Small Office/Home Office (SOHO) Computer and Network Security - PowerPoint PPT Presentation

1 / 88
About This Presentation
Title:

Small Office/Home Office (SOHO) Computer and Network Security

Description:

Small Office/Home Office (SOHO) Computer and Network Security Sinclair Community College CIS Department Small Office/Home Office (SOHO) Computer and Network Security ... – PowerPoint PPT presentation

Number of Views:3546
Avg rating:3.0/5.0
Slides: 89
Provided by: MikeP92
Category:

less

Transcript and Presenter's Notes

Title: Small Office/Home Office (SOHO) Computer and Network Security


1
Small Office/Home Office (SOHO)Computer and
Network Security
  • Sinclair Community College
  • CIS Department

2
Small Office/Home Office (SOHO)Computer and
Network Security
  • Bob Sherman
  • Patty Gillilan
  • Associate Professors, CIS Department
  • Multiple Microsoft and Cisco certifications

3
Why SOHO Computer and Networking Security is
Important
  • Personal information
  • Private files
  • Financial information
  • Having your systems high jacked
  • Invasion of privacy, e.g., Spyware
  • Identity theft

4
Why SOHO Computer and Networking Security is
Important
  • Identity theft is a very large and growing
    concern
  • Gartner Research Group estimates seven million
    victims of ID theft in the US in the past twelve
    months
  • http//www.consumer.gov/idtheft/
  • http//www.usdoj.gov/criminal/fraud/idtheft.html
  • http//www.idtheftcenter.org/index.shtml

5
(No Transcript)
6
(No Transcript)
7
Why SOHO Computer and Networking Security is
Important
  • Spyware a new and growing threat
  • Spyware can
  • Manipulate your system
  • Record your habits
  • Facilitate theft of your passwords, credit card
    info and identity
  • Adware, key loggers and Trojan horses

8
Why SOHO Computer and Networking Security is
Important
  • Signs of spyware on your PC
  • Home page changes
  • New favorites appear
  • System is noticeably slower
  • New toolbars appear in IE

9
Why SOHO Computer and Networking Security is
Important
  • Spyware
  • File sharing services, e.g., Kazaa or Grokster
  • Clicking on pop-up ads
  • Opening infected emails
  • Spy Sweeper
  • http//www.webroot.com

10
Objectives
  • Familiarize the computer users with the
    following
  • What it means to be online
  • The door to the Internet swings both ways
  • What are common risks and vulnerabilities?
  • How to protect against threats
  • Maintaining vigilance by staying current

11
Nine Critical Steps in Securing SOHO Computers
and Networks
  • Install, use and update anti-virus programs
  • Treat all email attachments with caution
  • Keep current with operating system updates
  • Use host based Intrusion Detection Systems

12
Nine Critical Steps in Securing SOHO Computers
and Networks
  • Use a firewall
  • Host based or dedicated firewall
  • Regularly backup your data
  • Use an operating system with strong
    authentication and passwords
  • Use file access controls and data encryption
  • Make a recovery/boot disk

13
Nine Critical Steps in Securing SOHO Computers
and Networks
  • Install, use and update anti-virus programs
  • Treat all email attachments with caution
  • Keep current with operating system updates
  • Use host based Intrusion Detection Systems

14
Install, use and update anti-virus programs
  • The single most important thing you can do to
    protect your system
  • Most common exposure
  • Email attachments
  • Connections to web servers
  • Make sure the program you select also protects
    against Worms and Trojans

15
Install, use and update anti-virus programs
  • Some popular antivirus products
  • Symantec
  • McAfee
  • Computer Associates
  • http//www.symantec.com/sabu/nis/nis_pe/
  • http//us.mcafee.com/default.asp
  • http//www.my-etrust.com

16
(No Transcript)
17
(No Transcript)
18
(No Transcript)
19
Install, use and update anti-virus programs
  • Norton antivirus output and options
  • System status
  • Reports
  • Scheduled system scan

20

21

22
(No Transcript)
23
Nine Critical Steps in Securing SOHO Computers
and Networks
  • Install, use and update anti-virus programs
  • Treat all email attachments with caution
  • Keep current with operating system updates
  • Use host based Intrusion Detection Systems

24
Treat All Email Attachments with Caution
  • Email Viruses are becoming more prevalent all of
    the time
  • If you haven't gotten an email virus, chances are
    you will, if you dont take the appropriate steps
  • Preventing email viruses begins with common sense
    and ends with a virus detection program

25
Treat All Email Attachments with Caution
  • The Common sense approach
  • Make sure you are familiar with the sender of the
    email
  • Note the names of the file attachments
  • Do they make sense to you?
  • Some names are designed to entice you to open the
    attachment
  • AnnaKournikova.jpg.vbs (Worm)

