1 / 76

Recap of Project Management

Recap of Project Management . Alternative Matrix . Phishing, Sniffing, Spoofing, Oh My! . Class 19: IT Security and Networking August 3 rd , 2011. Administration . Extra credit o pportunity (20 points) Assignment due tomorrow before class. Learning Objectives.

onan
Download Presentation

Recap of Project Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Recap of Project Management • Alternative Matrix

  2. Phishing, Sniffing, Spoofing, Oh My! Class 19: IT Security and Networking August 3rd, 2011

  3. Administration • Extra credit opportunity (20 points) • Assignment due tomorrow before class

  4. Learning Objectives • List a few current events in information systems news • List situations when your privacy may be at risk • Explain techniques for protecting your privacy *I loosely define hacker as someone how knowingly seeks information or resources not intended for him or her, whether for good or for bad.

  5. I am not responsible for what you may learn, or what I may do to your computer! • But Seriously: Some of the stuff I show here can land you some jail time. Be Responsible

  6. Terminology • If I say something like “spam filter”, and if you do not know what this is….RAISE YOUR HAND!!!

  7. Yesterday?

  8. Today?

  9. Why do hackers hack? • Pleasure • To learn • Trade secrets • ID theft • Credit card theft • Access to resources (e.g., email) • Espionage • Malice • Protect information? • Our right to know?

  10. If there’s anything I can get you to walk away with from this, it’s that you should care more about watching out for yourself • Because there are a lot of people looking to get you… • The Government • Your personal enemies • Your employers • People on a mission • The Various Underground Scenes • ^ These guys are probably the most dangerous

  11. Because people engage in a lot of criminal activity… • Downloading music • Downloading movies • Downloading games • Internet Gambling • Looking at illegal material (e.g., porn…) • Or maybe you were just surfing the net as usual…

  12. Jeff Jenkins Don’t learn to hack, hack to learn

  13. Bryan W. Do you want to do what I just did? Google: Wireshark

  14. Sniffing • To inhale a short, audible breath through the nose, as in smelling something. • To sniffle. • To use the sense of smell, as in savoring or investigating: sniffed at the jar to see what it held. • To regard something in a contemptuous or dismissive manner: The critics sniffed at the adaptation of the novel to film. • Informal To pry; snoop:

  15. Sniffing • intercept and log traffic passing over a digital network or part of a network • In other words, a program that lets other people see what traffic is passing on the internet

  16. Wireshark Example • http://www.wireshark.org/ • Good uses too!

  17. Solutions • Don’t use an unsecure network (e.g., UAPublic, someone else’s wireless network) • Encryption! • Don’t host an open wireless network (for many other reasons too)!!!!!! !!!!!! !!!!!!

  18. Grandma B. • Prevention Technique: • Be careful opening up weird looking attachments Do you want to do what I just did? Google: Email Spoofing

  19. Spoofing • Pretending to be someone you’re not

  20. When do people do this? • Caller ID spoofing • Email spoofing • Web site spoofing • URL spoofing

  21. Caller ID Spoofing • http://www.telespoof.com/

  22. Email and SMS Spoofing • iamafathacker@gmail.com • www.hoaxmail.co.uk

  23. Web site Spoofing

  24. Preventions • Anti-spyware; anti-virus protection • Spam filters • Certificate authorities: • Email: http://www.thawte.com/resources/personal-email-certificates/index.html • Web site: http://www.thawte.com/r

  25. Nik Y. Do you want to do what I just did? Google: Hosts File

  26. Phishing…

  27. PhishMe Education

  28. Prevention • Virus protection • Don’t give out passwords • Spam Filters

  29. Julia L. Do you want to do what I am going to do? Google: BackTrack

  30. Physical Security • If I can get to your computer…. I can access stuff!!!!! Password or not!

  31. High Security Server Rooms

  32. Volunteer Please: Backtrack

  33. Prevention Technique: • Keep your computer in a safe place • Locks? • Encrypt Data

  34. June J.

  35. Why does Windows update so often? • A security patch is a change applied to an asset to correct the weakness described by a vulnerability. This corrective action will prevent successful exploitation and remove or mitigate a threat’s capability to exploit a specific vulnerability in an asset.

  36. What can someone do if they get into your system through an unpatched security vulnerability? • Everything

  37. Just listen to this guy!

  38. Prevention • Install those updates and patches • Be careful which Web sites you visit • Be care which attachments you open up

  39. What is the weakest link in security??

  40. The User

  41. Why?

  42. Weak Password • http://www.lockdown.co.uk/?pg=combi

  43. The Sticky Note

  44. Prevention • Passphrases • Memorize

  45. Protecting Information • Access Controls: Authentication • Something the User Is • Biometrics • Something the User Has • ID Cards • Something the User Does • Voice/Signature Recognitions • Something the User Knows • Passwords

  46. They Click on Stuff and Install Stuff Virus Trojan horse Worm

  47. Virus • A computer virus is a computer program that can copy itself and infect a computer. The term "virus" is also commonly but erroneously used to refer to other types of malware, including but not limited to adware and spyware programs that do not have the reproductive ability. A true virus can spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive.

  48. Trojan Horse • A Trojan horse, or Trojan, is a destructive program that masquerades as an application. The software initially appears to perform a desirable function for the user prior to installation and/or execution, but (perhaps in addition to the expected function) steals information or harms the system.[1] Unlike viruses or worms, Trojan horses do not replicate themselves, but they can be just as destructive.

  49. Worm • A computer worm is a self-replicating malware computer program, which uses a computer network to send copies of itself to other nodes (computers on the network) and it may do so without any user intervention. This is due to security shortcomings on the target computer. Unlike a computer virus, it does not need to attach itself to an existing program. Worms almost always cause at least some harm to the network, even if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer.

More Related