1. University of Maryland I.T. Security Gerry Sneeringer IT Security Officer Sneeri@umd.edu

2. Slides Online http://nts.umd.edu/~sneeri/6dec02.ppt

3. Information Technology Security Officer Develop University Security Architecture Lead Incident Handling Efforts Develop User Education Program.

4. University Environment Major administrative and business systems ($1 Billion enterprise) 30,000 research and administration computers (hundreds of system managers) 11,000 networked residential students 12,500 remote access users Wireless access.

5. Vulnerabilities Discovery of new weaknesses in common software Poorly maintained computers Human Nature –Poor Passwords –Accepting strange attachments –Operating dangerous software.

6. Current Threats Computer Viruses/Worms Script Kiddies Media Pirates Denial of Service.

7. Security Architecture Three Objectives –PROTECT –DETECT –INFORM.

8. PROTECT Deployment of Multiple Layers of Firewall –Campus Borders –Individual Networks –Individual Computers Distribution of Anti-Virus Software –On all computers –On campus mail server Virtual Private Networks.

9. DETECT Deployment of several layers of Intrusion Detection Systems –Watch traffic entering/exiting University –Watch traffic between segments within University –Host based software to detect unauthorized changes.

10. DETECT - II Systemic use of vulnerability scanning software. Monitor bandwidth trends.

11. INFORM User Education Programs –Project NEThics (www.umd.edu/nethics) –Forums for System Administrators –Forums for computer users –Web Pages.

12. Additional URLs Intrusion Detection System: –www.snort.orgwww.snort.org Vulnerability Scanning –www.nessus.orgwww.nessus.org