1 / 12

Threats to computers

Threats to computers. Andrew Cormack UKERNA. Daily reported attacks. Code Red (>850). Nimda (1936). Door rattling?. These numbers are from just one MAN And many probes scan thousands of hosts Millions of JANET hosts attacked every day Automated scan/compromise programs

wesley-bates
Download Presentation

Threats to computers

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Threats to computers Andrew Cormack UKERNA

  2. Daily reported attacks Code Red (>850) Nimda (1936)

  3. Door rattling? • These numbers are from just one MAN • And many probes scan thousands of hosts • Millions of JANET hosts attacked every day • Automated scan/compromise programs • If you’re vulnerable you will be compromised • Security by obscurity is no longer tenable

  4. What are the targets? • Random • Scripts pick random IP address ranges • Resources • Intruders like our bandwidth, disk space, CPU power • Reputation • Intruders gain kudos for compromising high-profile sites • Revenge • Has your institution upset anyone recently? • Retaliation • Has one of your (ab)users upset anyone?

  5. What can attackers do? • Read, delete, modify your data • Misuse your resources • So they aren’t available for your users • Attack others • Leaving you to take the blame • Attack you

  6. Real examples • All from JANET sites • Mostly from automated, dumb, programs • Because they can be examined • Because they (usually) only do one thing • How much more are intelligent people doing?

  7. Threats: access to information • Reading private information • Viruses actively seek out passwords and credit cards • Deleting vital information • Department lost all files for six months • Vandalism, or just removing traces? • Modifying information • Are there vulnerabilities in finance, exams, MLEs… ?

  8. Threats: abuse of resources • Software piracy • Departmental FTP server used for distribution • Pornography • University systems used to store personal collection • Site proxy used by group to access illegal material

  9. Threats: attacking others • Compromising systems • Worms attempt break-ins to anything running HTTP • Denial of Service (DoS) • Compromised machines join flooding networks • Viruses now carry these tools • Real-world crimes • Stolen credit card numbers used for purchases • Blackmail, defamation, incitement, stalking, …

  10. Threats: attacking you • DoS attacks take sites off network • Attacker with control of system is “inside” • Attack other systems • Read traffic on networks • Disrupt service • Firewall protection failed • Social engineering attacks

  11. Some good news • Attacking is not rocket science • Nor is defending • Most successful attacks are preventable • Well-publicised vulnerabilities • Software fixes freely available • Simple toolkit • Network configuration • Patches

  12. What can you do? • Crime prevention • Reduce open windows • Limit direct access from the Internet • Fit locks • Secure hosts that are exposed or critical • Guidelines and tools exist • Use them and make sure others do

More Related