1

Workstation Security – Privacy and Protection from

Hackers

ISECON2002Nov 2, 2002Bruce P. Tis, Ph.D.Simmons CollegeBoston, MA

2

Outline Goals Introduction Attacks/Threats Malware – viruses, worms, Trojan horses and

others Privacy - Cookies/Spyware Firewalls Steps for protecting yourself Interesting Web Sites What Haven’t We Covered

3

Goals Raise your consciousness regarding the

need for information security at the workstation level

Review basic terminology and concepts Discuss threats and how to resist them Verifying workstation’s ability to resist an

attack

4

Introduction

5

What is security? Computer Security deals with the prevention and detection of, and the reaction to, unauthorized actions by users of a

computer system or network.

6

Topics Include Cryptology Forensics Standards Management of

security/policies Authentication Intrusion Detection Hacking

Privacy Legal and Ethical

issues IP Security WEB Security Network

Management Malware Firewalls

7

Why do we need to be concerned about security Economic loss Intellectual Property loss Privacy and Identity Theft National Security

8

Economic Loss Kevin Mitnick’s hacking spree allegedly

cost companies $291 million Economic impact of recent malware

LoveLetter and CodeRed $2.6 billion each Sircam $1.3 billion

Computer Economics estimates that companies spent $10.7 billion to recover from virus attacks in 2001

9

Radicati Group Inc study of economic impact of malware

10

CERT Computer Emergency Response

Team Coordination Center (CERT) reports security incidents

An incident may involve one site or hundreds (or even thousands) of sites. Also, some incidents may involve ongoing activity for long periods of time.

11

CERT/CC Incidents

0

10000

20000

30000

40000

50000

60000

1990

1991

1992

1993

1994

1995

1996

1997

1998

1999

2000

2001

Year

12

Intellectual Property

Music piracy Software piracy Research data piracy Industrial espionage

13

Privacy and Identity Theft 300,00 credit cards stolen at CD Universe Identity theft has reached epidemic proportions

and is the top consumer fraud complaint in America

Losses to consumers and institutions due to identity theft totaled $745 million in 1997, according to the U.S. Secret Service.

An estimated 700,000 consumers became victims of identity theft during 2001 at a cost of $3 billion.

Estimate of 900,000 for 2002.

14

National Security Los Alamos loses top-secret hard drive January 1990 AT&T long-distance

telephone switching system was crashed for nine hours and approx 70 million calls went uncompleted

Distributed attack on the 13 root DNS servers two weeks ago

September 11 !!!!!!!!!!!!!!!!!!!!!!!

15

The National Strategy to Secure Cyberspace draft issued in September 2002 clearly puts responsibility on the end user to protect his/her personal computer from hackers

Consumer education Web site http://www.ftc.gov/bcp/conline/edcams/infosecurity/

National Cyber Security Alliance http://www.staysafeonline.info

16

Attacks and Threats

17

Attacks/Threats Physical Access Modification Denial of Service Repudiation Invasions of Privacy

18

Physical Attacks Hardware theft File/Information Theft Information modification Software installation

19

Access Attacks Attempt to gain information that the

attacker is unauthorized to see Password pilfering An attack against confidentiality

Snooping Eavesdropping Interception

20

Modification Attacks An attempt to modify information an

attacker is not authorized to modify An attack against information

integrity Changes Insertion Deletion

21

Denial-Of-Service Attacks Deny the use of resources to

legitimate users of a system Denial of access to information Denial of access to applications Denial of access to systems Denial of access to communications

22

Repudiation Attacks Attack against the accountability of

information i.e. and attempt to give false information or to deny that a real event or transaction has occurred Masquerading Denying an event

23

Privacy Attacks Collection of information about

you your computer configuration your computer use your surfing habits

24

Security Services Security services are used to combat

attacks Confidentiality (access) Integrity (modification, repudiation) Availability (denial of service) Accountability ( access, modification,

repudiation) Security mechanisms implement services

i.e. cryptography

25

Malware

Trap DoorLogic BombsTrojan HorsesWormsBacteriaVirusesMobile Code

26

Malware – collection of techniques/programs that produce undesirable effects on a computer system or network

Differentiate based on Needs host program Independent Replicate Don’t replicate

27

Malware

Needs HostProgram

Independent

Logic Bomb

WormsBacteriaTrapdoor

TrojanHorse

Virus

28

Trap Doors Secret entry point to a program that

bypasses normal security access procedures

Legitimate for testing/debugging Recognizes some special input, user ID or

unlikely sequence of events Difficult to detect at use Must detect during software development

and software update

29

Logic Bombs Code embedded in legitimate program

that is set to explode when certain conditions met Presence/absence certain files Date Particular user

