annual safety & security briefing - 9/22/04 teresa downey – slac computer security group &...
Post on 21-Dec-2015
218 views
TRANSCRIPT
Annual Safety & Security Briefing - 9/22/04
Teresa Downey –
SLAC Computer Security Group
& SCS Applications Group
Computer Security Contact Info
(650) 926-HELP (SCS Helpdesk) Leave “critical” message if
after work hours, assuming the issue _is_ critical
Computer Security Staff: Robert Cowles
Security Group Manager x4965
Gary Buhrmaster x2294
John Halperin x2257
Teresa Downey x2903
E-Mail Phishing Spoofed e-mails – forged From: address Usually paired with fraudulent websites Trying to get personal financial info or
accounts/passwords, etc. “identity theft” Several SLAC personnel have reported these They are usually tagged as [SPAM:### Don’t reply to them or click in them
Forged FDIC E-mail
Official-looking, threatening e-mail
This slide shows you forged URL and the
real one
Fake FDIC Website
Most people would not realize this is not the
real FDIC.gov website
They exploited a flaw in the browser accomplish
this redirection
E-mail With Virus Attached
A way to get people to download virus and
infect their own machine
Patches are not sent via email!
SLAC E-mail Virus Protection
SLAC Gateway
Exchange Server
Scan for Virus & Remove Executables
Scan for Virus & Remove Executables
Computer Patching
Automated Patching Strongly Encouraged Windows Systems in Active Directory Linux & Solaris Systems running Taylor
Home User Patching Tools Linux: run an auto-patching tool (e.g. up2date for
RedHat) – unsure? Ask unix-admin@slac Mac OS X: use Software Update tool Windows: see next 2 slides