Unformatted text preview:

Computer & Internet SecurityToday’s Situation – Universal Access…Today’s Situation – Vulnerable Computers…Today’s Situation – Opportunities for Abuse…Slide 5How Can the Situation Affect You?…Practical Aspects of Securing Our Computers…Basic Security Recommendations……Basic Security Recommendations……Basic Security RecommendationsEmail SecurityQuestions?Computer & Internet SecuritySean Lanham, CISSP - ISOUniversity of Texas at ArlingtonInformation Security OfficeToday’s Situation – Universal Access…•There are millions of people with Internet access. (Do we know the actual number?)•All of them can communicate with your internet connected computer.•Anyone can rattle the door to your computer to see if its locked. •On the UTA network, someone tries on a hourly basis.Today’s Situation – Vulnerable Computers…•A large number of computers are vulnerable to being taken over remotely because of:–Unfixed software defects–Operating and configuration errors–Core architectural vulnerabilities•Exploitation of vulnerable computers is increasingly trivial, quick, and almost risk-free by relatively unsophisticated individuals. One person or one program can wreak havoc.Today’s Situation – Opportunities for Abuse…•To break into a safe, the safe cracker needs to know something about safes.•To break into a computer, the computer cracker often only needs to know where to download a program written by someone else who knows something about computers.•Such programs are freely available all over the Net.Today’s Situation – Opportunities for Abuse…Source: Defense Information System Agency1980 1985 19901995 20002003highlowIntruderKnowledgeSelf replicatingcode Passwordguessing Passwordcracking Disablingaudits HijackingsessionssweepersStealthdiagnosticsPacket spoofingsniffersExploiting knownvulnerabilitiesback doorsGUIAutomatedprobes/scansDenial of servicewww attacksTrojan horse/remote control programsDistributedDenial of serviceAttackSophisticationParameter tamperingBinder programsToolsAttackersPhishingHow Can the Situation Affect You?…•A compromised computer provides access to all accounts, keystrokes, and resident data. Account and keystroke information can be used to access other resources.–Operational Difficulties–Email and documents–Financial transactions–Identity Theft–Criminal Use of ComputerPractical Aspects of Securing Our Computers…•We can secure something so well that it is unusable.•Security is relative, not absolute.–Some amount of money, time, and/or motivation will surmount almost any security measure.–Luckily, a lot of computer crime is not targeted at a specific victim but is instead a crime of opportunity.•“Security is a process, not a product.” Bruce Schneier–We can’t buy security. We have to live it.Basic Security Recommendations…•There is no substitute for common sense.–Giving out bank or credit card numbers over the Internet is no different than giving them out over the telephone.–Taking action based on the apparent sender of email is little different than taking action based on the return address of a typewritten postcard.–Running a program from an unknown source is little different than eating food found on the street.–Not maintaining our computers is little different than not maintaining broken windows and doors. Unfortunately, computers need much more maintenance…the vendors just don’t include that fact in their marketing literature.…Basic Security Recommendations…•Run anti-virus software that automatically updates itself.http://www.uta.edu/antivirus•Visit the Windows Update Site once a month.•Treat all email attachments with caution. •Treat file downloads with caution.•Choose strong passwords. •Be careful where you type your passwords or any other personal information.…Basic Security Recommendations•If you receive unwanted email (SPAM) don’t reply to it. Just delete it. If it continues, save copies and notify OIT Security Services.•Don’t believe everything you see on the Internet. Email addresses are easily falsified. Professional looking web pages can be put up by almost anyone these days.•Don’t ignore warnings from your computer.Email Security•Antispam–Symantec Brightmail (old)•False positives•Unreliable statistics•1 year of data–IronPort (new)•1st Q. 145.1M / 137.4M – 95%•2nd Q. 176M / 168.1M – 96%•3rd Q. 292M / 283.2M – 97%•Projected for entire year 940M / 895.7M – 94%Questions?Sean LanhamOffice of Information TechnologyInformation Security Officewww.uta.edu/security(817)


View Full Document

UT Arlington CSE 1105 - Computer And Internet Security

Download Computer And Internet Security
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view Computer And Internet Security and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Computer And Internet Security 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?