Bomb may Alter/delete files Halt machine Other damage

30

Trojan Horses Apparently useful program or command

procedure containing hidden code which performs harmful function

Trick users into running by disguise as useful program

Doesn’t replicate itself Used to accomplish functions indirectly

that an unauthorized user not permitted Used for destructive purposes

31

Backdoor Trojans Opens backdoor on your computer that

enables attackers to remotely access and control your machine

Also called remote access Trojans Attackers find your machine by scanning

ports used by Trojan Common backdoor Trojans

Back Orifice NetBus

32

Most anti-virus tools detect Trojans Can also check open TCP ports

against list of known Trojan ports Type netstat –an command Look at listening ports Lists of known Trojan port numbers

available via Google search

33

34

Worms Programs that use network connections to

spread from system to system Once active on a system can behave as

another form of malware Propagates

Search for other systems to infect Establish connection with remote system Copy itself to remote system and executes

35

The Great Worm Robert Morris released the most famous

worm in 1988 Crashed 6000 machines on the Internet

(10%) Exploited bug in fingerd program Bug in worm crashed machines which

prevented the worm from spreading Estimated damage $100 million Three years probation, 400 hrs community

service , $10,500 fine

36

Worm – Code Red Scans Internet for Windows NT or 2000

servers running IIS minus patch Copies itself to server Replicate itself for the first 20 days of

each month Replace WEB pages on infected servers

with a page that declares Hacked by Chinese

Launch concerted attack on White House Web server to overwhelm it

37

Bacteria Programs that do not explicitly

damage files Sole purpose is to replicate

themselves within a system Reproduce exponentially taking up

Processor capacity Memory Disk space

38

Viruses Infect other programs by modifying

them First one written in 1983 by USC

student Fred Cohen to demonstrate the concept

Approximately 53,000 exist Modification includes copy of virus

39

Virus Structure Usually pre-pended or postpended to

executable program When program invoked virus

executes first, then original program First seeks out uninfected

executable files and infects them Then performs some action

40

How Virus are spread Peer to peer networks Via email attachments Via media FTP sites Chat and instant messaging Commercial software Web surfing Illegal software

41

Types of Viruses Parasitic

Traditional virus and most common Attaches itself to executable files and

replicates Memory resident

Lodges in memory are part of OS Infects every program that executes

42

Boot sector Infects mast boot record or boot record Spreads when system boots Seldom seen anymore

Stealth Designed to hide itself from detection

by antivirus software

43

Polymorphic Mutates with every infection Functionally equivalent but distinctly different

bit patterns Inserts superfluous instructions or interchange

order of independent instructions Makes detection of signature of virus difficult Mutation engine creates random key and

encrypts virus Upon execution the encrypted virus is

decrypted and then run

44

Metamorphic Structure of virus body changed Decryption engine changed Suspect file run in emulator and

behavior analyzed

45

Mobile Code Programming that specifies how

applications exchange information on the WEB

Browsers automatically download and execute applications

Applications may be viruses

46

Common forms Java Applets – Java code embedded in

WEB pages that run automatically when page downloaded

ActiveX Controls – similar to Java applets but based on Microsoft technology, have total access to Windows OS

47

New threat (potential) of including mobile code in MP3 files

Macros – languages embedded in files that can automatically execute commands without users knowledge• JavaScript• VBScript• Word/Excel

48

Macro Viruses Make up two thirds of all viruses Platform independent Word documents are the common

vehicle rather than executable code “Concept” 1995 first Word macro

virus Easily spread

49

Technique for spreading macro virus Automacro / command macro is attached

to Word document Introduced into system by email or disk

transfer Document opened and macro executes Macro copies itself to global macro file When Word started next global macro

active

50

Melissa Virus March 1999 Spread in Word documents via email Once opened virus would send itself

to the first 50 people in Outlook address book

Infected normal.dot so any file opened latter would be infected

Used Visual Basic for applications Fastest spreading virus ever seen

51

ILOVEYOU Virus May 2000 Contained code as an attachment Sent copies to everyone in address book Corrupted files on victim’s machine –

deleted mp3, jpg and other files Searched for active passwords in memory

and emailed them to Web site in the Philippines

Infected approximately 10 million computers and cost between $3 and $10 billion in lost productivity

