Presentation is loading. Please wait.

Presentation is loading. Please wait.

Michael McDonnell GIAC Certified Intrusion Analyst Creative Commons License: You are free to share and remix but you must provide.

Published bySydney Nichols Modified over 9 years ago

Similar presentations

Presentation on theme: "Michael McDonnell GIAC Certified Intrusion Analyst Creative Commons License: You are free to share and remix but you must provide."— Presentation transcript:

1 Michael McDonnell GIAC Certified Intrusion Analyst michael@winterstorm.ca Creative Commons License: You are free to share and remix but you must provide attribution and you must share alike. Information Security A Practical Introduction

2 What does “Security” mean? ?

3 What is Information Security About?

4 Viruses InfoSec is about… Viruses

5 Hackers InfoSec is about… Hackers

6 Vandalism InfoSec is about… Vandalism

7 Backups InfoSec is about… Backups

8 Theft InfoSec is about… Theft

9 InfoSec is about… Computer “Uptime”

10 Phones InfoSec is about… Phones

11 Information InfoSec is… about Information

12 Outcome Information Security as an Outcome are "Our systems are secure from hackers“ have "We have blocked 17,342 viruses to date“ “Our systems are all online“ cannot “Insiders cannot steal our information” “We have backups” “We are Secure”

13 Process Information Security as a Process improve “We want to improve security“ more "We need to protect against more threats" reduce "We want to reduce risk" increase "We want to increase customer confidence" decrease "We want to decrease the number of compromises" “We want to be more Secure”

14 Risk Management InfoSec is… Risk Management Identify Analyze Measure Plan Implement

15 What is at Risk? ConfidentialityIntegrityAvailability

16 Defence in Depth Defence in Depth lowers Risk Firewalls do not make you secure Anti-virus Anti-virus does not make you secure Policies Policies do not make you secure VPNs VPNs do not make you secure Guards do not make you secure Passwords Passwords do not make you secure MORE Together they all make you MORE secure

17 Threat: Denial of Service

18 Counter: Firewalls and Switches

19 excessive bandwidth An unpatched server was compromised and used to distributed 20 GB of videos with French language titles. The problem was discovered when the server was blocked for excessive bandwidth usage. ? Threat: Unintentional DoS

20 French Puppet Videos! French Puppet Videos The server was distributing 20 GB of French Puppet Videos. The cleanup time was 7 hours. If they had just asked we would have probably found someone to host the videos for them!

21 Change Management Counter: Change Management

22 Counter: Monitoring

23 Threat: SQL Injection Attack

24 Counter: Vulnerability Scanning

25 Counter: Developer Training

26 Counter: Web Application Firewall

27 Threat: The Man-in-the-Middle The Pineapple YOUR 1.Pretends to be YOUR home wifi network. 2.Records 2.Records what you do on the Internet.

28 Counter: 2 Factor Authentication YUBIKEYSecurID Google 2FA

29 Threat: Insiders

30 Counter: DLP and DPI Deep Packet Inspection (DPI): Firewalls inspect every packet on the network and rebuild the entire message. Data Loss Prevention (DLP): Uses DPI and pattern matching to look for suspicious content being sent FROM your network.

31 Threat: Malvertisements

32 rainspours Why D.I.D? It never rains… it pours 1.The OS Vendor stopped providing patches 2.The server was hacked 3.A hard disk failed 4.A cooling fan died & it crashes every 2hr 5.The software vendor wanted more money 6.Hardware support had not been paid for

33 Final Threat: The A.P.T. Advanced Persistent Threat

34 InfoSec is… Everyone’s Responsibility ConfidentialityIntegrityAvailability

35 Questions? Email: michael@winterstorm.ca Slides: http://winterstorm.ca/download/

Download ppt "Michael McDonnell GIAC Certified Intrusion Analyst Creative Commons License: You are free to share and remix but you must provide."

Similar presentations

Attacks Framework Attacks Physical Access Attacks -- Wiretapping Server Hacking Vandalism Dialog Attacks -- Eavesdropping Impersonation Message Alteration.

Attacks Framework Attacks Physical Access Attacks -- Wiretapping Server Hacking Vandalism Dialog Attacks -- Eavesdropping Impersonation Message Alteration.
1 MIS 2000 Class 22 System Security Update: Winter 2015.

1 MIS 2000 Class 22 System Security Update: Winter 2015.
Crime and Security in the Networked Economy Part 4.

Crime and Security in the Networked Economy Part 4.
Current Security Threats WMO CBS ET-CTS Toulouse, France 26-30 May 2008 Allan Darling, NOAA’s National Weather Service WMO CBS ET-CTS Toulouse, France.

Current Security Threats WMO CBS ET-CTS Toulouse, France May 2008 Allan Darling, NOAA’s National Weather Service WMO CBS ET-CTS Toulouse, France.
Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.

Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.
Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.

Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.
Cyber Security Discussion Craig D’Abreo – VP Security Operations.

Cyber Security Discussion Craig D’Abreo – VP Security Operations.
1 Protecting Your Computer Internet Annoyances (Already done in Chapter 3) Spam Pop-ups Identity theft phishing hoaxes Spyware.

1 Protecting Your Computer Internet Annoyances (Already done in Chapter 3) Spam Pop-ups Identity theft phishing hoaxes Spyware.
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.

Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
Malicious Attacks By: Albert, Alex, Andon, Ben, Robert.

Malicious Attacks By: Albert, Alex, Andon, Ben, Robert.
Web Servers Security: What You Should Know. The World Wide Web (WWW) is one of the best ways to develop an e-commerce business presence and interact with.

Web Servers Security: What You Should Know. The World Wide Web (WWW) is one of the best ways to develop an e-commerce business presence and interact with.
Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.

Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.
Lecture 11 Reliability and Security in IT infrastructure.

Lecture 11 Reliability and Security in IT infrastructure.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Computer Networks IGCSE ICT Section 4.

Computer Networks IGCSE ICT Section 4.
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
Morris Bennett Altman Director of Network Services Internet Security Officer Queens College, CUNY Are You Exposed? Network Security.

Morris Bennett Altman Director of Network Services Internet Security Officer Queens College, CUNY Are You Exposed? Network Security.
New Data Regulation Law 201 CMR 17.00. TJX Video.

New Data Regulation Law 201 CMR TJX Video.
Internet safety By Lydia Snowden.

Internet safety By Lydia Snowden.

Similar presentations

Ads by Google