Download - Security Administration Tools
![Page 1: Security Administration Tools](https://reader035.vdocuments.mx/reader035/viewer/2022062518/568148b8550346895db5d2df/html5/thumbnails/1.jpg)
Security Administration ToolsHanan Hibshi & Tim Vidas
![Page 2: Security Administration Tools](https://reader035.vdocuments.mx/reader035/viewer/2022062518/568148b8550346895db5d2df/html5/thumbnails/2.jpg)
• Web browser and Web security
• PKI and Secure Communication
• Phishing & Semantic Attacks
• User Education
• Passwords, graphical passwords and alternatives
• Challenge Questions
• Access Control
• Other issues...
Putting it All Together
![Page 3: Security Administration Tools](https://reader035.vdocuments.mx/reader035/viewer/2022062518/568148b8550346895db5d2df/html5/thumbnails/3.jpg)
Why Security Administration?• Hackers. • Attacks.• Vulnerabilities. • Terrorism.• etc.• Thus, we need front liners!
![Page 4: Security Administration Tools](https://reader035.vdocuments.mx/reader035/viewer/2022062518/568148b8550346895db5d2df/html5/thumbnails/4.jpg)
• Security Admin Personnel • Can be one person
• Can be a team
• Scalability: size of organization, cost….
Who?
![Page 5: Security Administration Tools](https://reader035.vdocuments.mx/reader035/viewer/2022062518/568148b8550346895db5d2df/html5/thumbnails/5.jpg)
• Too many things to keep track of. • Monitoring and maintenance of a number of complicated
tasks. • Need to "keep an eye"• Security tools supposed to be "to the rescue"
• Make administrators life easier• Provide them with better reporting and monitoring
• Paper in assigned readings defined a number of factors:• Organizational • Human • Tools themselves
Why can’t one person do it?
![Page 6: Security Administration Tools](https://reader035.vdocuments.mx/reader035/viewer/2022062518/568148b8550346895db5d2df/html5/thumbnails/6.jpg)
• Network Traffic and Packet analyzers
• Wireshark, TCP Dump, Cain and Able (PW), Ntop, Netcat
• Vulnerability Testing
• Metasploit, Nessus
• Intrusion Detection Systems (IDS)
• Snort, Splunk
• File/host integrity tools
• Tripwire
• Others
• OpenSSH honeypots, Scripting tools, Websecurity
Common Tools
![Page 7: Security Administration Tools](https://reader035.vdocuments.mx/reader035/viewer/2022062518/568148b8550346895db5d2df/html5/thumbnails/7.jpg)
Wireshark - ScreenShot
![Page 8: Security Administration Tools](https://reader035.vdocuments.mx/reader035/viewer/2022062518/568148b8550346895db5d2df/html5/thumbnails/8.jpg)
Wireshark – Screenshot 2
![Page 9: Security Administration Tools](https://reader035.vdocuments.mx/reader035/viewer/2022062518/568148b8550346895db5d2df/html5/thumbnails/9.jpg)
TCPdump – Screenshot
![Page 10: Security Administration Tools](https://reader035.vdocuments.mx/reader035/viewer/2022062518/568148b8550346895db5d2df/html5/thumbnails/10.jpg)
Cain and Abel
![Page 11: Security Administration Tools](https://reader035.vdocuments.mx/reader035/viewer/2022062518/568148b8550346895db5d2df/html5/thumbnails/11.jpg)
Ntop – Screenshot
![Page 12: Security Administration Tools](https://reader035.vdocuments.mx/reader035/viewer/2022062518/568148b8550346895db5d2df/html5/thumbnails/12.jpg)
Ntop – Screenshot 2
![Page 13: Security Administration Tools](https://reader035.vdocuments.mx/reader035/viewer/2022062518/568148b8550346895db5d2df/html5/thumbnails/13.jpg)
Metasploit - Screenshot
![Page 14: Security Administration Tools](https://reader035.vdocuments.mx/reader035/viewer/2022062518/568148b8550346895db5d2df/html5/thumbnails/14.jpg)
Nessus - Interface
![Page 15: Security Administration Tools](https://reader035.vdocuments.mx/reader035/viewer/2022062518/568148b8550346895db5d2df/html5/thumbnails/15.jpg)
Snort - Screenshot
![Page 16: Security Administration Tools](https://reader035.vdocuments.mx/reader035/viewer/2022062518/568148b8550346895db5d2df/html5/thumbnails/16.jpg)
Problems• GUI vs. Command line • Technical background • Is usability important anyway?• Issues:
• Too much to look at• No single data format for output• Out-of-sync clocks• The human!
![Page 17: Security Administration Tools](https://reader035.vdocuments.mx/reader035/viewer/2022062518/568148b8550346895db5d2df/html5/thumbnails/17.jpg)
Some Proposed Solutions• Visualizations• Training users
• Understand implications • Understand least privilege
• Understanding different players: organization, human, tools• Improving IDS Usability
• Assist users with configuration and installation• Some other recommendations
• Heuristics evaluation • Developed ITSM Heuristics • Compared ITSM to Nielsen’s Heuristics • With ITSM Heuristics, more problems were found