*BEGIN GRAPHICS VERSION=442/420 ENCODING=7BIT ** "Creator" brian ** "Creation Date" Sat May 4 18:52:16 2002 ** "Creation Version" 4.42 (1021.500) ** "Revisor" brian ** "Last Modified" Tue Apr 19 08:36:04 2005 ** "Last Modified Version" 4.42 (1021.500) FONT "Times" "Zapf Dingbats" "Swiss" "Morewingbats" "Dutch" END FONT SESSION WIN_SIZE <11974 7800> AUTOGRID ON PAGEWID 11000 PAGEHYT 8500 PRINTWID 11000 PRINTHYT 8500 PRINTLAND ON SLIDE_STYLE <0 -1 1> BACKFILL <34 2 5 1000 0 0 0> LINEFILL <21 21 5 1000 0 0 0> SHADOW <11 0 15 15> FONT 2 REZ <1 917 917 -1529 -503> END SESSION SLIDE_MASTER S_EXT1 <105 85 9892 1504> S_EXT2 <105 1562 9892 7370> T_ATTR0 BACKFILL <7 7 0 0 0 0 0> V_SPACE <0 611 0> SIZE 440000 BOLD ON HOR_JUST CENTER L_SPACE 611 MARGINS <0 0 0 0> END T_ATTR0 T_ATTR1 END T_ATTR1 S_ATTR0 BACKFILL <20 20 0 0 0 0 0> PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 BOLD OFF HOR_JUST LEFT L_SPACE 444 END S_ATTR0 S_ATTR1 END S_ATTR1 S_ATTR2 PARA <-500 1000 -500 1 1000 0 3 108> V_SPACE <28 389 0> SIZE 280000 END S_ATTR2 S_ATTR3 PARA <-500 1500 -500 1 1000 0 3 108> V_SPACE <28 333 0> SIZE 240000 END S_ATTR3 S_ATTR4 PARA <-500 2000 -500 1 1000 0 3 108> V_SPACE <28 306 0> SIZE 220000 END S_ATTR4 S_ATTR5 PARA <-500 2500 -500 1 1000 0 3 108> ITALICS ON END S_ATTR5 SLIDE_INFO SLIDE_STYLE <0 0 1> PAGE_BACKGD <0 0 1 17> C_SCHEME <7 7 20 20 21 21 34 2 23 27 44 12 1 0 0 0 0 0 0 0 0 0 0 11> END SLIDE_INFO .GRP BACKFILL <1 0 0 0 0 0 0> LINEFILL <1 2 5 1000 0 0 0> SHADOW <6 0 15 15> PARA <0 0 0 0 1000 1 0 111> V_SPACE <250 250 0> FONT 0 SIZE 180000 ITALICS OFF L_SPACE 250 MARGINS <125 125 250 62> END .GRP END SLIDE_MASTER HANDOUT_MASTER SLIDE_INFO SLIDE_STYLE <0 -1 1> END SLIDE_INFO .GRP END .GRP END HANDOUT_MASTER OUTLINE_MASTER SLIDE_INFO SLIDE_STYLE <0 -1 1> END SLIDE_INFO .GRP END .GRP END OUTLINE_MASTER NOTES_MASTER N_EXT1 <250 250 7249 4875> N_EXT2 <250 5125 7249 9749> N_ATTR0 BACKFILL <1 1 0 0 0 0 0> V_SPACE <28 250 0> FONT 4 MARGINS <0 0 0 0> END N_ATTR0 N_ATTR1 END N_ATTR1 N_ATTR2 PARA <0 500 0 0 1000 1 0 111> END N_ATTR2 N_ATTR3 PARA <0 1000 0 0 1000 1 0 111> END N_ATTR3 N_ATTR4 PARA <0 1500 0 0 1000 1 0 111> END N_ATTR4 N_ATTR5 PARA <0 2000 0 0 1000 1 0 111> END N_ATTR5 SLIDE_INFO SLIDE_STYLE <0 -1 1> END SLIDE_INFO .GRP BACKFILL <1 0 0 0 0 0 0> PARA <0 0 0 0 1000 1 0 111> V_SPACE <250 250 0> FONT 0 MARGINS <125 125 250 62> END .GRP END NOTES_MASTER SLIDE_INFO SLIDE_STYLE <0 -1 1> LAYOUT_ID <0 1 2 3 3> END SLIDE_INFO PICTURE .TMP AT (105,85) RECOLOR ON TEMPLATE_FLAGS <1 1 0 0> T_POS <105 85 9892 1504> .TXT AT (1962,222) RECOLOR ON TEMPLATED ON BACKFILL <7 7 0 0 0 0 0> LINEFILL <21 21 5 1000 0 0 0> SHADOW <11 0 15 15> V_SPACE <0 611 0> FONT 2 SIZE 440000 BOLD ON HOR_JUST CENTER L_SPACE 611 MARGINS <0 0 0 0> TXTXYOFF <-24 448> T_PNTS (0,448)(0,0)(6053,0)(6053,579)(0,579)(0,448)(6053,448) H_SPACE 9788 .STR "Security introduction" .TMP AT (105,1562) RECOLOR ON TEMPLATE_FLAGS <1 2 0 0> T_POS <105 1562 9892 7370> .TXT AT (3994,1746) RECOLOR ON TEMPLATED ON V_SPACE <0 333 0> SIZE 240000 L_SPACE 333 TXTXYOFF <-22 243> T_PNTS (0,243)(0,0)(2145,0)(2145,250)(0,250)(0,243)(2145,243) .STR L_SPACE 611 "Brian Candler" END PICTURE NOTES .GRP BACKFILL <1 0 0 0 0 0 0> LINEFILL <1 2 5 1000 0 0 0> SHADOW <6 0 15 15> PARA <0 0 0 0 1000 1 1 111> V_SPACE <0 250 0> FONT 0 SIZE 180000 BOLD OFF HOR_JUST LEFT L_SPACE 250 MARGINS <125 125 250 62> .TMP AT (250,250) RECOLOR ON TEMPLATE_FLAGS <5 14 0 0> T_POS <250 250 7249 4875> .VOID .TMP AT (250,5125) RECOLOR ON TEMPLATE_FLAGS <6 15 0 0> T_POS <250 5125 7249 9749> .VOID END .GRP END NOTES SLIDE_INFO SLIDE_STYLE <0 -1 1> LAYOUT_ID <1 2 12 12 12> END SLIDE_INFO PICTURE .TMP AT (105,85) RECOLOR ON TEMPLATE_FLAGS <1 0 0 