New User Special Price Expires in

Let's log you in.

Sign in with Facebook


Don't have a StudySoup account? Create one here!


Create a StudySoup account

Be part of our community, it's free to join!

Sign up with Facebook


Create your account
By creating an account you agree to StudySoup's terms and conditions and privacy policy

Already have a StudySoup account? Login here


by: Brennan Schmeler


Brennan Schmeler
GPA 3.93


Almost Ready


These notes were just uploaded, and will be ready to view shortly.

Purchase these notes here, or revisit this page.

Either way, we'll remind you when they're ready :)

Preview These Notes for FREE

Get a free preview of these Notes, just enter your email below.

Unlock Preview
Unlock Preview

Preview these materials now for free

Why put in your email? Get access to more of this material and other relevant free materials for your school

View Preview

About this Document

Class Notes
25 ?




Popular in Course

Popular in Informatics

This 22 page Class Notes was uploaded by Brennan Schmeler on Wednesday September 9, 2015. The Class Notes belongs to INFO 341 at University of Washington taught by Staff in Fall. Since its upload, it has received 28 views. For similar materials see /class/192220/info-341-university-of-washington in Informatics at University of Washington.


Reviews for COMP NET & DIST APP


Report this Material


What is Karma?


Karma is the currency of StudySoup.

You can buy or earn more Karma at anytime and redeem it for class notes, study guides, flashcards, and more!

