Академический Документы
Профессиональный Документы
Культура Документы
Countermeasures
Version 6
Module XXI
Physical Security
Real World Scenario
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Real World Scenario
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
News
Source: http://www.bdafrica.com/
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Module Objective
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Module Flow
Physical Security
S
Security
i Statistics
S i i Checklist M
Mantrap
Challenges in Ensuring
Physical Security Locks Physical Security
Need For
Physical Security Wireless Security Spyware Technologies
Factors Affecting
Physical Security Laptop Thefts Countermeasures
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Security Facts
E l i detection
Explosion d t ti d
devices
i – 9%
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
News
Source: http://searchstorage.techtarget.com
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Understanding Physical
Security
Since man always had something important to protect, he found various methods of
protecting it
Egyptians
gyp were the first to develop
p a working
g lock
Physical security describes the measures that prevent or deter attackers from accessing a
facility resource
facility, resource, or information stored on the physical media
Major security actions that are involved with physical security are intended to protect the
computer from climate conditions, even though most of them are targeted at protecting
th computer
the t from
f iintruders
t d who
h use, or attempt
tt t tto use physical
h i l access tto th
the computer
t
to break into it
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Physical Security
Physical security describes measures taken to protect personnel, critical
assets,, and systems
y against
g deliberate and accidental threats
Physical
• Physical measures are taken to secure assets e.g.
deploying security personnel
Technical
• Technical measures are taken to secure services and
pp
elements that support Information Technologies
g e.g.g
security for server rooms
Operational
• Common security measures are taken before
performing an operation such as analyzing threats of
an activity and taking appropriate countermeasures
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
What Is the Need for Physical
Security
To prevent tampering/stealing
of data from computer systems
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Who Is Accountable for Physical
Security
In most organizations, there is not a single person who is
accountable for physical security
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Factors Affecting Physical
Security
Factors that affect the p
physical
y securityy of
a particular firm:
• Vandalism
• Theft
• Natural calamities:
• Earthquake
• Fire
• Flood
• Lightning and thunder
• Dust
• Water
• Explosion
• Terrorist attacks
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Physical Security Checklist
Company surroundings
Premises
Reception
Server
Workstation area
Wireless access points
Other equipment, such as fax, and removable media
Access
ccess control
co t o
Computer equipment maintenance
Wiretapping
Remote access
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Physical Security Checklist:
Company Surroundings
The entrance to the company premises
should be restricted to only authorized
access
• Fences
• Gates
• Walls
• Guards
• Alarms
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Gates
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Security Guards
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Physical Security Checklist:
Premises
• Ch
Checking
ki for
f roof/ceiling
f/ ili access through
th h
AC ducts
• Use of CCTV cameras with monitored
screens and video recorders
• Installing intruder systems
• Installing panic buttons
• Installing burglar alarms
• Windows and door bars
• Deadlocks
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
CCTV Cameras
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Physical Security Checklist:
Reception
The reception area is supposed to be a busier area than
other areas of the firm with the number of people
entering and exiting
The
h reception
i area can b
be protected
d
by:
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Reception
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Physical Security Checklist: Server
The server, which is the most important factor of any network, should be given
a high
g level of securityy
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Server Room
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Physical Security Checklist:
Workstation Area
• Use CCTV
• Screens and PCs should be locked
• Workstation layout design
• Avoid removable media drives
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Physical Security Checklist:
Wireless Access Points
If an intruder successfully connects to the firm’s wireless access points,
th he
then h is
i virtually
i t ll inside
i id th
the LAN like
lik any other
th employee
l off the
th fi
firm
To p
prevent such unauthorized access,, the wireless access points
p should
be secured
Guidelines
id li to ffollow:
ll
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Physical Security Checklist:
Other Equipment
Other equipments
equipments, such as fax
fax,
and removable media
• S
Suchh equipment
i t should
h ld bbe secureddbby
following these steps:
• Fax machines near the reception area
should be locked when the receptionist
p is
not at the desk
• Faxes obtained should be filed properly
• Modems should not have auto answer
mode enabled
• Removable media should not be placed in
public places, and corrupted removable
media should be p physically
y y destroyed
y
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Physical Security Checklist:
Access Control
Access control is used to prevent unauthorized access to any sensitive
operational
ti l areas
Entry cards
Man traps
Identification badges
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Physical Security Checklist:
Biometric Devices
According to www.whatis.com,
www whatis com “Biometrics
Biometrics is the science and technology of
measuring and statistically analyzing biological data”
Fingerprinting
Iris Scanning
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Biometric Identification
Techniques (cont
(cont’d)
d)
Retinal scanning
• Id
Identifies
ifi a person bby analyzing
l i
the layer of blood vessels at the
back of the eye
Vein Structure
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Authentication Mechanisms
Something
g yyou are :
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Authentication Mechanism
Challenges: Biometrics
Fingerprints can be faked with ease
Signature recognition and hand geometry face the common problem of matching the
patterns from a large database which might lead to higher number of false positives and
false negatives
Retinal scan can hinder accuracy if the user does not focus on a given point for scan. Iris
scan machines are very expensive
Some users object to vascular pattern technology that uses infrared light
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Faking Fingerprints
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Faking Fingerprints (cont’d)
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Faking Fingerprints (cont’d)
Add a small
ll drop
d off glycerine
l i tto h
help
l iin th
the process off
making the dummy. Use a roller for letter press printing