0> T_POS <105 85 9892 1504> .TXT AT (1593,227) RECOLOR ON TEMPLATED ON BACKFILL <7 7 0 0 0 0 0> LINEFILL <21 21 5 1000 0 0 0> SHADOW <11 0 15 15> PARA <0 0 0 0 1000 1 0 111> V_SPACE <0 611 0> FONT 2 SIZE 440000 BOLD ON HOR_JUST CENTER L_SPACE 611 MARGINS <0 0 0 0> TXTXYOFF <-40 448> T_PNTS (0,448)(0,0)(6869,0)(6869,579)(0,579)(0,448)(6869,448) .STR "Main Security Concerns" .TMP AT (105,1562) RECOLOR ON TEMPLATE_FLAGS <2 3 0 0> T_POS <105 1562 9892 7370> .TXT AT (75,1663) RECOLOR ON TEMPLATED ON BACKFILL <20 20 0 0 0 0 0> PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 BOLD OFF HOR_JUST LEFT L_SPACE 444 TXTXYOFF <11 325> T_PNTS (0,325)(0,0)(9136,0)(9136,5599)(0,5599)(0,325)(9136,325) .STR "Confidentiality" .STR PARA <-500 1000 -500 1 1000 0 3 108> V_SPACE <28 389 0> SIZE 280000 "\n\tKeeping our data safe from prying eyes" .STR PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 "\n" .STR "Integrity" .STR PARA <-500 1000 -500 1 1000 0 3 108> V_SPACE <28 389 0> SIZE 280000 "\n\tProtecting our data from loss or unauthorised alteration" .STR PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 "\n" .STR "Authentication and Authorisation" .STR PARA <-500 1000 -500 1 1000 0 3 108> V_SPACE <28 389 0> SIZE 280000 "\n\tIs this person who they claim to be?" .STR "\n\tIs this person allowed to do this?" .STR PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 "\nAvailability" .STR PARA <-500 1000 -500 1 1000 0 3 108> V_SPACE <28 389 0> SIZE 280000 "\n\tAre our systems working when we need them? (Denial of Servi ce)" END PICTURE NOTES .GRP BACKFILL <34 2 5 1000 0 0 0> PARA <0 0 0 0 1000 1 0 111> V_SPACE <0 250 0> SIZE 180000 L_SPACE 250 MARGINS <125 125 250 62> .TMP AT (250,250) RECOLOR ON TEMPLATE_FLAGS <5 14 0 0> T_POS <250 250 7249 4875> .VOID .TMP AT (250,5125) RECOLOR ON TEMPLATE_FLAGS <6 15 0 0> T_POS <250 5125 7249 9749> .VOID END .GRP END NOTES SLIDE_INFO SLIDE_STYLE <0 -1 1> LAYOUT_ID <1 2 12 12 12> END SLIDE_INFO PICTURE .TMP AT (105,85) RECOLOR ON TEMPLATE_FLAGS <1 0 0 0> T_POS <105 85 9892 1504> .TXT AT (1299,227) RECOLOR ON TEMPLATED ON BACKFILL <7 7 0 0 0 0 0> V_SPACE <0 611 0> SIZE 440000 BOLD ON HOR_JUST CENTER L_SPACE 611 MARGINS <0 0 0 0> TXTXYOFF <-37 448> T_PNTS (0,448)(0,0)(7432,0)(7432,1192)(0,1192)(0,448)(7432,448) .STR "Security Implications of connecting to the Internet" .TMP AT (105,1562) RECOLOR ON TEMPLATE_FLAGS <2 3 0 0> T_POS <105 1562 9892 7370> .TXT AT (67,1658) RECOLOR ON TEMPLATED ON BACKFILL <20 20 0 0 0 0 0> PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 BOLD OFF HOR_JUST LEFT L_SPACE 444 TXTXYOFF <11 322> T_PNTS (0,322)(0,0)(9239,0)(9239,5268)(0,5268)(0,322)(9239,322) .STR "The Internet lets you connect to millions of hosts" .STR PARA <-500 1000 -500 1 1000 0 3 108> V_SPACE <28 389 0> SIZE 280000 "\n\tbut they can also connect to you!" .STR PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 "\nMany points of access (e.g. telephone, X25)" .STR PARA <-500 1000 -500 1 1000 0 3 108> V_SPACE <28 389 0> SIZE 280000 "\n\teven if you can trace an attack to a point on the Internet, the real source may be untraceable" .STR "\n\tmany \"0wned\" machines or \"bots\" from which further atta cks are launched" .STR PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 "\nYour host runs many Internet services" .STR PARA <-500 1000 -500 1 1000 0 3 108> V_SPACE <28 389 0> SIZE 280000 "\n\tmany potential points of vulnerability" .STR "\n\tmany servers run as \"root\" !" END PICTURE NOTES .GRP BACKFILL <34 2 5 1000 0 0 0> PARA <0 0 0 0 1000 1 0 111> V_SPACE <0 250 0> SIZE 180000 L_SPACE 250 MARGINS <125 125 250 62> .TMP AT (250,250) RECOLOR ON TEMPLATE_FLAGS <5 14 0 0> T_POS <250 250 7249 4875> .VOID .TMP AT (250,5125) RECOLOR ON TEMPLATE_FLAGS <6 15 0 0> T_POS <250 5125 7249 9749> .VOID END .GRP END NOTES SLIDE_INFO SLIDE_STYLE <0 -1 1> LAYOUT_ID <1 2 12 12 12> END SLIDE_INFO PICTURE .TMP AT (105,85) RECOLOR ON TEMPLATE_FLAGS <1 0 0 0> T_POS <105 85 9892 1504> .TXT AT (1709,231) RECOLOR ON TEMPLATED ON BACKFILL <7 7 0 0 0 0 0> V_SPACE <0 611 0> SIZE 440000 BOLD ON HOR_JUST CENTER L_SPACE 611 MARGINS <0 0 0 0> TXTXYOFF <-40 436> T_PNTS (0,436)(0,0)(6561,0)(6561,446)(0,446)(0,436)(6561,436) .STR "Network-based attacks" .TMP AT (105,1562) RECOLOR ON TEMPLATE_FLAGS <2 3 0 0> T_POS <105 1562 9892 7370> .TXT AT (46,1641) RECOLOR ON TEMPLATED ON BACKFILL <20 20 0 0 0 0 0> PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 BOLD OFF HOR_JUST LEFT L_SPACE 444 TXTXYOFF <13 317> T_PNTS (0,317)(0,0)(8871,0)(8871,5180)(0,5180)(0,317)(8871,317) .STR "Passive attacks" .STR PARA <-500 1000 -500 1 1000 0 3 108> V_SPACE <28 389 0> SIZE 280000 "\n\te.g. packet sniffers, traffic analysis" .STR PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 "\nActive attacks" .STR PARA <-500 1000 -500 1 1000 0 3 108> V_SPACE <28 389 0> SIZE 280000 "\n\te.g. connection hijacking, IP source spoofing, exploitation of weaknesses in IP stack or applications (e.g. Internet Explor er)" .STR PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 "\nDenial of Service attacks" .STR PARA <-500 1000 -500 1 1000 0 3 108> V_SPACE <28 389 0> SIZE 280000 "\n\te.g. synflood" .STR PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 "\nAttacks against the network itself" .STR PARA <-500 1000 -500 1 1000 0 3 108> V_SPACE <28 389 0> SIZE 280000 "\n\te.g. smurf" END PICTURE NOTES .GRP BACKFILL <34 2 5 1000 0 0 0> PARA <0 0 0 0 1000 1 0 111> V_SPACE <0 250 0> SIZE 180000 L_SPACE 250 MARGINS <125 125 250 62> .TMP AT (250,250) RECOLOR ON TEMPLATE_FLAGS <5 14 0 0> T_POS <250 250 7249 4875> .VOID .TMP AT (250,5125) RECOLOR ON TEMPLATE_FLAGS <6 15 0 0> T_POS <250 5125 7249 9749> .VOID END .GRP END NOTES SLIDE_INFO SLIDE_STYLE <0 -1 1> LAYOUT_ID <1 2 12 12 12> END SLIDE_INFO PICTURE .TMP AT (105,85) RECOLOR ON TEMPLATE_FLAGS <1 0 0 0> T_POS <105 85 9892 1504> .TXT AT (1707,219) RECOLOR ON TEMPLATED ON BACKFILL <7 7 0 0 0 0 0> V_SPACE <0 611 0> SIZE 440000 BOLD ON HOR_JUST CENTER L_SPACE 611 MARGINS <0 0 0 0> TXTXYOFF <-26 448> T_PNTS (0,448)(0,0)(6544,0)(6544,462)(0,462)(0,448)(6544,448) .STR "Other common attacks" .TMP AT (105,1562) RECOLOR ON TEMPLATE_FLAGS <2 3 0 0> T_POS <105 1562 9892 7370> .TXT AT (49,1638) RECOLOR ON TEMPLATED ON BACKFILL <20 20 0 0 0 0 0> PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 BOLD OFF HOR_JUST LEFT L_SPACE 444 TXTXYOFF <11 322> T_PNTS (0,322)(0,0)(8318,0)(8318,4794)(0,4794)(0,322)(8318,322) .STR "Brute-force and Dictionary attacks (password guessing)" .STR "\nViruses" .STR "\nSpyware" .STR "\nTrojan horses" .STR "\nHumans are often the weakest link" .STR PARA <-500 1000 -500 1 1000 0 3 108> V_SPACE <28 389 0> SIZE 280000 "\n\t\"Hi, this is Bob, what's the root password?\"" .STR "\n\tOpening infected E-mails" END PICTURE NOTES .GRP BACKFILL <34 2 5 1000 0 0 0> PARA <0 0 0 0 1000 1 0 111> V_SPACE <0 250 0> SIZE 180000 L_SPACE 250 MARGINS <125 125 250 62> .TMP AT (250,250) RECOLOR ON TEMPLATE_FLAGS <5 14 0 0> T_POS <250 250 7249 4875> .VOID .TMP AT (250,5125) RECOLOR ON TEMPLATE_FLAGS <6 15 0 0> T_POS <250 5125 7249 9749> .VOID END .GRP END NOTES SLIDE_INFO SLIDE_STYLE <0 -1 1> LAYOUT_ID <1 2 12 12 12> END SLIDE_INFO PICTURE .TMP AT (105,85) RECOLOR ON TEMPLATE_FLAGS <1 0 0 0> T_POS <105 85 9892 1504> .TXT AT (1051,234) RECOLOR ON TEMPLATED ON BACKFILL <7 7 0 0 0 0 0> V_SPACE <0 611 0> SIZE 440000 BOLD ON HOR_JUST CENTER L_SPACE 611 MARGINS <0 0 0 0> TXTXYOFF <1 436> T_PNTS (0,436)(0,0)(7815,0)(7815,446)(0,446)(0,436)(7815,436) .STR "Authentication: Passwords" .TMP AT (105,1562) RECOLOR ON TEMPLATE_FLAGS <2 3 0 0> T_POS <105 1562 9892 7370> .TXT AT (75,1663) RECOLOR ON TEMPLATED ON BACKFILL <20 20 0 0 0 0 0> PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 BOLD OFF HOR_JUST LEFT L_SPACE 444 TXTXYOFF <11 325> T_PNTS (0,325)(0,0)(8709,0)(8709,2774)(0,2774)(0,325)(8709,325) .STR "Can be guessed" .STR "\nIf too complex, users tend to write them down" .STR "\nIf sent unencrypted, can be \"sniffed\" from the network and re-used" END PICTURE NOTES .GRP BACKFILL <34 2 5 1000 0 0 0> PARA <0 0 0 0 1000 1 0 111> V_SPACE <0 250 0> SIZE 180000 L_SPACE 250 MARGINS <125 125 250 62> .TMP AT (250,250) RECOLOR ON TEMPLATE_FLAGS <5 14 0 0> T_POS <250 250 7249 4875> .VOID .TMP AT (250,5125) RECOLOR ON TEMPLATE_FLAGS <6 15 0 0> T_POS <250 5125 7249 9749> .VOID END .GRP END NOTES SLIDE_INFO SLIDE_STYLE <0 -1 1> LAYOUT_ID <1 2 12 12 12> END SLIDE_INFO PICTURE .TMP AT (105,85) RECOLOR ON TEMPLATE_FLAGS <1 0 0 0> T_POS <105 85 9892 1504> .TXT AT (1108,230) RECOLOR ON TEMPLATED ON BACKFILL <7 7 0 0 0 0 0> V_SPACE <0 611 0> SIZE 440000 BOLD ON HOR_JUST CENTER L_SPACE 611 MARGINS <0 0 0 0> TXTXYOFF <-26 448> T_PNTS (0,448)(0,0)(7758,0)(7758,579)(0,579)(0,448)(7758,448) .STR "Choosing good passwords" .TMP AT (105,1562) RECOLOR ON TEMPLATE_FLAGS <2 3 0 0> T_POS <105 1562 9892 7370> .TXT AT (69,1658) RECOLOR ON TEMPLATED ON BACKFILL <20 20 0 0 0 0 0> PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 BOLD OFF HOR_JUST LEFT L_SPACE 444 TXTXYOFF <13 325> T_PNTS (0,325)(0,0)(8342,0)(8342,2803)(0,2803)(0,325)(8342,325) .STR "Combinations of upper and lower-case letters, numbers and symbo ls" .STR PARA <-500 1000 -500 1 1000 0 3 108> V_SPACE <28 389 0> SIZE 280000 "\n\t" .STR "'brute force' attacker has to try many more combinations" .STR PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 "\nNot in any dictionary, including hackers dictionaries" .TXT AT (1181,5119) RECOLOR ON BACKFILL <20 20 5 1000 0 0 0> THICKNESS 0 PARA <0 0 0 0 1000 34 0 111> V_SPACE <0 333 0> SIZE 240000 L_SPACE 333 TXTXYOFF <0 253> T_PNTS (0,253)(0,0)(7179,0)(7179,1659)(0,1659)(0,253)(7179,253) H_SPACE 0 .STR L_SPACE 250 "$40&yc4f\n\"Money for nothing and your chicks for free\"\n\nwsR !vst?\n\"workshop students aRe not very sleepy today ?\"" END PICTURE NOTES .GRP BACKFILL <34 2 5 1000 0 0 0> THICKNESS 1 PARA <0 0 0 0 1000 1 0 111> V_SPACE <0 250 0> SIZE 180000 MARGINS <125 125 250 62> .TMP AT (250,250) RECOLOR ON TEMPLATE_FLAGS <5 14 0 0> T_POS <250 250 7249 4875> .VOID .TMP AT (250,5125) RECOLOR ON TEMPLATE_FLAGS <6 15 0 0> T_POS <250 5125 7249 9749> .VOID END .GRP END NOTES SLIDE_INFO SLIDE_STYLE <0 -1 1> LAYOUT_ID <1 2 12 12 12> END SLIDE_INFO PICTURE .TMP AT (105,85) RECOLOR ON TEMPLATE_FLAGS <1 0 0 0> T_POS <105 85 9892 1504> .TXT AT (1255,222) RECOLOR ON TEMPLATED ON BACKFILL <7 7 0 0 0 0 0> V_SPACE <0 611 0> SIZE 440000 BOLD ON HOR_JUST CENTER L_SPACE 611 MARGINS <0 0 0 0> TXTXYOFF <-83 448> T_PNTS (0,448)(0,0)(7600,0)(7600,1070)(0,1070)(0,448)(7600,448) H_SPACE 9788 .STR "Authentication: Source IP address" .TMP AT (105,1562) RECOLOR ON TEMPLATE_FLAGS <2 3 0 0> T_POS <105 1562 9892 7370> .TXT AT (62,1651) RECOLOR ON TEMPLATED ON BACKFILL <20 20 0 0 0 0 0> PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 BOLD OFF HOR_JUST LEFT L_SPACE 444 TXTXYOFF <11 322> T_PNTS (0,322)(0,0)(9087,0)(9087,5295)(0,5295)(0,322)(9087,322) .STR "Not verified by the network (since not used in datagram deliver y)" .STR "\nDatagrams are easily forged" .STR "\nTCP 3-way handshake gives some degree of protection, as long as you can't guess TCP sequence