Академический Документы
Профессиональный Документы
Культура Документы
Dr. Seeman
Slide 1: Title
This presentation covers an overview of what sorts of security an organization can have
to worry about, and what sorts of things they can do about that security.
In this presentation, we’ll be covering quite a few topics. These slides present an
overview of what is covered in this manual, and some of the details inherent in those topics
We need it because there are things we want to make sure that don’t get off of our
computers, and as we store more and more valuable information on them, the need for security
gets more prominent.
Slide 6: Attackers
There are a variety of different groups that may try and attack your computers, for
varying reasons. Here are some of the more prominent groups
• Cybercriminals - These guys are in it for the money, and are likely the largest group of
attackers you will have to deal with.
• Script Kiddies - While more numerous than many other types of attackers, script kiddies do
not have much in the way of technical skills and rely upon purchased or free tools and
exploits to perform attacks against whatever targets earned their ire.
• Hacktivists - These attackers are motivated not by financial gain, but by an attempt to
make a point for whatever activist organization or cause they represent.
• Government - The most fearsome of the attackers, if you have something that a
government wants, it is quite difficult to dissuade them from getting it.
Next, we’ll discuss malware, one of the most prevalent threats that affects computer
users. There are a variety of malware types, but for simplicity we split them into three main
groups:
• Virus/Malware are classified generally as ‘Malware that Spreads’. It’s main purpose is to self
perpetuate itself, with a virus generally also doing something else, while a worm spreads
with little other purpose than perpetuating itself.
• Adware/Spyware/Scareware are the last category and considered ‘Malware that Profits’. As
the name implies, the purpose of this sort of malware is to make money for its creator.
Adware does it by either adding additional ads to your machine, or interfering with other
machines; Spyware does it by collecting your personal information and selling it; and
Scareware does it by scaring you into directly sending them money.
To protect against malware, you can follow a simple couple of steps. First, run a reputable anti-
virus suite. This should pick up the majority of things that might infect you, only leaving the
new and obscure for it. Next, you should not run executable that didn’t come from somewhere
you trust, no matter what they claim to be. Finally, don’t plug in random USB devices that you
find; there have been multiple attacks that used these as a vector to infect the computer.
Passwords are something everyone has to deal with, and not everyone has a good idea
as to how to make them strong. In general, following the suggestions outlined in the slide of
using a long, complex, obscure and unrelated password will work well. In certain cases, a
passphrase, a long string of words together can be used instead. In general, length is the most
determinant factor, with the others depending on the type of attack you are up against. Against
a brute-force attack, complexity is the best mitigation. Against rainbow and dictionary attacks,
obscurity works best. Finally, while it isn’t mentioned, unrelated passwords are best against
keeping someone who knows you from guessing your password.