Internet Security

1
Internet Security

• Fernando Martirez III
• VP Chief Security Officer

2
Agenda

• Before you connect a computer to the internet
• Passwords
• Spam
• Phising
• Pharming
• Virus
• Worms

3
Agenda

• Spyware Adware
• Rootkits
• P2P Filesharing
• Instant Messaging
• Identity Theft

4

• Before You Connect
• a New Computer
• to the Internet

5
Take note that

• Many computers' default configurations are
  insecure.
• New security vulnerabilities may have been
  discovered between the time the computer was
  built and configured by the manufacturer and the
  user setting up the computer for the first time.

6
Take note that

• When upgrading software from commercially
  packaged media new vulnerabilities may have been
  discovered since the disc was manufactured.
• Attackers know the common broadband and dial-up
  IP address ranges, and scan them regularly.

7
Take note that

• Numerous worms are already circulating on the
  Internet continuously scanning for new computers
  to exploit.

8
Things to do

• Turn on the software firewall included with the
  computer, if available.
• Install antivirus, anti-spyware and firewall, if
  available.
• Connect the new computer behind a firewall router.

9
Things to do

• Disable nonessential services, such as file and
  print sharing.
• Download and install software patches as needed.

10
Staying Secure

• Install and use security software and keep them
  up to date
• Enable automatic software updates if available
  (windows update gt microsoft update)
• Follow the principle of least privilege don't
  enable it if you don't need it.
• Avoid unsafe behavior

11
(No Transcript)
12
Passwords

• The single most important aspect of information
  security is strong passwords.
• Likewise, the single greatest security failure
  is weak passwords.

13
Wordlist Words

• love
• San Miguel
• MichaelJordan
• cupcake
• honey

14
Wordlist Words with Numbers

• Alpha8
• Beverly90210
• 26Subway
• Air21
• 5thAve

15
Wordlist Words with Simple Obfuscation

• p_at_w0rd
• 3cur1ty
• _at_dm1n1str_at_t0r
• 0bfuc_at_t10n

16
Wordlist Words Doubled

• alphaalpha
• linuxlinux
• passwordpassword
• adminadmin
• powerpower

17
Garbled Randomness

• 9uxgt5C
• Bn2sz63j
• fM3tc8b

18
Patterns or Sequences

• asdfghjkl
• 1234567890
• 0987654321
• qwertyuiop
• asdf1234

19
Common Password Attacks

• Smart Guesses
• Dictionary Attacks
• Brute-Force Attacks
• Social Engineering
• Rainbow Tables
• Sniffing
• Keyloggers

20
15 Char Passwords

• 14 character password
• Char set ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmn
  opqrstuvwxyz0123456789!_at_()-_\"'ltgt
  ,.?/ "
• Can be cracked in a few minutes with a success
  rate of 99.9.

21
Password Tips

• Easy to remember
• Easy to type
• Not in the dictionary
• At least 15 characters long
• Use a combination of uppercase, lowercase,
  numbers and characters
• Use pass phrases if supported

22
Password Tips

• Use multi factored authentication
• What you know password
• What you have tokens
• What you are biometrics
• Make sure authentication process is encrypted
• Always logout
• Lock workstation when not in use
• Use password protected screensavers

23
(No Transcript)
24
Spam

• Use Spam Filters
• Be careful where you post your email address
  online
• Opt out from public directories if possible
• Use images
• Use disposable email address
• Create multiple email accounts

25
Phishing

• Involves the receipt of an e-mail message that
  appears to come from a legitimate source

26
Phishing - Protection

• Scrutinize URLs verify link targets
• Go to the site directly
• Maintain a pop-up blocker
• Use Software/Toolbars with anti-phising features

27
Phishing - Protection

• Phishing IQ Test
• http//survey.mailfrontier.com/survey/quiztest.htm
  l

28
Phishing aftermath

• What to do if you fell for it?
• Inform the impersonated company/body
• To monitor any activity re your account
• Close your account and open a new one
• Change passwords, update account info and
  security questions

29
Pharming

• Attacks compromise at the DNS server level,
  re-directing you to a hacker's site when you type
  in a company's Web address.

30
(No Transcript)
31
Firewalls

• Same functions as a physical firewall
• Packet Filtering
• Proxy Service
• Stateful Packet Inspection
• Available in software hardware
• Protects you from port scans/random scans known
  attacks
• IDS IPS

32
Rootkits

• Rootkits attack deep within operating systems and
  make themselves invisible to the anti-spyware and
  anti-virus software sent out to detect them.
• Sony DRM
• Kaspersky Antivirus
• Symantec/Norton Systemworks 2006

33
Rootkits Protection

• Use Rootkit Revealer
• Use Antispyware with rootkit scanning
  capabilities
• Use tripwire

34
P2P Filesharing

• Set up and configure the file-sharing software
  very carefully.
• Check proper settings so that other users wont
  have access to your private files.
• You may want to adjust the file-sharing programs
  controls so that it is not connected to the P2P
  network all the time.

35
Instant Messaging

• Public IMs are insecure by default
• Use IM privacy tools such as SecWay Simp and
  ZoneAlarm IM
• Avoid using automatic sign-in
• Be careful in accepting files
• Be careful in clicking on URLs in messages

36
Spyware Adware Protection

• Download programs only from Web sites you trust.
  
• Dont be tricked into clicking
• You dont have to click OK, Agree, or
  Cancel to close a window.

37
Spyware Adware Protection

• Be especially careful with certain types of
  free programs.
• Use available tools to detect and delete spyware.
• Use pop-up blockers to block ads

38
Virus Worms

• Be careful in opening attachments
• Keep your software updated
• Antivirus updated virus definitions/engines
• Firewall

39
(No Transcript)
40
Identity Theft

• Is not yet rampant in PH
• Be wary of telemarketers
• Social Engineering
• Photocopy everything your wallet contains

41
Wireless

• WiFi
• WPA2
• Configure not to broadcast SSID
• Use MAC address filtering
• Use VPN (iPig Wifi Security Software)
• Bluetooth
• Use long passphrases if supported
• Be careful when where you pair your devices

42
Careers in Infosec

• Start with the basics
• Tech Support
• Systems and Network Administrator
• Programming/Coding is a definite
• Accounting Background also a
• Network

43
Infosec Certifications

• CompTIA Security
• MCSA/MCSESecurity
• (ISC)2 SSCP/CISSP
• ISACA CISA/CISM
• SANS GIAC
• CIA

44
Infosec Organizations

• Open Web Application Security Project (OWASP)
  Manila Local Chapter
• Information Security Society of the Philippines
  (ISSSP)
• Philippine Linux Users Group (PLUG)
• Philippine Computer Emergency Response Team
  (PH-CERT)
• ISACA Manila
• Institute of Internal Auditors (IIA) Philippines

45
Questions?
46
Thank You!