Date Created: 09/09/15
Security Discussion INFO 341 VVhy is security important What Security Problems Have Resulted In Financial Losses H rr sp nd ms 010 20 30 40 50 60 70 80 industrial Spl nag Mm l usa tsfr m mm Natural Disast r Mm l usatsby mpl y s N wisest rd Wntlm lnadv nant rr rs l Data from ErnstampYoung 1996 Some Common Threats 0 PasswordAuthentication Trojan Horse 0 Worm Virus Macro Virus Email Attacks Network Attacks Code Attacks Social Engineering Monday May 28 2007 mip WWW pcsym pathycom Icoriteritidr nrmi Linux vs Windows Viruses By Scd tGrannemam SecuritvFDcus Platform Comments Viruses A few hundred have caused Windows 60000 age Macintosh 4 23 Important enough to cause 0 some 39 39 damage Linux 40 Confined to laboratory UNIX 5 Confined to laboratory http lwwwopenumbiellaorgpdllossilsimypdl mm Open Source Soltwae l Flee Software OBSF8 hat is a password authentication attack reventing password authentication attack Require 78 character or longer passwords Don t use real words instead use a combination of letters numbers or speCIal characters consider using a phrase I ke stbampquotav Squash tomatoes beans and carrots are vegetablesquot Change the administrator or root password periodically Consider asking users to change their passwords regularly but be careful about forcing people to change too o en Educate users not to share their passwords with others Monday May 28 2007 http Hgallery euroweb martmlepoioglandomemolanmo lpg 39 39 i m i What is a Trojan Horse p K J What is a Trojan Horse A malicious program that masquerades as a legitimate program People who share software were often at more risk These seem to be less common these days Example ls command in HOME Example explorerexe httpsecinfnettrojans TheCompleteWindowsTrojansPaperhtml What is a Worm Monday May 28 2007 What is a Worm Worms are standalone programs thatare designed to search for known vulnerabilities of well known services and exploit them 0 Once they find a hole they propagate by copying themselves often using an open port to that new host and start executing They are typically able to propagate very quickly and are the source of most of the serious outbreaks Enternet Worm by Robert Morris Exploit sendmail root vulnerability Exploit buffer overrun in ngerd 0 Target SUNs amp VAXen running BSD 0 Password cracking list of 400 0 Password attack from dictionary 0 Targets found using etchosts rhosts 0 Program name of sh to hide 0 Code checked for existing infection Enternet Worm by Robert Morris 0 Bug in infection code failed 0 Password cracking code exhausted the system s resources 0 No other harm was done Monday May 28 2007 Enternet Worm by Robert Morris 0 A few references httpwwwresearchattcomsmbtalks computerinsecurityindexhtm httpwwwworm net httpwwwvtciftelstracomaupubdocs securitysertdocspafwormpsZ What is a Virus What is a Virus A piece of executable code attached to inserted in a legitimate program Can only execute when the legitimate program runs or automated launches Spreads by infecting noninfected copies of the legitimate or of other programs Monday May 28 2007 Typical virus actions Infect boot sectors cannot boot Send Email via address books Format hard drive Cripple system performance Registry hacks Insert as a startup program How Viruses Propagate Vulnerable TCP service ports 0 Email attachments Removableshared mediastorage CDROMs from vendors 0 Macro viruses crossplatform What is a network attack Monday May 28 2007 What is a network attack 0 Packet Snif ng Find interesting data 0 Port Scanning Find wellknown insecure services nmapfe Nessus What is a code attack 20 What is a code attack 0 An attack that takes advantage of a software aw or deeper understanding of a protocol 0 Buffer Overruns 0 Denial of Service DoS Distributed Denial of Service DDoS SYN Flood 0 ICMP Flood 21 Monday May 28 2007 What is social engineering 22 What is social engineering 0 An exploit that plays on an individuals notions of proper authority or an individuals naivet Hi I m Jake Smith work in the IT group I need to fix your roaming profile If you give me your password I ll have it fixed in just a second Hi my name is Darrin I m with your ISP Hi I m Kevin Mitnick and you ve been p0wned 23 What can be done Mtp lwww pcmag cumamciezul7ael5meaauu asp Why Are Virus Attacks Getting Worse The second thing that concerns me is the neverending evolution of social engineering The est example I39ve seen to date is the bogus message that appears to come 39om the email administrator ofthe domain you use for your email In one Jnny example I recently got a memo from the mail administrator at dvorakorg Since I39m the on person at dvorakorg l was surprised to nd I suddenly had an email administrator as part of e team I got several ofthese messages telling me about various problems with my account and how I had to x s an attachment with them ich lwas instructed to click on to get details While this was laughable for me I could imagine some new employee at General Electric or Procter and Gamble sitting at his or her desk worried sick about getting off probation and seeing this memo come 39om administratorGEcom or whatever 24 Monday May 28 2007 Tools SPAM lters Email server attachment scrubbers VirusWorm scanners SATAN COPS PDF checker HPUX Monitor logs event viewers 25 Good System Administration Only login as the administrator when there is administrivia to perform Often you can run as or authenticate brie y to perform the admin task EX sudo mount a A nonadministrator cannot harm the OS system files 26 27 Monday May 28 2007 gem Acmunls 396 i v Slum All Displays Sound Network 5 ulesk luhn Blummlrs Admin Sewnd Administrar igmm Picture Seturily Sum pllems 7 Name John Slammer ShorrNamv ohnb mm jahnstandard 39 5mm VeIIfVI quot quot Third Admlnlslratoi r quot Admin Passwmd Hint Optional Address Rook Card 39 Edit Q Lugm Options ll W H mm m link In prevent furmerchanges 28 a him H p mum mgm l iupwmav Senmhiilmr Liszt Emum I I I I m sun ma 1m Elnmmers hmhash lhom phnh 29 Security Methodologies Talk 0 What is a security event 0 Risk mitigation Who what where when why whow Aword on prevention 0 Business Continuity Planning 0 Security tools A simple security questionnaire The Security Policy 0 Developing the questionnaire 0 The Firewall Page 3O Monday May 28 2007 Timeline of a Security Event These are 39 Ew u ugms mm Scenariu r a Security Event and preems Having mem duesnut mean i 2 3 4 5 6 yuu are secure permmdsruvtnn my iVmA are being cased me my WW 3mm 2 An anaok uoours amp succeeds new 3 Deiewun Encryvtnn 4 Curr i fang2mm 5 Nurmai uperatiuns resume i 7 M C P Ask What an we ieam mmsmeeim cenm ies Scraen Callers tn av id deten deted prevent shurten mews minimiZE and duoumentthe evem beiure it aaegeneaeer Booms 31 I need to know about Security I learned from Star Trek Exam huwtu spei mwene Hirojen Femembc r Hw hon ipr m 819 quotFM Vayojer radial ikeir prev ke re 4A6 inun39f Risk Mitigation s Meme isss vui we ingsysiem sgrai gees w was seesseoms amnemnem ms ewes m pemeesmsweusueiseeummw areinpmeamcra omiim d amncn rat m an i ate rauaiERhS mew pen mm resv nse eemges is work 1x019 gene we be me man ewesem as him use amass pesimem new vaawawaiad use New mesa enemies Mame Maw my 5 Sewnes 75m rad 5 Wm Wu eem Monday May 28 2007 what where when copy roomi AWord on Prevention n Seounty holes you know about a and have addressed that you keep track of on all systems xt OS update that a system restore won39t undo 39 Seounty holes you don39t know about that are already on the baokup tapes and on the servets and on usets39 floppy dIsks Burning guestlon how do you know you39ve found all the holes7 that the audIts always validate are there gt Business Continuity Planning