110 likes | 197 Views
Review Slides, Security +. Ted Demopoulos ted@demop.com. Risk Management. Security is all about Risk Management Risk = Vulnerability x Threat Vulnerability – a weakness in a system. All complex systems have vulnerabilities
E N D
Review Slides, Security + Ted Demopoulos ted@demop.com
Risk Management • Security is all about Risk Management • Risk = Vulnerability x Threat • Vulnerability – a weakness in a system. All complex systems have vulnerabilities • Threat – an event that can cause an undesirable outcome. Threat implies potential harm
SLE/ALE • SLE: Single Loss Expectancy – loss from a single event (how bad can it be?) • ALE: Annual Loss Expectancy – loss from a threat over an entire year (can it happen multiple times?)
Quantitative vs. Qualitative • Risk assessment can be Quantitative or Qualitative • Quantitative -- a quantity or number. e.g. if a Katrina strength hurricane hits again the expected loss is 22 billion dollars • Qualitative e.g. if a Katrina strength hurricane hits again it will be extremely bad
PGP versus PKI PKI – Central authority in change of trust, You MUST trust the central authority PGP – Closer to anarchy. NO central authority. Web of Trust – you trust your friends and many of your friend’s friends.
Access Control • Discretionary Access Control (DAC) • Users control • Mandatory Access Control (MAC) • Not controlled by users, requires matching clearance and classification levels (e.g. top secret, secret, classified, etc.) • Role Based Access Control (RBAC) • Based on group memberships
TCP/IP 3 way Handshake SYN SYN, ACK ACK
Some Common Ports (1) TCP 20, 21 – FTP (file transfer protocol) TCP 22 – SSH (secure shell) TCP 23 – telnet TCP 25 – SMTP (simple mail transfer protocol) TCP and UDP 53 – DNS (domain name system)
Some Common Ports (2) TCP 80 – HTTP (hyper text transfer protocol) TCP 110 POP3 (post office protocol) TCP 143 IMAP (internet message access protocol) TCP 443 SSL, HTTPS (secure sockets layer, HTTP over SSL)
Open Source Tools (not on test) Sniffers: TCPdump, Ethereal (now called Wireshark) 802.11: NetStumbler, Kismet Password Assessment: John the Ripper, Cain and Abel Vulnerability Assessment: Nessus Intrusion Detection: Snort