1 Computer and Internet Security JCCAA Presentation 03/14/2009 Yu-Min (Phillip) Hsieh Sr. System Administrator Information Technology Rice University.

Slides:



Advertisements
Similar presentations
Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Advertisements

Wichita Public Library Rex Cornelius Electronic Resources Webliography online at:
Thank you to IT Training at Indiana University Computer Malware.
By Hiranmayi Pai Neeraj Jain
CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.
Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.
AVG 8.5 Product Line Welcome to a safe world …. | Page 2 Contents  Components Overview  Product Line Overview  AVG 8.0 Boxes.
Computer Viruses.
What are Trojan horses?  A Trojan horse is full of as much trickery as the mythological Trojan horse it was named after. The Trojan horse, at first glance.
Spyware! THE BAD, THE WORSE, AND THE Ugly … ARE ALL INDICATIONS THAT SPYWARE MAY BE TAKING OVER YOUR COMPUTER!
Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.
How You Can Protect Yourself from Cyber-Attacks Ian G. Harris Department of Computer Science University of California Irvine Irvine, CA USA
MOBILE MALWARE TOPIC #5 – INFORMATION ASSURANCE AND SECURITY Michael Fine 1.
Internet Safety for Students Malicious Programs By: Mr. Bradshaw Scott City R-1 Schools.
 Lesson 05: Computer Maintenance. Keep Software Up-To-Date Patches Security Holes Improves Software Stability Improves Software Performance Adds.
Chapter Nine Maintaining a Computer Part III: Malware.
Threats to I.T Internet security By Cameron Mundy.
Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.
Security for Seniors SeniorNet Help Desk
Adware, Spyware, and Malware Anand Dedhia Bharath Raj ECE 4112 Project 28 April 2005.
Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.
Outline  Infections  1) r57 shell  2) rogue software  What Can We Do?  1) Seccheck  2) Virus total  3) Sandbox  Prevention  1) Personal Software.
Unit 2 - Hardware Computer Security.
Unit 19 INTERNET SECURITY
Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.
Spyware Sue Scott Technology Librarian. What is Spyware Malware – (Malicious Software) A general term to encompass unwanted software on a personal computer.
Networking Security Chapter 8 powered by dj. Chapter Objectives  Explain various security threats  Monitor security in Windows Vista  Explain basic.
IT Security for Users By Matthew Moody.
Windows Vista Security Center Chapter 5(WV): Protecting Your Computer 9/17/20151Instructor: Shilpa Phanse.
Business Computing 550 Lesson 6. 2 Security Threats on Web Sites Issues and vulnerabilities 1.Illegal Access and Use (Hacking the system or users exposing.
IT security By Tilly Gerlack.
Spyware and Viruses Group 6 Magen Price, Candice Fitzgerald, & Brittnee Breze.
Administrator Protect against Malware by: Brittany Slisher and Gary Asciutto.
3-Protecting Systems Dr. John P. Abraham Professor UTPA.
A computer virus is a computer program that can replicate itself and spread from one computer to another. The term "virus" is also commonly, but erroneously.
Network problems Last week, we talked about 3 disadvantages of networks. What are they?
Return to the PC Security web page Lesson 5: Dealing with Malware.
Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.
Avoiding viruses and malware A quick guide. What is malware?  A virus and malware are the same thing  Spyware  Worm  Trojan  Virus.
Malware Spyware & Viruses Overview  What does it look like?  What is it?  How can you prevent it?  What can you do about it when you get it?
FIREWALL. The member in group 1. Bhummikorn M.2/5 No.5 2.Borwornrat Khrongsiriwat M.2/5 No.6 3. Panaphon sangobsakun M.2/5 No.20 4.Kalint Muangsornkeaw.
Malicious Software.
Module  Introduction Introduction  Techniques and tools used to commit computer crimes Techniques and tools used to commit computer crimes.
Computer Skills and Applications Computer Security.
IT Computer Security JEOPARDY RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands.
By : Rishika,Autumn and Melissa Computer and other malware tch?y=c34QwtY40g.
Internet safety By Suman Nazir
Business Technology Applications What is Malware.
Understand Malware LESSON Security Fundamentals.
Bahasa Inggris 3 Arranged by Pikir Wisnu Wijayanto, M.Hum Aris Hermansyah, S.S. Prodi D3 Manajemen Informatika Fakultas Ilmu Terapan Universitas Telkom.
Types of Malware © 2014 Project Lead The Way, Inc.Computer Science and Software Engineering.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
By Alex Mayak.  What is spyware?  History of spyware.  What effect does spyware have on your computer?  What spreads spyware?
DEVICE MANAGEMENT AND SECURITY NTM 1700/1702. LEARNING OUTCOMES 1. Students will manipulate multiple platforms and troubleshoot problems when they arise.
 Mal icious soft ware  Programs that violate one (or more) of the IA pillars  Does not (generally) refer to unintentional program bugs that violate.
Viruses A computer program that can replicate itself and is spread from one computer to another Can be spread by networks, the internet, or removable mediums.
Antivirus Software Technology By Mitchell Zell. Intro  Computers are vulnerable to attack  Most common type of attack is Malware  Short for malicious.
Computer Security Keeping you and your computer safe in the digital world.
For more information on Rouge, visit:
How to remove Ransomware on windows 10 ?
Chapter 40 Internet Security.
Managing Windows Security
MALWARE Autumn Mattis.
Cyber Security By: Pratik Gandhi.
How to Get Rid of Online Threats Impacting your Computer Device?
Scams, Identity Theft, and Viruses Kelly & Caitlin
Risk of the Internet At Home
HOW DO I KEEP MY COMPUTER SAFE?
Test 3 review FTP & Cybersecurity
Presentation transcript:

1 Computer and Internet Security JCCAA Presentation 03/14/2009 Yu-Min (Phillip) Hsieh Sr. System Administrator Information Technology Rice University

2 Computer and Internet Security JCCAA Presentation 03/14/2009 Malwares – malicious software Why do people write malwares? Financial gains, Political reasons, Personal reasons What are the other names? Trojan, Virus, Worm, Spyware, Adware, Rogue AVA What do they do? Send spam mails; steal identity, financial information and trade secrets; attack other Internet websites

3 Computer and Internet Security JCCAA Presentation 03/14/2009 Malwares – other names? Trojan Virus Worm Spyware Adware Rogue Antivirus Applications …

4 Computer and Internet Security JCCAA Presentation 03/14/2009 How does a machine get infected? Application Vulnerabilities When an application is listening on the network and it is not written securely – a remote, unauthenticated attacker could gain elevated privileges and execute arbitrary code, example: buffer-overflow User Activities Compromised administrative credentials

5 Computer and Internet Security JCCAA Presentation 03/14/2009 How to prevent malware infections? Windows and application update … Windows firewall … Antivirus applicationAntivirus application … Ignore spam mails – no curiosity, no greed Careful browsing on the Internet You can never be 100% protectedYou can never be 100% protected … zero-day exploit and piggy-back download

6 Computer and Internet Security JCCAA Presentation 03/14/2009 How to remove malware infection? Antivirus program … removes known malwares inform you about specific removal steps Seek professional help … Restore an earlier good system state system restore or ntbackup (restore) … Windows recovery console … Reinstall operating system

7 Computer and Internet Security JCCAA Presentation 03/14/2009 Why are those special recovery procedures needed? Can any antivirus application automatically clean a system 100% of the time, if it knows what the malwares executables are?

8 Computer and Internet Security JCCAA Presentation 03/14/2009 Is the system really compromised? Is the system really secure?

9 Computer and Internet Security JCCAA Presentation 03/14/2009 Malware characteristics Installs silently / deceptively Break the system when removed Starts automatically on reboot windows registry Running in the background Obscurely named / pathed Cannot be removed easily Hidden Permission, alternate data stream, rootkit

10 Computer and Internet Security JCCAA Presentation 03/14/2009 Is the system really compromised? Not when there is a malicious registry entry Not when there is a malicious executable Only when a malicious code is running... Is the system really secure? Not unless you know what are running in the system and are able to verify them

11 Computer and Internet Security JCCAA Presentation 03/14/2009 Orthrus A Host Intrusion Prevention Application Why develop Orthrus? Bad security incident w/o vendor support How is it developed? What would an administrator do What are the goals? Monitoring host security and user recovery …

12 Computer and Internet Security JCCAA Presentation 03/14/2009 Orthrus Download Click “Free Orthrus Download” link Orthrus Main Components Orthrus.exe Orthnote.exe Custom Event Log

13 Computer and Internet Security JCCAA Presentation 03/14/2009 Orthrus Knowing what are running auto-start executables operating system modules and sub modules no user applications What are automatically removed registry entries without an executable windows exploits rootkit malwares

14 Computer and Internet Security JCCAA Presentation 03/14/2009 Orthrus - Verifying an executable Trusted by Windows File Protection Trusted by Trusted Installer ownership … Digitally signed and verified … Obscurely named / pathed … Falsified extended file information … Internet lookup … Exploits

15 Computer and Internet Security JCCAA Presentation 03/14/2009 Orthrus – Information collected extended file information … process history (exceptions, and warnings) … Orthrus – Information transmitted secure http protocol ( Orthrus – Information not touched identity of the user and the computer

16 Computer and Internet Security JCCAA Presentation 03/14/2009 Orthrus – System Recovery last-known-clean restore point … ntbackup restore … windows recovery console

17 Computer and Internet Security JCCAA Presentation 03/14/2009 Orthrus – Weakness Speed Support Verifying and permit executables manually

18 Computer and Internet Security JCCAA Presentation 03/14/2009 What if I don’t want to known and don’t want any one else to know what are running in my system Use a more secure operating system Windows VISTA, Windows 7 Windows and application security updates Windows firewall Antivirus application Ignore spam mails – no curiosity, no greed Careful browsing on the Internet

19 Computer and Internet Security JCCAA Presentation 03/14/2009 Orthrus Send questions on how to use Orthrus application to with the exact subject line “Orthrus Questions” All other inquires may be ignored

20 Computer and Internet Security JCCAA Presentation 03/14/2009 Questions ?