corporation to continue by proyiding a plan location equipment resources cornrnunications i i piaii Publish tne disaster recoyery plan distnpute to all participants and store copies ot it at secure welleknown iocations Some ottnese iocations snouid pe ott site Keep tne oi a ter involved inciuding statt at tne oiirsile taciiities o recoyery plan disaster tney knowwhal to do were to go howto get there mat to bring who eise to Contact and seyerai ways to contact tnern I u h a an y i partner s premises in otner part ottne company s taciiities and at otner corporate sites The disaster recovery pian inciudes intorrnation about howto reacn tnese sites vmolo contact there what s stored tnere identity equipment supplies docurnentation and otner resourcestnat Will be needed o a i rnaniiai in disaster recoyery pian ilseli test equipment network equipment sottware and yarious suppiies cables paper Snickers pars etc nduct a test ot tne disaster pian by seiecting one ottne anticipated disasters and actuaiiy executing tne pian Note disasters rnay occur in cornpinations 39 o o 34 35 Monday May 28 2007 36 Security Tools Simple Security Questionnaire 1T0 whom does your rnost senior inrorrnation security person report Telecommunication encryption 4 Does your organization utiiize tne internet ror exchange of irnportant pusiness correspondence or inrorrnation externally 5 D itor internet aotiyities associated Witn your organization tnrougn internai or external services Terminal key locks orlock words 38 Developing the Question naire 1 Start With something Client Information provided up front Use a general questionnaire overleaf 2 Build on technical resources interyiew 39 7 end u technical expertise net admins books and references 7 managers sample wor from oth 39 exec mVeS 3 Develop and enhance information With interVIews Ja mmr a snipping clerk open ended questions no YN replies who what where when why whow use the Risk Analysis table follow newly discovered directions tie up loose ends in a nal meeting make follow up calls to clarify points a receipionis a randorn persons Monday May 28 2007 39 The Security Policy supported at the highest corporate leve 0 Wing document updated distributed read training user feedback Draconian policies cite dismissal for failure to comply I Table of Contents Purpose goals risks auditing Scope who wh ere when why whow Physical Security locks backups classi ation User Educatio roles responsibilities authentication Email Viruses Security Administration managing acc nts Application Security engineenng production accounting monitoring OSN A ministrator Practices cautions for root user Network Security all clientrserver systems network ele t onics Security Enforcement logging reporting enforce Support help desk security desk libr w esc ec ri The p o a alation ction of enterprise assets from unauthorized ntentional or accidental modi cation ment management The Firewall Page 0quot A useful resource 0 Computer Emergency Response Team CERT provides a central coordination point for many security issues 0 httpwwwcertorg 41 4O 42 Monday May 28 2007 INFO 341 Midterm Review Not comprehensive Exam Thursday February em Two pans L Part1 dosed book ciosed ndtes PartZOpen book open notes Queslions cronym amp De nition v Bpianationshort answer TrueFain exp anamon robiems Transmission Media Wires v PCoaXiaiCabie FiberOpIicgiass adio Saleiiiie r Geosynchro usGeostdionary Law Earth Orbit LEO Law Earth OrbitAnays Microwave I inlrared Signaling I Signal Encoding analog wave forms amplitude frequency phase v digital I Signal MultipIeXing implex halfduplex duplex iv time division frequency division multiplexing wave division optical I Signal Loss Attenuation cross talk re ection ambient noise Packets Frames Error I Packet philosophy z Share resource 0 Packet sWitching networks I Frame 0 Header Data I Errordetection z Parity CRC Checksum LANS Network Topology I Point to point connections I Topological Solution 0 Star Ring Bus Tree z Logical topology vs physical topology I Ethernet example of bus I IBM Token Ring amp FDDI example rings Ethernet I Origin history Aloha net DIX I Manchester encoding not a british band I Ethernet frame format addressing types payload I CSMACD Vs CSMACA m binary exponential backoff I BroadcastMulti cast Special Ethernet addresses LAN Wiring amp Hardware I NIC DMA I Wiring L Thicknet lOBase5 AUI BNC connector Thinnet lOBaseZ UTP lOBaseT Cat l CatZ CatS Cat4 Cat5 I DeVices Hubs Repeaters Bridges Switches I Distance Segment limits I Redundancy bridging cycles amp sWitch cycles Distance Connectivity WANS I Connectivity Options amp Speeds 0 T1 T3 0C1 0C3 SONET ISDN DSL Cable Frame Relay ATM X25 I Switched Networks 9 Routers amp routing 9 Hierarchical addressing u Store ampforward Graph Theory I Networks as graphs Graph abstraction nodes amp edges Graph Algorithms a Minimum Spanning Tree 9 Shortest Paths Routing Route Determination I Gateways amp Border protocols u IGP EGP I Route protocols 9 RIP OSPF BGP I Steps to route determination Network Ownership I Public networks I Private networks I Virtual Private Networks VPN I Service Paradigms 0 Connection Oriented Connectionless I Performance Characteristics z Throughput Delay Protocols I Protocols a An end to end agreement I Protocol sultes w A collection of protocols organized I Stacks Layers I Sequenctng retransmlsston flow control acknowledgement congestlon control I Slldlng wtndow protocol ISO 7 Layer Model Appllca nn R l vDatallnk Physical ISO Layers more detail mml may mwmmma mg mummy am manuawvga thskalElectmalmmvamn Daween the D32 Yevmlnal zmmm mm am can cmnmmm zmmm may and mm mm swab w L M By New momma a W mam m magth menth m m relahan m m mm m me m m maneng ms lewl M cancel Wen mm m a e m and m 622 n mmquot quota wrymlrstauvlwstemevmnams mm um net mm tchl y u mam between mummy quotemu r l n u x mmwmm 533m Dyer vvw esmechansmsiuvanmgamze meanstmachang ala between was such smmnmsaammn anemanetvammss checkwmlvmmmesam resynchmnmunawaev m m Pmnhtmn Dyer lawman my mwwmmmwmwnmm vmmneameans mawmemgmawa macmrva maman mama mhmalevmatu ttva 92mm macmrm a memmmantvamie m aamthendmethsmmtt an awmpmemm the mmquot macmne mmquot Dyer my 5 unnamed mm the semantwsu tha am saw was swam manaEEmEM we transev mam mall manual data Mme aka suvwnsme wmal tevmmalam mmal we NHDEVIS mamwsmmwwt Other Layered Models Data Flow Anpllcatmn beatnik 39 NetwmkAmr 39 Physical Physical IBM SNA DECnet Internet Reference Model lnternetworking amp TCPIP I Universal Senice 3 Connect dlfferent heterogeneous networks 0 Create a Vlrtuallabstract network that works the same everywhere I TCPIP 7 Hlstory orlglns layer model 0 Hosts IP Internet Protocol I IP Addresses Address classes blt relatlonshlps Dotted dectmal notatlon dotted quad Classful and classless addressan Subnet masks CIDR Speclal Addresses A DHCP BOOTP for settlng addresses 0 u u on Subnetting amp Masks I Assume your organization is given a class B address 64100xx i What is the subnet mask for this address 7 Suppose you want to break this up into 8 networks of approXimately equal size what su net mask would you give to the local administrators lP ARP amp Datagrams I ARP I Connection Oriented amp 39 39 I Datagram delivery 39 Next hop delivery Best effort delivery I IP Encapsulation r Enveloping I Segmentation amp Reassembly Top 1 I Reliable transport connection oriented 0 Features of TCP senice Flow control sliding Windows 9 Three way handshake 9 Congestion control Network OS I Bnef Htstory of NOS H39 tory Netware WinNT WinZK Linux I Cltent Sener vs Peer to Peer I Essenttal NOS sentoes PrinterS rin User amp Group permissionsaccess control Accounting management Sockets Network Programming I Youjustsawthis


