EMU/ICT Incident Response Team Firewall Access Session Presenter: IRT TEAM Member.

Slides:

Advertisements

Similar presentations

Information Security The Responsibility of Security Lies on The Shoulders of Each and Every User……. R. LaRocca 1997 Robert LaRocca - Director Information.

Advertisements

Smartphone and Mobile Device Security IT Communication Liaisons Meeting October 11, 2012 Theresa Semmens, CITSO.

Computer Security set of slides 10 Dr Alexei Vernitski.

Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.

ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.

Part 2 of Evil Lurking in Websites Data Security at the University of Wisconsin Oshkosh.

Acceptable Use Policy –The Acceptable Use Policy defines the rules of the machine and internet connection you are on. –Specific policies differ by machine.

Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.

1 Protecting Your Computer Internet Annoyances (Already done in Chapter 3) Spam Pop-ups Identity theft phishing hoaxes Spyware.

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.

Web Servers Security: What You Should Know. The World Wide Web (WWW) is one of the best ways to develop an e-commerce business presence and interact with.

1 UNIX Postmortem Mark Henman. 2 Introduction For most system administrators, there is no question that at some point at least one of their systems is.

Network and Server Attacks and Penetration Chapter 12.

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

Northwestern University Information Technology UNITS Quarterly Meeting April 29, 2004 Network Security Roger Safian

What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:

Security Awareness: Applying Practical Security in Your World Chapter 6: Total Security.

Web server security Dr Jim Briggs WEBP security1.

COEN 252: Computer Forensics Router Investigation.

X2O Server Installation

Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.

Internet Relay Chat Chandrea Dungy Derek Garrett #29.

Citadel Security Software Presents Are you Vulnerable? Bill Diamond Senior Security Engineer

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Incident Response Updated 03/20/2015

Website Hardening HUIT IT Security | Sep

Information Security Information Technology and Computing Services Information Technology and Computing Services

General Awareness Training

CS101 Lecture 14 Security. Network = Security Risks The majority of the bad things that can be done deliberately to you or your computer happen when you.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.

Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.

What if you suspect a security incident or software vulnerability? What if you suspect a security incident at your site? DON’T PANIC Immediately inform:

Cyber crime & Security Prepared by : Rughani Zarana.

Csci5233 Computer Security1 Bishop: Chapter 27 System Security.

IT Security Essentials Lesley A. Bidwell, IT Security Administrator.

Honeypot and Intrusion Detection System

Introduction to ITE Chapter 9 Computer Security. Why Study Security?  This is a huge area for computer technicians.  Security isn’t just anti-virus.

1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.

IT internet security. The Internet The Internet - a physical collection of many networks worldwide which is referred to in two ways: The internet (lowercase.

A Basic Introduction to Computer Security John H. Porter University of Virginia Department of Environmental Sciences.

Security at NCAR David Mitchell February 20th, 2007.

Denial of Service (DoS) DoS attacks are aggressive attacks on an individual computer or groups of computers with the intent to deny services to intended.

CHAPTER 3 Classes of Attack. INTRODUCTION Network attacks come from both inside and outside firewall. Kinds of attacks: 1. Denial-of-service 2. Information.

Note1 (Admi1) Overview of administering security.

1 Computer Crime Often defies detection Amount stolen or diverted can be substantial Crime is “clean” and nonviolent Number of IT-related security incidents.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

Module 6: Designing Security for Network Hosts

COSC 513 Operating Systems Project Presentation: Internet Security Instructor: Dr. Anvari Student: Ying Zhou Spring 2003.

Hacking Windows 9X/ME. Hacking framework Initial access physical access brute force trojans Privilege escalation Administrator, root privileges Consolidation.

Computer Security Status Update FOCUS Meeting, 28 March 2002 Denise Heagerty, CERN Computer Security Officer.

NetTech Solutions Protecting the Computer Lesson 10.

Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.

Computer Security By Duncan Hall.

WINS Monthly Meeting 06/05/2003 WINS Monthly Meeting 06/05/2003.

Web Server Security: Protecting Your Pages NOAA OAR WebShop 2001 August 2 nd, 2001 Jeremy Warren.

Internet security for the home Paul Norton MEng(Hons) MIEE Electronic engineer working for Pascall Electronics Ltd. on the Isle of Wight A talk on Internet.

SOHO Security Recommendations. Change default user/password Of the AP/router Typical  admin – admin  root – root  root – 1234  Admin - There are web.

Common System Exploits Tom Chothia Computer Security, Lecture 17.

CSCE 548 Student Presentation By Manasa Suthram

Critical Security Controls

Backdoor Attacks.

Wireless Network Security

Things To Avoid: 1-Never your password to anyone.

