IT Security Presentation: “Safe Surfing” by Tim Torres.
[Presentation Notes]
Three Types of Activities to Improve IT Security at Home:
1. Using What You Have
2. Obtaining Specialized Programs and Tools
3. Locking Down Your Environment
1. Using what you have
A. Working with Passwords:
• Currently, passwords are the most common method of authentication
• They are also the easiest to obtain and use falsely
• What is the easiest way to break into a password protected account?
• Brute force
• Try every possible combination of characters
• Takes a long time
• Dictionary method
• Try dictionary words (includes common words, common misspellings, foreign dictionaries, words from films or books, and l33t sp34k)
• Try date formats
• Sniffing
• Keystroke Recording
The SUPR test: Is the password as strong (meaning length and content) as the rules allow?
· The Strong Test: Is the password Complex? Numbers, letters, special Characters?
· The Unique test: Is the password unique and unrelated to any of your other passwords?
· The Practical test: Can you remember it without having to write it down?
· The Recent test: Have you changed it recently?
· In spite of the SUPR tests, you need to be aware that sniffing happens, and even the best of passwords can be captured and used by an intruder.
Ten Most Commonly Used Passwords Online:
password
123456
qwerty
abc123
letmein
monkey
myspace1
password1
blink182
your first name
Recap
• Do not write your passwords down
• Do not give your passwords to anyone
• Do not use the same password for multiple accounts
B. Spam
Statistics:
Computer security firm Symantec estimates that between 65 and 70 per cent of email traffic is spam. While spam itself doesn’t necessarily carry a computer virus, there is a connection, because many email virus programs involve a “mass-email” element.
When the “Sober” [Read about the "Sober" trojan] trojan, for instance, infects a computer it sends spam email to email addresses in the infected user’s email address book.
Where does most “spam”, or “junk” email come from?
Symantec estimates that 90 per cent of spam comes from offshore sources. This factor makes it impossible for local law enforcement agencies to do anything about it. It is cheap for spammers to send thousands of emails. If only a handful of people click on them and are fooled by a fraudulent offer, it’s worth the cost.
How to Protect against Spam and Spim:
1. Filter SPAM & SPIM
2. Minimize Annoyance
3. Reduce Exposure to Risk
Six Steps:
1. Install High Quality Anti-Spam Program from trusted vendor, that scans email and attachments for viruses.
2. Don’t Respond to SPAM email or IM links. By clicking link, you are encouraging the sender to send more SPAM.
3. Don’t send vital personal or financial information via email or Instant Messenger. Email is generally unencrypted, and is vulnerable to hackers on the internet who can easily intercept the information.
4. Don’t open up email by anyone you don’t know, even when email claims to be from a reputable source. Check first before opening attachments. Always verify!
5. Watch out for internet and email “Con-Games,” asking for personal information. [If an offer is too good to be true, it probably is!] (**use example.)
6. Use a different email for work and home.
· Always remember to use good judgment, and if you don’t know who it’s from, or what it is, just hit “delete”.
(Top 12 Spam Filters list)
C. Backing up Data:
A back-up is a copy of the data and certain programs on your computer. Creating a copy or back-up of data is a sensible and easy way to ensure that, in the event of a fire, computer theft or virus infection you can recover all of your business information from your computer or website quickly and easily.
What you can do:
· Develop a disaster recovery plan by first assessing your level of risk
· Ensure back-up procedures are in place and tested and remember to test the actual data and restoring of data process
· Ensure that you keep the back-up copies in a safe, fire-proof location away from your computer systems – usually these conditions can be met simply by storing the back-up in another place away from your business premises
· Ensure back-up procedures include systems such as finance and payroll
· All third party software should be copied prior to its initial use (software licensing allows for the making of copies for legitimate back-up purposes). These master copies should not be used for ordinary business activities but should be reserved for recovery purposes. They should be stored in a secure off-site location.
D. Apply Patches – Keep System updated.
Windows Security Updates
· When necessary, Microsoft provides a new security update on the second Tuesday of each month and publishes a bulletin to announce the update. Occasionally, updates are released more often. The links below go to the latest bulletins. Each bulletin includes links to the security updates.
If you are using Windows Vista or XP, you can manage your updates through the control panel.
To manually download available updates, go to Microsoft update or in Windows Vista go to your control panel. After your computer has been scanned to see which updates it needs, click the Custom button to find and choose the update you want to install. We recommend you install all High-Priority Security and Critical updates immediately.
We recommend that you get the updates delivered automatically to your PC. When your computer is on and connected to the Internet, the most current security updates are automatically downloaded and installed. To learn how to turn on automatic updating for your particular operating system, see Update your computer automatically..
