powerpoint presentation
TRANSCRIPT
![Page 1: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/1.jpg)
System Hardening
Defense in Depth—at home and on the road
![Page 2: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/2.jpg)
System Hardening
• Wi-Fi security– At home– Away from home
• Windows system hardening
• Mac OS X system hardening
![Page 3: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/3.jpg)
Wi-Fi security
• Question 1: Do I need wi-fi?– Don’t own any
wireless devices? Don’t buy a wireless router!
– A regular, wired-only router is cheaper and offers one less attack vector
![Page 4: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/4.jpg)
Wi-Fi security
• Question 2: What kind of wireless router should I buy?– Good security– Blazing speeds– Bleeding-edge technology
![Page 5: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/5.jpg)
What about 802.11n?
• Pre-N, draft n, MIMO-based
• Backward compatible
• Finalized December 2009
![Page 6: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/6.jpg)
Wi-Fi security
• Encryption: scramble your stuff– WEP = worthless– WPA has issues– WPA2 is best
![Page 7: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/7.jpg)
EVERYBODY PANIC!WPA-TKIP HAS BEEN CRACKED!
• WPA-TKIP partially cracked– Attacker needs 12-15 minutes of access– Data encryption remains intact (for now)
– Can be used to DoS, circumvent firewalls, poison ARP cache
![Page 8: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/8.jpg)
EVERYBODY PANIC!WPA-TKIP HAS BEEN CRACKED!
• What can you do?– Don’t panic.– Use WPA2!– Use a network range other than
192.168.0.x
![Page 9: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/9.jpg)
Wireless Router Hardening
• Choose a strong pre-shared key
• Patch, patch, patch!
![Page 10: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/10.jpg)
Wireless Router Hardening
• Change SSID (network name)
• Enable MAC address filtering
![Page 11: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/11.jpg)
Wireless Router Hardening
• DISABLE REMOTE MANAGEMENT!
• Limit the number of connections allowed
• Disable “respond to ICMP Ping”
![Page 12: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/12.jpg)
Wireless Router Hardening
• Disable the DMZ (Demilitarized Zone)
• Disable UPnP
![Page 13: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/13.jpg)
Wireless Router Hardening
• Change the default IP address of the router
• Change admin password
• Enable the firewall
![Page 14: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/14.jpg)
Wireless Router Hardening
• Consider switching to OpenDNS– Helps filter out malicious websites, can
also filter other types of “blue” content• Content filtering is user configurable
![Page 15: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/15.jpg)
Securing your network…
Get rid of old wireless hardware!
![Page 16: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/16.jpg)
Personal Computer Security
• Develop some new good habits
• Remember, cybersecurity breaks can and will happen to you
• An ounce of prevention is worth a pound of cure!
![Page 17: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/17.jpg)
Personal Computer Security
• No matter your platform, you should…– Have separate accounts for each user– Protect ALL accounts with a password– Run as a “non-privileged” user– Use an inactivity time-out that locks the screen– Use a firewall– Perform regular backups– Use antivirus software (yes, Mac users, you too!)
![Page 18: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/18.jpg)
Computer Accounts
• For our purposes, there are two types of accounts on a system:– Administrator (or root)– User (or non-privileged user)
• Administrator accounts have unlimited power– With great power comes great responsibility (nerd alert! )
– Administrator accounts are needed to install new software, configure network settings, install printers, etc.