numbers" .STR PARA <-500 1000 -500 1 1000 0 3 108> V_SPACE <28 389 0> SIZE 280000 "\n\tLegitimate example: controlling SMTP relaying by source IP address" .STR PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 "\nAny UDP protocol is completely vulnerable" .STR PARA <-500 1000 -500 1 1000 0 3 108> V_SPACE <28 389 0> SIZE 280000 "\n\te.g. NFS" END PICTURE NOTES .GRP BACKFILL <34 2 5 1000 0 0 0> PARA <0 0 0 0 1000 1 0 111> V_SPACE <0 250 0> SIZE 180000 L_SPACE 250 MARGINS <125 125 250 62> .TMP AT (250,250) RECOLOR ON TEMPLATE_FLAGS <5 14 0 0> T_POS <250 250 7249 4875> .VOID .TMP AT (250,5125) RECOLOR ON TEMPLATE_FLAGS <6 15 0 0> T_POS <250 5125 7249 9749> .VOID END .GRP END NOTES SLIDE_INFO SLIDE_STYLE <0 -1 1> LAYOUT_ID <1 2 12 12 12> END SLIDE_INFO PICTURE .TMP AT (105,85) RECOLOR ON TEMPLATE_FLAGS <1 0 0 0> T_POS <105 85 9892 1504> .TXT AT (1114,239) RECOLOR ON TEMPLATED ON BACKFILL <7 7 0 0 0 0 0> V_SPACE <0 611 0> SIZE 440000 BOLD ON HOR_JUST CENTER L_SPACE 611 MARGINS <0 0 0 0> TXTXYOFF <0 436> T_PNTS (0,436)(0,0)(7712,0)(7712,446)(0,446)(0,436)(7712,436) .STR "Authentication: Host name" .TMP AT (105,1562) RECOLOR ON TEMPLATE_FLAGS <2 3 0 0> T_POS <105 1562 9892 7370> .TXT AT (75,1671) RECOLOR ON TEMPLATED ON BACKFILL <20 20 0 0 0 0 0> PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 BOLD OFF HOR_JUST LEFT L_SPACE 444 TXTXYOFF <11 317> T_PNTS (0,317)(0,0)(9290,0)(9290,5329)(0,5329)(0,317)(9290,317) .STR "Very weak" .STR "\nDNS is easily attacked (e.g. by loading false information int o cache)" .STR "\nSlight protection by ensuring that reverse and forward DNS ma tches" .STR PARA <-500 1000 -500 1 1000 0 3 108> V_SPACE <28 389 0> SIZE 280000 "\n\te.g. Connection received from 80.248.72.254" .STR "\n\tLookup 80.248.72.254 -> noc.ws.afnog.org" .STR "\n\tLookup noc.ws.afnog.org -> 80.248.72.254" .STR PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 "\nThis is why many sites won't let you connect unless your forw ard and reverse matches" END PICTURE NOTES .GRP BACKFILL <34 2 5 1000 0 0 0> PARA <0 0 0 0 1000 1 0 111> V_SPACE <0 250 0> SIZE 180000 L_SPACE 250 MARGINS <125 125 250 62> .TMP AT (250,250) RECOLOR ON TEMPLATE_FLAGS <5 14 0 0> T_POS <250 250 7249 4875> .VOID .TMP AT (250,5125) RECOLOR ON TEMPLATE_FLAGS <6 15 0 0> T_POS <250 5125 7249 9749> .VOID END .GRP END NOTES SLIDE_INFO SLIDE_STYLE <0 -1 1> LAYOUT_ID <1 2 12 12 12> END SLIDE_INFO PICTURE .TMP AT (105,85) RECOLOR ON TEMPLATE_FLAGS <1 0 0 0> T_POS <105 85 9892 1504> .TXT AT (1569,222) RECOLOR ON TEMPLATED ON BACKFILL <7 7 0 0 0 0 0> V_SPACE <0 611 0> SIZE 440000 BOLD ON HOR_JUST CENTER L_SPACE 611 MARGINS <0 0 0 0> TXTXYOFF <-24 448> T_PNTS (0,448)(0,0)(6814,0)(6814,579)(0,579)(0,448)(6814,448) .STR "Cryptographic methods" .TMP AT (105,1562) RECOLOR ON TEMPLATE_FLAGS <2 3 0 0> T_POS <105 1562 9892 7370> .TXT AT (46,1633) RECOLOR ON TEMPLATED ON BACKFILL <20 20 0 0 0 0 0> PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 BOLD OFF HOR_JUST LEFT L_SPACE 444 TXTXYOFF <11 325> T_PNTS (0,325)(0,0)(9259,0)(9259,4440)(0,4440)(0,325)(9259,325) .STR "Can provide REALLY SECURE solutions to authentication, privacy and integrity" .STR "\nSome are hard to implement, many different tools, usually req uires special clients" .STR "\nExport and usage restrictions (less of a problem these days)" .STR "\nTake care to understand where the weaknesses lie" END PICTURE NOTES .GRP BACKFILL <34 2 5 1000 0 0 0> PARA <0 0 0 0 1000 1 0 111> V_SPACE <0 250 0> SIZE 180000 L_SPACE 250 MARGINS <125 125 250 62> .TMP AT (250,250) RECOLOR ON TEMPLATE_FLAGS <5 14 0 0> T_POS <250 250 7249 4875> .VOID .TMP AT (250,5125) RECOLOR ON TEMPLATE_FLAGS <6 15 0 0> T_POS <250 5125 7249 9749> .VOID END .GRP END