PC Security at JMU.

Uploaded on:
Category: Sports / Games
PC Security at JMU A Commonplace Day no less than 60% of the email got by JMU is SPAM. The JMU email framework rejects 240 messages For every Moment at crest times. A huge number of infections every day… some of the time every hour Several misrepresentation endeavors for each day ("phishing")
Slide 1

PC Security at JMU

Slide 2

A Typical Day no less than 60% of the email got by JMU is SPAM. The JMU email framework rejects 240 messages PER MINUTE at top times. A great many infections for every day…sometimes every hour Hundreds of extortion endeavors every day (“phishing”) Computers on the JMU system are presented to verging on steady observation, disease, and abuse endeavors From the Internet And from grounds. At any given time, there are no less than ten contaminated PCs on JMU system attempting to taint different PCs. PC administrators at JMU visit many malignant sites every day gambling contamination of their PC

Slide 3

Forged Email ( @ jmu.edu )

Slide 4

Malicious Instant Message Events

Slide 5

Internet Network Scans

Slide 6

Attacks on JMU Web Servers

Slide 7

Large Scale Web Site Compromises Number of destinations as reflected by Google hunt down infused connections Recently traded off locales found with Google Search

Slide 8

Compromised Sites Sony Playstation USA Today BusinessWeek Major League Baseball National Hockey League Commonwealth of Virginia Scotland Yard Los Alamos National Laboratory Oak Ridge National Laboratory Texas National Guard Sunkist Phoenix Mars Lander Mission Department of Homeland Security

Slide 9

Higher Education Incidents

Slide 10

University of Washington Crawl of 45,000 sites: Percent of sites saw offering tainted executables: 16.3% of Celebrity sites 11.5% of Wallpaper sites 11.4% of Adult sites 5.6% of Game sites 3.5% of Music sites 2.7% of Children sites 2.2% of Pirate sites.:

Slide 11

Symantec Internet Security Threat Report January-June 2005 10,866 new Windows infections Of the 50 most normal reported, 74% uncover private data 10,352 BOTS distinguished every day 1,862 new programming deformities Average time to abuse – 6 days Average time to fix – 54 days 5.7 million deceitful “phishing” email messages every day Today

Slide 12

Malicious Software One hostile to infection merchant reported delivering a bigger number of marks in 2007 than in the previous 15 years.

Slide 13

Today’s Computer Viruses Silent Subversive Smart Collect passwords and record numbers Send spam, phishing, and infection seeding messages Act as phishing sites or BOT controllers Distribute copyrighted materials and smut Break into different people’s PCs and records Launch foreswearing of administration assaults Perform extortion View web cam and listen to receiver

Slide 14

Today’s Computer Viruses A “infected” desktop today is an apparatus for crooks A keen bomb A remote control specialists A spy

Slide 15

What Happens When Security Fails? Phishing IRCBOTs Keylogger Loss of secrecy, honesty, and/or accessibility of information or administrations Loss of certainty

Slide 16

IRCBOT Infected Computers

Slide 17

What Happens When YOUR Security Fails? Regardless of the possibility that you “don’t have anything of value”, your PC is profitable to lawbreakers. Your records Its entrance to the JMU system As a middle of the road assault vehicle As capacity

Slide 18

eID e-grounds Jess Secureweb Web.jmu.edu www.jmu.edu General webservers Network Registration Campuslink dial-in E-mail SSH Forums Blackboard Assessment Novell document/print Windows area Windows Active Directory Wireless Remote VPN Social Security Number Grades Email Pay stubs

Slide 19

Grades SSN Credit Cards Performance Evaluations Medical Resumes Research Vendor Purchasing Financial Reports Organizational Planning Environmental control frameworks Credit card handling frameworks Building section and security frameworks ID/check card frameworks Office desktops? Home desktops? Tablets? Compact disc? USB Drive? Floppy? Mobile phone? PDA? Shared envelope? One oversight What Data is on Your Desktops?

Slide 20

What are We Protecting? Our own PC and data Our constituent’s data and administrations Our organization’s data, system, and administrations Partners’ data, system, and administrations

Slide 21

Security Goal Reduce the danger of misfortune to a satisfactory level We can not dispose of danger. There will dependably be lingering danger. Lessening danger has costs as a security disappointment: Time (dependably) Money Access Convenience Privacy Freedom Complaints Quality of life Service conveyance Compare to expenses of security occurrences on past slide - parity

Slide 22

Security Keystones Security

Slide 23

What are our Weaknesses? Systems and Societies Must Have Cooperation to Work Throwing blocks through windows Driving down the wrong side of the road Stealing mail from letter drops Can you secure your home or auto? The Internet augments the range of uncooperative individuals

Slide 24

Where are our shortcomings? Our Systems give easy prey Complex – blunder inclined in outline, execution, setup, and utilization Defective security controls Lack of access controls in most default arrangements Not intended for unfriendly environment Not kept up for threatening environment

Slide 25

Cybercrime Attributes Worldwide, moment portability Worldwide, mysterious versatility Worldwide, unlimited versatility At each system association At each console At each uncovered site At each traded off PC or fake message

Slide 26

Where are Our Weaknesses? A gatecrasher just needs to discover one section point. A shield needs to close or watch all section focuses while completing work. One error, one oversight, one wrong mouse snap makes open door for the aggressor

Slide 27

Trust => Risk Ignorance (disappointment of mindfulness) Faulty Risk Assessment suppositions Failed Access Controls Failed Monitoring Processes Inadequate Response Inappropriate Use ==================== Misplaced TRUST Unaccepted Access ====> Unaccepted Risk The more we trust, the more we better screen.

Slide 28

Privacy and Social Engineering Alumni of SMAD. I lament the interruption on your occupied calendars in any case, a circumstance has come up that includes one of your graduated class individuals and, requires our quick consideration. I lament to declare that Sean Harrington,class of 1996 is sick in London and i am attempting to raise stores for him so he can experience chemotherapy. I am utilizing this medium to contact kindred individuals from the graduated class to check whether they can make commitments. I am going about as the facilitator for this help action.If you are occupied with helping please answer and let me know. Answers ought to be sent to alumniaid@hotmail.com Bill. Hunt down JMU CIS Majors Search for JMU ISAT Majors

Slide 29

Risk Evolution Decreasing Fundamental working framework and server deformities Increasing Human blunder because of multifaceted nature Desktops Distributed information Client applications Web applications Partners and Mashups

Slide 30

There is no enchantment shot! Hostile to infection programming Firewalls Security Updates Those are only the starting! Dispose of or diminish superfluous danger in everyday utilization .

Slide 31

Unnecessary Risk Unnecessary programming Screen savers Games Entertainment Web downloads Unnecessary introduces when all is said in done Unnecessary benefits Unnecessary access

Slide 32

Computer Security at JMU www.jmu.edu/figuring/security StartSafe RUNSAFE Hot Topics Critical Security Updates General I

View more...