Topics in Internet Security A&D Lunch & Learn Brown Bag Friday, August 19, 2011 Brian Allen, CISSP [email protected] Network Security Analyst, Washington University in St. Louis http://nso.wustl.edu/presentations/
Dec 27, 2015
Topics in Internet Security
A&D Lunch & Learn Brown BagFriday, August 19, 2011
Brian Allen, [email protected]
Network Security Analyst,Washington University in St. Louis
http://nso.wustl.edu/presentations/
Let’s Talk About
• Facebook Privacy• Password Managers• Email Security• Phishing Examples• Top Ten Security Tips• Virus Example and Case Study
NSS
NSO
Business School
Law School
Arts & Sciences
Medical School
Engineering School
Internet
Decentralized Campus NetworkNSS = Network Services and SupportNSO = Network Security Office
Library
Social Work
Art & Architecture
Facebook/Social Networking:
Password Managers
Parents’ Password Cracked On First Try The Onion News Feb 27, 2002
• REDONDO BEACH, CA – Nick Berrigan, 14, successfully hacked into his parents’ AOL account on the first try Tuesday, correctly guessing that “Digby” was their password.
• “They actually used the dog’s name,” said Berrigan, deactivating the parental controls on his AOL account.
Free Password Managers
1. KeePass – I use this one– Called KeePassX for the Mac
2. Password Safe3. I Use Dropbox.com to store my
KeePass file so I can always access it
KeePass
KeePass
Email Security
Email Security Tip #1
• Do not click on links in emails
Email Security Tip #2
• See Tip #1
Spam Product Supplier
Seller 1 Seller 2 Seller 3
Accountant
Spammer3
Spammer2Spammer1
Spammer1
Spammer2
Spammer3
Spammer1
Spammer2
Spammer3
Where Does Spam Originate?Why Do We Care?
• Spam = Bots (Large armies of infected machines sending out spam)
• Bots = Sophisticated Malware• Sophisticated Malware = Organized Crime• More than 89% of all email messages were
spam in 2010 - Symantec
Spam is Big Business
• Rates for one million email addresses: $25 to $50 http://www.usenix.org/events/leet11/tech/full_papers/Stone-Gross.pdf
• 10,000 malware installations: $300–$800• Sending 100 million emails per day: $10,000
per month http://www.usenix.org/events/leet11/tech/full_papers/Stone-Gross.pdf
• Cutwail’s profit for providing spam services: $1.7 - $4.2 million since June 2009 – Aug 2010
• How much do the spammers gross per day? $7000 http://www.wired.com/magazine/2011/02/st_equation_spamprofits/
CBL Breakdown By Country
Country Count %total %cumu Rank Infect %India 1253890 18.80 18.80 1 4.465%Vietnam 565839 8.48 27.28 2 3.306%Brazil 479491 7.19 34.47 3 0.857%Indonesia 392814 5.89 40.36 4 3.163%Pakistan 383319 5.75 46.10 5 7.688%Russia 358142 5.37 51.47 6 0.912%China 222761 3.34 54.81 7 0.075%
One Cause Of This Problem
• Many machines in these countries are running pirated copies of Windows.
• They are not getting security updates.• They are vulnerable and get infected.• Also, it can take a long time to download
updates.
Underground Economy
• Spammers also are involved in:– CAPTCHA solving– Email harvesting– Custom software– Bulletproof hosting– Proxys
Spam Volume
• From Jul 30 - Aug 25, 2010 security researchers infiltrated the Cutwail spam network and discovered 87.7 billion emails were successfully sent
Spam Content
• The Zeus/SpyEye Banking Trojan Typically Uses:– Greeting card– Resume– Invitation– Mail delivery failure– Receipt for a recent purchase
Spam Volume on WUSTL Ironports -
Feb 2011
Phishing Examples
Phishing Email
Real or Phish?
<http://michaelkellett com/ez/wustl.html>
Real or Phish?
Real or Phishing Site?
Emails, Like Postcards, Are Not Encrypted
Contact me to discuss encryption options for storing or sending
sensitive information
Social Security Number Email 1
From: BOB [[email protected]]Sent: Friday, April 01, 2011 12:54 PMTo: ALICE [[email protected]]Subject: Registration Request ALICE:Couldn't remember if I had already sent this request or not.Please register CHARLIE ( 111-11-1111 ) for the session Thank youBOB
Social Security Number Email 2
From: BOB [[email protected]]Subject: FW: University talkTo: [email protected], [email protected]: Monday, April 4, 2011, 12:57 PM Dear Ms. ALICE and CHARLIE,I sent this e-mail a couple of weeks, but I haven't heard back from you
yet, so I thought that I would send it again.Also, my SSN is 222-22-2222 and my home address is: 1234 Oak Ave.St. Louis, MO 63130
Top 10 Security Tips
Top 10 Security Tips For Everyone I
1. Make sure the Windows Firewall is turned on2. Make sure all accounts on your computer have
good passwords3. Make sure Windows Automatic Updates is on4. Install an Anti-Virus software package.
Microsoft is now providing their Security Essentials anti-virus/anti-spyware for free to home users: http://www.microsoft.com/Security_Essentials
Top 10 Security Tips For Everyone II
5. I use Firefox with AdBlock Plus6. Run Secunia Personal Software Inspector
(www.secunia.com). It is free, and it will tell you when you need to update your other software (Adobe, Java, Quicktime, RealPlayer, etc).
7. Educate yourself on Phishing and don’t become a victim (google phishing quiz)
Top 10 Security Tips For Everyone III
8. Don’t click on links in e-mail.9. Don’t give out your password to anyone, for
any reason, especially in an e-mail!10.Never enter your password into a site that is
not using HTTPS (look at the URL and make sure there is a lock in the lower right corner).