1© David Morgan 2008-11Computer securityComputer securityDavid Morgan© David Morgan 2008-11Personal securityPersonal security--so disparate itso disparate it’’s incoherent!s incoherent! wearing seat belts changing ATM pin taking vitaminsRelated only in the loosest sense. Have in common only that they protect your person somehow.2© David Morgan 2008-11Computer securityComputer security--so disparate itso disparate it’’s incoherent!s incoherent! password selection firewalling log analysisRelated only in the loosest sense. Have in common only that they protect your computer somehow. © David Morgan 2008-11Some computer security categoriesSome computer security categories local security network security application security prevention, detection, recovery3© David Morgan 2008-11Some elements ofSome elements oflocal securitylocal security physical security BIOS security bootloader security user and group adminstration filesystem permissions process UIDs© David Morgan 2008-11More elements ofMore elements oflocal securitylocal security backing up logging events updating software avoiding unneeded software encrypting data hiding data4© David Morgan 2008-11Some elements ofSome elements ofnetwork securitynetwork security packet capture firewalling port scanning denial of service packet injection tunneling/tunnel encryption remote redirection of backups and logs traffic monitoring public-key cryptography for remote communication wireless communication© David Morgan 2008-11Some elements ofSome elements ofapplication securityapplication security stack overflow vulnerability wrapping services multiplexing services specific server program vulnerabilities– file transfer servicews-ftp’s vulnerabilitiesvsftpd’s vulnerabilities– web serviceapache’s vulnerabilities– name serviceBIND’s vulnerabilities5© David Morgan 2008-11Some elements ofSome elements ofprevention, detection, recoveryprevention, detection, recovery security scanning and audit hardening programs log analysis programs intrusion detection virus detection filesystem encryption rootkits© David Morgan 2008-11Computer securityComputer security broad ununified changing “security system” vs “system
View Full Document