Computer Security Status Update FOCUS Meeting, 28 March 2002 Denise Heagerty, CERN Computer Security Officer.

Slides:

Advertisements

Similar presentations

The Approach to Security in CLRC Gareth Smith With acknowledgements to all the members of the CLRC Computer Network and Security Group, especially Trevor.

Advertisements

Computer Security set of slides 10 Dr Alexei Vernitski.

For further information computersecurity.wlu.ca

Mr C Johnston ICT Teacher

1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.

Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.

CERT ® System and Network Security Practices Presented by Julia H. Allen at the NCISSE 2001: 5th National Colloquium for Information Systems Security Education,

Denise Heagerty, CERN, HEPiX Meeting Oct HEPiX Security Workshop Overview of talks Some extracts of general interest LCG Security Group FNAL, KEK,

Software Security Threats Threats have been an issue since computers began to be used widely by the general public.

Vulnerability Analysis Borrowed from the CLICS group.

Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

SIRT Contact Orientation Security Incident Response Team Departmental Security Contacts April 16, 2004.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

100% Security “ The only system which is truly secure is one which is switched off and unplugged, locked in a titanium lined safe, buried in a concrete.

Payment Card Industry (PCI) Data Security Standard

COEN 252: Computer Forensics Router Investigation.

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.

Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.

E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

APA of Isfahan University of Technology In the name of God.

1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.

Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)

By : Himanshu Mishra Nimish Agarwal CPSC 624.  A system designed to prevent unauthorized access to or from a private network.  It must have at least.

Csci5233 Computer Security1 Bishop: Chapter 27 System Security.

Network Security Onno W. Purbo Buku Keamanan Jaringan Internet Toko Buku Gramedia.

Prepared by: Dinesh Bajracharya Nepal Security and Control.

E-Security: 10 Steps to Protect Your School’s Network NEN – the education network.

CERN’s Computer Security Challenge

Chapter Fifteen Working with Network Security. Objectives To discover what dangers lurk in that great big world To examine the basic concepts of security.

Proposed mid-term Security Strategies for CERN Prepared by ad-hoc working group members: Lionel Cons, Francois Fluckiger, Denise Heagerty, Jan Iven, Jean-Michel.

Common Cyber Defenses Tom Chothia Computer Security, Lecture 18.

G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.

Managing Information System Security: Principles GP Dhillon Associate Professor Virginia Commonwealth University.

Denial of Service (DoS) DoS attacks are aggressive attacks on an individual computer or groups of computers with the intent to deny services to intended.

1 CERN’s Computer Security Challenges Denise Heagerty CERN Computer Security Officer Openlab Security Workshop, 27 Apr 2004.

Small Business Security Keith Slagle April 24, 2007.

Operational Circular No 5 Use of CERN Computing Facilities.

Computer Security Risks for Control Systems at CERN Denise Heagerty, CERN Computer Security Officer, 12 Feb 2003.

CERN - European Organization for Nuclear Research Beyond ACB – VPN’s FOCUS June 13 th, 2002 Frédéric Hemmer & Denise Heagerty- IT Division.

Module  Introduction Introduction  Techniques and tools used to commit computer crimes Techniques and tools used to commit computer crimes.

Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.

| nectar.org.au NECTAR TRAINING Module 5 The Research Cloud Lifecycle.

IPv6 security for WLCG sites (preparing for ISGC2016 talk) David Kelsey (STFC-RAL) HEPiX IPv6 WG, CERN 22 Jan 2016.

Computer Security Status C5 Meeting, 2 Nov 2001 Denise Heagerty, CERN Computer Security Officer.

“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.

TS workshop 2004U. Epting, M.C. Morodo Testa - TS department1 Improving Industrial Process Control Systems Security Uwe Epting (TS/CSE) Maria Carmen Morodo.

MIS323 – Business Telecommunications Chapter 10 Security.

