ࡱ> Na  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLM`QRSTUVWXYZ[\]^_RdO)sOPowerPoint Document(SummaryInformation(PDocumentSummaryInformation8|'( / 0DArialr New9 0Hn@dDGaramondew9 0Hn@d DCourier New9 0Hn@d ` .  @n?" dd@  @@`` |"d      0AA@fʚ;/*"ʚ;g4HdHdn0ppp@ <4dddd`gʚ; <4dddd`ʚ;<4!d!d`ʚ;(h___PPT2001D<4X3___PPTMac11@f   hnamd` Arial&Monotype Typography    hnamd` Arial&Monotype Typography    hnamd` Arial&Monotype Typography    hnamd` Arial&Monotype Typography    hnamd` Arial&Monotype Typography    hnamd` Arial&Monotype Typography ?  %Remote Computing SafetyMark Smylie Hart  CITES Security Officer GIAC Certified Intrusion Analyst 30 November, 2005*^L          Remote Computing Safety>Thanks for coming! Send feedback to: securitysupport@uiuc.edu*?+$&/    ! PAP  H ` 33` Sf3f` 33g` f` www3PP` ZXdbmo` \ғ3y`Ӣ` 3f3ff` 3f3FKf` hk]wwwfܹ` ff>>\`Y{ff` R>&- {p_/̴>?" dd@,|?" dd@   " @ ` n?" dd@   @@``PR    @ ` ` p>> f(    60  `} | T Click to edit Master title style! !  0:  ` | RClick to edit Master text styles Second level Third level Fourth level Fifth level!     S  0S ^ ` | >*  0 ^  | @*  0e ^ ` | @*H  0޽h ? 3380___PPT10.] Default Design zr@ (  @ @ 0 P   | P*   @ 0    | R*  d @ c $ ?  | @ 0  0 | RClick to edit Master text styles Second level Third level Fourth level Fifth level!     S @ 6`& _P  | P*   @ 6p+ _  | R*  H @ 0޽h ? 3380___PPT10..+z z`  $(  r  S ! | r  S !` | H  0޽h ? 33___PPT10u.]+D=' = @B +8z` C;0(    0CC SRemote Computing Safety (2   0Hf@T Topics for today: Wireless Connectivity On-Campus vs. Off-Campus Shoulder Surfers Sniffers and Rogues Home Connectivity Dialup vs. Broadband Encryption WEP vs. WPA VPN Usage zH   [ eH  0޽h ? 33___PPT10u. +D=' n= @B +z` @ j(     0pAC SRemote Computing Safety (2 w  0Mf@ Fundamentals: Trust no-one Strong Passwords Firewall EVERY network connection AntiVirus Software SpyWare/AdWare Protection Software Vendor Patches Common Sense *k6H  0޽h ? 33___PPT10u. +D=' n= @B +zz` }P$(  $ $ 0@C SRemote Computing Safety (2 " $ 0f@   One more fundamental concept:  He who knows the Enemy and Himself will never be defeated in a hundred battles. -Sun Tzu The Art of War Know your enemy  What would an attacker want? What would he be looking for? Where would he hide? Know yourself  What is your password? What do you do on your computer? What do you do for the University? Where are you sitting right now? Rl  W H $ 0޽h ? 33___PPT10u. +D=' n= @B +z` `t(    0`EC ZRemote Computing Safety  Wireless Networking .(2. >  0 ~Kf@T Where do you use Wireless? Coffee Houses The Union Airports Hotels Home When you connect to a network, KNOW what you re connecting to. Access Points vs. Ad-Hocs The two networks look different in the Windows Wireless Networking helper utility, and even more information is available if you run a utility such as NetStumbler (www.netstumbler.com). p3@  N   NaH  0޽h ? 33___PPT10u. +D=' n= @B +-z` 80p((  ( ( 0pK#C ZRemote Computing Safety  Wireless Networking .(2.  ( 0Xf@M 2`Beyond the type of network you connect to, it s important to know where you are physically. Hotels and Airports are prime territory for attackers. Hotels: Wireless sniffing can capture your login/password information and data packets can be reconstructed to reveal whatever you were doing. Airports: Huge potential for information theft. Once you close your computer to board your plane, an attacker has lots of quality time with your account info. Also be on the lookout for shoulder surfers. If you re not using your wireless connection, turn it off!; O7     ;$$H ( 0޽h ? 33___PPT10u. +D=' n= @B +z` 0v(  0 0 0k@C VRemote Computing Safety  Home Connectivity ,(2,  0 0`f@ @  0 0f@T <Dialup Attack threat exists, but not as severe. Password loss should still be seen as an issue. Broadband Default configuration of some operating systems may make computers on broadband connections MORE vulnerable to attack. Patch your system with extreme predjudice! Wireless at home? Default configuration of access points you purchase at Store of Choice is VERY insecure  the manufacturer wants it to be easy to use. Default configuration of some operating systems can leave you exposed to attack from a poorly configured laptop that happens to be walking by your house. jK\   & ;H 0 0޽h ? 33___PPT10u. +D=' n= @B +[z` f^<(  < < 0C VRemote Computing Safety  Home Connectivity ,(2,  < 0uf@ @  < 0f@T HWhat can you do about insecure wireless? See a qualified therapist Driver and Firmware Updates MAC Filtering SSID (Service Set Identifier) Broadcast WEP (Wired Equiv. Protection) vs. WPA (Wi-Fi Protected Access) If you must share resources at home, share responsibly (configure your firewall to allow sharing to your subnet only& specify subnet!!) By default, windows wants to share to everyone  don t let it. 6)|*{H < 0޽h ? 33___PPT10u. +D=' n= @B +z` L](  L L 00C VRemote Computing Safety  Home Connectivity ,(2,  L 0`f@ @  L 0f@  #What can you do about insecure wireless? There are many resources available to help you get the job done. CITES HelpDesk (244-7000 / consult@uiuc.edu) On-Site Consultants (333-8628 / onsite@uiuc.edu) Contact the vendor World of Windows Networking (http://wown.com) 6)*s  $ 6*H L 0޽h ? 33___PPT10u. +D=' n= @B +z` ,(  , , 0C HRemote Computing Safety  Encryption %(2% | , 0! NWEP  Wired Equivalent Privacy  & The bottom line for wireless networks is that you can t count on WEP to provide even minimal security&  -Matthew S. Gast 802.11 Wireless Networks-The Definitive Guide (O Reily) (Open = Open!) Coffeehouses and Airports aren t typically using WEP because of the complexity in setup (must cater to a lower, more common denominator). Know your environment and enable your firewall. ~oN0 ,/H , 0޽h ? 33___PPT10u. +D=' n= @B + z` 8n(  8 8 0+C HRemote Computing Safety  Encryption %(2% J 8 0p.f@ UIUC VPN Client QuickConnect  the University s wireless network available in most public spaces  only allows the following functions: Service Port # SSH/SFTP 22 Email 25 Secure Email 993/995 Web Traffic 80/8080 Secure Web Traffic 443 Network Time 123 VPN s 500 Printing 515 Instant Messaging (AOL/MSN) 5190/1863 Remote Desktop (Windows) 3389 rz  , bH 8 0޽h ? 33___PPT10u. +D=' @= @B + z` 4N(  4 4 0)C HRemote Computing Safety  Encryption %(2% * 4 0f@ UIUC VPN Client Install the UIUC VPN Connector (www.cites.uiuc.edu/vpn) The VPN creates an encrypted tunnel between your machine and the University s network that would be very difficult to penetrate by an attacker. The VPN Client will allow you to connect securely from anywhere and allow you full network connectivity...as if you were sitting at your desk. Also, the VPN Client will allow you to remain connected to the network for 24 hours straight (auto-disconnect after 90 minutes of inactivity). QuickConnect will disconnect you after one hour unless the VPN client is running  very frustrating if you start an email at 59:426mmF1  v1GH 4 0޽h ? 33___PPT10u. +D=' n= @B +l z` woT(  T T 0C a%Remote Computing Safety - Conclusions &(2&  T 01f@  Fundamentals: Trust no-one and use Common Sense! Create a Strong Password Firewall EVERY network connection Keep your AntiVirus Software up-to-date Keep updated with Software Vendor Patches Know your computer s  normal behavior Use the UIUC VPN Client EVERY time! Beyond that& Use the CITES HelpDesk as a resource (244-7000) Don t forget about the good people at Googlel]]  ,w GH T 0޽h ? 33___PPT10u. +D=' n= @B + z` X0(  Xx X c $R | x X c $`T @@  | H X 0޽h ? 33___PPT10u.]+D=' = @B + "$ zrpD (  DX D C @   |r D S p~@ 0  | H D 0޽h ? 3380___PPT10.`z "$ @H(  HX H C @   | H S 0f@ 0  |  H H 0޽h ? 3380___PPT10.:k "$ P((  P^ P S @   | P c $@ 0  |  H P 0޽h ? 3380___PPT10.`z("$  \8(  \X \ C @   | \ S LL@ 0  | :Z H \ 0޽h ? 3380___PPT10.;("$ `8(  `X ` C @   | ` S B@ 0  | :  H ` 0޽h ? 3380___PPT10. I("$ 0d8(  dX d C @   | d S H@ 0  | :  H d 0޽h ? 3380___PPT10.0S "$ Ph(  hX h C @   | h S ps@ 0  |  H h 0޽h ? 3380___PPT10. "$ `l(  lX l C @   | l S  Ё@ 0  |  H l 0޽h ? 3380___PPT10.U0B"$ zrp (  pX p C @   |r p S Ц@ 0  | H p 0޽h ? 3380___PPT10.Z=r  "$ t(  tX t C @   | t S @ 0  |  H t 0޽h ? 3380___PPT10.[Ю"$ zrx (  xX x C @   |r x S M@ 0  | H x 0޽h ? 3380___PPT10.[2n>  "$ |(  |X | C @   | | S @ 0  |  H | 0޽h ? 3380___PPT10.[$ "$ 4(  X  C @   |  S `f@ 0  | 6"This page left blank by the authorH  0޽h ? 3380___PPT10.d`z@>"$ N(  X  C @   |  S N@ 0  | P"This page left blank by the authorH  0޽h ? 3380___PPT10.dIdxp^RЀ3ÿ lHbP  @AL G@;b `B&Vi@BGXPICTP HH HH  l\pl:eYjoRtyYjR"Yjt"ZrrPFZ9PPs)dGGs)GlKY~R"0y9jF[㲨RߙGej"e"jKeRYjY:e0""j(cFP(FPZj)RG))d[sy"jy:0_eejL:eCY00:C_tKe0"_eK_e"ry͸9١(9՗LyFܴj١c(ͯyyսcPcս((՗ܳP9"lsԙ[RzdlGKԻlssبdRGܭ:߲)ߙllܸжs̿y(j~ye"_R_:oj-~B:oCRtto:_C00ytjY~0oKCt((ห9rFZryr9.(cPFyrjܽ9(rXrr9jrX9y"zZGRF[GLsd㨙z:ܻdl߇ܻ)[R[㍇G::zGsF:{(je~R_:0:oo:0::YY0_.0:eCjj:jj:0::CoR~o:o:YY0"C"(ZFjr(9999yrj.PO܅ٸj9ɸ99yc(j9Fyrj܅j"GslRܻRls[[.[Gػ:G܇ضGR܇ضR::)㇇R:lRbzls[GG㓶x#jt"0CCe00ojR:e:_K3_"~y:jj0"toC:e"j0YY0j0_K0Y(9rZy(((PP(((c`܅ٽrPP(١ͫjŋy((ܦ("㭁):G:)3s[:G܁ܶGߙ):::l܁GЍԞ[j㞿d)Gz)Gdy_Yhjy_0"_C3"CR~YoR"zjK"_C:e#(ŜP8ٽj(3Pjܑܜܜjپѡyܸ૫9jܦܾ9(#R㣿s߁߭߿dG2:㻞ԓ܂ll㻿㿞ߨ߁lG:s0":00":y""0""09F9((9(FŸ(Z9((Z))G:):)G):)::F"oC_"~9ZG̨zDYK~Ŝ9(llĞRl#k   J   Ձ, & & &Nb   r      nPowerPoint PresentationPowerPoint PresentationPowerPoint PresentationPowerPoint PresentationPowerPoint PresentationPowerPoint PresentationPowerPoint PresentationPowerPoint PresentationPowerPoint PresentationRemote Computing Safety  Fonts UsedDesign Template Slide Titles%_i "$Leslie RankinLeslie RankinCurrent UserG