{"id":466,"date":"2019-03-11T21:00:59","date_gmt":"2019-03-12T02:00:59","guid":{"rendered":"http:\/\/kwnpsa.ca\/?p=466"},"modified":"2019-03-20T08:25:24","modified_gmt":"2019-03-20T13:25:24","slug":"2019-03-network-security","status":"publish","type":"post","link":"https:\/\/kwnpsa.ca\/index.php\/2019\/03\/11\/2019-03-network-security\/","title":{"rendered":"2019 03 Network Security"},"content":{"rendered":"<h3><strong>Location: <\/strong><a href=\"https:\/\/www.openstreetmap.org\/way\/43250610#map=19\/43.46646\/-80.54515\">Room 1300 \u2014 Conrad Grebel University College, 140 Westmount Rd. N. \u00b7 Waterloo, ON N2L 3G6<\/a> (bottom floor, in the hallway that connects the main building to the Chapel-Residence building)<br \/>\n<strong>Date:<\/strong> Monday, 11 March 2019<br \/>\n<strong>Time:<\/strong> 7:00-9:00PM<\/h3>\n<p>We&#8217;ve talked about <a title=\"Malware\" href=\"https:\/\/sobac.com\/wiki\/Malware\">Malware<\/a> and the importance of <a title=\"Keeping Computers Up To Date\" href=\"https:\/\/sobac.com\/wiki\/Keeping_Computers_Up_To_Date\">Keeping Computers Up To Date<\/a>, and even just about <a title=\"What should we fear?\" href=\"https:\/\/sobac.com\/wiki\/What_should_we_fear%3F\">The Things We Should Fear<\/a>. But what new hazards are unveiled when you connect two or more computers together? When some of those computers aren&#8217;t on your own network? When malusers are out there trying to break into your network? When you&#8217;re actually inviting everyone into your network by running servers and services? Should you just outsource everything? Or are there tools available for the Non-Profit SysAdmin to help secure your networks?<\/p>\n<p>We&#8217;ll talk about the hazards of running a public network, and go over a list of tools and software.<\/p>\n<p>&#8211;Marc Par\u00e9 &amp; Bob Jonkman<\/p>\n<ul>\n<li><a class=\"new\" title=\"Network Security\/Meeting Notes 2019-03-11 (page does not exist)\" href=\"https:\/\/sobac.com\/mediawiki\/index.php?title=Network_Security\/Meeting_Notes_2019-03-11&amp;action=edit&amp;redlink=1\">Network Security\/Meeting Notes 2019-03-11<\/a><\/li>\n<\/ul>\n<h4><span id=\"Resources\" class=\"mw-headline\">Resources<\/span><\/h4>\n<ul>\n<li>Firewalls\n<ul>\n<li>The most secure firewall: <a class=\"image\" href=\"https:\/\/sobac.com\/wiki\/File:Nipper_for_Electronic_Wire_(Old).png\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/sobac.com\/mediawiki\/images\/thumb\/d\/dc\/Nipper_for_Electronic_Wire_%28Old%29.png\/150px-Nipper_for_Electronic_Wire_%28Old%29.png\" srcset=\"\/mediawiki\/images\/thumb\/d\/dc\/Nipper_for_Electronic_Wire_%28Old%29.png\/225px-Nipper_for_Electronic_Wire_%28Old%29.png 1.5x, \/mediawiki\/images\/thumb\/d\/dc\/Nipper_for_Electronic_Wire_%28Old%29.png\/300px-Nipper_for_Electronic_Wire_%28Old%29.png 2x\" alt=\"Nipper for Electronic Wire (Old).png\" width=\"150\" height=\"148\" \/><\/a><\/li>\n<li>Another secure firewall: <a class=\"external text\" href=\"https:\/\/www.pfsense.org\/\" rel=\"nofollow\">pfSense<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Intrusion Detection Software<\/li>\n<li>Pen Testing apps<\/li>\n<\/ul>\n<ul>\n<li><a class=\"external text\" href=\"https:\/\/www.techsoupcanada.ca\/en\/directory\/361\" rel=\"nofollow\">TechSoup Canada Catalogue: Server and Network Management<\/a><\/li>\n<\/ul>\n<ul>\n<li>Claim: The greatest threat in Network Security is NetAdmin or User Error\n<ul>\n<li><a class=\"image\" href=\"https:\/\/sobac.com\/wiki\/File:Network_Security_Dave.jpg\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/sobac.com\/mediawiki\/images\/thumb\/9\/9a\/Network_Security_Dave.jpg\/640px-Network_Security_Dave.jpg\" srcset=\"\/mediawiki\/images\/thumb\/9\/9a\/Network_Security_Dave.jpg\/960px-Network_Security_Dave.jpg 1.5x, \/mediawiki\/images\/9\/9a\/Network_Security_Dave.jpg 2x\" alt=\"Network Security Dave.jpg\" width=\"640\" height=\"473\" \/><\/a><\/li>\n<li>Another e-mail breach caused by human error:\n<ul>\n<li><a class=\"external text\" href=\"https:\/\/www.cbc.ca\/news\/canada\/kitchener-waterloo\/university-waterloo-data-email-breach-information-quest-1.5048814\" rel=\"nofollow\">Names, banking information accidentally shared in emails to University of Waterloo students | CBC News<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Data exfiltration due to user error:\n<ul>\n<li><a class=\"external text\" href=\"https:\/\/www.thestar.com\/politics\/provincial\/2019\/01\/21\/privacy-breach-hits-45000-recipients-of-ontarios-disability-support-program.html\" rel=\"nofollow\">Privacy breach hits 45,000 recipients of Ontario\u2019s disability support program | The Star<\/a><\/li>\n<\/ul>\n<\/li>\n<li>NetAdmin failed to renew expired domain names:\n<ul>\n<li><a class=\"external