Pertemuan 6 Points of Exposure Matakuliah :A0334/Pengendalian Lingkungan Online

advertisement
Matakuliah
Tahun
Versi
:A0334/Pengendalian Lingkungan Online
: 2005
: 1/1
Pertemuan 6
Points of Exposure
1
Learning Outcomes
Pada akhir pertemuan ini, diharapkan mahasiswa
akan mampu :
• Mahasiswa dapat menjelaskan Points of
Exposure
2
Outline Materi
• Web Security
– History
– The Threat
• Infection
• Install A Spreading Mechanism
– Optional: Install or Modify Other Services
• Search for New Systems
– Optional: Attack Other Systems
– Business Implications
– The Solutions
3
• Network Vulnerabilities
– Better Ways to Resolve Network
Vulnerabilities
– Protecting The ‘Trusted’ Network
• Key Security Vocabulary Explained
4
Web Security
• History
• The Threat
– Infection
– Install A Spreading Mechanism
• Optional: Install or Modify Other Services
– Search for New Systems
• Optional: Attack Other Systems
• Business Implications
• The Solutions
5
History
• Security holes in business-critical software
are a significant threat to organisations.
However, vulnerabilities in Internet-related
software can be disastrous.
• Ironically, Internet software was generally
designed with security as a afterthought.
Networks were largely considered to be
either private and therefore physically
secure or public and therefore inherently
open.
6
• The amount of private information
transmitted across the Internet increases
daily. It is now an integral part of most
people’s lives, ranging from buying books
at Amazon on a credit card through to
making money transfers and payments via
an online bank.
7
• Potentially there are numerous reasons for the
growth in security attacks; but one trend that in
undeniable is the growth in the number and
sophistication of hacking tools. Historically
attackers required detailed understanding of the
systems that they were attempting to
compromise and performing an attack could be
a time-consuming operation.
• There also was no source code available to read
to find security vulnerabilities.
8
The Threat
• Today security is a bigger problem than
ever before.
• The most dangerous forms of Internet
worm are those that attack web servers.
• Unlike the average Internet connection,
these systems have network connections
with large amounts of bandwidth.
• After an infection, a worm can use the
bandwidth to spread itself to other web
servers.
9
• Equally, the organisations operating the
web server may base a large percentage
of its revenue on traffic from its website
and the site outage could cause a largescale financial impact – not to mention the
impact on customer confidence.
10
Infection
• Infection involves the worm sending a
malicious request to a web server, trying to
exploit a known security vulnerability. If
the web server is vulnerable, the worm
infects the machine, executes its payload
and then continues to spread to other
machines.
11
Install A Spreading Mechanism
• Once a Microsoft IIS server has been
infected with a worm, the worm’s code can
make use of software available on the
system and, furthermore, even download
additional software from other systems.
12
Optional: Install or Modify Other
Services
• Some worms install backdoor services to
give hackers access to machines. They
are then able to control the system
remotely and use it for future exploits,
such as distributed denial of service
attacks.
13
Search for New Systems
• In order to able to infect other systems
every worm needs some form of
reproduction mechanism. It needs to find
new servers to which it can spread by
investigating the addresses of potential
targets.
14
Optional: Attack Other Systems
• Many worms have built-in attack routines.
15
Business Implications
• The web is a vital components of an
organisation’s infrastructure.
16
The Solutions
• As with the security for your business premises,
an intruder will always look for the easiest way
in; if you can make it sufficiently secure then
they will go elsewhere. Internet security is not a
matter of installing one system but of looking at
all the components in hour systems to see if they
offer any holes. Installing systems that are
secure in the first place obviously means less
work than installing insecure ones and then
trying to secure them.
17
Network Vulnerabilities
• Basic security tenets have changed very little
over the past decade. Protecting the
confidentiality of corporate information,
preventing unauthorised access and defending
against malicious or fraudulent attacks from
external sources: these continue to be the major
concerns of IT professionals today.
• To compound the threat posed by these
developments, networks are also operating at
much higher speeds.
18
Better Ways to Resolve Network
Vulnerabilities
• The fundamental key to an effective
security solution is a properly deployed
network security device that increases
security without jeopardising performance.
To meet the many and varied threats
already outlined, multi-functionslity within a
single platform can ease network design
and maximise effectiveness. Solid interoperability with other security products,
such as user authentication and anti-virus
applications, will also prove invaluable.
19
Protecting The ‘Trusted’ Network
• Once a network security solution that
addresses the fundamentals of
performance and reliability is identified, it
then has to be evaluated for its ability to
provide pervasive internal protection.
20
• A ‘virtual’ approach to establishing security
zones is required to efficiently enable
segmentation. Selecting security devices with
virtual system capabilities can reduce the overall
number of devices in a network and thereby
streamline security management, reducing the
total cost of ownership. With certain virtual
system-enabled devices, different policies can
be applied to different zones, depending on each
department’s need for access to sensitive
information, the type and number of employees,
etc.
21
Key Security Vocabulary Explained
•
•
•
•
•
•
•
•
VPNs
Denial of service
Firewall
Intrusion prevention
Trojan Horse
Backdoor or U-turn attacks
WLANs
Virus
22
The End
23
Download