system defense
DESCRIPTION
System Defense. Defending Home Networks. Introduction. Computer Security What it’s not Person, Place or Thing What it is Independent Of Network OS Of Host OS Of Application Process Achievable. Why Computer Security?. Data Integrity Confidentiality Availability Non Repudiation - PowerPoint PPT PresentationTRANSCRIPT
System Defense
Defending Home Networks
Introduction
• Computer Security• What it’s not
• Person, Place or Thing
• What it is• Independent
– Of Network OS– Of Host OS– Of Application
• Process• Achievable
Why Computer Security?
Data IntegrityConfidentialityAvailabilityNon RepudiationIdentificationAuthentication
Identify Risk
• Physical Access• Humans
• Application Runtime• Browser
• IM
• Network Access
Risk Vectors
Browser
Consol
PhysicalHost
RemovableMedia
Application
FTP SMTP snmpICQIM
Network
Defend Yourself
• Know your system• What it is
• What’s on it
• What Changes on it
• Who is using it
• Who can use it
• Patch vulnerabilities
The Onion of SecurityHARDWARE
File System
HOSTOS Config
App Config
LAN
WAN
HARDWARE
File System
File SystemPhysical Protection
BIOS Password
File Integrity
Anti Virus Scanner
File System Encryption
Host DefensesHARDWARE
File System
HOSTOS Config
Host based Firewall
Host based IDS
Configuration Management
Patch Maintenance
Auditing
IP Restrictions
Backup
Application DefensesHARDWARE
File System
HOSTOS Config
App Config
Configuration
Patch
Encrypt
Auditing
Access Control
LAN Defenses
HARDWARE
File System
HOSTOS Config
App Config
LAN
LAN Based IDS
Ensure Hosts Authenticate
Router Based ACL
WAN Defenses
HARDWARE
File System
HOSTOS Config
App Config
LAN
WAN
Router Based ACLFilter Both Directions
Implement NAT
Firewall
Resources
• Firewalls• Linux
• Back it up with an IDS
• Tiny Firewall – www.tinysoftware.com
• Zonelabs – www.zonelabs.com
• Netscreen - www.netscreen.com
Resources
• IDS• Port Sentry - www.psionic.com
• Snort – www.snort.org
• AracNIDS - http://www.whitehat.org
Resources
• Configuration advice• Microsoft –
www.microsoft.com/technet/treeview/default.asp?url=/technet/security/tools/tools.asp
• Linux –www.cert.org/security-improvement/index.html
• Benchmark – www.cisecurity.org
Resources
• Vulnerability Awareness.• www.securityfocus.com - Bugtrak.• www.nessus.org – Nessus Scanner.• www.sans.org/top20.htm - SANS/FBI Top 20 Vulnerabilities.• www.cert.org - Carnegie Mellon CERT.• www.nipc.gov/warnings/computertips.htm - The National Infrastructure Protection Center.
• Best Newsletter - http://www.neohapsis.com/.
• http://www.cio.com/research/security.
Resources• Encryption
• OpenPGP – www.openpgp.org
• File integrity• MD5• Tripwire - www.tripwire.com/products/linux/
• www.tripwire.org• Port Scanner - NMAP – www.nmap.org• AV Software - McAfee• Pest Patrol
Q&A