27
Computer and Information Security Protecting yourself and your clients in the wild and wooly online world

Computer and Information Security

  • Upload
    sera

  • View
    43

  • Download
    5

Embed Size (px)

DESCRIPTION

Computer and Information Security. Protecting yourself and your clients in the wild and wooly online world. To protect your computer and information assets…. …buy a Mac!. The End. Mac Hacked Via Safari Browser in Pwn-2-Own Contest. - PowerPoint PPT Presentation

Citation preview

Page 1: Computer and Information Security

Computer and Information Security

Protecting yourself and your clients in the wild and wooly online world

Page 2: Computer and Information Security

To protect your computer and information assets…

Page 3: Computer and Information Security

…buy a Mac!

Page 4: Computer and Information Security

The End

Page 5: Computer and Information Security

Mac Hacked Via Safari Browser in Pwn-2-Own Contest A zero-day vulnerability … Macaulay

pwned the Mac by sending it an e-mail that directed a user to a malicious site. Upon visiting the site, the user … was infected with malware, without clicking on anything within the site.

-- eWeek Security Watch

Page 6: Computer and Information Security

Vectors for getting “pwned” Physical access

Theft Seizure Attack of opportunity

Network access Browsing the Web Using email Using a wireless connection …

Page 7: Computer and Information Security

Physical protection

Leave sensitive information at home Separate data from hardware Use encryption Use strong passwords Eliminate sensitive information Log out when not using

Page 8: Computer and Information Security

Cracking passwords Single word found in dictionary: ~ 1 s

Example: “translator” 7 random lowercase letters: ~ 45 m

Example: “uklahva” 10 random characters: ~ 632,860 years!

Example: “4pRte!ai@3” (With Moore’s Law: 30 years)

Source: Wikipedia (Password strength)

Page 9: Computer and Information Security

Network vulnerabilities

Page 10: Computer and Information Security

Internet & email

Cross-site scripting (XSS) Phishing (social engineering) Viruses …

Page 11: Computer and Information Security

On a network: batten the hatches

Filter Block Ignore

Page 12: Computer and Information Security

Internet

Page 13: Computer and Information Security

Firefox

Safer Cross-platform Free/Libre Add-ins All the cool kids are using it!

Page 14: Computer and Information Security

Vital Firefox Add-ins

Web of Trust NoScript

Page 15: Computer and Information Security

Web of Trust

Warns users about risky websites that try to scam visitors, deliver malware, or send spam.

Page 16: Computer and Information Security

ginstrom…

Page 17: Computer and Information Security

warez…

Page 18: Computer and Information Security

NoScript

Allows JavaScript, Java, Flash and other plugins to be executed only by trusted web sites of your choice.

Page 19: Computer and Information Security
Page 20: Computer and Information Security

Scripts from 15 sites!

Page 21: Computer and Information Security

Safer Email

View email as plain text Beware of phishing Spam filtering

Page 22: Computer and Information Security

Example: MS Outlook

Page 23: Computer and Information Security
Page 24: Computer and Information Security
Page 25: Computer and Information Security
Page 26: Computer and Information Security

SpamBayes

http://spamassassin.apache.org/

SpamAssassin

http://spambayes.sourceforge.net/

http://spambayes.sourceforge.net/
http://spambayes.sourceforge.net/
http://spambayes.sourceforge.net/
Page 27: Computer and Information Security

Stay Safe!

http://ginstrom.com/ijet-19/


security information system

security information system

Business
keamanan komputer / computer security

keamanan komputer / computer security

Documents
Computer security awareness

Computer security awareness

Documents
Information security policy

Information security policy

Education
Information Security · BSc (Hons) Computer Science BSc (Hons) Computing & Information Systems BSc (Hons) Computing Studies The Education University of Hong Kong BEd (Hons) (Secondary)

Information Security · BSc (Hons) Computer Science BSc (Hons) Computing & Information Systems BSc (Hons) Computing Studies The Education University of Hong Kong BEd (Hons) (Secondary)

Documents
Information System Security

Information System Security

Documents
Information security & isms

Information security & isms

Documents
Computer Security. What is Information Security? The protection of the information assets stored within your computer, against unauthorized access