Buy Material

Are you sure you want to buy this material for

25 Karma

Buy Material

BOOM! Enjoy Your Free Notes!

We've added these Notes to your profile, click here to view them now.


You're already Subscribed!

Looks like you've already subscribed to StudySoup, you won't need to purchase another subscription to get this material. To access this material simply click 'View Full Document'

Why people love StudySoup

Steve Martinelli UC Los Angeles

"There's no way I would have passed my Organic Chemistry class this semester without the notes and study guides I got from StudySoup."

Allison Fischer University of Alabama

"I signed up to be an Elite Notetaker with 2 of my sorority sisters this semester. We just posted our notes weekly and were each making over $600 per month. I LOVE StudySoup!"

Bentley McCaw University of Florida

"I was shooting for a perfect 4.0 GPA this semester. Having StudySoup as a study aid was critical to helping me achieve my goal...and I nailed it!"


"Their 'Elite Notetakers' are making over $1,200/month in sales by creating high quality content that helps their classmates in a time of need."

Become an Elite Notetaker and start selling your notes online!

Refund Policy


All subscriptions to StudySoup are paid in full at the time of subscribing. To change your credit card information or to cancel your subscription, go to "Edit Settings". All credit card information will be available there. If you should decide to cancel your subscription, it will continue to be valid until the next payment period, as all payments for the current period were made in advance. For special circumstances, please email


StudySoup has more than 1 million course-specific study resources to help students study smarter. If you’re having trouble finding what you’re looking for, our customer support team can help you find what you need! Feel free to contact them here:

Recurring Subscriptions: If you have canceled your recurring subscription on the day of renewal and have not downloaded any documents, you may request a refund by submitting an email to

Satisfaction Guarantee: If you’re not satisfied with your subscription, you can contact us for further help. Contact must be made within 3 business days of your subscription purchase and your refund request will be subject for review.

Please Note: Refunds can never be provided more than 30 days after the initial purchase date regardless of your activity on the site.