2. Obtaining Specialized Programs
A. Anti-Virus:
Facts about Computer Viruses
A computer virus is code — a program — that can be recognized and run by your computer, causing the code to reproduce. Just like a virus in a human, the computer virus may be innocuous, bothersome or deadly. Yet in all cases, the virus occupies precious computer memory space. Just cycling through the program, no matter how ineffective it may be, could impair the functions of your legitimate applications.
Dispelling Virus Myths
Hysteria and ignorance have combined to create a vibrant industry of myth, legend and hoaxes. But, if you know the facts, you will be in a better position to respond effectively.
1. Myth: Viruses can be transmitted via a data file, e-mail or Web page.
Fact: Data files cannot carry viruses because such files carry data, not programs. Only an executable program file can carry a virus. But there is a catch. What you believe to be just a data file may include some legitimate executable code, and this code could be infected.
For example, a Microsoft Word document contains only word processing data, so it could not be infected. But a Word template file contains a small program known as a “macro,” that could be infected. Similarly, a simple e-mail message is just data, but an email message that includes a Word template file could carry a virus in that file.
2. Myth: Backups are useless if you back up the virus along with the data.
Fact: You can restore important data without restoring the infected program. You will have to remove the infected files, and you probably will have to reinstall computer applications from your original software source. This can be time consuming and tedious, but it is possible.
3. Myth: Shareware, public bulletin boards and the Internet are the source of most viruses.
Fact: This usually is not the case. New shrink-wrapped software applications are a major source of viruses. Often, new applications instruct users to turn off virus protection software before installing. Follow those instructions, but also check the software for virus infection after installing. Remember, mere connection to a bulletin board or the Internet cannot transmit a virus. You transmit a file to your computer only by choosing to.
B. Install and Use a Firewall
What is a Firewall?
Firewalls provide protection against outside attackers by shielding your computer or network from malicious or unnecessary Internet traffic. Firewalls can be configured to block data from certain locations while allowing the relevant and necessary data through
What type of firewall is best?
Firewalls are offered in two forms: hardware (external) and software (internal). While both have their advantages and disadvantages, the decision to use a firewall is far more important than deciding which type you use.
· Hardware – Typically called network firewalls, these external devices are positioned between your computer or network and your cable or DSL modem. Many vendors and some Internet Service Providers (ISPs) offer devices called “routers” that also include firewall features. Hardware-based firewalls are particularly useful for protecting multiple computers but also offer a high degree of protection for a single computer. If you only have one computer behind the firewall, or if you are certain that all of the other computers on the network are up to date on patches are free from viruses, worms, or other malicious code, you may not need the extra protection of a software firewall. Hardware-based firewalls have the advantage of being separate devices running their own operating systems, so they provide an additional line of defense against attacks. Their major drawback is cost, but many products are available for less than $100 (and there are even some for less than $50).
· Software – Some operating systems include a built-in firewall; if yours does, consider enabling it to add another layer of protection even if you have an external firewall. If you don’t have a built-in firewall, you can obtain a software firewall for relatively little or no cost from your local computer store, software vendors, or ISP. Because of the risks associated with downloading software from the Internet onto an unprotected computer, it is best to install the firewall from a CD, DVD, or floppy disk. Although relying on a software firewall alone does provide some protection, realize that having the firewall on the same computer as the information you’re trying to protect may hinder the firewall’s ability to catch malicious traffic before it enters your system.
Personal Firewall Choices
· Microsoft Windows Firewall — The Vista and XP Service Pack 2 operating systems have personal firewalls built in that are turned on by default to block threats from the Internet. You should leave this feature turned on until you replace it with third-party software and/or hardware.
· Two-Way Third-Party Personal Firewall Software — These firewalls block both incoming and outgoing threats. A computer has outgoing threats when it becomes infected with a virus, trojan horse or spyware. A challenge for this type of firewall is to distinguish between threats and legitimate software. Two common ways to address this are by vendors including a list of safe software for the firewall to check and/or by issuing a pop up alert to the user asking for advice on what to do. For links to vendors and reviews of over fifty products, see our Personal Firewall Reviews page.
Recommended products with links to vendors:
· Sunbelt/Kerio Personal Firewall [freeware & retail versions]
· ZoneAlarm Pro from CheckPoint [retail & free versions]
· Comodo Personal Firewall [freeware]
· Internet Security Software Suites — These products include two or more security features such as a personal firewall, anti-virus, anti-spyware and more. For links to vendors and reviews of over 20 products, see our Internet Security & Utility Suites page. Recommended retail products with links to vendors:
· Norton Internet Security 2008 or Norton 360 from Symantec include personal firewall and protection from viruses, worms, spyware, intrusion, phishing and root kits. Also includes behavioral monitoring features. The free online add-on pack includes anti-spam, parental control, confidential information blocking, and ad blocking. “Norton 360″ adds automatic backup and restore with 2 GB of online storage, PC tune up and embedded support components; PC Magazine Editor’s Choice 3-7-07.