NOTES SLIDE_INFO SLIDE_STYLE <0 -1 1> LAYOUT_ID <1 2 12 12 12> END SLIDE_INFO PICTURE .TMP AT (105,85) RECOLOR ON TEMPLATE_FLAGS <1 0 0 0> T_POS <105 85 9892 1504> .TXT AT (1935,219) RECOLOR ON TEMPLATED ON BACKFILL <7 7 0 0 0 0 0> V_SPACE <0 611 0> SIZE 440000 BOLD ON HOR_JUST CENTER L_SPACE 611 MARGINS <0 0 0 0> TXTXYOFF <-24 448> T_PNTS (0,448)(0,0)(6073,0)(6073,578)(0,578)(0,448)(6073,448) .STR "Simple combinations" .TMP AT (105,1562) RECOLOR ON TEMPLATE_FLAGS <2 3 0 0> T_POS <105 1562 9892 7370> .TXT AT (75,1666) RECOLOR ON TEMPLATED ON BACKFILL <20 20 0 0 0 0 0> PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 BOLD OFF HOR_JUST LEFT L_SPACE 444 TXTXYOFF <11 322> T_PNTS (0,322)(0,0)(8611,0)(8611,2327)(0,2327)(0,322)(8611,322) .STR "The lock on your front door can be picked" .STR "\nTwo locks are better than one" .STR "\nThe thief is more likely to try somewhere else" END PICTURE NOTES .GRP BACKFILL <34 2 5 1000 0 0 0> PARA <0 0 0 0 1000 1 0 111> V_SPACE <0 250 0> SIZE 180000 L_SPACE 250 MARGINS <125 125 250 62> .TMP AT (250,250) RECOLOR ON TEMPLATE_FLAGS <5 14 0 0> T_POS <250 250 7249 4875> .VOID .TMP AT (250,5125) RECOLOR ON TEMPLATE_FLAGS <6 15 0 0> T_POS <250 5125 7249 9749> .VOID END .GRP END NOTES SLIDE_INFO SLIDE_STYLE <0 -1 1> LAYOUT_ID <1 2 12 12 12> END SLIDE_INFO PICTURE .TMP AT (105,85) RECOLOR ON TEMPLATE_FLAGS <1 0 0 0> T_POS <105 85 9892 1504> .TXT AT (148,242) RECOLOR ON TEMPLATED ON BACKFILL <7 7 0 0 0 0 0> V_SPACE <0 611 0> SIZE 440000 BOLD ON HOR_JUST CENTER L_SPACE 611 MARGINS <0 0 0 0> TXTXYOFF <-39 436> T_PNTS (0,436)(0,0)(9659,0)(9659,1057)(0,1057)(0,436)(9659,436) .STR "IP source address AND password authentication" .TMP AT (105,1562) RECOLOR ON TEMPLATE_FLAGS <2 3 0 0> T_POS <105 1562 9892 7370> .TXT AT (61,1649) RECOLOR ON TEMPLATED ON BACKFILL <20 20 0 0 0 0 0> PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 BOLD OFF HOR_JUST LEFT L_SPACE 444 TXTXYOFF <8 318> T_PNTS (0,318)(0,0)(9152,0)(9152,4531)(0,4531)(0,318)(9152,318) .STR "Most applications have password authentication, but some also i nclude their own IP-based access controls" .STR "\nSome applications link to \"libwrap\" (also known as \"tcp wr appers\")" .STR PARA <-500 1000 -500 1 1000 0 3 108> V_SPACE <28 389 0> SIZE 280000 "\n\t/etc/hosts.allow" .STR "\n\tAll services which are started by inetd are covered" .STR PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 "\nFor info and examples: man 5 hosts_access" END PICTURE NOTES .GRP BACKFILL <34 2 5 1000 0 0 0> PARA <0 0 0 0 1000 1 0 111> V_SPACE <0 250 0> SIZE 180000 L_SPACE 250 MARGINS <125 125 250 62> .TMP AT (250,250) RECOLOR ON TEMPLATE_FLAGS <5 14 0 0> T_POS <250 250 7249 4875> .VOID .TMP AT (250,5125) RECOLOR ON TEMPLATE_FLAGS <6 15 0 0> T_POS <250 5125 7249 9749> .VOID END .GRP END NOTES SLIDE_INFO SLIDE_STYLE <0 -1 1> LAYOUT_ID <1 2 12 12 12> END SLIDE_INFO PICTURE .TMP AT (105,85) RECOLOR ON TEMPLATE_FLAGS <1 0 0 0> T_POS <105 85 9892 1504> .TXT AT (2041,239) RECOLOR ON TEMPLATED ON BACKFILL <7 7 0 0 0 0 0> V_SPACE <0 611 0> SIZE 440000 BOLD ON HOR_JUST CENTER L_SPACE 611 MARGINS <0 0 0 0> TXTXYOFF <-39 436> T_PNTS (0,436)(0,0)(5886,0)(5886,566)(0,566)(0,436)(5886,436) .STR "Most essential steps" .TMP AT (105,1562) RECOLOR ON TEMPLATE_FLAGS <2 3 0 0> T_POS <105 1562 9892 7370> .TXT AT (49,1640) RECOLOR ON TEMPLATED ON BACKFILL <20 20 0 0 0 0 0> PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 BOLD OFF HOR_JUST LEFT L_SPACE 444 TXTXYOFF <8 318> T_PNTS (0,318)(0,0)(9259,0)(9259,5189)(0,5189)(0,318)(9259,318) .STR "Disable all services which are not needed" .STR "\nApply security patches promptly; join the announcement mailin g lists" .STR "\nGood password management" .STR "\nTake special care with 'root' access" .STR "\nCombine passwords with IP access controls where appropriate" .STR "\nUse cryptographic tools where possible" END PICTURE NOTES .GRP BACKFILL <34 2 5 1000 0 0 0> PARA <0 0 0 0 1000 1 0 111> V_SPACE <0 250 0> SIZE 180000 L_SPACE 250 MARGINS <125 125 250 62> .TMP AT (250,250) RECOLOR ON TEMPLATE_FLAGS <5 14 0 0> T_POS <250 250 7249 4875> .VOID .TMP AT (250,5125) RECOLOR ON TEMPLATE_FLAGS <6 15 0 0> T_POS <250 5125 7249 9749> .VOID END .GRP END NOTES SLIDE_INFO SLIDE_STYLE <0 -1 1> LAYOUT_ID <1 2 12 12 12> END SLIDE_INFO PICTURE .TMP AT (105,85) RECOLOR ON TEMPLATE_FLAGS <1 0 0 0> T_POS <105 85 9892 1504> .TXT AT (1503,251) RECOLOR ON TEMPLATED ON BACKFILL <7 7 0 0 0 0 0> V_SPACE <0 611 0> SIZE 440000 BOLD ON HOR_JUST CENTER L_SPACE 611 MARGINS <0 0 0 0> TXTXYOFF <0 439> T_PNTS (0,439)(0,0)(6936,0)(6936,570)(0,570)(0,439)(6936,439) .STR "And don't forget these..." .TMP AT (105,1562) RECOLOR ON TEMPLATE_FLAGS <2 3 0 0> T_POS <105 1562 9892 7370> .TXT AT (84,1675) RECOLOR ON TEMPLATED ON BACKFILL <20 20 0 0 0 0 0> PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 BOLD OFF HOR_JUST LEFT L_SPACE 444 TXTXYOFF <8 318> T_PNTS (0,318)(0,0)(9155,0)(9155,4847)(0,4847)(0,318)(9155,318) .STR "Make sure you have current backups!" .STR PARA <-500 1000 -500 1 1000 0 3 108> V_SPACE <28 389 0> SIZE 280000 "\n\tHow else will you recover from a break-in?" .STR PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 "\nMake sure your machine is physically secure!" .STR PARA <-500 1000 -500 1 1000 0 3 108> V_SPACE <28 389 0> SIZE 280000 "\n\tIf someone can walk off with the machine, they can walk off with your data" .STR PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 "\nLog files are valuable!" .STR PARA <-500 1000 -500 1 1000 0 3 108> V_SPACE <28 389 0> SIZE 280000 "\n\tMay want to consider software which watches them, e.g. \"sw atch\"" .STR "\n\thttp://www.nsrc.org/security/#logging" END PICTURE NOTES .GRP BACKFILL <34 2 5 1000 0 0 0> PARA <0 0 0 0 1000 1 0 111> V_SPACE <0 250 0> SIZE 180000 L_SPACE 250 MARGINS <125 125 250 62> .TMP AT (250,250) RECOLOR ON TEMPLATE_FLAGS <5 14 0 0> T_POS <250 250 7249 4875> .VOID .TMP AT (250,5125) RECOLOR ON TEMPLATE_FLAGS <6 15 0 0> T_POS <250 5125 7249 9749> .VOID END .GRP END NOTES SLIDE_INFO SLIDE_STYLE <0 -1 1> LAYOUT_ID <1 2 12 12 12> END SLIDE_INFO PICTURE .TMP AT (105,85) RECOLOR ON TEMPLATE_FLAGS <1 0 0 0> T_POS <105 85 9892 1504> .TXT AT (1939,257) RECOLOR ON TEMPLATED ON BACKFILL <7 7 0 0 0 0 0> V_SPACE <0 611 0> SIZE 440000 BOLD ON HOR_JUST CENTER L_SPACE 611 MARGINS <0 0 0 0> TXTXYOFF <-40 436> T_PNTS (0,436)(0,0)(6127,0)(6127,566)(0,566)(0,436)(6127,436) .STR "More advanced steps" .TMP AT (105,1562) RECOLOR ON TEMPLATE_FLAGS <2 3 0 0> T_POS <105 1562 9892 7370> .TXT AT (89,1671) RECOLOR ON TEMPLATED ON BACKFILL <20 20 0 0 0 0 0> PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 BOLD OFF HOR_JUST LEFT L_SPACE 444 TXTXYOFF <7 326> T_PNTS (0,326)(0,0)(8909,0)(8909,5527)(0,5527)(0,326)(8909,326) .STR "Scan your machines from outside" .STR PARA <-500 1000 -500 1 1000 0 3 108> V_SPACE <28 389 0> SIZE 280000 "\n\tnmap, nessus" .STR PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 "\nFirewalls" .STR PARA <-500 1000 -500 1 1000 0 3 108> V_SPACE <28 389 0> SIZE 280000 "\n\tapply policy at the network edge" .STR "\n\tassert control at a small number of places" .STR "\n\tvery difficult to build a really GOOD firewall of your own" .STR "\n\tnot effective if your own users violate security (by downlo ading viruses, for example)" .STR PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 "\nIntrusion Detection Systems (IDS)" .STR "\nToken-based authentication" END