network security aka cybersecurity monitor and manage security risks at the network level for the...
TRANSCRIPT
Network Securityaka CyberSecurity
• Monitor and manage security risks at the network level for the entire Johns Hopkins Network.
Everyone & Everything is Connected
• Radio – 35 years to reach 50 million • TV – 15 years to reach 50 million• W.W.W. – 5 years to reach 50 million
Risky Business
• Johns Hopkins Network is appr. 75,000 nodes• Approximately 20% are unsecure• Approximately 50,000 hits on our top 10 IDS
rules
Hackers/Crackers/Script Kiddies ?
Script kiddiesLess skilled than traditional hackers. These “skiddies” often use tools developed by others without completely understanding the basics.
CrackerComputer-savvy programmer createsattack software
HackerA hacker is a person who breaks into computers and computer networks for profit, as a protest or for the challege
Social EngineeringI need a
password reset. What is the
password set to?
This is John, the System
Admin. What is your
password?
Email:
ABC Bank has
noticed a
problem with
your account…
I have come to repair your
machine…and have
some software patches
Phishing = Fake Email!ABC Bank
Your account has been compromised. We need you to click the following link and verify your password, pin number and social security number
PhishingPhishing is a way of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity
VictimMy account was what?!
Pharming = Fake Webpages
PharmingLike phishing, malicious users will create web pages that look exactly the same as legitimate ones. The only difference is where your data is going!
Worms
Network worms are self-replicating malware which uses the computer network to send copies of itself to other computers
Some worms come in the form of a phishing email. When the victim clicks the link inside, it begins to infect the victim machine. Then sends the link to all the accounts in the users address book
How are we protecting you?
Defense in Depth •Border Router•Perimeter firewall•Internal firewall•Intrusion Detection System•Policies & Procedures & Audits•Authentication•Access Controls
Firewalls
The good, the bad &the ugly…
Filter
The bad &the ugly
The Good
Route Filter: Verifies sources and destination of IP addressesPacket Filter: Scans headers of packets and discards if ruleset
failed (e.g., Firewall or router)Content Filter: Scans contents of packets and discards if ruleset
failed (e.g., Intrusion Prevention System or firewall)
Intrusion Detection/Prevention Systems
Network IDS=NIDS• Examines packets for attacks• Can find worms, viruses, org-defined attacks• Warns administrator of attack