Download PDF - Department of Navy Chief Information Officer - U.S. ...

More documents

Recommendations

Info

you are searching while the rootkit is running.The only reliable way is to shut downthe system and reboot from a CD or writeprotectedexternal drive. The rootkit cannothide itself if it is not running.The only reliable way to cure a rootkit infectionis to re-install the operating systemand applications. If you save the data files,scan them until they are sterile to avoid reinfection.Make sure the firewall is on, neversurf the Internet in admin mode, and neverallow anything to install that needs administrativeprivileges unless you are very certainof what it will do.Man the BarricadesNow to No. 9 which is False. If you remember that most zombieattacks appear to originate here in the U.S.A., blocking incomingpackets from foreign IP addresses might stop a littleover a third of the attacks. But what you really want is controlover outgoing packets, particularly those heading to foreign IPaddresses. Regardless of where the zombies are located, there issome consensus that the people operating botnets live in countrieswith lax law enforcement regarding computer crime, andpossibly some countries may even encourage these nefariousactivities.While an infected PC might still be getting instructions from aforeign source, it will be far less effective if it cannot report backto its new master. Outgoing traffic, particularly to sites no onehas actually visited, might be a sign that there are infected PCsinside the firewall.No. 10 is False. Computer history is littered with the virtualbodies of early adopters who embraced version 1.0 (or beta versions)of an application, only to find that they had acquired thecomputer security equivalent of a cardboard flak jacket. Unfortunately,there are people who want the newest, brightest and“bestest” toys right now. Please resist the urge to rush a new systeminto operation unless there really is no other choice.Malware SymptomsHow can you tell if your computer has been infected? Hereare some typical symptoms:• You get pop-ups at random when you are not searching theInternet.• You get a funny video in e-mail and when you double clickon it you get a security warning. When you click OK to let thevideo run, nothing happens.• You click on a link in search results and immediately get popups.You close the pages but get error messages.• Your computer runs slowly and when you check system activityyou see unexplained memory, central processing unit, ornetwork bandwidth consumption.• Your computer is sending or receiving data (indicated by constantlyblinking lights on your modem or router) even though youdo not have a browser, e-mail or other Internet program open.Essentially, any time your computer does something that youdid not tell it to do, you should be suspicious. Granted, the lastexample could be some type of auto-update program, but anyreputable updater application should issue an alert and ask permissionbefore proceeding.We looked at Trojan horses earlier, but it alsomight be useful to look at the differences betweena virus, worms and Trojans.A computer virus is executable code thatattaches itself to a executable file and is activatedwhen a user runs the file it is attached to.Viruses range from annoying (displaying a jokemessage at a set time) to dangerous (damage toyour system or files). Because almost all virusesare attached to executable files they generallycannot infect a computer until a user runs oropens the host file.Please note that a virus cannot be spread withouta human action such as running an infected program or e-mailingan infected file.A computer worm is similar to a virus, with one important difference:It can travel without any help from users. Worms takeadvantage of the various file and information transport featureson computers and networks to travel. Once a worm is active itcan send thousands of copies of itself to any target it can find.A common worm tactic is to e-mail itself to everyone in a user'se-mail address book, or just wait until an e-mail is sent. Thisfeature can also help us detect worms because if they are tooactive and consume too many system resources, we may noticeloss in memory or an increase