IT Ess I v.4x Chapter 1 Cisco Discovery Semester 1 Chapter 8 JEOPADY Q&A by SMBender, Template by K. Martin.

Unit 1 Understanding computer systems: How legal, ethical, safety and security issues affect how computers should be used OCR Cambridge Nationals in ICT.

Security risks in a network. Remote access  When you connect a computer to a network it is visible to all other computers on the network. When you connect.

Security Issues Introduction.. Security All the connectivity schemes you will hear about have security implications. –4 computer security incidents in.

Mr C Johnston ICT Teacher BTEC IT Unit 09 - Lesson 11 Network Security.

1 Integrated Site Security Project Denise Heagerty CERN 22 May 2007.

Computer Security Sample security policy Dr Alexei Vernitski.

SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #

Lecture 19 Page 1 CS 236 Online 6. Application Software Security Why it’s important: –Security flaws in applications are increasingly the attacker’s entry.

Instructor Materials Chapter 7 Network Security

Threats to computers Andrew Cormack UKERNA.

Business Risks of Insecure Networks

Answer the questions to reveal the blocks and guess the picture.

Lab 7 - Topics Establishing SSH Connection Install SSH Configure SSH

Unit 4 IT Security Kerris Davies.

Intrusion Detection system

Test 3 review FTP & Cybersecurity

6. Application Software Security

Presentation transcript:

Computer Security Status Update FOCUS Meeting, 28 March 2002 Denise Heagerty, CERN Computer Security Officer

Incident Summary, 31 Dec Incident Type 859 Security holes exploited (includes worms) 36 web servers, 11 linux kernels, 8 ssh, 4 ftp servers 8642 Compromised CERN accounts sniffed or guessed passwords 8(26) DoS (Denial of Service) attacks 25 caused by Code Red Worm (counted above) 1813 Unauthorised use of file servers insufficient access controls 915 Serious SPAM incidents CERN addresses are regularly forged 911 Serious Viruses several new viruses are released each day 1711 Miscellaneous security alerts Total Incidents

Conclusions  Security holes and discovered passwords are CERN’s biggest security risks  Security related actions reduced the number and impact of incidents at CERN Incidents remained constant at CERN whilst they doubled across the Internet as a whole in 2001 Code Red and Nimda worms were eliminated in less than half a day due to effective security tools CERN avoided disruptive worms, e.g. Code Red II Intensive security campaigns from Aug-Dec 2001: Code Red, Nimda, Linux kernel, ftp, ssh Disconnecting insecure systems has been essential for assuring CERN’s Internet access (e.g. Xmas)  Security needs to become integrated throughout CERN’s working methods

Open Issues  Ensuring software is secured and patches are regularly applied systems directly visible in the firewall expose the site All systems are at risk (worms traverse firewalls) Outdated/unsupported systems are a serious security risk!  Risk from privately installed software Often directly visible to the general Internet (high port nos) Can offer unauthorised access (e.g. file sharing) Can contain viruses and backdoor access for intruders  Passwords need to be encrypted for all applications telnet, ftp, X, mail applications expose password in clear text  Protecting CERN’s critical systems Currently at risk on a regular basis  Ensuring correct data is registered and updated for systems on the CERN network Contact name who can react quickly MAC address required for mobile devices  Ensuring an audit trail to identify causes of incidents  Protecting the site during Xmas shutdown Volunteer effort is not sufficient

Security proposals currently under discussion  Strengthen firewall protection protect access to sensitive high numbered ports  Improve computer security information and its dissemination knowledge of security is an important tool  Define minimum rules for connecting systems to CERN’s network correct registration data, configuration checklist, …  Require regular successful security checks for systems directly visible in the firewall frequent security scans of systems with INCOMING access  Require security reviews for systems considered as critical for CERN’s mission need to ensure these are and remain sufficiently protected  Define an agreed procedure to block network access for insecure systems attempt to inform an agreed set of people