Presentation is loading. Please wait.

Presentation is loading. Please wait.

EMU/ICT Incident Response Team Firewall Access Session Presenter: IRT TEAM Member.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "EMU/ICT Incident Response Team Firewall Access Session Presenter: IRT TEAM Member."— Presentation transcript:

1 EMU/ICT Incident Response Team Firewall Access Session Presenter: IRT TEAM Member

2 Introduction EMU Firewall has been in place and operational since Feb 16 th, 2003 ICT has maintained a database of firewall access requested from ict.emich.edu/firewall What information is required for firewall access IP Address Port Number DNS name Administrator of Device Permission for Access from Department EMU Firewall has been in place and operational since Feb 16 th, 2003 ICT has maintained a database of firewall access requested from ict.emich.edu/firewall What information is required for firewall access IP Address Port Number DNS name Administrator of Device Permission for Access from Department

3 How big is this problem From March 17 th – March 29 th 5 Universities Reported Identity Theft Boston University- 120,000 Alumni info SSN UNLV- 5,000 SSN University of California Chico- 18,000 SSN Northwestern University- 21,000 SSN University of California Berkley- 98,000 SSN 250,000+ SSN reported stolen out of University Servers in 12 days Source- Google News From March 17 th – March 29 th 5 Universities Reported Identity Theft Boston University- 120,000 Alumni info SSN UNLV- 5,000 SSN University of California Chico- 18,000 SSN Northwestern University- 21,000 SSN University of California Berkley- 98,000 SSN 250,000+ SSN reported stolen out of University Servers in 12 days Source- Google News

4 Security Risk of your Device Depending on Operating System Information Stored on Server Exposure of Server to the Internet www.sans.org Top 20 Vulnerabilities #1 Windows Servers- Web Services #2 Unix Servers- Web Services Depending on Operating System Information Stored on Server Exposure of Server to the Internet www.sans.org Top 20 Vulnerabilities #1 Windows Servers- Web Services #2 Unix Servers- Web Services

5 The server has been hacked, Now What? The server has been hacked, Now What? Don’t Panic No stigma is attached to a server that has been hacked, infected with virus or otherwise compromised- Not a matter of if, but when and how much damage. Contact any member of the ICT Incident Response Team or the ICT Help Desk Things to avoid if you suspect a problem Do not login, type, logout or shut off the device Do not touch the network connection Do not inform anyone besides your immediate supervisor and the IRT team / help desk Don’t Panic No stigma is attached to a server that has been hacked, infected with virus or otherwise compromised- Not a matter of if, but when and how much damage. Contact any member of the ICT Incident Response Team or the ICT Help Desk Things to avoid if you suspect a problem Do not login, type, logout or shut off the device Do not touch the network connection Do not inform anyone besides your immediate supervisor and the IRT team / help desk

6 Reporting the Incident Incident Response Form is available ict.emich.edu/security Contact ICT incident response team or use the list of names and numbers provided Contact the ICT Help Desk Contact your Immediate Supervisor Incident Response Form is available ict.emich.edu/security Contact ICT incident response team or use the list of names and numbers provided Contact the ICT Help Desk Contact your Immediate Supervisor

7 Types of Issues D.O.S. (denial of service) attacks Remote access as Superuser Data Risk (Destroyed, Copied, Altered) Use of machine to commit a felony Attacks on other systems (non EMU) Zombies Storage for illegal information, data, or other non- University service Jump site for attacks against EMU inside the firewall D.O.S. (denial of service) attacks Remote access as Superuser Data Risk (Destroyed, Copied, Altered) Use of machine to commit a felony Attacks on other systems (non EMU) Zombies Storage for illegal information, data, or other non- University service Jump site for attacks against EMU inside the firewall

8 Reducing Risk Know your Device Apply Patches, Fixes and Updates Monitor Log Files Report Suspicious Behavior Reduce the exposure Does this device really need to be available to everyone in the world? Does this device have a Professionally Trained I.T. Administrator? Know your Device Apply Patches, Fixes and Updates Monitor Log Files Report Suspicious Behavior Reduce the exposure Does this device really need to be available to everyone in the world? Does this device have a Professionally Trained I.T. Administrator?

