Internet Security Fernando

In touch with your needs
Internet Security
Fernando Martirez III
VP & Chief Security Officer
FarmOut Central Intouch Inc.
Agenda
Agenda
Before you connect a computer to the
internet
Passwords
Spam
Phising
Pharming
Virus
Worms
Agenda
Agenda
Spyware & Adware
Rootkits
P2P Filesharing
Instant Messaging
Identity Theft
Before You Connect
a New Computer
to the Internet
Take note that
Take note that
Many computers' default configurations
are insecure.
New security vulnerabilities may have
been discovered between the time the
computer was built and configured by the
manufacturer and the user setting up the
computer for the first time.
Take note that
Take note that
When upgrading software from
commercially packaged media new
vulnerabilities may have been discovered
since the disc was manufactured.
Attackers know the common broadband
and dial-up IP address ranges, and scan
them regularly.
Take note that
Take note that
Numerous worms are already circulating
on the Internet continuously scanning for
new computers to exploit.
Things to do
Things to do
Turn on the software firewall included
with the computer, if available.
Install antivirus, anti-spyware and
firewall, if available.
Connect the new computer behind a
firewall router.
Things to do
Things to do
Disable nonessential services, such as
file and print sharing.
Download and install software patches
as needed.
Staying Secure
Staying Secure
Install and use security software and
keep them up to date
Enable automatic software updates if
available (windows update > microsoft
update)
Follow the principle of least privilege
don't enable it if you don't need it.
Avoid unsafe behavior
Passwords
Passwords
The single most important aspect of
information security is strong passwords.
Likewise, the single greatest security
failure is weak passwords.
Wordlist Words
Wordlist Words
love
San Miguel
MichaelJ ordan
cupcake
honey
Wordlist Words with Numbers
Wordlist Words with Numbers
Alpha8
Beverly90210
26Subway
Air21
5thAve
Wordlist Words with Simple Obfuscation
Wordlist Words with Simple Obfuscation
p@$$w0rd
$3cur1ty
@dm1n1str@t0r
0bfu$c@t10n
Wordlist Words Doubled
Wordlist Words Doubled
alphaalpha
linuxlinux
passwordpassword
adminadmin
powerpower
Garbled Randomness
Garbled Randomness
9uxg$t5C
Bn2#sz63j
&fM3tc8b
Patterns or Sequences
Patterns or Sequences
asdfghjkl
1234567890
0987654321
qwertyuiop
asdf1234
Common Password Attacks
Common Password Attacks
Smart Guesses
Dictionary Attacks
Brute-Force Attacks
Social Engineering
Rainbow Tables
Sniffing
Keyloggers
15+ Char Passwords
15+ Char Passwords
14 character password
Char set:
ABCDEFGHIJ KLMNOPQRSTUVWXYZabcdef
ghijklmnopqrstuvwxyz0123456789!@#$%^&*()
-_+=~`[]{}|\:;"'<>,.?/ "
Can be cracked in a few minutes with a
success rate of 99.9%.
Password Tips
Password Tips
Easy to remember
Easy to type
Not in the dictionary
At least 15 characters long
Use a combination of uppercase,
lowercase, numbers and characters
Use pass phrases if supported
Password Tips
Password Tips
Use multi factored authentication
What you know password
What you have tokens
What you are biometrics
Make sure authentication process is encrypted
Always logout
Lock workstation when not in use
Use password protected screensavers
Spam
Spam
Use Spam Filters
Be careful where you post your email
address online
Opt out from public directories if possible
Use images
Use disposable email address
Create multiple email accounts
Phishing
Phishing
Involves the receipt of an e-mail
message that appears to come from a
legitimate source
Phishing - Protection
Scrutinize URLs: verify link targets
Go to the site directly
Maintain a pop-up blocker
Use Software/Toolbars with anti-phising
features
Phishing IQ Test
http://survey.mailfrontier.com/survey/quiztest.html
Phishing aftermath
Phishing aftermath
What to do if you fell for it?
Inform the impersonated company/body
To monitor any activity re your account
Close your account and open a new one
Change passwords, update account info
and security questions
Pharming
Pharming
Attacks compromise at the DNS server
level, re-directing you to a hacker's site
when you type in a company's Web
address.
Firewalls
Firewalls
Same functions as a physical firewall
Packet Filtering
Proxy Service
Stateful Packet Inspection
Available in software & hardware
Protects you from port scans/random
scans & known attacks
IDS & IPS
Rootkits
Rootkits
Rootkits attack deep within operating
systems and make themselves invisible
to the anti-spyware and anti-virus
software sent out to detect them.
Sony DRM
Kaspersky Antivirus
Symantec/Norton Systemworks 2006
Rootkits Protection
Rootkits Protection
Use Rootkit Revealer
Use Antispyware with rootkit scanning
capabilities
Use tripwire
P2P Filesharing
P2P Filesharing
Set up and configure the file-sharing software
very carefully.
Check proper settings so that other users
wont have access to your private files.
You may want to adjust the file-sharing
programs controls so that it is not connected
to the P2P network all the time.
Instant Messaging
Instant Messaging
Public IMs are insecure by default
Use IM privacy tools such as SecWay
Simp and ZoneAlarmIM
Avoid using automatic sign-in
Be careful in accepting files
Be careful in clicking on URLs in
messages
Spyware & Adware Protection
Download programs only from Web sites
you trust.
Dont be tricked into clicking:
You dont have to click OK,Agree,or
Cancelto close a window.
Be especially careful with certain types
of freeprograms.
Use available tools to detect and delete
spyware.
Use pop-up blockers to block ads
Virus & Worms
Virus & Worms
Be careful in opening attachments
Keep your software updated
Antivirus updated virus
definitions/engines
Firewall
Identity Theft
Identity Theft
Is not yet rampant in PH
Be wary of telemarketers
Social Engineering
Photocopy everything your wallet
contains
Wireless
Wireless
WiFi
WPA2
Configure not to broadcast SSID
Use MAC address filtering
Use VPN (iPig Wifi Security Software)
Bluetooth
Use long passphrases if supported
Be careful when & where you pair your devices
Careers in Infosec
Careers in Infosec
Start with the basics
Tech Support
Systems and Network Administrator
Programming/Coding is a definite +
Accounting Background also a +
Network
Infosec Certifications
Infosec Certifications
CompTIA Security+
MCSA/MCSE:Security
(ISC)
2
SSCP/CISSP
ISACA CISA/CISM
SANS GIAC
CIA
Infosec Organizations
Infosec Organizations
Open Web Application Security Project
(OWASP) Manila Local Chapter
Information Security Society of the Philippines
(ISSSP)
Philippine Linux Users Group (PLUG)
Philippine Computer Emergency Response
Team (PH-CERT)
ISACA Manila
Institute of Internal Auditors (IIA) Philippines
Questions?
Questions?
Thank You!
Thank You!
boxph [at] farmout.ph
http://www.farmout.ph
http://blog.box.com.ph
http://infosec.box.com.ph

Internet Security Fernando

Hochgeladen von

Dokumentinformationen

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Internet Security Fernando

Hochgeladen von

Copyright:

Verfügbare Formate

In touch with your needs

Das könnte Ihnen auch gefallen