen.

PHP and mySQL 2/9/2007. What is PHP?  From php.net “PHP is a widely-used general- purpose scripting language that is especially suited for Web development.

Module 6: Designing Security for Network Hosts

File System Security Robert “Bobby” Roy And Chris “Sparky” Arnold.

Small Business Security Keith Slagle April 24, 2007.

Securing Your Enterprise with Enterprise Manager 10g Amir Najmi Principal Member of Technical Staff System Management Products Oracle Corporation Session.

Lesson 19-E-Commerce Security Needs. Overview Understand e-commerce services. Understand the importance of availability. Implement client-side security.

May06-11: ISEAGE Attack Tool Repository and Player Jeremy Brotherton, Timothy Hilby, Brett Mastbergen, Jasen Stoeker.

Database Security Cmpe 226 Fall 2015 By Akanksha Jain Jerry Mengyuan Zheng.

Computer Security By Duncan Hall.

MySQL MySQL and PHP – interacting with a database.

Web Security. Introduction Webserver hacking refers to attackers taking advantage of vulnerabilities inherent to the web server software itself These.

Databases Kevin Wright Ben Bruckner Group 40. Outline Background Vulnerabilities Log File Cleaning This Lab.

Introduction to AFS IMSA Intersession 2003 An Overview of AFS Brian Sebby, IMSA ’96 Copyright 2003 by Brian Sebby, Copies of these slides.

LINUX Presented By Parvathy Subramanian. April 23, 2008LINUX, By Parvathy Subramanian2 Agenda ► Introduction ► Standard design for security systems ►

MySQL Security on the Web By Nicholas Frees. Why MySQL? It’s free It’s free Open source Open source Highly configurable Highly configurable High volume.

Aaron Corso COSC Spring What is LAMP?  A ‘solution stack’, or package of an OS and software consisting of:  Linux  Apache  MySQL  PHP.

Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.

Zero Day Attacks Jason Kephart. Purpose The purpose of this presentation is to describe Zero-Day attacks, stress the danger they pose for computer security.

CACI Proprietary Information | Date 1 PD² v4.2 Increment 2 SR13 and FPDS Engine v3.5 Database Upgrade Name: Semarria Rosemond Title: Systems Analyst, Lead.

Slide Set #24: Database security SY306 Web and Databases for Cyber Operations.

APACHE INSTALL AWS Linux (Amazon Web Services EC2)

Common System Exploits Tom Chothia Computer Security, Lecture 17.

Microsoft OS Vulnerabilities April 1, 2010 MIS 4600 – MBA © Abdou Illia.

Token Kidnapping's Revenge Cesar Cerrudo Argeniss.

Nessus Vulnerability Scan

Group 18: Chris Hood Brett Poche

WEB APPLICATION TESTING

Secure Software Confidentiality Integrity Data Security Authentication

Unix System Administration

A Security Review Process for Existing Software Applications

By Janet Crawford and Dam Luong Submitted to the Faculty of

Security mechanisms and vulnerabilities in .NET

Web Applications Security INTRO

Chapter 27: System Security

Chapter 13 Security Methods Part 3.

Web Hacking: Beginners

Presentation transcript:

COMPUTER SECURITY Ashesi University College Benson Wachira Julateh Mulbah

What is Computer Security? Computer security can be addressed in the following ways: A. Security requirement:is defined based on your speciality as an organization or an individual this means security requirement differ from system to system. B. Security policy:has to do with specific statement of what is and not allowed in a particular system environment.

Literature Review What are possible vulnerabilities in computer security? Vulnerabilities is weakness in a system that can leveraged or exploited by attackers. Unaccountable vulnerabilities in computer security making it difficult have a completely secured computer system.

How to make computers secure ? Measures to ensure that computers are secured: Creating awareness to in order to have a security conscious society. Using automated system to combat any attacks on the system.

Ashesi Meal Plan System ❖ Ip ❖ Apache web server ❖ PHP version ❖ Database- MySQL- ❖ Does not Accept ping ❖ Illuminate class prevents download of source files

Library & Lab Computers ❖ Running Windows 10 Operating System ❖ CMD protected without administrator privileged ❖ Can execute by running commands on a bash file ❖ Require administrator password to run some commands ❖ Lack of recent updates

WiFi & Password Policy ❖ Weak Wi-Fi Password remain the same for the past four years. ❖ Lack of password on release station Id ❖ Insecure passwords ❖ Unmanned work stations

Conclusion & Recommendation ❏ Error handling ❏ Hide source code ❏ Employee login and transaction code ❏ Login when checking balance ❏ Change passwords after a period of time ❏ Change WiFi password once in a semester

Continuation ❏ Keep OS updates ❏ Password strength policy ❏ Change passwords regularly  Unmanned work station ❏ Prevent login from multiple computers ❏ Educate Ashesi Community on computer security