Computer Security. What is Information Security? The protection of the information assets stored within your computer, against unauthorized access

Documents
Keamanan Komputer (Computer Security)

Keamanan Komputer (Computer Security)

Documents
LAPORAN PENYELIDIKAN & SISWAZAH FSTP (Jan -DIS 2013)Cyber Security (Information Security, Malware, Cryptography, Network security, Digital Forensic, etc) Computer Science (AI, Data

LAPORAN PENYELIDIKAN & SISWAZAH FSTP (Jan -DIS 2013)Cyber Security (Information Security, Malware, Cryptography, Network security, Digital Forensic, etc) Computer Science (AI, Data

Documents
Computer Network Security

Computer Network Security

Documents
Information Security and Governance Policy · PDF fileInformation Security and Governance Policy . Version: ... ASSET MANAGEMENT ... Information Technology – Information

Information Security and Governance Policy · PDF fileInformation Security and Governance Policy . Version: ... ASSET MANAGEMENT ... Information Technology – Information

Documents
Contributions to Organizational Information Security · tainable information security programs. This cumulative dissertation aims at contrib-uting to the field of information security

Contributions to Organizational Information Security · tainable information security programs. This cumulative dissertation aims at contrib-uting to the field of information security

Documents
Introduction to Information Security Lecture 2: Quick Overview on Information Security 2009. 6

Introduction to Information Security Lecture 2: Quick Overview on Information Security 2009. 6

Documents
Computer Security Book (1)

Computer Security Book (1)

Documents
Practical Issues in Teaching Computer Forensics Dr. Iain Sutherland Information Security Research Group, School of Computing

Practical Issues in Teaching Computer Forensics Dr. Iain Sutherland Information Security Research Group, School of Computing

Documents
Computer Security (1 부 )

Computer Security (1 부 )

Documents
Computer and Information Security Protecting yourself and your clients in the wild and wooly online world

Computer and Information Security Protecting yourself and your clients in the wild and wooly online world

Documents
[Type here] · 2020. 7. 6. · dos Santos Brandao, and Mauro Cesar Bernardes. "Ontologies for information security management and governance." Information Management & Computer Security

[Type here] · 2020. 7. 6. · dos Santos Brandao, and Mauro Cesar Bernardes. "Ontologies for information security management and governance." Information Management & Computer Security

Documents
Computer Network Security · Computer Network Security Lương Trần Hy Hiến. COMP1049 - Bảo mật và An ninh Mạng –Network Security C5

Computer Network Security · Computer Network Security Lương Trần Hy Hiến. COMP1049 - Bảo mật và An ninh Mạng –Network Security C5

Documents
CSE 127 Computer Security

CSE 127 Computer Security

Documents
Information Security

Information Security

Documents
Computer ethics and system security

Computer ethics and system security

Technology
Transforming Information Security to Information Risk Management

Transforming Information Security to Information Risk Management

Technology
Information technology - Security techniques - Information

Information technology - Security techniques - Information

Documents
COMPUTER SECURITY

COMPUTER SECURITY

Documents
Project in Computer Security

Project in Computer Security

Documents
A Cryptography Primer - cdn.ttgtmedia.comcdn.ttgtmedia.com/rms/security/Computer and Information Security... · Chapter 3 A Cryptography Primer Scott R. Ellis kCura Corporation, Chicago,

A Cryptography Primer - cdn.ttgtmedia.comcdn.ttgtmedia.com/rms/security/Computer and Information Security... · Chapter 3 A Cryptography Primer Scott R. Ellis kCura Corporation, Chicago,

Documents
Cyber Computer Security Identitas Diri

Cyber Computer Security Identitas Diri

Documents
Assistant Director Computer Center - uni.net.th · PDF fileISO27001:2013 ISO/IEC 27001 Information Technology -Security Techniques-Information security management systems-Requirements

Assistant Director Computer Center - uni.net.th · PDF fileISO27001:2013 ISO/IEC 27001 Information Technology -Security Techniques-Information security management systems-Requirements

Documents