My opinion on #TC2027

--Originally published at Computer and Information Security

It is the end of the semester and I am still not sure what I think about the course. I am not against the methodology used, but I have some doubts about it.

I think flip learning is a great method for learning, though I think this time it was taken too far. I say this because there was no a specific order to review the topics, each student could learn the topic he or she wanted to. Though it is not a bad idea, I believe it made it too much more difficult to discuss the topics with other students or even with the professor.

Despite that, I did enjoy the course.

captura-de-pantalla-2016-11-22-a-las-11-38-09-a-m


RMA

--Originally published at Computer and Information Security

 

captura-de-pantalla-2016-11-21-a-las-10-24-38-p-m

Risk is the probability or threat of damage that is caused by external or internal vulnerabilities. Risk management is done to assess risk and take action to reduce it to an acceptable level. It is important to recognize that computers can’t be fully secured, there is always risk. That is the reason risk management is important. Risk management is made up of two components: risk assessment and risk mitigation.

In this post we will focus on risk assessment methodologies. Risk assessment is the process of analyzing and interpreting risk. It consists of three main activities:

  • Determining the scope and methodology.
  • Collecting and analyzing data.
  • Interpreting the results.

The first activity of risk assessment includes selecting the methodology that will be used. These methodologies are:

  1. Asset Audit: Consists of looking at the assets of the organization and determine if there are being protected adequately.
  2. Pipeline Model: Risks are assessed on a pipeline, which is responsible for processing a certain type of transaction. Each pipeline is reviewed to determine if the security requirements are met.
  3. Attack Trees: Describes the security of systems based on who, when, how, why and with what probability an attack could happen. The root node represents the goal of the attacker and the branches and leaf nodes show the ways of attaining the goal.

We need to realize that no single method is best for all users and environments. How the scope and methodology are defined impact the amount of effort spent on risk management and how useful the assessment is.

Made in collaboration with Salvador.

Picture by:  Lindley White https://thenounproject.com/term/warning/8148/

 


What to do in case of…

--Originally published at Computer and Information Security

There exist some security issues that technology cannot stop. For example: An antivirus program is not able to prevent an user from opening a link and releasing a virus or corporative networks are vulnerable if former employees have working passwords. Technology alone is not enough so policies are used to guide the implementation and management of security.

A security policy is a document that defines how an organization will deal with some aspect of security. Security policies can also deal with regulatory requirements or policies can simply be advisory.

information-1657276_640

There is one rule to follow while defining policies: There should be a policy for every possible situation. If there is no a policy for a given problem, this may be aggravated. A policy needs to be very clear and specific to be effective.

Policies can be divided into user and administration policies.

The areas covered by the user policies are:

  • Passwords
  • Internet use
  • Email attachments
  • Installing/uninstalling software
  • Instant messaging
  • Desktop configuration

The administration policies should be a guide for the following scenarios:

  • New employees
  • Departing employees
  • Change requests
  • Security breaches
  • Virus infections
  • Denial of service attacks

This post was created with the collaboration of Salvador.


Mac Pro

--Originally published at Computer and Information Security

Recently our campus bought several mac pros for the development lab. You know, those pretty powerful computers from Apple. There is only one issue, almost every student would rather work on their own laptops than on the macs.

big

You may be wondering why the students don’t like to use those computers. I will list the reasons why I don’t use them.

The mouses

The mouses the school bought for the macs are Apple mouses from more or less 2008 and not all of them work properly. Some of them don’t detect right clicks nor double clicks. I mean if you are going to spend that much on a computer you may as well invert a little bit more on the components it uses so you can actually work with them.

Single user

I did have to use the macs last semester because my macbook air is not able to run the android studio emulator (other than that there is no other program I need that my macbook cannot run) and it was a disaster. There is only one user to login and every student that used the same mac I did saved their files in the computer. Even if I created a folder with my name other students would still save their files in there. Now imagine how this issue was even harder during exam periods. There may had been at least 4 folders named exam_n.

File transfer

Whenever I used the mac I still had to transfer all the files I have worked on to my computer so I could continue working with them.