– Malicious websites and programs take advantage of that power to compromise your system
![Page 19: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/19.jpg)
Computer Accounts
• “User” or “non-privileged” accounts– Generally can’t install software (any
programs installed will run at that user’s privilege level)
– Can’t make configuration changes to firewall, AV, and other critical system components
![Page 20: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/20.jpg)
Running as a non-privileged user
• Good news:– Less vulnerable to “drive by downloads”
and other malware– Less likely to accidentally modify settings
to critical system components– Malware runs at non-privileged level, does
less damage
![Page 21: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/21.jpg)
Running as a non-privileged user
• The “bad” news:– Config changes, installing software needs
admin rights– Some programs misbehave when asked to
run at a non-privileged user level
![Page 22: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/22.jpg)
Computer Security: The Basics
• Many security problems can be alleviated just by keeping your software up to date!– Enable Automatic Updates (Win) or
System Update (Mac) to download and install automatically
– Allow add-on programs like Adobe Reader and QuickTime to check for updates automatically
![Page 23: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/23.jpg)
Computer Security: The Basics
• Uninstall software you no longer use– Forgotten, unpatched software may make
your machine more vulnerable
• Look gift horses in the mouth– Just because that blinking ad banner says
to download that free software doesn’t make it a good idea!
![Page 24: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/24.jpg)
Computer Security: Firewalls
• Both Windows and Macintosh computers come with firewalls– Windows XP Service
Pack 3 & Vista enable firewall by default
– Mac OS X may not enable its firewall by default
![Page 25: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/25.jpg)
Computer Security: Firewalls
• To enable the Windows XP Internet Connection Firewall (ICF):– Click StartControl Panel and select Security
Center– Under "Manage security settings for:" click
Windows Firewall. Make sure that the radio button next to "On" is selected.
– If you open this panel and find that your firewall options are “greyed out,” there is a good chance your computer is infected with malware.
![Page 26: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/26.jpg)
Computer Security: Firewalls
• The Windows XP firewall does not do any outbound filtering by default.– Consider a 3rd party firewall– Many good free options, even more good
paid options– Free: Comodo Firewall Pro, ZoneAlarm– Paid: Kerio, ZoneAlarm, simple home
router/firewalls (network-based)
![Page 27: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/27.jpg)
Computer Security: Firewalls
• Windows Vista firewall• Looks and feels just like XP firewall
– Unlike XP, does inbound and outbound filtering
• Access via Control PanelSecurity CenterWindows Firewall
• Network based firewall is still a good addition!
![Page 28: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/28.jpg)
Computer Security: Autorun
• a.k.a. “Autoplay”
• Disable it!– Used by Conficker, other malware
![Page 29: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/29.jpg)
Computer Security: Antivirus
• Antivirus ≠ panacea!
• Antivirus software is a piece of the puzzle
• Corrective at best
• No computer should be without it
![Page 30: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/30.jpg)
Computer Security: Antivirus
• Have you paid your subscription fee?
• Check for updates every 30 mins
• Never try to run more than one AV package at once!
![Page 31: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/31.jpg)
Computer Security: Antivirus
![Page 32: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/32.jpg)
Computer Security: Anti-spyware
• There are several excellent free anti-spyware tools available
• “Active protection” may conflict with your antivirus software
• “Passive protection” shouldn’t cause a problem
![Page 33: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/33.jpg)
Computer Security: Anti-spyware
• Malwarebytes
• Spybot Search & Destroy
• Microsoft Windows Defender
• Ad-Aware
• Spyware Blaster
![Page 34: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/34.jpg)
Computer Security: Other utilities
• HijackThis
• CCleaner
• TrendMicro Housecall
![Page 35: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/35.jpg)
Computer Security: Surf Safer
• Get away from Internet Explorer
• Switch to Firefox for day-to-day browsing (you too, Mac users)– Use add-ons– Keep your helper apps updated
![Page 36: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/36.jpg)
Computer Security: Surf Safer
• Hardening Firefox– ToolsOptions (FirefoxPreferences on
Mac OS X)– Warn about add-ons, warn about forgeries
should both be checked– Uncheck “remember passwords for sites”
![Page 37: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/37.jpg)
More Firefox hardening…
• addons.mozilla.com has lots of add-ons for Firefox:– NoScript (blocks scripted content from running)– Adblock Plus (blocks ads and possible malicious page
elements)– Filterset.G updater (downloads preconfigured filterset for
Adblock Plus)– Plugins work in Firefox for the Mac too!
• McAfee SiteAdvisor www.siteadvisor.com– can help prevent you from clicking on malicious websites by
warning you about their content
![Page 38: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/38.jpg)
Internet Explorer Hardening
• IE 7 & 8 have built-in anti-phishing features, IE 6 does not– McAfee Siteadvisor is also available for IE!– Google Toolbar has some nice anti-
phishing features as well– Only use Internet Explorer when a site
doesn’t function properly in Firefox
![Page 39: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/39.jpg)
Computer Security: Mac OS X
• Despite what you hear in the ads, Macs can:– Get hacked– Get malware– Get viruses
![Page 40: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/40.jpg)
Computer Security: Mac OS X
• Mac OS X is a pretty GUI shell on a powerful UNIX OS– The power of Mac OS X makes it a very
flexible platform for hackers, too!
![Page 41: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/41.jpg)
Computer Security: Mac OS X
• Remember all that stuff we said about Windows?
• Mac OS X isn’t vulnerable to Windows malware– It can pass it on!
![Page 42: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/42.jpg)
Computer Security: Mac OS X
• Many of the “best practices” we’ve already discussed apply to Mac OS X– “user” vs. “admin” accounts– use antivirus– use a firewall– beware of malware
![Page 43: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/43.jpg)
Computer Security: Mac OS X
• Enable the firewall!– System PreferencesSharing (10.4)– System PreferencesSecurity (10.5)
![Page 44: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/44.jpg)
Computer Security: Mac OS X
• Filevault– Encrypts your Home directory (not the
entire hard drive)– Make sure you store the master password
in a safe place—if it is lost, data cannot be recovered
![Page 45: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/45.jpg)
Computer Security: Mac OS X
• Other security settings:– Require password to wake from screen
saver– Disable automatic logins– Use secure virtual memory– Disable remote control infrared receiver
![Page 46: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/46.jpg)
Computer Security: Mac OS X
• Don’t enable services!– Sharing preference pane– Uncheck everything
![Page 47: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/47.jpg)
On the Road: WiFi security
• Attackers may set up fake WiFi access points– “Free WiFi” isn’t realy free– Malicious hotspots may be used for Man In
The Middle attacks
![Page 48: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/48.jpg)
On the Road: WiFi security
• Only connect to trusted WiFi providers– How much do you really trust them?
• Use a VPN connection if you need to handle sensitive data
![Page 49: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/49.jpg)
On the Road: WiFi security
• Using your laptop but not connecting to a network? Disable the wireless radio!
![Page 50: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/50.jpg)
On the Road: Laptop Security
• Taking a computer with you introduces additional security issues!– Higher risk of theft– Connecting to untrusted networks– Protecting data in case of theft
![Page 51: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/51.jpg)
On the Road: Laptop Security
• Every account on your laptop should have a strong password!
• Use encryption, especially if you carry sensitive data with you
• Never leave your laptop unattended
![Page 52: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/52.jpg)
Security Testing @ Home
• ShieldsUP!– www.grc.com– Scans your computer for open ports, can help you identify
problems (Windows and Mac OS X)
• LeakTest– www.grc.com– Tests your computer’s firewall (Windows only)
• Microsoft Baseline Security Analyzer– www.microsoft.com/technet/security/tools/mbsahome.mspx– Windows only
![Page 53: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/53.jpg)
Security Resources
• Be SeKUre blog– http://www.besekure.ku.edu
• US-CERT Mailing Lists– www.us-cert.gov/cas/signup.html
• Microsoft Security At Home blog– www.microsoft.com/protect/default.mspx
• SecureMac.com– www.securemac.com
• MacInTouch– www.macintouch.com
![Page 54: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/54.jpg)
Questions?
![Page 55: PowerPoint presentation](https://reader033.vdocuments.mx/reader033/viewer/2022052823/5554e9ffb4c90566278b4b64/html5/thumbnails/55.jpg)
Contact
Julie C. Fugett, CISSP, CCEInformation Security Analyst
IT Security Office(785)864-9003
www.besekure.ku.edu