Security Great Expectations Clifford Collins Manager Network Security

  • Slides: 14
Download presentation
Security: Great Expectations Clifford Collins Manager, Network Security Services

Security: Great Expectations Clifford Collins Manager, Network Security Services

Network Security Services ¨ Focused on higher education in Ohio ¨ Driven by feedback

Network Security Services ¨ Focused on higher education in Ohio ¨ Driven by feedback from OSTEER ¨ Supplements existing services ¨ Fee-based ¨ Two additional staff expected before the end of summer ¨ Full support of OARnet’s management

Initial service offering ¨ Site security audit – On-site investigation of infrastructure – Inventory

Initial service offering ¨ Site security audit – On-site investigation of infrastructure – Inventory of critical services – Internet scan for vulnerabilities – Intranet scan for vulnerabilities – Telephone scan for modem vulnerabilities – Analysis of results – Presentation and report of findings

Why a network security audit? ¨ You can’t manage a service you aren’t measuring

Why a network security audit? ¨ You can’t manage a service you aren’t measuring -- would you manage your personal finances without a bank statement? ¨ You can better justify the expenditure of funds to fix problems when you have facts to support your assertions ¨ It’s where the corporate world starts!

The deliverables: presentation and final report ¨ 1 -hour presentation at an executive level

The deliverables: presentation and final report ¨ 1 -hour presentation at an executive level ¨ Written executive summary ¨ Technical assessment with recommendations for remediation and projected costs and time estimates ¨ CD-ROM copy of all documents in password-protected Acrobat files

Technical report content Interesting ports on foo. bar. edu (10. 0. 0. 2): Port

Technical report content Interesting ports on foo. bar. edu (10. 0. 0. 2): Port 21/tcp 23/tcp 80/tcp 513/tcp State open Service ftp telnet http login TCP Sequence Prediction: Class=random positive increments Difficulty=49978 (Worthy challenge) Remote operating system guess: Free. BSD 2. 2. 1 - 4. 0

Technical report content (cont. ) Interesting ports on re. bar. edu (10. 0. 0.

Technical report content (cont. ) Interesting ports on re. bar. edu (10. 0. 0. 3): Port 135/tcp 139/tcp 1030/tcp State open Service loc-srv netbios-ssn iad 1 TCP Sequence Prediction: Class=trivial time dependency Difficulty=8 (Trivial joke) Remote operating system guess: Windows NT 4 / Win 95 / Win 98

Technical report content (cont. ) IP Address 10. 1. 1. 225 Vulnerability High DNS

Technical report content (cont. ) IP Address 10. 1. 1. 225 Vulnerability High DNS Name oracle: oracle Name Rexec Additional Info port 7 Severity default account accessible Description: An accessible default account was detected through rexec. Default accounts allow attackers easy access to remote systems. Fix: Disable the Rexec account or change the password to something difficult to guess.

Technical report content (cont. ) Unix: Disable login access to this Unix account if

Technical report content (cont. ) Unix: Disable login access to this Unix account if it is not needed. To remove login access for a Unix account, follow these steps: 1. Edit the /etc/passwd file. 2. Locate the account. 3. Place an * (asterisk) in the password field. 4. Place the string /bin/false in the shell field. An example of the /etc/passwd entry for a disabled guest account should resemble the following: guest: *: 2311: 50: Guest User: /home/guest: /bin/false 5. Save and exit the file.

Technical report content (cont. ) Windows: Change the password on this account to something

Technical report content (cont. ) Windows: Change the password on this account to something difficult to guess, or disable login access to this Windows account. To change a password on a Windows account, follow these steps: 1. Open User Manager. From the Windows NT Start menu, select Programs, Administrative Tools (Common), User Manager. 2. Double-click the account to display the User Properties dialog box. 3. In the Password field, type the new password. 4. In the Confirm Password field, confirm the new password. 5. Click OK. --OR--

Technical report content (cont. ) Windows continued: To disable login access to a Windows

Technical report content (cont. ) Windows continued: To disable login access to a Windows account, follow these steps: 1. Open User Manager. From the Windows NT Start menu, select Programs, Administrative Tools (Common), User Manager. 2. Double-click the account to display the User Properties dialog box. 3. To disable the account, select the Account Disabled check box. 4. Click OK.

How much will this cost? ¨ Guidance from last October’s meeting ¨ Principally driven

How much will this cost? ¨ Guidance from last October’s meeting ¨ Principally driven by size of address space ¨ Must cover the cost to support a central infrastructure and some staff ¨ Can be reduced by committing to periodic audits to amortize licensing costs

Future expectations ¨ Security education and training ¨ Security resources web site ¨ Certificate

Future expectations ¨ Security education and training ¨ Security resources web site ¨ Certificate Authority and PKI ¨ Incident response support ¨ Site licensing of security software ¨ Broaden firewall offering

Questions?

Questions?

Class Expectations Grading and Materials 2016 Expectations ExpectationsClass Expectations Grading and Materials 2016 Expectations Expectations
COLLINS AEROSPACE Email Preferences And Notification Management CollinsCOLLINS AEROSPACE Email Preferences And Notification Management Collins
ICS presents Collins Correctional Facility Collins Correctional FacilityICS presents Collins Correctional Facility Collins Correctional Facility
COLLINS AEROSPACE User Profile Management Collins C ustomCOLLINS AEROSPACE User Profile Management Collins C ustom
COLLINS AEROSPACE Account Statement and Invoices Collins CustomerCOLLINS AEROSPACE Account Statement and Invoices Collins Customer
COLLINS AEROSPACE How to Register For Access CollinsCOLLINS AEROSPACE How to Register For Access Collins
COLLINS AEROSPACE Account Statement and Invoices Collins CustomerCOLLINS AEROSPACE Account Statement and Invoices Collins Customer
Suzanne Collins THE HUNGER GAMES Suzanne Collins bSuzanne Collins THE HUNGER GAMES Suzanne Collins b
COLLINS AEROSPACE Password Reset and Access Management CollinsCOLLINS AEROSPACE Password Reset and Access Management Collins
Supportive Pathways Marlene Collins 2009 Welcome Marlene CollinsSupportive Pathways Marlene Collins 2009 Welcome Marlene Collins
Introduction to Poetry Billy Collins Billy Collins uIntroduction to Poetry Billy Collins Billy Collins u
Petra Collins Early life Petra Collins attended thePetra Collins Early life Petra Collins attended the
Great Expectations Citywide Instructional Expectations 2011 2012 TheseGreat Expectations Citywide Instructional Expectations 2011 2012 These