1 / 40

Computer Security in Higher Education

Computer Security in Higher Education. David Brumley dbrumley@stanford.edu. Things To Come. Need for policies and procedures Proper staffing and funding Clear, consistent, and followed plans. Stanford Infrastructure. 55,000 registered nodes 58,000 active principles

minowa
Download Presentation

Computer Security in Higher Education

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Computer Security inHigher Education David Brumleydbrumley@stanford.edu

  2. Things To Come • Need for policies and procedures • Proper staffing and funding • Clear, consistent, and followed plans

  3. Stanford Infrastructure • 55,000 registered nodes • 58,000 active principles • 800 MB/day web data alone • 3.5 million/day email messages • 200 to 700 mb/s bandwidth

  4. Why Security? • Do your users have any expectation of privacy? • Do you have assets that need protecting? • Have you considered the cost of system compromises vs. protection?

  5. Attacks Happen

  6. FY97 FY00 Incident Type Comparison

  7. Worried about Privacy? • School Records • Directories (FERPA) • Email • Homework • Hospital/Medical Records • HIPPA

  8. Computer Security Is... Primarily risk management by ensuring: • Confidentiality • Integrity • Availability

  9. System Confidentiality [root@topsecret cctest]# pwd /var/lib/mysql/cctest [root@topsecret cctest]# strings customer.MYD david brumley 351 Monroe Palo Alto Anton Ushakov 590 Escondido Mall Russ Alberry 101 Great America Parkway [root@topsecret cctest]# strings orders.MYD 9 piece knife set 34233394134272MasterCard 9910 Sickle and Hammer 543543545345452Visa 0120 3 towels 656565655555Visa 9920 • Many believe there is nothing valuable on their system, but: • System can serve to launch attacks • There may be unexpected information on the host

  10. Network Confidentiality H Hacker listening regardless of MAC A B DST MAC A DST MAC B

  11. Network Sniffers psych-Wylie-NT.Stanford.EDU => pobox3.Stanford.EDU [110] USER sleeples PASS password STAT UIDL QUIT ----- [FIN] psych-3354-dreamscape.Stanford.EDU => daydream.Stanford.EDU [23] !'''#P 38400,38400#dreamscape.stanford.edu:0'DISPLAYdreamscape.stanford.edu:0XTE R Moscar password2 elm jjjjjjjjjjjjjjjjjjjjjj ----- [Timed Out] voodoo.Stanford.EDU => lucas.Stanford.EDU [21] (#USER menon PASS password3 SYST PORT 171,65,60,163,5,104 LIST CWD /home/pub/gary CWD /home/pub/ CWD /home/ ----- [Timed Out] psych-3367-macG3.Stanford.EDU => elaine18.Stanford.EDU [23] %%jboyett%IR.STANFORD.EDU@(P^$:-)':ca<`%.+vc6s}DF~T[f8FLc|vI;#wG\CN6MYlP%6M-&&&& & #'$&&Y`&&VT100& wl\cfCCSDK) >aWHW^H >rGhsN{q0jxU `&$$ vQa;j:T8%H>VzL d>7s_ ----- [Timed Out]

  12. University Of Washington Sniffer Summer 2000: • NT IIS Web Server compromise • Password sniffer installed • Exposed 5000 medical records

  13. Ensuring Confidentiality • Strong Authentication • No clear text logins • Kerberos • SSH • Strong Authorization • AFS • Directory ACL’s

  14. Kerberos

  15. Populating the KDC

  16. Compromises of Integrity • ls (dir) - doesn’t show intruders files • ps (task manager) - doesn’t show intruders processes • ifconfig - doesn’t show interface in promisc mode • zap - cleans log files • fix - fixes timestamp and checksum info • chfn - gives root shell with proper arg • login - gives root shell w/ proper password • inetd (runs network services like “telnet”) - gives full access on a particular port

  17. Integrity Compromise Example Normal System: sunset:security> telnet elaine Trying 171.64.15.86... Connected to elaine21.stanford.edu. Escape character is '^]'. UNIX(r) System V Release 4.0 (elaine21.Stanford.EDU) elaine21.Stanford.EDU login: Hacked System: sunset:security> telnet jimi-hendrix 1524 Trying 171.65.38.180... Connected to jimi-hendrix.Stanford.EDU (171.65.38.180). Escape character is '^]'. # ls -altr /; total 1618 -r-xr-xr-x 1 root root 1541 Oct 14 1998 .cshrc drwx------ 2 root root 8192 Apr 14 1999 lost+found drwxr-xr-x 1 root root 9 Apr 14 1999 bin drwxrwxr-x 2 root sys 512 Apr 14 1999 mnt

  18. Ensuring Integrity - Axioms • All programs are buggy • The larger the program, the more bugs it will have • If a program isn’t ran, it doesn’t matter if it’s buggy • Hosts should run as few services as possible

  19. Building Integrity • Create easy to use resources for system security: • Templates • Distributions • Best use documents • Defense in Depth is the goal

  20. Threats to Availability • System intrusion • Denial of Service Attack • Domain Name Hijack/Modifications

  21. RSA.COM’s Availability

  22. The Master Plan • Asses situation • Create policies, procedures, and implementation plan • Create infrastructure • Maintain infrastructure • Lather, rinse, repeat.

  23. Getting Started • Assessing where you are at: • What policies exist? • What staff is already in place? • What services are offered? • What services will be offered?

  24. Policy Key Points • What are you protecting? • Who has authority? • What are the resources for? • What organizational units are there?

  25. The Key The policy must be approved at the highest levels in order to deal with irate: • Nobel prize laureates • Crafty Students • Other political entities

  26. Security Office Plan • Plan base authentication, authorization, and integrity mechanisms • Work with infrastructure groups to utilize security resources • Educated the community

  27. Creating Infrastructure Major points in an assessment: • Create scalable architectures • Create robust architectures • Create low-risk architectures

  28. Ex: Integrating Kerberos

  29. Allocating Resources • Staff and budget are needed, but security gets easier and cheaper as time goes on. • Fundamental knowledge for computer security staff is knowledge of operating systems and programming • Leverage off existing infrastructure to minimize long-term cost

  30. The Benefits • Guaranteed and quick response • Guaranteed responsibility • Protection • Be a good net-citizen

  31. Quick Response From: xxxx@leland.Stanford.EDU Sent: Saturday, May 29, 1999 5:46 AM Subject: As we'll know how fxxxxx Stanford housing situation is, still our hypocrit spic-and-nigger loving administration has done nothing but keep accepting more and more of these motherxxxxx black jelly beans. These dirty cheating son of xxxxx ....[edited].... ================================================================ Firstname Lastname Engineering-Economic Systems & Operations Research Address Stanford University Stanford CA 94305 http://www.geocities.com/CollegePark/Grounds/2511

  32. Quick Response • August 8, 1999 • 46 Solaris machines compromised • trin00 installed • 24 hours for cleanup • Quite possibly avoided large scale internet attack

  33. Protection • SULinux • Best use documents • Policy enforcement

  34. Public Service • Feb 1999 - ShadowKnight compromises Stanford hosts • Feb 1999 - Aug 1999 Stanford monitors hacker • Nov 2000 - Jason Diekman, aka ShadowKnight, convicted

  35. Protect • Assess critical infrastructure security • Legal point of contact for problems • Advise and help deploy security infrastructure • Help keep network available for academic use

  36. Summary • Need policies and procedures • Need staff • Need Plan It really is that easy!

  37. Resources • Slides available athttp://theorygroup.com/Theory • See handout for additional resources

More Related