9 Other Administration Considerations Services and applications not serving University requirements must be disabled Remote administration must be performed over secure channels Passwords- use secure passwords Services and applications not serving University requirements must be disabled Remote administration must be performed over secure channels Passwords- use secure passwords

10 Demo Determining System Info Determining System Info Determining System Info Determining System Info Google hacking Sample intitle:index.of site:emich.edu intitle:index.of site:emich.edu intitle:index.of site:emich.edu intitle:index.of site:emich.edu Top 75 Security tools Top 75 Security tools Top 75 Security tools Top 75 Security tools Determining System Info Determining System Info Determining System Info Determining System Info Google hacking Sample intitle:index.of site:emich.edu intitle:index.of site:emich.edu intitle:index.of site:emich.edu intitle:index.of site:emich.edu Top 75 Security tools Top 75 Security tools Top 75 Security tools Top 75 Security tools

Download ppt "EMU/ICT Incident Response Team Firewall Access Session Presenter: IRT TEAM Member."

Similar presentations

Information Security The Responsibility of Security Lies on The Shoulders of Each and Every User……. R. LaRocca 1997 Robert LaRocca - Director Information.

Information Security The Responsibility of Security Lies on The Shoulders of Each and Every User……. R. LaRocca 1997 Robert LaRocca - Director Information.
Smartphone and Mobile Device Security IT Communication Liaisons Meeting October 11, 2012 Theresa Semmens, CITSO.

Smartphone and Mobile Device Security IT Communication Liaisons Meeting October 11, 2012 Theresa Semmens, CITSO.
Computer Security set of slides 10 Dr Alexei Vernitski.

Computer Security set of slides 10 Dr Alexei Vernitski.
Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.

Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.
ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.

ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
Part 2 of Evil Lurking in Websites Data Security at the University of Wisconsin Oshkosh.

Part 2 of Evil Lurking in Websites Data Security at the University of Wisconsin Oshkosh.
Acceptable Use Policy –The Acceptable Use Policy defines the rules of the machine and internet connection you are on. –Specific policies differ by machine.

Acceptable Use Policy –The Acceptable Use Policy defines the rules of the machine and internet connection you are on. –Specific policies differ by machine.
Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.

Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.
1 Protecting Your Computer Internet Annoyances (Already done in Chapter 3) Spam Pop-ups Identity theft phishing hoaxes Spyware.

1 Protecting Your Computer Internet Annoyances (Already done in Chapter 3) Spam Pop-ups Identity theft phishing hoaxes Spyware.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.
Web Servers Security: What You Should Know. The World Wide Web (WWW) is one of the best ways to develop an e-commerce business presence and interact with.

Web Servers Security: What You Should Know. The World Wide Web (WWW) is one of the best ways to develop an e-commerce business presence and interact with.
1 UNIX Postmortem Mark Henman. 2 Introduction For most system administrators, there is no question that at some point at least one of their systems is.

1 UNIX Postmortem Mark Henman. 2 Introduction For most system administrators, there is no question that at some point at least one of their systems is.
Network and Server Attacks and Penetration Chapter 12.

Network and Server Attacks and Penetration Chapter 12.
INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.
Northwestern University Information Technology UNITS Quarterly Meeting April 29, 2004 Network Security Roger Safian

Northwestern University Information Technology UNITS Quarterly Meeting April 29, 2004 Network Security Roger Safian
What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:

What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:
Security Awareness: Applying Practical Security in Your World Chapter 6: Total Security.

Security Awareness: Applying Practical Security in Your World Chapter 6: Total Security.
Web server security Dr Jim Briggs WEBP security1.

Web server security Dr Jim Briggs WEBP security1.

Similar presentations

Ads by Google