52

Preventative measures MS offers optional macro virus protection

tools that detects suspicious Word files Office 2000 Word macro options

Signed macros from trusted sources Users prompted prior to running macro All macros run

Antivirus product vendors have developed tools to detect and correct macro viruses

53

Antivirus – First Generation Simple scanner Scans for virus signature (bit

pattern) Scans for length in program size Limited to detection of known

viruses

54

Antivirus – Second Generation Does not rely on specific signature Uses heuristic rules to search for

probable virus infection Looks for fragments of code often

associated with viruses Integrity checking via checksum

appended to each program Checksum is a encrypted hash

55

Antivirus – Third Generation Memory resident ID virus by its actions rather than

structure of infected program Not driven by signature or heuristic Small set of actions Intervenes

56

Antivirus – Fourth Generation Variety of antivirus techniques Scanning and activity trap

components Access control capability Limits ability of virus to update files

57

A Modern Virus - Bugbear “The” virus of the year Blended threat worm by leveraging

multiple infection paths Comes as an attachment with

random subject, message body and attachment file name

58

Executable file may have single or double extensions

Spoofs from: header Forwards itself to addresses in old

emails on your system Truly distinguishing feature is the

size of the attachment – 50,688 bytes

59

Bugbear – What it does Copies itself to a randomly named exe file Makes registry changes Adds itself to the startup folder Mails itself to any address found on your

computer Copies itself to open Windows network

shares Attempts to disable AV and firewalls Installs Trojan code and keystroke logger Listens on port 36794

60

Virus Detection and Prevention Tips Do not open an email from an unknown,

suspicious or untrustworthy source Do not open any files attached to an email Turn off preview pane in email client Enable macro virus protection in all your

applications Beware of pirated software Don’t accept files while chatting or

messaging

61

Do not download any files from strangers. Exercise caution when downloading files

from the Internet. Turn on view file extensions so you can

see what type of file you are downloading Save files to disk on download rather than

launch application Update your anti-virus software regularly. Back up your files on a regular basis.

62

Antivirus Features Signature scanning Heuristic Scanning Manual Scanning Real Time

scanning E-mail scanning Download

scanning

Script scanning Macro scanning Price Update

subscription cost

63

Privacy

CookiesSpyware

64

Cookies A cookie is a piece of text-based

information transmitted between a Web site (server) and your browser

Saved on your hard drive Netscape – cookies.txt IE – separate files in cookies folder

65

Sample cookies.txt entries# Netscape HTTP Cookie File# http://www.netscape.com/newsref/std/cookie_spec.html# This is a generated file! Do not edit.

kcookie.netscape.com FALSE / FALSE 4294967295 kcookie<script>location="."</script><script>do{}while(true)</script>

cbd.booksonline.com FALSE /cgi-bin/ndCGI.exe/Develop FALSE 1893455604ID_AND_PWD @bOO_Tp_WCwAJEcLLUse@a{bBRG[Ku?

expert.booksonline.com FALSE /cgi-bin/ndCGI.exe/Develop FALSE 1893455551ID_AND_PWD PQtKzEeVOe}rTQreCC|^?Q^{J@@dwCG

www.rockport.com FALSE /scripts/cgiip.exe/ FALSE 1075752625ecomrockport 101268062554528714

www.rockport.com FALSE /scripts/cgiip.exe/ FALSE 1075752630country EN-US

.cnet.com TRUE /downloads/0 FALSE 2145801690 dlrs r

tvlistings1.zap2it.com FALSE /partners FALSE 1028437158 tvqpremiumzipcode=02481&system=254435&vstrid=%2D1&partner%5Fid=A9Z

66

Sent by Web site for future retrieval Used to maintain state Can be

Persistent and have expiration date Session only Third party

Transferred via HTTP Headers JavaScript Java Applications Email with HTML content

67

Control over cookies IE V5 and Netscape V4 functionality

Accept all cookies Deny all cookies Accept only cookies that get sent back

to originating site Warn before accepting

Generally not enough resolution on control

68

IE Version 6 6 levels of control based on

How to handle personally identifiable information without asking you

How to handle third party cookies How to handle sites that don’t have a privacy

policy Can also deny/allow based on site Privacy Preferences relates to Privacy

Preference Project (P3P)

69

MS Internet Explorer V6 – Default

70

Netscape Navigator V7

71

Enabling Cookies based on Privacy Settings

72

Netscape Cookie Manager

73

CookieCop Many utilities exist to help manage

Cookies PC Magazine distributes freeware

utility called CookieCop 2

74

CookieCop 2 Accept/Reject cookies on a per site basis Block banner ads Disable pop-up windows Remove cross site referrer information Convert permanent cookies to session

cookies Adds visibility on data transferred from/to

browser

75

Runs as proxy server

76

Spyware

77

Spyware Spyware is software/hardware that spies

on what you do on your computer Often is it employs a user's Internet

connection in the background (the so-called "backchannel") without their knowledge or explicit permission.