PICTURE NOTES .GRP BACKFILL <34 2 5 1000 0 0 0> PARA <0 0 0 0 1000 1 0 111> V_SPACE <0 250 0> SIZE 180000 L_SPACE 250 MARGINS <125 125 250 62> .TMP AT (250,250) RECOLOR ON TEMPLATE_FLAGS <5 14 0 0> T_POS <250 250 7249 4875> .VOID .TMP AT (250,5125) RECOLOR ON TEMPLATE_FLAGS <6 15 0 0> T_POS <250 5125 7249 9749> .VOID END .GRP END NOTES SLIDE_INFO SLIDE_STYLE <0 -1 1> LAYOUT_ID <1 2 12 12 12> END SLIDE_INFO PICTURE .TMP AT (105,85) RECOLOR ON TEMPLATE_FLAGS <1 0 0 0> T_POS <105 85 9892 1504> .TXT AT (213,227) RECOLOR ON TEMPLATED ON BACKFILL <7 7 0 0 0 0 0> V_SPACE <0 611 0> SIZE 440000 BOLD ON HOR_JUST CENTER L_SPACE 611 MARGINS <0 0 0 0> TXTXYOFF <-40 448> T_PNTS (0,448)(0,0)(9520,0)(9520,579)(0,579)(0,448)(9520,448) .STR "UNDERSTAND what you're doing" .TMP AT (105,1562) RECOLOR ON TEMPLATE_FLAGS <2 3 0 0> T_POS <105 1562 9892 7370> .TXT AT (69,1666) RECOLOR ON TEMPLATED ON BACKFILL <20 20 0 0 0 0 0> PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 BOLD OFF HOR_JUST LEFT L_SPACE 444 TXTXYOFF <13 317> T_PNTS (0,317)(0,0)(8658,0)(8658,5709)(0,5709)(0,317)(8658,317) .STR "A bad security solution is worse than no security at all" .STR "\nKnow what you're doing" .STR PARA <-500 1000 -500 1 1000 0 3 108> V_SPACE <28 389 0> SIZE 280000 "\n\tRead all the documentation" .STR "\n\tRead sample configurations" .STR "\n\tBuild test machines" .STR "\n\tAsk questions" .STR "\n\tJoin the announcements mailing list for your O/S and applic ations" .STR PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 "\nTest what you've done" .STR PARA <-500 1000 -500 1 1000 0 3 108> V_SPACE <28 389 0> SIZE 280000 "\n\tTry connecting from outside your network" .STR "\n\tTry circumventing your own rules" END PICTURE NOTES .GRP BACKFILL <34 2 5 1000 0 0 0> PARA <0 0 0 0 1000 1 0 111> V_SPACE <0 250 0> SIZE 180000 L_SPACE 250 MARGINS <125 125 250 62> .TMP AT (250,250) RECOLOR ON TEMPLATE_FLAGS <5 14 0 0> T_POS <250 250 7249 4875> .VOID .TMP AT (250,5125) RECOLOR ON TEMPLATE_FLAGS <6 15 0 0> T_POS <250 5125 7249 9749> .VOID END .GRP END NOTES SLIDE_INFO SLIDE_STYLE <0 -1 1> LAYOUT_ID <1 2 12 12 12> END SLIDE_INFO PICTURE .TMP AT (105,85) RECOLOR ON TEMPLATE_FLAGS <1 0 0 0> T_POS <105 85 9892 1504> .TXT AT (2042,245) RECOLOR ON TEMPLATED ON BACKFILL <7 7 0 0 0 0 0> V_SPACE <0 611 0> SIZE 440000 BOLD ON HOR_JUST CENTER L_SPACE 611 MARGINS <0 0 0 0> TXTXYOFF <-22 448> T_PNTS (0,448)(0,0)(5903,0)(5903,579)(0,579)(0,448)(5903,448) .STR "Some helpful guides" .TMP AT (105,1562) RECOLOR ON TEMPLATE_FLAGS <2 3 0 0> T_POS <105 1562 9892 7370> .TXT AT (90,1673) RECOLOR ON TEMPLATED ON BACKFILL <20 20 0 0 0 0 0> PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 BOLD OFF HOR_JUST LEFT L_SPACE 444 TXTXYOFF <8 326> T_PNTS (0,326)(0,0)(9196,0)(9196,4406)(0,4406)(0,326)(9196,326) .STR "The FreeBSD handbook at www.freebsd.org" .STR PARA <-500 1000 -500 1 1000 0 3 108> V_SPACE <28 389 0> SIZE 280000 "\n\tChapter 14 on security" .STR PARA <-500 500 -500 1 1000 0 3 108> V_SPACE <333 444 0> SIZE 320000 "\n\"Practical Unix & Internet Security\" (O'Reilly)" .STR "\nhttp://nsrc.org/security/" .STR "\nSecurity alert mailing lists, including:" .STR PARA <-500 1000 -500 1 1000 0 3 108> V_SPACE <28 389 0> SIZE 280000 "\n\thttp://www.securityfocus.com/ (\"Bugtraq\")" .STR "\n\thttp://www.cert.org/" .STR "\n\thttp://www.rootshell.com/" END PICTURE NOTES .GRP BACKFILL <34 2 5 1000 0 0 0> PARA <0 0 0 0 1000 1 0 111> V_SPACE <0 250 0> SIZE 180000 L_SPACE 250 MARGINS <125 125 250 62> .TMP AT (250,250) RECOLOR ON TEMPLATE_FLAGS <5 14 0 0> T_POS <250 250 7249 4875> .VOID .TMP AT (250,5125) RECOLOR ON TEMPLATE_FLAGS <6 15 0 0> T_POS <250 5125 7249 9749> .VOID END .GRP END NOTES *END GRAPHICS