PowerPoint Presentation

1

Information Security for Information Security for School NetworksSchool Networks

J Scott Christianson, Kaleidoscope ConsultingJ Scott Christianson, Kaleidoscope Consulting

2

J. Scott Christianson, OwnerMCP, MCP + Internet, MCSE, NACSE Senior Network Specialist,

Cisco CNA, Network +, Certified Videoconferencing Engineer, etc...

Kaleidoscope Consulting

3

In Your Packet*• CD-ROM

– Software

– Documents (Whitepapers and Security Guides)

– Firewall Presentation (in .ppt format)

– The Internet-LAN Security Workshop by Consysco Solutions (in .ppt format)

– This presentation (with note pages)

• Handouts for this presentation• Internet Security for Educational Institutions• Internet Security Products and Services for Education

* Can also be downloaded from www.kaleidoscopeconsulting.com

4

Today’s Presentation

• Are you vulnerable? Are you being hacked?

• What are the threats to school networks?

• Ten essential security measures that every school should take.

• Resources for more information.

• Questions.

5

Student Hackers Pilfer Eighth-Grade Science Exam

• Hillsborough County, Fla., school officials are examining their test security after two eighth-grade honor students at a technology magnet middle school hacked into their science teacher’s computer, discovered the semester’s final exam, and sent it out over the internet to an unknown number of fellow students.

--from eSchool News Staff Reports

Could you have prevented this from happening on your network? Would you have detected it? Do your teachers know how to secure a file (with encryption or on a server?)?

6

High School Students Charged

In Virginia, two high school students were charged with computer hacking. The students face maximum penalties of five years in prison and fines of $10,000 each.

The father of one of the students said he was surprised by the gravity of the felony charges: "These were just kids working on a computer. (My son) had no idea what he was doing was illegal."

Do your students know what your security policy is? And the consequences of breaking it? Do the parents of your students know what your security policy is?

7

Why are Security Incidents Increasing?

Sophistication of Hacker Tools

Packet Forging/ Spoofing

19901980

Password Guessing

Self Replicating Code

Password Cracking

Exploiting Known Vulnerabilities

Back Doors

Sweepers

Sniffers

Stealth Diagnostics

Technical Knowledge Required

High

Low 2000

DDOS

-from Cisco Systems

Disabling Audits

8

Are you being Hacked?

• Without a burglar alarm it is hard to know if you are being robbed until you notice something missing.

• Use an Intrusion Detection System (IDS) to detected hacking attempts and probes of your network.

• Many Firewalls (personal and network) will act as a IDS system for you. (Demo)

9

Network Security Threats

Any Internet connection is vulnerable to:

•Unauthorized Access to the network. •Denial of Service (DoS) attacks. •Viruses. •Capture of Private Data and Passwords. •Offensive Content.

10

Ten Essential Security Measures That Every School Should Take

1. Develop a Security Policy. And let everyone know about it. Develop online warnings to inform users of the rules for accessing your network.

2. Use strong passwords. Choose passwords that are difficult or impossible to guess. Give different passwords to all accounts.

3. Make regular backups of critical data. Backups must be made on a regular basis and that restoration is possible.

11


4. Use virus protection software. Install the software, check regularly for new virus signature updates, and scan all files periodically.

5. Use a firewall as a gatekeeper between your computer and the Internet. Firewalls can be hardware or software products.

6. Enable Logging for all important systems. Often Logging is turned off by default making it impossible to tell what happened.

12


7. Do not open e-mail attachments from strangers, Be suspicious of any unexpected e-mail attachment from someone you do know.

8. Regularly download security patches from your software vendors. Visit www.windowsupdate.com and other update sites regularly. Don’t forget network devices (routers, hubs, etc).

9. Document your network and conduct vulnerability scans.

10. Educate your users and yourself. Security is a continual process.

13

More Resources

• SANS (www.sans.org)• CERT (www.cert.org)• CSI (www.goCSI.com )• Lower Hudson Regional Information Center

(www.LHRIC.org) [Top 22 School Security Risks, Top Internet and E-mail Risks.]

• CoSN (www.cosn.org)

14

Summary

• You can’t be totally secure, but there is a lot that you can do (relatively cheaply) to make your network more secure.

• Most attacks play on well-known vulnerabilities.

• Education is the key to a secure network.

• Security is a continual process.

15

Questions

16

Sample Configuration A

DM

ZP

or t

WAN

INTERNET

Web or EmailServer

Configuration A: TypicalNetwork-based Firewall

Installation.

Student Computer

Teacher Computer

Student Computer Student Computer

AdministrationComputer

FirewallTeacher Computer


17

Sample Configuration B

DM

ZP

or t

WAN

INTERNET

Web or EmailServer

Configuration B: DualNetwork-based Firewalls.

Student Computer

Teacher Computer





Firewall

18

Sample Configuration C

DM

ZP

or t

WAN

INTERNET

Web or EmailServer

Configuration C: NetworkFirewall and Host-based

Firewalls for Teacher andAdministrative Computers

Student Computer

Teacher Computer





Host-basedFirewall/IDS




19

SANS Ten Worst Security Mistakes IT People Make

1. Connecting systems to the Internet before hardening them.

2. Connecting test systems to the Internet with default accounts/passwords

3. Failing to update systems when security holes are found.

4. Using telnet and other unencrypted protocols for managing systems, routers, and firewalls.

5. Giving users passwords over the phone or changing user passwords in response to telephone or personal requests when the requester is not authenticated

20

SANS Ten Worst Security Mistakes IT People Make

6. Failing to implement or update virus detection software

7. Failing to educate users on what to look for and what to do when they see a potential security problem.

8. Failing to maintain and test backups9. Running unnecessary services, especially ftpd,

telnetd, finger, rpc, mail, rservices.10. Implementing firewalls with rules that don't stop

malicious or dangerous traffic-incoming or outgoing.

21

SANS Five Worst Security Mistakes End Users Make

1. Opening unsolicited e-mail attachments without verifying their source and checking their content first.

2. Failing to install security patches-especially for Microsoft Office, Microsoft Internet Explorer, and Netscape.

3. Installing screen savers or games from unknown sources.

4. Not making and testing backups. 5. Using a modem while connected through a

local area network.

22

SANS 7 Top Management Errors That Lead to Computer Security Vulnerabilities

7) Pretend the problem will go away if they ignore it.6) Authorize reactive, short-term fixes so problems re-emerge

rapidly5) Fail to realize how much money their information and

organizational reputations are worth.6) Rely primarily on a firewall.7) Fail to deal with the operational aspects of security: make a few

fixes and then not allow the follow through necessary to ensure the problems stay fixed

8) Fail to understand the relationship of information security to the business problem -- they understand physical security but do not see the consequences of poor information security.

1) Assign untrained people to maintain security and provide neither the training nor the time to make it possible to do the job.

http://www.sans.org/newlook/resources/errors.htm