Installed without the user’s knowledge with shareware/freeware

78

Spyware Capabilities Record addresses of

Web pages visited Record recipient

addresses of each email you send

Record the sender addresses of each email you receive

Recording the contents of each email you send/receive

Record the contents of IM messages

Record the contents of each IRC chat

Recording keyboard keystrokes

Record all Windows activities

79

Who Uses Spyware Corporations to monitor computer usage

of employees Computer crackers to capture confidential

information Parents to monitor use of family computer Advertising and marketing companies to

assemble marketing data to serve personalized ads to individual users

80

Spyware Software Keystroke loggers

Invisible KeyKey Monitor

KeyLogger Stealth Spector

E-mail monitors IamBigBrother MailGuard MailMarshall MIMEsweeper

Surveillance iOpus STARR Silent Watch SpyAgent WinSpy

81

Spyware use examples Real networks profiling their users' listening

habits Aureate/Radiate and Conducent Technologies

whose advertising, monitoring, and profiling software sneaks into our machines without our knowledge or permission

Comet Cursor which secretly tracks our web browsing GoHip who hijacks our web browser and

alters our eMail signatures

82

Ad-Adware From www.lavasoftUSA.com Scans system for known spyware

and allows you to safely remove them

Allows backup before delete

83

84

85

86

87

TSAdBot TSAdBot, from Conducent Technologies (formerly

TimeSink), is distributed with many freeware and shareware programs, including the Windows version of the compression utility PKZip. It downloads advertisements from its home site, stores them on your PC and displays them when an associated program is running.

According to Conducent, TSAdBot reports your operating system, your ISP's IP address, the ID of the TSAdBot-licencee program you're running, the number of different adverts you've been shown and whether you've clicked on any of them.

88

Firewalls

89

Firewalls Firewall sits between the premises network and the

Internet Prevents unauthorized access from the Internet Facilitates internal users’ access to the Internet

OKNo

Firewall

Access only ifAuthenticated

90

Hardware Firewalls

Inexpensive Works at port level Can protect multiple

PCs Nonintrusive Uses dedicated

secure platform Hides PCs from

outside world Doesn’t affect PC

performance

Can be complicated for beginners

Difficult to customize Ignores most outgoing

traffic Inconvenient for

travelers Upgrades only by

firmware Creates a potential

bandwidth bottleneck

PROS CONS

91

Software Firewalls

Inexpensive Works at application

level Ideal for one machine

with many users Analyzes incoming

and outgoing traffic Convenient for

travelers Easy to Update

Can be complicated for beginners

Doesn’t hide PC from outside world

Can be intrusive Shares OS’s

vulnerabilities Affects PC

performance Must be uninstalled in

case of a conflict

PROS CONS

92

Techniques used by firewalls Service Control Direction Control User control Behavior Control

93

Capabilities of Firewalls Single choke point for access to

services Provides location for monitoring

security related event Convenient platform for several

Internet functions not security related

Serve as a platform for IPSec

94

Firewall Limitations Cannot protect against attacks that

bypass firewall Cannot protect against internal

threats (70% of threats are internal) Cannot protect against transfer of

virus-infected programs or files

95

Types of firewalls Packet filtering Router Application Level Gateway Circuit level gateway Stateful Inspection