26
Treat All Email Attachments with Caution
  • The common sense approach
  • If the attachment has one of the following file
    extensions, be very suspect
  • .scr, .pif, .vb, .vbe, .vbs, exe
  • Delete suspect attachments immediately and empty
    the Recycle Bin

27
Nine Critical Steps in Securing SOHO Computers
and Networks
  • Install, use and update anti-virus programs
  • Treat all email attachments with caution
  • Keep current with operating system updates
  • Use host based Intrusion Detection Systems

28
Keep current with operating system patches
  • A fix or modification to a program bug in the
    Operating System. A patch is an actual piece of
    object code that is inserted into (patched into)
    an executable program. -- webopedia.com
  • Many operating system patches are related to
    system security.
  • Staying current can be automated on recent
    versions of Windows

29
Keep current with operating system patches
  • Windows operating systems are frequently patched
    or updated
  • Windows Update
  • Service Packs (SPs) are a collection of patches
    and updates

30
Keep current with operating system patches
  • Before updating a system make sure of the
    following
  • The update is required for your system
  • The update wont harm your system or any
    applications running on it
  • You can uninstall the update
  • Get used to performing these updates
  • Many security compromises are a result of
    unpatched systems

31
Keep current with operating system patches
  • Using the Windows Update feature
  • Click the Start menu
  • Then choose Windows Update
  • http//v4.windowsupdate.microsoft.com/en/default.a
    sp

32
Windows Update options in Windows 2000 Pro      
33
(No Transcript)
34
Keep current with operating system patches
  • First click Scan for Updates
  • Then click Review and Install Updates
  • Three categories of updates
  • Critical updates and service packs
  • Updates for your version of Windows
  • Driver updates

35
(No Transcript)
36
Keep current with operating system patches
  • Click on Critical Updates and Service Packs
  • Remove those updates not applicable to your
    system
  • Click Install Now
  • Some updates will require restarting your computer

37
(No Transcript)
38
Keep current with operating system patches
  • Configuring Automatic Updates
  • Control Panel or System Properties
  • Update options
  • Only notify of updates
  • Download and notify of updates
  • Download and install on a specified schedule

39
(No Transcript)
40
(No Transcript)
41
Keep current with operating system patches
  • Software Update Service
  • Available on more recent versions of Windows
  • Creates a single point internally as the source
    of updates
  • Conserves bandwidth

42
Keep current with operating system patches
  • Microsoft Technet Service
  • Source for a variety of security and related
    details
  • http//www.microsoft.com/technet/default.asp
  • Knowledge Base articles

43
(No Transcript)
44
Keep current with operating system patches
  • Blaster Worm
  • Knowledge Base article 823980
  • Exploits a buffer overflow flaw in Windows
  • Patch released by Microsoft on July 16, 2003
  • Updated August 25, 2003

45
Keep current with operating system patches
  • State of Maryland BMV shut down on August 13,
    2003
  • Many other large networks affected
  • http//www.microsoft.com/technet/treeview/?url/te
    chnet/security/bulletin/MS03-026.asp

46
(No Transcript)
47
Keep current with operating system patches
  • Sasser Worm and multiple variations over several
    weeks in April 2004
  • Knowledge Base articles
  • 835732 to prevent future infections
  • 841720 to clean infected systems
  • Windows 2000 and Windows XP only

48
Keep current with operating system patches
  • Test patches first, then install
  • Removing patches and operating system updates
  • Control Panel
  • Add/Remove Programs
  • Applications and patches all listed here
  • Select the desired item, click Remove

49
(No Transcript)
50
(No Transcript)
51
Nine Critical Steps in Securing the Home Network
  • Install, use and update anti-virus programs
  • Treat all email attachments with caution
  • Keep current with operating system updates
  • Use host based Intrusion Detection Systems

52
Use Host Based Intrusion Detection Systems
  • Most intrusion detection systems (IDS) take
    either a network or a host-based approach
  • IDS looks for attack signatures, i.e., specific
    network traffic patterns that may indicate an
    attack
  • Host based is appropriate for SOHO environments

53
Use Host Based Intrusion Detection Systems
  • Host based intrusion detection analyzes all
    incoming and outgoing network information for
    data patterns typical of an attack
  • Host based intrusion detection uses the writing
    to log files or audit files
  • Logs changes made to the system

54
Use Host Based Intrusion Detection Systems
  • The information the IDS collects is based on the
    monitoring of operating system, application
    software and security events.
  • Built-in capabilities
  • Event Viewer in Windows
  • Must review log files regularly

55
Nine Critical Steps in Securing SOHO Computers
and Networks
  • Use a firewall
  • Host based or dedicated firewall
  • Regularly backup your data
  • Use an operating system with strong
    authentication and passwords
  • Use file access controls and data encryption
  • Make a boot disk to recover the system

56
Use a Firewall
  • Firewalls are used to filter network traffic
  • Allow or block traffic based on criteria selected
  • Well known ports
  • Port 80 for HTTP
  • Port 443 for HTTPS
  • Ports 20/21 for FTP
  • Port 25 for Mail

