CIT380SecuringComputerSystems：CIT380保护计算机系统.pptVIP

CIT 380: Securing Computer Systems CIT 380: Securing Computer Systems Slide #* CIT 380: Securing Computer Systems Reconnaissance CIT 380: Securing Computer Systems Slide #* Topics Low Tech Reconnaissance Network Information Sources DNS Zone Transfers Network Mapping CIT 380: Securing Computer Systems Slide #* Reconnaissance Collecting security-relevant information about an organization, including: Locations Related entities Personnel: names, phone numbers, email addrs Privacy or security policies Network and system configuration Remote access methods CIT 380: Securing Computer Systems Slide #* Low Tech Reconnaissance Social Engineering Physical Break-In Dumpster Diving CIT 380: Securing Computer Systems Slide #* Social Engineering Attacker uses pretext to deceive organization member into giving out confidential information. Pretexts include personas and reasons: Personas New employee Sysadmin Manager Reasons Lost password Contact name/phone Reset password CIT 380: Securing Computer Systems Slide #* Social Engineering Defenses Security Policy Secure method for password resets. No requests for passwords. Security Awareness Program Educate personnel about social attacks. Educate personnel about security policy. CIT 380: Securing Computer Systems Slide #* Physical Break-In Methods of Entry Employment. Enter on someone else’s coat tails. Physical Access Already logged in system. System with password written down nearby. Install hardware/software key loggers. Plug in laptop to Ethernet port. Take removable media or even hard disks. CIT 380: Securing Computer Systems Slide #* Physical Defenses Security Policy Personnel cannot enter without card. No coat-tailing. Policy for ID card replacement/temporary IDs. Security Mechanisms Card reader access. Guards. Automatic screen locks after 5 minutes. Locked file cabinets/drawers. Encryption. CIT 380: Securing Computer Systems Slide #* Dumpster Diving Search trash for sensitive information Usernames and passwords, Phone