360 likes | 374 Views
Security and the System Administrator. William Hugh Murray 24 East Avenue Suite 1362 New Canaan, CT 06840 (203)966-4769 WHMurray@sprynet.com. Bio. William Hugh Murray Bill Murray is information system security consultant to
E N D
Security and the System Administrator William Hugh Murray 24 East Avenue Suite 1362 New Canaan, CT 06840 (203)966-4769 WHMurray@sprynet.com
Bio William Hugh Murray Bill Murray is information system security consultant to Deloitte & Touche. He has more than thirty-five years experience in data processing and more than twenty in security. During more than twenty-five years with IBM his management responsibilities included development of access control programs, advising IBM customers on security, and the articulation of the security product plan. In 1987 he received the Fitzgerald Memorial Award for leadership in data security. In 1989 he received the Joseph J. Wasserman Award for contributions to security, audit and control. Mr. Murray holds the Bachelor of Science degree in Business Administration from Louisiana State University, and is a graduate of the Jesuit Preparatory High School of New Orleans.
Abstract Everything that business or government does with computers or communications becomes part of the social and economic infra-structure of the twenty-first century. Much of the configuration and operation of this novel and critical infrastructure will be in the hands of the system and network administrators. They are often the first to be called when the infrastructure is stressed or breaks, but their training is often on-the-job, remedial, and late. Although they understand the weaknesses and limitations of their materials all too well, they are rarely taught how to compensate for those weaknesses. Out of necessity, their security approach tends to be reactive and remedial. This presentation will provide system and network administrators with a set of broadly applicable strategies and proactive approaches they can use to protect systems from outside interference and contamination, provide appropriate application con-trols, and protect their networks from undesired traffic. Among other things, it will address policy and service-level agreements; when to plan and for what; effective use of access controls; strong network perimeters and how to compensate for leaks; and how to use weak materials to build strong systems.
Protect Applications from Interference or Contamination Preserve Confidentiality, Integrity, and Availability of Data Protect employees from temptation and suspicion Preserve the continuity of the business Protect Management from Charges of Imprudence Security Objectives
Cost of Losses $ Security
Cost of Losses $ Cost of Security Security
Cost of Losses $ Cost of Security Total Cost Security
Cost of Losses: infrequent irregular uncertain unexpected threatening Cost of Security: frequent regular certain budgeted cost of doing business Character of Costs
Other sources of loss • All acts by outsiders • malicious programs • Trojan Horses • Viruses • Logic bombs • Worms • Other • espionage
natural v. accidental v. insiders v. passive v. manual v. trial and error v. local v. man-made intentional outsiders active automatic systematic global Characterization of Threats and Vulnerabilities
Attacks & Attackers • “social engineering” • guessing • short dictionary or sweet list • long dictionary • exhaustive • browsing • eavesdropping • spoofing • password grabbers • Trojan Horses
Targets • Targets of Opportunity • highly visible • low cost of attack • unknown value of success
Cost of Attack • Work • Access • Indifference to detection • Special Knowledge • Time to corrective action Any one can reduce the requirements for any of the others; there is enough of these in the world to break any system.
Cost of Attack • Work • Access • Indifference to detection • Special Knowledge • Time to corrective action Any one can reduce the requirements for any of the others; there is enough of these in the world to break any system.
Cost of Attack • Work • Access • Indifference to detection • Special Knowledge • Time to corrective action Any one can reduce the requirements for any of the others; there is enough of these in the world to break any system.
Targets • Targets of Opportunity • highly visible • low cost of attack • unknown value of success • Targets of Choice • expected value of success • greater than expected cost of attack
Value of Success • Computer time • Data, information, knowledge, application value • Access to other networks • Identity • Anonymity • Trust or confidence
Cost to Victim • Loss of confidentiality • Loss of integrity • Loss of reliability and trust • Loss of use • Liability to third parties • Loss of resources for restoration
Cost of System Security is measured in : • Generality • Flexibility • Performance • And Functionality Get used to it!
Courtney’s Laws • Nothing useful can be said about security except in the context of an application and an environment. • Never spend more money eliminating a vulnerability than tolerating it will cost you. • There are management solutions to technical problems but there are no technical solutions to management problems.
Efficient Security Measures: • safe environment • management direction • supervision • accountability • copies of the data • access control • secret codes (crypto) • contingency planning
Policy • A statement of management’s intent • Expressed as objectives or practices • Translated to access control policy • Mapped to a system policy
Poor Design Inadequate Materials Poor Fabrication Poor Maintenance Improper Operation Abuse and Misuse Why Systems Fail?
Sufficient Conditions for the Success of a Virus • Large population of similar machines • Sharing within the population • A place for the virus to store the replica • A way for it to get itself executed • (Creates replicas faster than they are destroyed)
Enterprise Security in the 90s • Inadequate expression of management intent • Multiple signons, ids, and passwords • Multiple points of control • Unsafe defaults • Complex administration • Late recognition of problems We are being overwhelmed once more!
Prefer single application or single user system to multi-application multi-user (think servers) Hide operating systems from the network Restrict write access…. ….to a single process per object Restrict read access to mutable objects….. …. to those who can change them Application end-to-end encryption (PPTP, L2TP, other) Scan for viruses in and out Scan for viruses on desktop and servers. Scan for viruses Layer your defenses. Prefer application-aware composed firewalls between layers. Man the walls! Economy of Logon Client-side strong authentication Recommendations
Strong Authentication • Two kinds of evidence from list of • something one person knows (e.g., pass-phrase) • has, (token) • is, (biometric, e.g., visage) • or can do (e.g., speech) • At least one of which is resistant to replay