National Energy Research - PowerPoint PPT Presentation

1 / 17
About This Presentation
Title:

National Energy Research

Description:

Email scams and viruses. Grid Security. Combating Threats. New Threats. Threats are evolving ... Email Hoaxes aka Phishing. Email poses as 'Security Patch' or ' ... – PowerPoint PPT presentation

Number of Views:61
Avg rating:3.0/5.0
Slides: 18
Provided by: FlavioR1
Category:

less

Transcript and Presenter's Notes

Title: National Energy Research


1
National Energy Research Scientific Computing
Center (NERSC) Computer Security The New
Threats Stephen Lau NERSC Center Division,
LBNL June 24, 2004
2
Overview
  • New Threats
  • Identity Theft
  • Email scams and viruses
  • Grid Security
  • Combating Threats

3
New Threats
  • Threats are evolving
  • Response to protection measures
  • Increased use of encryption
  • Deployment of anti-virus
  • Increased use of social engineering
  • Security has become everybodys responsibility
  • Important Defenses
  • Host level protection
  • User education

4
Identity Theft
  • Someone uses your login credentials without your
    knowledge
  • Very difficult for system admins to detect
  • They look like you!
  • Feeds off of collaborative nature of high
    performance computing
  • Users have multiple accounts on massively shared
    systems

5
SSH Basic Overview
  • Uses private/public keys
  • Encrypted authentication
  • Uses passphrase

Remote System
Public Key
Home System
Private Key
Remote System
Public Key
6
How Does It Happen?
Home System
Unsuspecting User
Internal System
Internet
Compromised Host
Imposter
Attacker
Sniffed Traffic
7
Combating Identity Theft
  • Reduce amount of stepping stone behavior
  • Not always possible
  • Be mindful of login times and hostnames
  • Dont share accounts and passwords
  • Dont place private keys and certificates on
    public systems or public directories
  • Report suspicious behavior

8
Encrypt All The Way!
Use SSH across ALL connections
SSH
Home System
NERSC
Remote System
SSH
Telnet rlogin rsh
9
One Time Passwords
  • Token based system
  • Many systems available
  • Many sites pushing ahead with deployment
  • NERSC actively investigating impact on users
  • Ideally, one token works across multi-labs
  • No active plans for deployment yet within NERSC
  • Not a cure-all solution!

10
Email Viruses
  • NERSC has a virus filter for email
  • About 90 effective
  • Time lag between release of virus and signature
    development
  • Install anti-virus software on systems you use
  • Many sites have site licenses
  • Make sure it is kept up to date

11
Email Hoaxes aka Phishing
  • Email poses as Security Patch or Account
    Support
  • Asks for username/password for verification
  • Requests that an attachment be run
  • Verify any attachment you are not expecting
  • NEVER give out your username/password.
  • When in doubt, please call NERSC support for
    verification

12
Grid Security
  • Protect your private certificates!
  • Be mindful where you place them
  • Minimize amount of distribution
  • Remove them from systems you no longer use
  • Use strong passwords.
  • Use SSH to access sites with your Grid
    certificates!

13
Host Level Protection
  • Please keep your systems up to date
  • Especially home systems and shared systems
  • Combats identity theft problem
  • Install anti-virus software
  • Primarily on Windows systems
  • Be aware of unexplained changes on your system
  • Odd performance
  • Strange windows appearing
  • System files changed unexpectedly
  • authorized_hosts file changes
  • Changes to /etc/password or /etc/shadow

14
User Education
  • You are the first line of defense against
    incidents.
  • Take advantage of your sites security training
  • Keep up to date about latest security news
  • Be mindful of security when accessing or using
    systems

15
Help Us Help You
  • Report suspicious activity
  • Strange files or directories
  • Unusual login times
  • Unverified phone call from NERSC asking for
    passwords or account information
  • Report external incidents
  • Please report any incidents at sites that you use
    to access NERSC
  • Report incidents where you suspect credentials
    are sniffed or stolen

16
Help Us Help You
  • Many incidents quickly become multi-site
    incidents.
  • Communication is key to containment.
  • Please report any incidents that you think might
    affect NERSC.

17
Contact Information
  • Stephen Lau
  • 1 Cyclotron Road, M/S 943
  • Berkeley, CA 94720
  • Phone 1 (510) 486-7178
  • Email slau_at_lbl.gov
  • PGP 44C8 C9CB C15E 2AE1 7B0A 544E 9A04 AB2B F63F
    748B
  • NERSC Computer Security
  • security_at_nersc.gov
  • 1-800-666-3772
  • http//www.nersc.gov/nusers/security/
Write a Comment
User Comments (0)
About PowerShow.com