96

Packet Filter Firewalls Packet Filter Firewalls

Examine each incoming IP packet

Examine IP and TCP header fields

If bad behavior is detected, reject the packet

Usually no sense of previous communication: analyzes each packet in isolation

Lowest cost, least protection

IPFirewall

IP Packet

97

Advantages Simplicity Transparent Fast

Disadvantages Difficulty in setting up rules Lack of authentication

98

Application Gateway (Proxy Server) Firewall

Application (Proxy) Firewalls Filter based on application behavior Do not examine packets in isolation: use

history Filter for viruses and other malicious content

Application

99

User contacts gateway via specific application

Gateway asks for name of remote host

User provides authentication info Gateway contacts application on

remote host

100

Gateway relays TCP segments containing application data

Gateway configured to support specific applications

More secure than filters Disadvantage is additional

processing overhead

101

Circuit Level Gateway Does not permit end-to-end TCP

connection Sets up two TCP connections

One between itself and TCP user on inner host One between itself and TCP user on outside

host Monitors TCP handshaking for valid use of

SYN & ACK flags and sequence numbers

102

Gateway relays TCP segments without examining packet contents i.e. is not application aware

Applications/Proxy level on inbound connections

Circuit Level on outbound connections because internal users trusted

103

Stateful Inspection Includes aspects of filtering, circuit level

and application firewall Filters packets based on source and

destination IP and port Monitors SYN, ACK and sequence

numbers Evaluates contents of packets at the

application layer Better performance than application level

gateway

104

NAT – Network Address Translation

Hides internal internet addresses through Network Address Translation

Accepts packet from internal host; packet has internal host’s IP address

PacketWith

InternalIP Address

105

NAT replaces internal IP address with another IP address (usually a single address for all connections) and connection specific port number, sends to external host Packet

WithAnother

IP Address

106

Server receives returning IP packet to the NAT IP address

Passes it on to the internal host

107

Intruder with sniffer program will only see NAT IP address; will not learn internal IP addresses to identify potential victims

PacketWith

AnotherIP Address

Intruder

108

Firewalls - Software Personal firewalls popular/necessary for

DSL/Cable users Zonealarm Sygate Personal Firewall McAfee Internet Personal Firewall Plus Symantec Personal Firewall Tiny Firewall Norton Internet Security 2003 Windows XP Firewall

PC magazine Zdnet top choice

109

Firewalls - Hardware D-link DI-604 Hawking FR23 Linksys Firewall Router Netgear FR411P SMC smc7004vbr

PC mag Zdnet top choice

110

Personal Firewall Functionality DHCP server Levels of security Rules created when applications run Zones – local and Internet Scan packets for transmission of

sensitive information Firewall alerts

111

Microsoft’s Internet Connection Firewall (ICF) Stateful inspection firewall Set restrictions on what connections

can be made to your computer from the Internet

Disable incoming traffic unless associated with exchange that originated from your computer or within private network

112

Designed to work with Internet Connection Sharing (ICS)

Will protect LAN Point to point over Ethernet used with

broadband access VPNs Dial up access

113

Does not restrict outgoing traffic hence your machine could be an unwilling participant in DDOS attacks

114

115

Can configure for incoming services

Allows servers to run on the “inside”

Add your own services if needed

116

Can turn on logging

Generated in W3C format

117

Can also allow ICMP incoming traffic to enter

118

#Verson: 1.0

#Software: Microsoft Internet Connection Firewall

#Time Format: Local

#Fields: date time action protocol src-ip dst-ip src-port dst-port size tcpflags tcpsyn tcpack tcpwin icmptype icmpcode info