Don’t get me wrong, I appreciate the effort our school makes to give us great technology but I believe that this has not been an adequate implementation.


Network Security

--Originally published at Computer and Information Security

7562831366_66f986c3ea_o

Network security refers to activities designed to protect a network. These activities protect the usability, reliability, integrity, and safety of a network and data.

There isn’t a single solution that protects a network from a variety of threats. Multiple layers of security are needed. Network security is accomplished through hardware and software.

A network security system usually consists of many components. Network security components often include:

1. Anti-virus and anti-spyware

2. Firewalls, to block unauthorized access to your network

3. Intrusion prevention systems

4. Virtual Private Networks (VPNs), to provide secure remote access

 

Photo:

Flickr photo by Merrill College of Journalism Press Releases https://www.flickr.com/photos/umdnews/7562831366 shared under a Creative Commons (BY) license.


A & AC

--Originally published at Computer and Information Security

An important requirement of any information system is to protect information against improper disclosure or modification. To achieve this goal authentication and access control technologies are used.

16068339396_8f12ff2baf_z

Authentication establishes the identity of a user to the system before access is granted. This is typically done by means of an user name and a password.

Access control constrains what a user can do. Access control consults an authorization database in order to determine if the user attempting to do an operation is actually authorized to perform it.

Photo by:

Flickr photo by Gustavo da Cunha Pimenta https://www.flickr.com/photos/guspim/16068339396/ shared under a Creative Commons (BY) license


Countermeasures

--Originally published at Computer and Information Security

A countermeasure is an action that can prevent or mitigate the effects of threats to a computer, server or network. Software, hardware and modes of behavior can be used as countermeasures.

Software countermeasures: firewalls, anti-virus software, pop-up blockers and spyware detection.

2984113124_88b0f33a9b_o

Hardware countermeasures: routers that can prevent the IP address of a computer from being visible on the Internet, physical restriction of access to computers and alarms.

102508862_50d9b10884_m

Behavioral countermeasures: frequent deletion of cookies, regular scanning for malware, regular installation of updates for operating systems and staying away from questionable Web sites.

1360645249_fc004b2c3f_o

 

Photos:

  1. Flickr photo by Gabriel Salvadó  https://www.flickr.com/photos/eldibuixant/2984113124 shared under a Creative Commons (BY) license.
  2. Flickr photo by debsilver https://www.flickr.com/photos/debsilver/102508862 shared under a Creative Commons (BY) license.
  3.  Flickr photo by Marcos Castellano https://www.flickr.com/photos/guspim/16068339396 shared under a Creative Commons (BY) license.

     


Cryptography

--Originally published at Computer and Information Security

5175712467_dfc5c7c41d_z

Cryptography is a method of storing and transmitting data in a particular form so that only those for whom it is intended can read it.

Cryptography concerns four main goals:

1. Confidentiality

2. Integrity

3. Authentication

4. Non-repudiation

The process of transforming a plaintext to a ciphertext is called encryption. When the information is reverted back, it is called decryption. Only users with the key can transform the ciphertext back into its useful form. The algorithm used for encryption and decryption is called a cipher.

You can check my code for some ciphers here.

Photo:

Flickr photo by Ryan Somma https://www.flickr.com/photos/ideonexus/5175712467 shared under a Creative Commons (BY) license


Not available

--Originally published at Computer and Information Security

Have you ever tried to visit a site but were not able to do so. You double check your internet connection to be sure it is not your fault. You even visit other sites but the one you want is down.

Something that can be going on is that the site you are trying to visit is suffering a Denial of Service attack.

The objective of a Denial of Service (DoS) attack is to make a resource unavailable for the purpose it was designed.

Some ways to make a service unavailable for users are:

  • Manipulating network packets.
  • Taking advantage of programming and resource handling vulnerabilities.

For example, if a server receives a very large number of requests, it may not be able to process legitimate users’ requests. In the same way, a service may stop if a programming vulnerability is exploited.

3838770375_0a601985b8_o

flickr photo by George Ellenburg https://flickr.com/photos/a2gemma/1448178195 shared under a Creative Commons (BY) license.