Unfortunately, any small business could face the risk of a data breach or cyber attack. Regardless of how big or small your business is, if your data,

Risk of the Internet At Home

Chapter 7 – and 8 pp 155 – 202 of Web security by Lincoln D. Stein

6. Application Software Security

Presentation transcript:

EMU/ICT Incident Response Team Firewall Access Session Presenter: IRT TEAM Member

Introduction EMU Firewall has been in place and operational since Feb 16 th, 2003 ICT has maintained a database of firewall access requested from ict.emich.edu/firewall What information is required for firewall access IP Address Port Number DNS name Administrator of Device Permission for Access from Department EMU Firewall has been in place and operational since Feb 16 th, 2003 ICT has maintained a database of firewall access requested from ict.emich.edu/firewall What information is required for firewall access IP Address Port Number DNS name Administrator of Device Permission for Access from Department

How big is this problem From March 17 th – March 29 th 5 Universities Reported Identity Theft Boston University- 120,000 Alumni info SSN UNLV- 5,000 SSN University of California Chico- 18,000 SSN Northwestern University- 21,000 SSN University of California Berkley- 98,000 SSN 250,000+ SSN reported stolen out of University Servers in 12 days Source- Google News From March 17 th – March 29 th 5 Universities Reported Identity Theft Boston University- 120,000 Alumni info SSN UNLV- 5,000 SSN University of California Chico- 18,000 SSN Northwestern University- 21,000 SSN University of California Berkley- 98,000 SSN 250,000+ SSN reported stolen out of University Servers in 12 days Source- Google News

Security Risk of your Device Depending on Operating System Information Stored on Server Exposure of Server to the Internet Top 20 Vulnerabilities #1 Windows Servers- Web Services #2 Unix Servers- Web Services Depending on Operating System Information Stored on Server Exposure of Server to the Internet Top 20 Vulnerabilities #1 Windows Servers- Web Services #2 Unix Servers- Web Services

The server has been hacked, Now What? The server has been hacked, Now What? Don’t Panic No stigma is attached to a server that has been hacked, infected with virus or otherwise compromised- Not a matter of if, but when and how much damage. Contact any member of the ICT Incident Response Team or the ICT Help Desk Things to avoid if you suspect a problem Do not login, type, logout or shut off the device Do not touch the network connection Do not inform anyone besides your immediate supervisor and the IRT team / help desk Don’t Panic No stigma is attached to a server that has been hacked, infected with virus or otherwise compromised- Not a matter of if, but when and how much damage. Contact any member of the ICT Incident Response Team or the ICT Help Desk Things to avoid if you suspect a problem Do not login, type, logout or shut off the device Do not touch the network connection Do not inform anyone besides your immediate supervisor and the IRT team / help desk

Reporting the Incident Incident Response Form is available ict.emich.edu/security Contact ICT incident response team or use the list of names and numbers provided Contact the ICT Help Desk Contact your Immediate Supervisor Incident Response Form is available ict.emich.edu/security Contact ICT incident response team or use the list of names and numbers provided Contact the ICT Help Desk Contact your Immediate Supervisor

Types of Issues D.O.S. (denial of service) attacks Remote access as Superuser Data Risk (Destroyed, Copied, Altered) Use of machine to commit a felony Attacks on other systems (non EMU) Zombies Storage for illegal information, data, or other non- University service Jump site for attacks against EMU inside the firewall D.O.S. (denial of service) attacks Remote access as Superuser Data Risk (Destroyed, Copied, Altered) Use of machine to commit a felony Attacks on other systems (non EMU) Zombies Storage for illegal information, data, or other non- University service Jump site for attacks against EMU inside the firewall

Reducing Risk Know your Device Apply Patches, Fixes and Updates Monitor Log Files Report Suspicious Behavior Reduce the exposure Does this device really need to be available to everyone in the world? Does this device have a Professionally Trained I.T. Administrator? Know your Device Apply Patches, Fixes and Updates Monitor Log Files Report Suspicious Behavior Reduce the exposure Does this device really need to be available to everyone in the world? Does this device have a Professionally Trained I.T. Administrator?

Other Administration Considerations Services and applications not serving University requirements must be disabled Remote administration must be performed over secure channels Passwords- use secure passwords Services and applications not serving University requirements must be disabled Remote administration must be performed over secure channels Passwords- use secure passwords

Demo Determining System Info Determining System Info Determining System Info Determining System Info Google hacking Sample intitle:index.of site:emich.edu intitle:index.of site:emich.edu intitle:index.of site:emich.edu intitle:index.of site:emich.edu Top 75 Security tools Top 75 Security tools Top 75 Security tools Top 75 Security tools Determining System Info Determining System Info Determining System Info Determining System Info Google hacking Sample intitle:index.of site:emich.edu intitle:index.of site:emich.edu intitle:index.of site:emich.edu intitle:index.of site:emich.edu Top 75 Security tools Top 75 Security tools Top 75 Security tools Top 75 Security tools