Difference between revisions of "Network Security"
m (Added the location. -- Marc) |
BobJonkman (talk | contribs) (→Resources: Add cartoon, another security breach report) |
||
Line 30: | Line 30: | ||
* Claim: The greatest threat in Network Security is NetAdmin or User Error | * Claim: The greatest threat in Network Security is NetAdmin or User Error | ||
+ | ** [[File:Network Security Dave.jpg|640px]] | ||
** Data exfiltration due to user error: | ** Data exfiltration due to user error: | ||
*** [https://www.thestar.com/politics/provincial/2019/01/21/privacy-breach-hits-45000-recipients-of-ontarios-disability-support-program.html Privacy breach hits 45,000 recipients of Ontario’s disability support program | The Star] | *** [https://www.thestar.com/politics/provincial/2019/01/21/privacy-breach-hits-45000-recipients-of-ontarios-disability-support-program.html Privacy breach hits 45,000 recipients of Ontario’s disability support program | The Star] | ||
** NetAdmin failed to renew expired domain names: | ** NetAdmin failed to renew expired domain names: | ||
*** [https://arstechnica.com/information-technology/2019/01/godaddy-weakness-let-bomb-threat-scammers-hijack-thousands-of-big-name-domains/ GoDaddy weakness let bomb threat scammers hijack thousands of big-name domains | Ars Technica] | *** [https://arstechnica.com/information-technology/2019/01/godaddy-weakness-let-bomb-threat-scammers-hijack-thousands-of-big-name-domains/ GoDaddy weakness let bomb threat scammers hijack thousands of big-name domains | Ars Technica] | ||
+ | ** Vulnerability not acknowledged by vendor: | ||
+ | *** [https://www.cbc.ca/news/canada/new-brunswick/cyber-malware-breach-dark-web-municipal-parking-servier-click2gov-centralsquare-1.5043818 City knew of massive cyber breach days before admitting it | CBC News] | ||
+ | *** <blockquote>On Dec.19, the day following Solomon's exchange with Caissie, the city received notice from CentralSquare Technologies, the Florida company providing the Click2Gov parking server software, that there was no problem with the system. "Resolution: Checked Click2Gov server for evidence of malware/possible breach, no evidence found of breach/malware," says the statement signed only "Customer Support."</blockquote> | ||
** Pre-emptive shutdown of mail system to prevent a virus attack that might shut down the mail system. | ** Pre-emptive shutdown of mail system to prevent a virus attack that might shut down the mail system. | ||
+ | |||
[[Category:NPSA]] | [[Category:NPSA]] | ||
[[Category:Events]] | [[Category:Events]] |
Revision as of 23:58, 10 March 2019
Network Security
- Date
- Monday, 11 March 2019 from 7:00pm to 9:00pm iCal
- Meetup Event
- https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/257702185/
- Location
- *** Room 1300 *** -- Conrad Grebel University College, 140 Westmount Rd. N., Waterloo, Ontario Map
We've talked about Malware and the importance of Keeping Computers Up To Date, and even just about The Things We Should Fear. But what new hazards are unveiled when you connect two or more computers together? When some of those computers aren't on your own network? When malusers are out there trying to break into your network? When you're actually inviting everyone into your network by running servers and services? Should you just outsource everything? Or are there tools available for the Non-Profit SysAdmin to help secure your networks?
We'll talk about the hazards of running a public network, and go over a list of tools and software.
--Marc Paré & Bob Jonkman
Resources
- Firewalls
- The most secure firewall:
- Another secure firewall: pfSense
- Intrusion Detection Software
- Pen Testing apps
- Claim: The greatest threat in Network Security is NetAdmin or User Error
- Data exfiltration due to user error:
- NetAdmin failed to renew expired domain names:
- Vulnerability not acknowledged by vendor:
- City knew of massive cyber breach days before admitting it | CBC News
On Dec.19, the day following Solomon's exchange with Caissie, the city received notice from CentralSquare Technologies, the Florida company providing the Click2Gov parking server software, that there was no problem with the system. "Resolution: Checked Click2Gov server for evidence of malware/possible breach, no evidence found of breach/malware," says the statement signed only "Customer Support."
- Pre-emptive shutdown of mail system to prevent a virus attack that might shut down the mail system.