Introduction to Computer Security. Common Security Terminology Password Cracking Biometrics Public Key Cryptography SSL Man-in-the-Middle Attack Zombies.

Introduction to Computer SecurityIntroduction to Computer Security

Common Security TerminologyCommon Security Terminology Password Cracking Biometrics Public Key Cryptography SSL Man-in-the-Middle Attack Zombies Denial of Service Attack Key Logging Software Firewalls Security Exploit

TerminologyTerminology Password Cracking

• Password Cracker– An application that tries to obtain a password by

repeatedly generating and comparing encrypted passwords or by authenticating multiple times to an authentication source.

– Repeatedly trying to access your accounts

• Common methods of Password cracking– Brute Force– Dictionary

TerminologyTerminology Password Cracking (cont’d)

• Passwords are usually stored in an encrypted form with a one way encryption algorithm

– If this data is compromised, password cracking can be moved to a standalone system for easier control and speed of cracking.

TerminologyTerminology Biometrics

• Science and technology of measuring and statistically analyzing biological data

• When used in Information Technology it usually refers to the use of human traits for authentication

• This method can include fingerprints, eye retinas and irises, voice patterns, and a host of other consistent biological data

TerminologyTerminology Public Key Cryptography

• Two Keys, “certificates”, are available for each resource, one public and one private

• As the names imply, the public key can be shared freely while the private key is kept secret

• Items encrypted using the public key are decrypted using the private key and conversely anything encrypted with the private key can be decrypted with the public key

• This method of encryption is used to ensure secure communication is only between a valid, “known”, sender and recipient

TerminologyTerminology SSL

• “Secure Sockets Layer”• Uses Public Key Cryptography• Negotiates a method to encrypt communication

between a client and server• Allows other network protocols to connect “over

top” of it, such as web browsing and e-mail protocols

• “Transport Layer Security” (TLS) is a variant of SSL used to negotiate encryption within the network protocol being used

TerminologyTerminology Man-in-the-Middle Attack

• A system between two hosts that either passively watches traffic to gain information used to “replay” a session or actively interferes with the connection, potentially imitating the remote system

TerminologyTerminology Zombies

• Computer system infected by a virus or Trojan horse that allows the system to be remotely controlled for future exploits

• These systems may be used to send large amounts of spam e-mail or take part in Distributed Denial of Service (DDoS) attacks

TerminologyTerminology Denial of Service Attack (DoS)

• Sending large amounts of data and requests to a remote system in order to inundate the remote computer or network

• A Distributed DoS is a coordinated effort by a number of systems to perform a DoS on a single host

TerminologyTerminology Key Logging Software / Hardware

• Software installed on a system to capture and log all keystrokes

• Hardware installed between the keyboard and computer used to capture and log all keystrokes

Security Exploit• A software bug, or feature, that allows access to

a computer system beyond what was originally intended by the operator or programmer

TerminologyTerminology Firewall

• Network hardware device or software used to filter traffic to and from the connected resources

• Ranges from simple filters, blocking certain services and protocols, to more complex systems that plot network traffic patterns

• Local operating system firewalls are referred to as “personal firewall software”

Firewall

Password SecurityPassword Security Password limitations

Reasons for complex passwords

Helpful suggestions for creating complex passwords

Future password requirements

Password SecurityPassword Security According to CERT/CC (Computer

Emergency Response Team / Coordination Center) approximately 80% of all network security issues are caused by bad passwords

Computer to Computer authentication can use large keysets and complex encryption while Human to Computer authentication relies on much easier methods

Password SecurityPassword Security Password Limitations and why they are in

place• Password Expiration

– Decreases the chances of your password being cracked

• Complex Passwords– Requiring complexity actually increases the possible

character combinations required by brute-force cracking

• Password Length Requirements– The longer your password the more possible

character combinations are present and the harder it is to crack

Password SecurityPassword Security Dealing with Password Limitations

• Password lockouts– If a certain number of login attempts fail within a

given timeframe the account is automatically locked out for a preset amount of time

– Using this limitation stops brute force authentication attempts

• Dictionary Checks– Simple checks against common dictionaries are used

to increase password complexity

Password SecurityPassword Security Are Password rules too complex?

• With the increase of computer hardware speed and the decrease of computer prices, we can use more advanced methods to keep security high

• Post-it Notes– Is your computer in a locked room?– Who has physical access to your system?– A majority of system attacks originate through the

network.