in bandwidth consumption.A worm may install a Trojan, or a Trojan may carry a worm orvirus. While worms try to operate below the radar, Trojans canbe more effective because they attempt to trick the system userinstead of the built-in security of the system. Sadly, it seems thathumans are easier to fool than computers.Another infection method that deserves a look is the "DrivebyDownload." This happens without knowledge of the userand occurs by visiting a Web page with malicious code, viewingan infected e-mail or clicking on a deceptive pop-up. The pagemay have only been open for a few seconds and nothing wasinstalled, but if the code is there, and the browser is vulnerable,the computer can be compromised.You do not even have to visit questionable Web sites to be attackedby a drive-by. In addition to looking for new PCs to infect,hackers probe legitimate corporate and government Web sitesscouting for vulnerabilities to try to upload malicious code thatwill attack PCs that visit those sites.Closing WordsThe global reach of the Internet provides great opportunities.But leaving your network or computer vulnerable to people infaraway places who will cheerfully add your computer to theirbotnet without caring what damage they may do along the waycan have catastrophic consequences, but if you do some fairlysimple, sensible things, you can be safe.So enjoy the Internet, but remember the words of PresidentRonald Reagan — “Trust, but verify.”Happy Networking!Long is a retired Air Force communications officer who has written regularly forCHIPS since 1993. He holds a master of science degree in information resourcesmanagement from the Air Force Institute of Technology. He currently serves asa telecommunications manager in the Department of Homeland Security.68 CHIPS www.chips.navy.mil Dedicated to Sharing Information - Technology - Experience
Enterprise Software AgreementsListed BelowThe Enterprise Software Initiative (ESI) is a Department of Defense (DoD)initiative to streamline the acquisition process and provide best-priced, standardscompliantinformation technology (IT). The ESI is a business discipline usedto coordinate multiple IT investments and leverage the buying power of thegovernment for commercial IT products and services. By consolidating ITrequirements and negotiating Enterprise Agreements with software vendors, theDoD realizes significant Total Cost of Ownership (TCO) savings in IT acquisition andmaintenance. The goal is to develop and implement a process to identify, acquire,distribute and manage IT from the enterprise level.Additionally, the ESI was incorporated into the Defense Federal AcquisitionRegulation Supplement (DFARS) Section 208.74 on Oct. 25, 2002, and DoDInstruction 500.2 in May 2003.Unless otherwise stated authorized ESI users include all DoD components, andtheir employees including Reserve component (Guard and Reserve) and the U.S.Coast Guard mobilized or attached to DoD; other government employees assignedto and working with DoD; nonappropriated funds instrumentalities such as NAFIemployees; Intelligence Community (IC) covered organizations to include all DoDIntel System member organizations and employees, but not the CIA nor otherIC employees unless they are assigned to and working with DoD organizations;DoD contractors authorized in accordance with the FAR; and authorized ForeignMilitary Sales.For more information on the ESI or to obtain product information, visit the ESI Website at http://www.esi.mil/.Software Categories for ESI:Asset Discovery ToolsBelarcBelmanage Asset Management - Provides software, maintenance andservices.Contractor: Belarc Inc. (W91QUZ-07-A-0005)Authorized Users: This BPA is open for ordering by all Department of Defense(DoD) components and authorized contractors.Ordering Expires: 30 Sep 11Web Link: https://ascp.monmouth.army.mil/scp/contracts/viewcontract.jsp?cNum=W91QUZ-07-A-0005BMCRemedy Asset Management - Provides software, maintenance andservices.Contractor: BMC Software Inc. (W91QUZ-07-A-0006)Authorized Users: This BPA is open for ordering by all Department of Defense(DoD) components and authorized contractors.Ordering Expires: 29 May 09Web Link: https://ascp.monmouth.army.mil/scp/contracts/viewcontract.jsp?cNum=W91QUZ-07-A-0006CarahsoftOpsware