Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright 2001 Marchany1 Auditing Networks, Perimeters and Systems Introduction.

Published byMaryann Jacobs Modified over 9 years ago

Similar presentations

Presentation on theme: "Copyright 2001 Marchany1 Auditing Networks, Perimeters and Systems Introduction."— Presentation transcript:

1 Copyright 2001 Marchany1 Auditing Networks, Perimeters and Systems Introduction

2 Copyright 2001 Marchany2 Who should be here  Unix Sys Admins  NT Sys Admins  Auditors  In general, just really cool people!

3 Copyright 2001 Marchany3 The Audit Track Goal  Auditors – need to know a little bit of techie to be able to perform a meaningful audit  Sys Admins – need to think a little more like auditors  Everybody! – Think like an attacker!

4 Copyright 2001 Marchany4 Randy Marchany VA Tech Computing Center Blacksburg, VA 24060 Randy.Marchany@vt.edu 540-231-9523 SANS 2001 Applying Risk Analysis Techniques to Information Systems

5 Copyright 2001 Marchany5 Unit 1: Pay Me Now or Pay Me Later Why we need to check our infrastructure

6 Copyright 2001 Marchany6 Why Bother?  This section will give you some concrete examples of what can happen if you don’t have basic security rules at your site.  Every one of these attacks could have been prevented ahead of time with minimal effort.  The cost to fix it afterwards was much higher!

7 Copyright 2001 Marchany7 Pay Me Now or Pay Me Later  E = D + R –E = amount of time you’re exposed –D = amount of time it takes to detect an attack –R = amount of time it takes to react to an attack  Easiest way to calculate the cost of an Incident –Multiply average hourly wage * Time * People

8 Copyright 2001 Marchany8 The Top 10 Vulnerabilities  BIND (Unix/Linux/NT/Win2K)  CGI programs (www servers)  RPC (Tooltalk) (Unix/linux/NT/Win2K)  Microsoft IIS – RDS and others (NT/Win2K)  Sendmail (Unix/Linux)  Sadmind and mountd (Unix/Linux)  Global file sharing (NetBios, NFS, Appleshare)  Weak/no passwords, demo/guest accounts  IMAP/POP buffer overflow  Default SNMP community strings (Network)

9 Copyright 2001 Marchany9.77%Webdist#2, #4 15.5%IMAP#9 12.4%Qpopper#9.52%Innd 26.1%Tooltalk#3, #6 10.8%RPC_mountd#3, #6 18.1%BIND#1 12.2%WWW#2 735065Hosts scannedTOTAL Percent VulnerabilityTop 10 #

10 Copyright 2001 Marchany10 The Top 10 Internet Threats for 2000  Available at www.sans.org/topten.htmlwww.sans.org/topten.html  You should check your systems for these vulnerabilities  The fix is simple. Apply Patches or ServicePaks.  Your sysadmins/netadmins should check your system(s) for the top 10 threats. –Bindview Hackershield – NT systems –SARA, SAINT – Unix/Linux freeware tools

11 Copyright 2001 Marchany11 References  http://security.vt.edu  www.sans.org www.sans.org –Top 10 threats, Defeating Ddos, etc.  www.nipc.gov www.nipc.gov  www.cornell.edu/CPL www.cornell.edu/CPL  www.securityfocus.com www.securityfocus.com –Early Warning Vulnerability list  www.insecure.org www.insecure.org  www.usdoj.gov/criminal/cybercrime/index.html www.usdoj.gov/criminal/cybercrime/index.html –Federal Search & Seizure Guidelines

12 Copyright 2001 Marchany12 Course Revision History

Download ppt "Copyright 2001 Marchany1 Auditing Networks, Perimeters and Systems Introduction."

Similar presentations

Incident Response Managing Security at Microsoft Published: April 2004.

Incident Response Managing Security at Microsoft Published: April 2004.
Copyright 2003, Marchany Hiding Text in MP3 Files Randy Marchany VA Tech Computing Center Blacksburg, VA 24060.

Copyright 2003, Marchany Hiding Text in MP3 Files Randy Marchany VA Tech Computing Center Blacksburg, VA
Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.

Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.
Web Defacement Anh Nguyen May 6 th, 2010. Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.

Web Defacement Anh Nguyen May 6 th, Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.
Blended Threats and Layered Defenses Security Protection in Today’s Environment Marshall Taylor

Blended Threats and Layered Defenses Security Protection in Today’s Environment Marshall Taylor
Copyright 2001 Marchany1 Randy Marchany VA Tech Computing Center Blacksburg, VA 24060 540-231-9523 Applying Risk Analysis Techniques.

Copyright 2001 Marchany1 Randy Marchany VA Tech Computing Center Blacksburg, VA Applying Risk Analysis Techniques.
Vulnerability Analysis Borrowed from the CLICS group.

Vulnerability Analysis Borrowed from the CLICS group.
Educause MARC 2003Copyright 2002, Marchany1 Risk Analysis Know what to protect before protecting it…. Unit 2 – Security, Targetting & Analysis of Risk.

Educause MARC 2003Copyright 2002, Marchany1 Risk Analysis Know what to protect before protecting it…. Unit 2 – Security, Targetting & Analysis of Risk.
Information Networking Security and Assurance Lab National Chung Cheng University 1 A Real World Attack: wu-ftp.

Information Networking Security and Assurance Lab National Chung Cheng University 1 A Real World Attack: wu-ftp.
EMU/ICT Incident Response Team Firewall Access Session Presenter: IRT TEAM Member.

EMU/ICT Incident Response Team Firewall Access Session Presenter: IRT TEAM Member.
Application Security Chapter 8 Copyright Pearson Prentice Hall 2013.

Application Security Chapter 8 Copyright Pearson Prentice Hall 2013.
Enumeration. Local IP addresses Local IP addresses (review)  Some special IP addresses  localhost 127.0.0.1 (loopback address)  Internal networks 

Enumeration. Local IP addresses Local IP addresses (review)  Some special IP addresses  localhost (loopback address)  Internal networks 
Randy Marchany VA Tech Computing Center

Randy Marchany VA Tech Computing Center
100% Security “ The only system which is truly secure is one which is switched off and unplugged, locked in a titanium lined safe, buried in a concrete.

100% Security “ The only system which is truly secure is one which is switched off and unplugged, locked in a titanium lined safe, buried in a concrete.
Small Business Security By Donatas Sumyla. Content Introduction Tools Symantec Corp. Company Overview Symantec.com Microsoft Company Overview Small Business.

Small Business Security By Donatas Sumyla. Content Introduction Tools Symantec Corp. Company Overview Symantec.com Microsoft Company Overview Small Business.
Building a Campus Dshield Randy Marchany IT Security Lab VA Tech Blacksburg, VA 24060

Building a Campus Dshield Randy Marchany IT Security Lab VA Tech Blacksburg, VA 24060
The Top Ten of Security. Ten best practices for securing your network. Ten best security web sites. Eight certifications.

The Top Ten of Security. Ten best practices for securing your network. Ten best security web sites. Eight certifications.
DEEDS Meeting Oct., 26th 2006 Dependable, Embedded Systems and Software Group Department of Computer Science Darmstadt University of Technology Summary.

DEEDS Meeting Oct., 26th 2006 Dependable, Embedded Systems and Software Group Department of Computer Science Darmstadt University of Technology Summary.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Baselines Chapter 14.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Baselines Chapter 14.

Similar presentations

Ads by Google