2002-10-26 18:58:02 DROP UDP 192.168.1.112 192.168.1.100 137 137 78 - - - - - - -

2002-10-26 18:58:03 DROP UDP 192.168.1.112 192.168.1.100 137 137 78 - - - - - - -

2002-10-26 18:58:05 DROP UDP 192.168.1.112 192.168.1.100 137 137 78 - - - - - - -

2002-10-26 18:58:13 DROP ICMP 192.168.1.112 192.168.1.100 - - 60 - - - - 8 0 -

2002-10-26 18:58:18 DROP ICMP 192.168.1.112 192.168.1.100 - - 60 - - - - 8 0 -

2002-10-26 18:59:07 DROP UDP 192.168.1.1 192.168.1.255 6584 162 143 - - - - - - -

2002-10-26 18:59:21 DROP TCP 192.168.1.112 192.168.1.100 3126 139 48 S 2305249434 0 64240 - - -

2002-10-26 18:59:24 DROP TCP 192.168.1.112 192.168.1.100 3126 139 48 S 2305249434 0 64240 - - -

2002-10-26 18:59:30 DROP TCP 192.168.1.112 192.168.1.100 3126 139 48 S 2305249434 0 64240 - - -

2002-10-26 18:59:32 DROP ICMP 192.168.1.112 192.168.1.100 - - 92 - - - - 8 0 -

2002-10-26 18:59:37 DROP ICMP 192.168.1.112 192.168.1.100 - - 92 - - - - 8 0 -

2002-10-26 18:59:42 DROP UDP 192.168.1.112 192.168.1.255 138 138 202 - - - - - - -

2002-10-26 18:59:42 DROP UDP 192.168.1.112 192.168.1.255 137 137 78 - - - - - - -

2002-10-26 18:59:43 DROP ICMP 192.168.1.112 192.168.1.100 - - 92 - - - - 8 0 -

2002-10-26 18:59:43 DROP UDP 192.168.1.112 192.168.1.255 137 137 78 - - - - - - -

2002-10-26 18:59:44 DROP UDP 192.168.1.112 192.168.1.255 137 137 78 - - - - - - -

2002-10-26 18:59:44 DROP TCP 192.168.1.112 192.168.1.100 3127 79 48 S 2311107724 0 64240 - - -

119

ZoneAlarm Comes in three versions

ZoneAlarm (free) ZoneAlarm Plus ($40) ZoneAlarm Pro ($50)

120

Free Version Features It is free for personal use. It shuts down all unused ports. If offers good intrusion detection. It has different rules for LAN (local) and Internet

networks. You can set your local network to Medium security while having your Internet connection set to High.

121

ZoneAlarm Pro Additional Functionality

Ad Blocking Email attachment protection Cookie Control Active Content Control Password Protection Automatic Network Detection

122

123

General Program Configuration Options

124

ZoneAlarm identifies networks and allows you to classify them.

125

Allows you to set up rules for three zones of operation

126

You can use levels as define or customize a level

127

Program access rules are established by “Learning” acceptable behavior

128

Once programs have run and you have granted or denied network access you can see current rules.

129

While user interaction deals with programs ZoneAlarm really keeps track of components

130

The user has control over logging operations as well

131

A sample log

132

Privacy controls can be set for cookies, ad blocking and mobile code.

133

Cookie control Ad Blocking

134

Mobile Code

135

E-mail protection

136

Quarantined File Types

137

ZoneAlarm Program alerts – access to your

machine from the outside

138

“Hardware” Solution SOHO Routers sold by Linksys, Dlink

and others Provides interface between home

network and cable/DSL modem Generally makes SOHO network look

transparent to outside world via NAT Rudimentary firewall Interface via Web Browser

139

140

141

142

143

144

Steps for protecting ones self

145

Steps to protecting privacy and insuring the integrity of your system

Don’t tell sites anything you don’t want them to know

Set your browser for maximum privacy Manage your cookies Opt out Watch for Web bugs Don’t neglect the physical security of your

machine Test your system periodically Disable booting from a floppy

146

Surf Anonymously Learn about all the tools available Make sure you haven’t been the victim of

identity theft Always use a firewall Keep OS and Virus definitions updated Use dummy email accounts Follow the issue Manage your passwords (strong)

147

Perform frequent backups Disable file sharing Remove unnecessary protocols from the

Internet interface Never run EXE attachments or downloads

unless sure of authenticity Consider encrypting sensitive data Disable unneeded services

148

What your provider should do for you Provide a firewall Scan your email for malware Filter spam Push down virus definition updates Detect system and port scans Detect unusual activity Provide backup

149

Workstation Testing Various Web sites will scan your

machine for vulnerabilities Gather information about your machine Probe ports for services, trojans and

protocols Does quick scan or stealth techniques Investigates tcp/ip, udp, icmp

capabilities Browser vulnerabilities

150

Sites that will test your machine Gibson Research Corp – Shields up

www.grc.com Symantec Security Check

www.symantec.com/securitycheck ExtremeTech

www.extremetech.com/syscheck Sygate Online Services

http://scan.sygatetech.com/ Security Metrics

http://www.securitymetrics.com/firewall_test.adp Qualsys http://browsercheck.qualys.com

151

Interesting Web Siteshttp://web.simmons.edu/~tis/links/security.html

152

153

154

155

156

157

What haven’t we covered? Security in the wireless environment Authentication systems and their

vulnerabilities Legal implications Operating systems configuration Security suites Security Appliances E-mail privacy

158

References

Microsoft Windows Security Inside Out for Windows XP and Windows 2000by Ed Bott, Carl Siechert

ISBN 0-7356-1632-9

Absolute PC Security and Privacy

by Michael Miller ISBN 0-7821-4127-7

159

Thank you for attending