Asset Management - Provides software, maintenanceand services.Contractor: Carahsoft Inc. (W91QUZ-07-A-0004)Authorized Users: This BPA is open for ordering by all Departmentof Defense (DoD) components and authorized contractors.Ordering Expires: 19 Nov 09Web Link: https://ascp.monmouth.army.mil/scp/contracts/viewcontract.jsp?cNum=W91QUZ-07-A-0004DLTBDNA Asset Management - Provides asset management software,maintenance and services.Contractor: DLT Solutions Inc. (W91QUZ-07-A-0002)Authorized Users: This BPA has been designated as a GSA Smart-BUY and is open for ordering by all Department of Defense (DoD) components,authorized contractors and all federal agencies.Ordering Expires: 01 Apr 13Web Link: https://ascp.monmouth.army.mil/scp/contracts/viewcontract.jsp?cNum=W91QUZ-07-A-0002PatriotBigFix Asset Management - Provides software, maintenanceand services.Contractor: Patriot Technologies Inc. (W91QUZ-07-A-0003)Authorized Users: This BPA has been designated as a GSA Smart-BUY and is open for ordering by all Department of Defense (DoD) components,authorized contractors and all federal agencies.Ordering Expires: 08 Sep 12Web Link: https://ascp.monmouth.army.mil/scp/contracts/viewcontract.jsp?cNum=W91QUZ-07-A-0003Business and Modeling ToolsBPWin/ERWinBPWin/ERWin - Provides products, upgrades and warranty for ER-Win, a data modeling solution that creates and maintains databases, datawarehouses and enterprise data resource models. It also provides BPWin,a modeling tool used to analyze, document and improve complex businessprocesses.Contractor: Computer Associates International, Inc.(W91QUZ-04-A-0002)Ordering Expires: Upon depletion of Army Small Computer Program(ASCP) inventoryWeb Link: https://ascp.monmouth.army.mil/scp/contracts/compactview.jspBusiness IntelligenceBusiness ObjectsBusiness Objects - Provides software licenses and support forBusiness Objects, Crystal Reports, Crystal Enterprise and trainingand professional services. Volume discounts range from 5 to 20 percentfor purchases of software licenses under a single delivery order.Contractor: EC America, Inc. (SP4700-05-A-0003)Ordering Expires: 04 May 10Web Link: http://www.gsaweblink.com/esi-dod/boa/CHIPS October – December 2008 69
Page 2 and 3:
CHIPS October - December 2008Volume
Page 4 and 5:
Editor’s NotebookThis issue we fe
Page 6 and 7:
Talking with Rear Admiral Wendi B.
Page 8 and 9:
in less of a production role and mo
Page 10 and 11:
"The Navy has conducted irregular w
Page 12 and 13:
and Preventive Medicine; and Joint
Page 14 and 15:
We are also working on patient trac
Page 16 and 17:
Empowering the Information Systems
Page 18 and 19: "The good thing about the ENMS syst
Page 20 and 21: “We Will Never Forget”Pentagon
Page 22 and 23: SSC Atlantic Commissioned in Charle
Page 24 and 25: SSC Pacific’s Josh CaplanReceives
Page 26 and 27: Welcome to SSC Atlantic’s New Orl
Page 28 and 29: SSC Atlantic sites partner to provi
Page 30 and 31: Presenting SSC Pacific: A new name
Page 32 and 33: constraints associated with smaller
Page 34 and 35: End-to-End Systems Engineering LabS
Page 36 and 37: SSC Norfolk Workforce Excellence Co
Page 38 and 39: DON DIACAP TransitionTransitioning
Page 40 and 41: CAST requirements include the abili
Page 42 and 43: Success Stories from Naval Surface
Page 44 and 45: SWE Takes Action in Supportof Surfa
Page 46 and 47: of ownership of the process stalled
Page 48 and 49: Data as a ServiceThe new paradigm f
Page 50 and 51: encouraging the reuse of informatio
Page 52 and 53: Operationalizing Military Support t
Page 54 and 55: DoD ESI Celebrates its 10th Anniver
Page 56 and 57: and conditions pre-negotiated with
Page 58 and 59: Navy Ship-to-Shore via Wireless Con
Page 60 and 61: Navy Warfare Training SystemBy U.S.
Page 62 and 63: endeavor and worth the coordination
Page 64 and 65: Tackling one of the most critical a
Page 66 and 67: 5. Which of the following is the mo
Page 70 and 71: MercuryMercury Software - Provides
Page 72 and 73: Quest ProductsQuest Products - Prov
Page 74 and 75: Office SystemsAdobeAdobe Products -
show all

Download PDF - Department of Navy Chief Information Officer - U.S. ...

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?