COSC1078 Introduction to Information Technology

greenpepperwhinnySecurity

Nov 3, 2013 (3 years and 7 months ago)

58 views

Lecture 22: Internet Security

Intro to IT


COSC1078 Introduction to
Information Technology


Lecture 22


Internet Security


James Harland

james.harland@rmit.edu.au

Lecture 20: Internet

Intro to IT


Introduction to IT

1

Introduction

2

Images

3

Audio

4

Video







WebLearnTest

1


5
Binary Representation


Assignment 1

6
Data Storage

7

Machine Processing

8
Operating Systems


WebLearn

Test 2

9
Processes




Assignment 2

10
Internet

11

Internet Security



WebLearn

Test 3

12

Future of IT



Assignment 3, Peer and Self Assessment

Lecture 21: Internet Security

Intro to IT


Overview


Questions?



Exam



Assignment 3



Peer and Self Assessment



Internet Security



Questions?


Lecture
21: Internet Security

Intro to IT


Assignment 3


Reflect

Answer reflection questions from tutorials

See last lecture for ideas


Research

Write about a particular IT topic of your choice (5
-
6 paragraphs)

electronic voting,
information
security, 3D user interfaces,
digital music, digital video,
electronic commerce
, natural
language processing, DNA computing, quantum computing,
cryptography, malware
detection
and removal, Moore's Law,
green computing, …

Lecture
21: Internet Security

Intro to IT


Exam


2010 exam is available now



2010 exam answers will be available on May 29
th



2011 exam will be available on June 5
th



2011 exam answers will be available on June 12
th



2012 exam available on June 19
th





Lecture
21: Internet Security

SE Fundamentals

Self and Peer Assessment


How well has each person contributed to the group?


Evaluated over the entire semester


Assessed on
process, not product


Work out a grade for each person (CR, DI
etc
)


Then convert this to a mark out of 20


Submit list of marks to tutor
with justifications


Repeat previous step
until the tutor is satisfied


See guidelines in Blackboard material

Lecture 21: Internet Security

Intro to IT


Assignment 3

Review

(re
-
) answer
What is IT?

questions from Tutorial 1

Identify difficult parts of the course

Suggest new questions

Include favourites from Assignments 1 and 2

Reflect

Answer reflection questions from tutorials

Research

Write about a particular IT topic of your choice


(5
-
6 paragraphs)

Lecture 22: Internet Security

Intro to IT


Internet Security



pass

word

patch

spam

fire

wall

virus

war

driving

key

logger

proxy

worm

phishing

Trojan
horse

Security vs access



It is always a
trade
-
off

(a balance between two
competing forces)



More security means less access



More access means less security



Redundancy can be either fatal or vital



Nothing is perfect!

Lecture 22: Internet Security

Intro to IT


Freedom vs security


`Everything which is
not forbidden is allowed



--

Principle of English Law


`Everything which is
not allowed is forbidden



--

Common security principle



`Anything
not mandatory is forbidden



--

“military policy”


`Anything
not forbidden is compulsory


(??)




T.H. White (The Once and Future King)

Lecture 22: Internet Security

Intro to IT


Lecture 22: Internet Security

Intro to IT


Passwords


Should be:


Long (8 characters or more)


Not obvious or from a dictionary


Contain capitals, numerals and non
-
alphanumeric characters (!&^*$@.,’[]{}? …)


Recorded securely somewhere


Transmitted in encrypted form only


Older programs such as FTP, Telnet transmit
this in plaintext …

Lecture 22: Internet Security

Intro to IT


Firewalls


Device which limits internet connections


Limit network uses to only approved ones


Prevent malicious software reporting information


Prevent outside attacks


May need to have ports opened to allow
applications to work


Only work on applications, not on content



Lecture 22: Internet Security

Intro to IT


Proxy servers


All internet traffic routed via proxy server


Acts as an internet gateway


Once proxy is secure, so is network


Can filter content


Can cache content


Often used with a firewall in a corporate
environment



Lecture 22: Internet Security

Intro to IT


Wardriving


Driving around to find a vulnerable wireless signal



Find a wireless connection that doesn’t require a
password

(so add one to yours if you haven’t!)



Attack systems that use a default admin login name
and password
(change yours!)



Snoop on transmissions which are not encrypted
(encrypt yours!)



Using a MAC address whitelist means only specified
devices can connect to your router

Lecture 22: Internet Security

Intro to IT


Viruses,Worms,Trojans



Virus:

self
-
replicating program that attaches
itself to files and is spread when they are
transferred


Worm:

self
-
replicating program that pro
-
actively spreads itself


Trojan horse:

a program that appears
legitimate but is in fact malicious



Lecture 22: Internet Security

Intro to IT


Malware and Spyware


Mal
icious

soft
ware:


Hidden mail server


Key logging (to capture passwords)


Enable machine takeover


Direct traffic to particular web sites


Analyse behaviour


Act as a proxy





Lecture 22: Internet Security

Intro to IT


Denial of service


Prevent network from working normally


Flood a server with ‘invalid’ inputs


Use a network of compromised machines to
generate an overwhelming number of requests
(
Conficker
?)


Such
zombie machines
can form a botnet,
which then attack a particular server




Lecture 22: Internet Security

Intro to IT


Tricking the user


Users are often the weakest link in security


Email attachments containing
trojan

horses


‘Phishing’


Malicious web pages


Malicious documents (macros in
spreadsheets
)


Account stealing (via key logging)


Scams (‘I have $10 million to import’, ‘You have
just won the lottery’, …)


Lecture 22: Internet Security

Intro to IT


Protecting your system



Keep up to date with patches (Windows
update, Software update)


Use a firewall


Use anti
-
virus software and keep it up to date


Use anti
-
spyware tools


Filter email for spam and suspicious messages


Be aware of ‘fake alerts’

Lecture
22:
Internet Security

Intro to IT


Stuxnet?


Windows
-
based worm


Discovered in July, 2010


Designed to attack a very specific industrial
plant


Assumes plant operator would use a Windows
laptop to reprogram plant machinery


Not clear who was behind it …


Look at the
video

Lecture
22:
Internet Security

Intro to IT


Stuxnet?


Designed for Siemens equipment


Siemens have said none of their customers
were effected!



Iran has ‘embargoed’ Siemens equipment …


“The
attackers took great care to make sure that only their
designated targets were hit...It was a marksman’s job
."


"we're glad they [the Iranians] are having trouble with their
centrifuge machine and that we


the US and its allies


are doing
everything we can to make sure that we complicate matters for
them"

Lecture
22:
Internet Security

Intro to IT


Privacy and encryption


Cryptography has been a major political
headache for governments


Public
-
key cryptography makes Amazon
possible …


Terrorist groups can use the same technology
to keep things private…


Should governments be able to keep
encryption keys?


See
PGP

and Phil Zimmermann…


Lecture 21: Internet Security


Intro to IT


Conclusion



Work on Assignment 3



Check your software defenses!