1 / 12

UNITS Quarterly Meeting April 29, 2004

UNITS Quarterly Meeting April 29, 2004. Network Security Roger Safian r-safian@northwestern.edu. Statistics Why these incidents occur What can be done to prevent them Questions. Agenda. FY 2002/2003 Virus = 1166 Compromised = 727 Total incidents = 3042 9/1/02 – 8/31/03. FY 2003/2004

guri
Download Presentation

UNITS Quarterly Meeting April 29, 2004

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. UNITS Quarterly MeetingApril 29, 2004 Network Security Roger Safian r-safian@northwestern.edu

  2. Statistics Why these incidents occur What can be done to prevent them Questions Agenda

  3. FY 2002/2003 Virus = 1166 Compromised = 727 Total incidents = 3042 9/1/02 – 8/31/03 FY 2003/2004 Virus = 1436 Compromised = 261 Total incidents = 2220 9/1/01 – 2/29/04 Statistics

  4. FY 2002/2003 Virus = 336 Compromised = 646 Total incidents = 2037 9/1/02 – 7/31/03 FY 2003/2004 Virus = 1436 Compromised = 261 Total incidents = 2220 9/1/01 – 2/29/04 Statistics – Take 2Removing August (Blaster/Welchia)

  5. FY 2002/2003 Virus = 142 Compromised = 342 Total incidents = 1102 9/1/02 – 2/28/03 FY 2003/2004 Virus = 1436 Compromised = 261 Total incidents = 2220 9/1/01 – 2/29/04 Statistics – Take 3Same time frames

  6. Weak Passwords All machines and accounts need passwords Use rules similar to the NetID rules Opening viral attachments Don’t open unexpected attachments Only open specific types of extensions Make sure to look at the LAST extension Why these incidents occur?

  7. Updates not applied Ensure Windows update runs automatically Don’t forget about layered products Network use P2P Be careful when clicking on links Why these incidents occur? (2)

  8. Out of date anti-viral software Ensure you install the NU supplied software Set to update automatically EVERY day Blended Threats Multiple attack vectors directed at hosts Home Networks Frequently attacked with little monitoring Why these incidents occur? (3)

  9. Internet Security Systems Network scanner Produces HTML reports Organized by severity Currently checks for ~1300 vulnerabilities ISS Scans

  10. Caveats Not 100% accurate A pretty decent indicator though Doesn’t see through your firewall Machine must be online Only looks for vulnerabilities it knows about ISS Scans (2)

  11. Recommend getting report once per quarter Or any time you are suspicious Or have significant changes Request from security@northwestern.edu Send IP addresses you wish scanned Can specify a range or subnet ISS Scans (3)

  12. Contact Information 1-847-491-4058 1-847-467-2222 (NOC 24x7) security@northwestern.edu r-safian@northwestern.edu Questions?

More Related