After the glue dries up, it is pulled off the foil, and is cut to
finger size
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Physical
y Securityy
Checklist
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Smart Cards
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Security Token
Security
S it ttokens
k provide
id an extra
t llevell off assurance th
through
h
a method known as two-factor authentication:
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Computer Equipment
Maintenance
The AMC company personnel should not be left alone when they come
for the maintenance of the computer equipment
The toolboxes and the bags of the AMC company personnel should be
thoroughly scanned for any suspicious materials that could
compromise the security of the firm
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Wiretapping
Copyright © by EC-Council
Source:kropla.com/phones.htm
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Remote Access
company
Remote access is an easy way for an employee of a firm to work
f
from any place
l outside
id the
h company’s ’ physical
h i lb boundaries
d i
Source: http://www.normantranscript.com/
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Locks
L k are used
Locks d to
t restrict
t i t physical
h i l access tto an assett
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Locks (cont’d)
Mechanical Locks
• Mechanical locks have moving parts that operate without electricity
• There are two types of mechanical locks:
• Warded
• Tumbler
Electric Locks
• Electric locks are comprised of electronic devices with scanners that
identifyy users and computers
p that p
process codes
• Electric locks consist of the following types:
• Card access systems
• Electronic combination locks
• Electromagnetic
g locks
• Biometric entry systems
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Lock Picking
To prevent lock
picking:
• Use a better quality of lock
• Do not give the keys to anyone, as
key imprints can be taken for
making a duplicate key
• Do not reveal the lock codes
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Lock Picking Tools
Auto Jigglers
Cylinder Lock
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Information Security
Password protection /
Complex passwords
Firewalls
I
Intrusion
i detection
d i systems
EPS includes:
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Laptop Theft Statistics for 2007
S
Source: h
http://www.noticebored.com
// i b d
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Statistics for Stolen and
Recovered Laptops
Source: http://articles.techrepublic.com.com/
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Laptop Theft
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Laptop Theft (cont’d)
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Laptop theft: Data Under Loss
Source: http://news.com.com
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
News
Source: http://www.cio.co.uk/
http://www cio co uk/
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Laptop Security Tools
www.computersecurity.com
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Laptop Tracker - XTool Computer
Tracker
What happens when your computer has been lost or stolen? Stealth
S l h signal
i l
Control center
Don't you wish your computer could call you and tell you it's
location?
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Tools to Locate Stolen Laptops
These are p
programs
g that will report
p the location of a stolen laptop
p p
Ztrace Gold
tools
• www.ztrace.com
CyberAngel
• www.sentryinc.com
ComputracePlus
p
• www.computrace.com
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Stop's Unique, Tamper-proof
Patented Plate
STOP pplaces "Stolen Property"
p y and a toll-free number
b for verification
and anti-theft information
This tattoo
t tt cannott b be removed
db by any meanss without
ith t marking
ki or
defacing the case, and the police and resellers recognize such a mark as
a telltale sign that the property is stolen
Source: http://www.securitygroupintl.com/
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Tool: TrueCrypt
Source: www.truecrypt.org
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Laptop Security Countermeasures
T
Trace a stolen
l llaptop's
' llocation
i
Add third-party
third party privacy protection for highly sensitive data
Request
R q t for
f access (N
(Normally
ll Request
R q t for
f access
Closed) (Normally Closed)
Door 1 Door 2
Inputs Inputs
Door 1 Door 2
Outputs Outputs
Magnetic Lock Magnetic Lock
Green Light
g g
Green Light00
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
TEMPEST
Sources of TEMPEST
• Functional Sources
• Generates electromagnetic energy like oscillators and
signal generators
• Incidental Sources
• Do not generate electromagnetic energy such as
yp motors
electromechanical switches and brush-type
Types of TEMPEST
• RED Baseband Signals
• Modulated Spurious Carriers
• Impulsive Emanations
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Challenges in Ensuring Physical
Security
Terrorism
Sophisticated Technologies
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Spyware Technologies
Hidden cameras
cameras, voice recorders,
recorders and spy cameras carried
by your employees can defeat your physical security policy
• Video Recorders
• Audio Devices
Categories
g • g Detectors
Bug
• Home Security
• Spy Gear
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Spying Devices
Spy Glasses Lock Pick Set
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Spying Devices (cont’d)
Hibben Claw Spray to see things
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Spying Devices (cont’d)
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Spying Devices (cont’d)
Spying Camera
Phishing Intrusion Cell
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Physical Security: Lock Down
USB Ports
Sometimes, it may not assure guaranteed protection against stealing of data
What if the intruder carries his own USB memory sticks and connects them to the
computers at their office?
In a fraction of a second, an intruder can steal all the business information needed for
establishing his own company where he can get the customer’s database
To p
prevent the above situations,, there is a need for the administrator to lock down the
USB ports
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Tool: DeviceLock
Device Lock is a device control solution to
safeguard network computers against internal
and external attacks
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Blocking the Use of USB Storage
Devices
DeviceLock Screenshots
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Track Stick GPS Tracking
Device
Track Stick records its own location, time, date, speed,
heading and altitude at preset intervals
heading,
Advantages:
Appoint Security officers, who would be accountable for any security breach in a firm
Device Lock is a device control solution to safeguard the network computers against
internal and external attacks
All organizations
g should have a checklist for p
physical
y securityy as a p
part of their securityy
check-ups
You cannot do anything to prevent natural disasters, but the loss can be decreased
substantially if a security policy is properly implemented
IImplementation
l t ti off physical
h i l security
it policy
li and
d social
i l engineering
i i tactics
t ti are th
the ttwo bi
big
challenges for physical security
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Copyright © by EC-Council
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited