security administration tools

Report

Tags:

Post on 14-Jan-2016

31 Views

Category:

Documents

0 Downloads

Preview:

Click to see full reader

DESCRIPTION

Security Administration Tools. Hanan Hibshi & Tim Vidas. Putting it All Together. Web browser and Web security  PKI and Secure Communication Phishing & Semantic Attacks User Education  Passwords, graphical passwords and alternatives Challenge Questions Access Control  Other issues. - PowerPoint PPT Presentation

TRANSCRIPT

Security Administration ToolsHanan Hibshi & Tim Vidas

• Web browser and Web security

• PKI and Secure Communication

• Phishing & Semantic Attacks

• User Education

• Passwords, graphical passwords and alternatives

• Challenge Questions

• Access Control

• Other issues...

Putting it All Together

Why Security Administration?• Hackers. • Attacks.• Vulnerabilities. • Terrorism.• etc.• Thus, we need front liners!

• Security Admin Personnel • Can be one person

• Can be a team

• Scalability: size of organization, cost…. 

Who?

• Too many things to keep track of. • Monitoring and maintenance of a number of complicated

tasks. • Need to "keep an eye"• Security tools supposed to be "to the rescue"

• Make administrators life easier• Provide them with better reporting and monitoring

• Paper in assigned readings defined a number of factors:• Organizational • Human • Tools themselves

Why can’t one person do it?

• Network Traffic and Packet analyzers

• Wireshark, TCP Dump, Cain and Able (PW), Ntop, Netcat

• Vulnerability Testing

• Metasploit, Nessus

• Intrusion Detection Systems (IDS)

• Snort, Splunk

• File/host integrity tools

• Tripwire

• Others

• OpenSSH honeypots, Scripting tools, Websecurity

Common Tools

Wireshark - ScreenShot

Wireshark – Screenshot 2

TCPdump – Screenshot

Cain and Abel

Ntop – Screenshot

Ntop – Screenshot 2

Metasploit - Screenshot

Nessus - Interface

Snort - Screenshot

Problems• GUI vs. Command line • Technical background • Is usability important anyway?• Issues:

• Too much to look at• No single data format for output• Out-of-sync clocks• The human!

Some Proposed Solutions• Visualizations• Training users

• Understand implications • Understand least privilege

• Understanding different players: organization, human, tools• Improving IDS Usability

• Assist users with configuration and installation• Some other recommendations

• Heuristics evaluation • Developed ITSM Heuristics • Compared ITSM to Nielsen’s Heuristics • With ITSM Heuristics, more problems were found

top related

social security administration (ssa): budget issues · pdf...
Documents
sap security-administration
Technology
social security administration (ssa): budget...
Documents
ssa’s ideal occupational information system security...
Documents
multi-user database processing architectures architectures...
Documents
oracle security developer tools reference crypto ......
Documents
d h security ransportation security administration ... ·...
Documents
social security administration · 2019. 9. 9. · social...
Documents
security , hacking, threats & tools for security ·...
Documents
vmware tools administration - vmware tools 11.3
Documents
security administration intro
Education
empowhr empowhr security overview. 2 application security...
Documents
administration tools for uc
Technology
transportation security administration "risk-based security...
Government & Nonprofit
social security administration
Documents
jd edwards enterpriseone security administration guide ·...
Documents
social securitysocial security administration...
Documents
security administration
Documents
network administration procedures tools –ping –snmp...
Documents
administration - panda security
Documents