57
Use a Firewall
  • Firewalls can be implemented at the host network
    interface or on an intermediary system such as a
    router
  • Firewalls implemented at the host are software
    based
  • Firewalls implemented at a router are hardware
    based
  • You can use either or both

58
(No Transcript)
59
(No Transcript)
60
(No Transcript)
61
(No Transcript)
62
(No Transcript)
63
Use a Firewall
  • Firewalls can be implemented at the host network
    interface or on an intermediary system such as a
    router
  • SOHO router products from Linksys, D-Link and
    others
  • All allow for configuring to meet your needs

64
(No Transcript)
65
(No Transcript)
66
Nine Critical Steps in Securing SOHO Computers
and Networks
  • Use a firewall
  • Host based or dedicated firewall
  • Regularly backup your data
  • Use an operating system with strong
    authentication and passwords
  • Use file access controls and data encryption
  • Make a boot disk to recover the system

67
Regularly Backup Your Data
  • Back up your files regularly
  • Backing up means to copy data files from a local
    hard drive to another device
  • Tape, external hard drive, CD/DVD, ZIP drive
  • Application software can be restored from the
    original media

68
Regularly Backup Your Data
  • Most operating systems include a backup and
    restore utility
  • Numerous third party products available
  • Veritas, Computer Associates
  • Hard drives have a finite life span and will
    eventually fail

69
Regularly Backup Your Data
  • If your system is compromised by malicious acts
    or physical failure data backup is your only
    solution
  • Multiple copies of the backup media stored
    on-site and off-site
  • Multiple media sets

70
Regularly Backup Your Data
  • Restoring or recovering the data is equally
    important
  • Practice data restores
  • These dont have to be full-blown system restores
    but restoring sample data files

71
Nine Critical Steps in Securing SOHO Computers
and Networks
  • Use a firewall
  • Host based or dedicated firewall
  • Regularly backup your data
  • Use an operating system with strong
    authentication and passwords
  • Use file access controls and data encryption
  • Make a boot disk to recover the system

72
Use an operating system with strong user
authentication and passwords
  • Choose operating systems such as
  • Win XP, Win2000 Pro or Linux
  • Rename the administrator or root account
  • Require long and strong passwords
  • Change passwords over time

73
Use an operating system with strong user
authentication and passwords
  • Manage passwords by policy
  • Local security policy or Group Policy
  • Some tools
  • Password cracking tools
  • Microsoft Baseline Security Analysis tool
  • http//www.microsoft.com/downloads/details.aspx?Fa
    milyID9a88e63b-92e3-4f97-80e7-8bc9ff836742Displa
    yLangen

74
(No Transcript)
75
(No Transcript)
76
(No Transcript)
77
Nine Critical Steps in Securing SOHO Computers
and Networks
  • Use a firewall
  • Host based or dedicated firewall
  • Regularly backup your data
  • Use an operating system with strong
    authentication and passwords
  • Use file access controls and data encryption
  • Make a boot disk to recover the system

78
Use File Access Controls, Data Encryption
  • Set permissions on data files of importance
  • Permissions define who can do what with a
    folder or file
  • Permissions are also called Access Control Lists
    (ACLs)

79
Use File Access Controls, Data Encryption
  • You can also encrypt files for an additional
    layer of file access protection
  • Encryption is built-in to the NTFS file system
  • Found only with NT, W2K and XP
  • Can use third party tools

80
Nine Critical Steps in Securing SOHO Computers
and Networks
  • Use a firewall
  • Host based or dedicated firewall
  • Regularly backup your data
  • Use an operating system with strong
    authentication and passwords
  • Use file access controls and data encryption
  • Make a boot disk to recover the system

81
Make a Boot Disk to Recover the System
  • Create a system boot disk
  • How to create one depends on the Operating System
  • Useful in resolving start up problems due to
    corrupt or missing files
  • Update the boot disk regularly

82
Summary
  • Install, use and update antivirus programs
  • Treat email attachments with caution
  • Keep current with operating system patches
  • Use host based intrusion detection systems
  • Use a host based or dedicated firewall

83
Summary
  • Regularly backup your data
  • Use an operating system with strong user
    authentication and passwords
  • Use file access controls and data encryption
  • Make a boot disk for system recovery

84
References
  • The CERT Coordination Center (CERT/CC) is a
    center of Internet security expertise at the
    Software Engineering Institute, a federally
    funded center operated by Carnegie Mellon
    University
  • www.cert.org

85
(No Transcript)
86
(No Transcript)
87
(No Transcript)
88
Conclusion
  • Thanks for your attendance
  • Commit yourself and your organization to secure
    your networks and computers
  • Expect more from Sinclair Community College on
    these topics in the months to come
Write a Comment
User Comments (0)
About PowerShow.com