text\" href=\"https:\/\/arstechnica.com\/information-technology\/2019\/01\/godaddy-weakness-let-bomb-threat-scammers-hijack-thousands-of-big-name-domains\/\" rel=\"nofollow\">GoDaddy weakness let bomb threat scammers hijack thousands of big-name domains | Ars Technica<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Vulnerability not acknowledged by vendor:\n<ul>\n<li><a class=\"external text\" href=\"https:\/\/www.cbc.ca\/news\/canada\/new-brunswick\/cyber-malware-breach-dark-web-municipal-parking-servier-click2gov-centralsquare-1.5043818\" rel=\"nofollow\">City knew of massive cyber breach days before admitting it | CBC News<\/a><\/li>\n<li>\n<blockquote><p>On Dec.19, the day following Solomon&#8217;s exchange with Caissie, the city received notice from CentralSquare Technologies, the Florida company providing the Click2Gov parking server software, that there was no problem with the system. &#8220;Resolution: Checked Click2Gov server for evidence of malware\/possible breach, no evidence found of breach\/malware,&#8221; says the statement signed only &#8220;Customer Support.&#8221;<\/p><\/blockquote>\n<\/li>\n<\/ul>\n<\/li>\n<li>Pre-emptive shutdown of mail system to prevent a virus attack that might shut down the mail system.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3><span id=\"Meeting_Notes\" class=\"mw-headline\">Meeting Notes<\/span><\/h3>\n<p>Spoke about resources, war stories<\/p>\n<ul>\n<li>Proprietary mail systems\n<ul>\n<li>Errors in implementation, makes mail inaccessible, or sends mail when unwanted.<\/li>\n<li>Corporate culture prevents people from speaking of security flaws<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<ul>\n<li>Bugs in the software<\/li>\n<li>Errors in procedures<\/li>\n<li><\/li>\n<\/ul>\n<h4><span id=\"The_Cloud\" class=\"mw-headline\">The Cloud<\/span><\/h4>\n<ul>\n<li>&#8220;If the data was in the cloud it would have been safe&#8221;<\/li>\n<li>What is The Cloud?\n<ul>\n<li>Somebody manages the servers, still subject to human error<\/li>\n<li>But reduces the human interaction that is needed<\/li>\n<li>Maybe if <b>everything<\/b> is run by robots&#8230;\n<ul>\n<li>But that&#8217;s not the way Nonprofits operate, engaging people to be more involved<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<ul>\n<li>Open Source groups want more interaction, so still room for error\n<ul>\n<li>eg. LibreOffice: Get a professional to manage website? Or keep local group involvement? No to robots<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<ul>\n<li>Robots have programmers too\n<ul>\n<li>One more level of abstraction<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<ul>\n<li>Problems solved?\n<ul>\n<li>Email spoofing, phishing schemes: Joe Jobs, third-party addressbooks breached<\/li>\n<li>Could contact the apparent sender, but that person may not be involved in the message at all<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3><span id=\"Tour_of_pfSense\" class=\"mw-headline\">Tour of pfSense<\/span><\/h3>\n<h3><span id=\"Multiple_connections_to_isolate_traffic\" class=\"mw-headline\">Multiple connections to isolate traffic<\/span><\/h3>\n","protected":false},"excerpt":{"rendered":"<p>Location: Room 1300 \u2014 Conrad Grebel University College, 140 Westmount Rd. N. \u00b7 Waterloo, ON N2L 3G6 (bottom floor, in the hallway that connects the main building to the Chapel-Residence building) Date: Monday, 11 March 2019 Time: 7:00-9:00PM We&#8217;ve talked &hellip; <a href=\"https:\/\/kwnpsa.ca\/index.php\/2019\/03\/11\/2019-03-network-security\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[14],"tags":[68],"class_list":["post-466","post","type-post","status-publish","format-standard","hentry","category-pastmeetings","tag-network-security"],"_links":{"self":[{"href":"https:\/\/kwnpsa.ca\/index.php\/wp-json\/wp\/v2\/posts\/466","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kwnpsa.ca\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kwnpsa.ca\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kwnpsa.ca\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kwnpsa.ca\/index.php\/wp-json\/wp\/v2\/comments?post=466"}],"version-history":[{"count":4,"href":"https:\/\/kwnpsa.ca\/index.php\/wp-json\/wp\/v2\/posts\/466\/revisions"}],"predecessor-version":[{"id":485,"href":"https:\/\/kwnpsa.ca\/index.php\/wp-json\/wp\/v2\/posts\/466\/revisions\/485"}],"wp:attachment":[{"href":"https:\/\/kwnpsa.ca\/index.php\/wp-json\/wp\/v2\/media?parent=466"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kwnpsa.ca\/index.php\/wp-json\/wp\/v2\/categories?post=466"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kwnpsa.ca\/index.php\/wp-json\/wp\/v2\/tags?post=466"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}