Password SecurityPassword Security Suggestions for Complex Passwords

• Think of a phrase and use the first characters of each word, mixing case and adding numbers and special characters

– It is good to change your password every 6 months = Iig2cyPe6m

– UI vandals are number one = UiVdlsR#1

• Using a favorite word or phrase and breaking it up with numbers and special characters

– Happy = Hap3py1– Motorcycle = M0tor6cyc!e

Password SecurityPassword Security Possible Future Password Requirements

• Decreasing password expiration time

• Certificate authentication

• Use of Biometrics

• Two part identification, where you use a password and another physical item

Password SecurityPassword Security Passwords are like Underwear!

• Don’t leave yours lying around

• Don’t Share them with friends

• The longer the better (cold weather)

• Change yours often

• Be mysterious

E-mail SecurityE-mail Security Some common E-mail protocols

Secure E-mail protocols at the UI

E-mail SecurityE-mail Security Common E-mail protocols

• POP– Post Office Protocol

Older protocol for downloading messages from an INBOX

• IMAP– Internet Message Access Protocol

Full featured mail folder access

• SMTP– Simple Mail Transfer Protocol

Standard for sending and receiving e-mail between clients and servers, and from server to server

• MAPI– Mail Application Programming Interface

A set of communication methods and standards used predominately between Microsoft e-mail clients and servers

E-mail SecurityE-mail Security Secure protocols in place at the University of

Idaho• POPS

– Pop mail over an SSL connection

• IMAPS– IMAP over an SSL connection

• SMTP+TLS– Negotiation of a TLS/SSL connection after connecting

• All popular e-mail clients support the use of these protocols

Web SecurityWeb Security Web specific definitions

• HTTP• URL• SSL• Spyware / Adware• Web browser updates

Some common methods of Web Security

Web SecurityWeb Security HTTP (Hyper Text Transfer Protocol)

• Modern web browsers are capable of using multiple protocols to download content although most data transfers use HTTP

URL (Uniform Resource Locator)• “Web Address”• protocol://server/resource• http://www.uidaho.edu/registrar

Web SecurityWeb Security SSL (Secure Sockets Layer)

• Very important on insecure networks such as wireless

• How to verify SSL in a browser– https: -- the web address begins with https meaning

the connection is using HTTP over SSL– Look for a lock icon – Internet Explorer may display a Security Alert that

states “you are about to view pages over a secure connection”

Web SecurityWeb Security SSL (cont’d)

• Certificate Authorities– A “CA” is an entity that issues certificates

– If you “trust” a CA you will trust the certificates issued by that CA

– Web browsers come with a standard collection of common certificate authorities including Verisign, Geotrust, Thawte, and a number of others

– Be wary of untrusted certificates as it has the potential of being a man-in-the-middle attack

Web SecurityWeb Security SSL (cont’d)

Web SecurityWeb Security Spyware / Adware

• Spyware is software designed to intercept or take partial control of a computer with out the express consent of the operator

• Adware is similar to spyware except it is used primarily for advertising purposes and may have provided the user with information about its operation

• Regardless of the network level security, when browsing, spyware will have access to your data

Web SecurityWeb Security Web Browser Software Updates

• Update, Update, Update

• Security exploits can use your web browser to access your system, install software, delete data, spread viruses, and much, much more.

Peer-to-Peer File sharingPeer-to-Peer File sharing What is Peer-to-Peer File sharing

Common applications

Common issues to consider when using P2P

How to protect yourself when using P2P

Peer-to-Peer File sharingPeer-to-Peer File sharing Peer-to-Peer File sharing, or P2P, is using

software to facilitate the transfer of data between two systems without the need for a central file server

Common P2P applications are:• Kazaa• eDonkey• Morpheus• Gnutella Clients (Limewire, Bearshare)

Peer-to-Peer File sharingPeer-to-Peer File sharing Common issues with P2P file sharing

• Copyright issues

• Spyware / Adware

• Zombies– Remote control

• Key logging

• Security exploits

• Sharing unexpected information

Peer-to-Peer File sharingPeer-to-Peer File sharing How to protect yourself when using P2P

• Install Antivirus– Symantec Antivirus

• Check for operating system and software updates regularly

• Install Spyware Detection Software– Microsoft Defender Beta 2– Spybot– Adaware