· ZoneAlarm Internet Security Suite from CheckPoint features include network, program and operating systems firewalls, antivirus, identity theft protection, anti-spyware, spy site blocking, auto-learn, privacy protection, IM protection, game mode, essential email security, wireless PC protection, parental control, and smart defense service.
· Kaspersky Internet Security 7.0 — Intrusion protection, anti-virus, personal firewall, anti-spyware, anti-spam, and blocks auto dialers, ads and pop-ups.
B. Spyware
What is spyware?
Spyware is a general term used to describe software that performs certain behaviors such as advertising, collecting personal information, or changing the configuration of your computer, generally without appropriately obtaining your consent first.
Spyware is often associated with software that displays advertisements (called adware) or software that tracks personal or sensitive information.
These programs can change your Web browser’s home page or search page, or add additional components to your browser you don’t need or want. These programs also make it very difficult for you to change your settings back to the way you originally had them.
Signs of spyware: Are you being watched?
If your computer starts to behave strangely or displays any of the symptoms listed below, you may have spyware or other unwanted software installed on your computer.
· I see pop-up advertisements all the time. Some unwanted software will bombard you with pop-up ads that aren’t related to a particular Web site you’re visiting. These ads are often for adult or other Web sites you may find objectionable. If you see pop-up ads as soon as you turn on your computer or when you’re not even browsing the Web, you may have spyware or other unwanted software on your computer.
· My settings have changed and I can’t change them back to the way they were. Some unwanted software has the ability to change your home page or search page settings. This means that the page that opens first when you start your Internet browser or the page that appears when you select “search” may be pages that you do not recognize. Even if you know how to adjust these settings, you may find that they revert back every time you restart your computer.
· My Web browser contains additional components that I don’t remember downloading. Spyware and other unwanted software can add additional toolbars to your Web browser that you don’t want or need. Even if you know how to remove these toolbars, they may return each time you restart your computer.
· My computer seems sluggish. Spyware and other unwanted software are not necessarily designed to be efficient. The resources these programs use to track your activities and deliver advertisements can slow down your computer and errors in the software can make your computer crash.
If you notice a sudden increase in the number of times a certain program crashes, or if your computer is slower than normal at performing routine tasks, you may have spyware or other unwanted software on your machine.
How to help prevent spyware
1. Use Anti-Virus and frequently run Anti-Spyware Software
Norton Internet Security 2008 ($69.99)
Key Technologies
* Antispyware
* Antivirus
* Antispam and Parental Controls **
* Two-Way Firewall
* Advanced Phishing Protection
* Intrusion Prevention
* Rootkit Detection
Free-Ware:
*Ad-Aware / Lavasoft Anti-Spyware
*Spybot Anti-Spyware
*ewido Anti-Spyware
2. Adjust Internet Explorer security settings
You can adjust your Internet Explorer Web browser’s security settings to determine how much—or how little—information you are willing to accept from a Web site. Microsoft recommends that you set the security settings for the Internet zone to Medium or higher.
To view your current Internet Explorer security settings:
1. In Internet Explorer, click Tools and then click Internet Options.
2. Select the Security tab.
If you’re running Windows XP Service Pack 2 (SP2) and you use Internet Explorer to browse the Web, your browser security settings for the Internet zone are already set to Medium by default. Internet Explorer in Windows XP SP2 also includes a number of features to help protect against spyware and many other kinds of deceptive or unwanted software.
Windows Defender protects your computer from spyware and other unwanted software. Windows Defender comes with Windows Vista and you can download it for no charge for Windows XP SP2.
3. Surf and download more safely
The best defense against spyware and other unwanted software is not to download it in the first place. Here are a few helpful tips that can protect you from downloading software you don’t want:
· Only download programs from Web sites you trust. If you’re not sure whether to trust a program you are considering downloading, ask a knowledgeable friend or enter the name of the program into your favorite search engine to see if anyone else has reported that it contains spyware.
· Read all security warnings, license agreements, and privacy statements associated with any software you download.
· Never click “agree” or “OK” to close a window. Instead, click the red “x” in the corner of the window or press the Alt + F4 buttons on your keyboard to close a window.
Removable Media Protection
Take 4 Steps to secure your thumb drive data
1. Guard it carefully
· Many people are careless with thumb drives. People often leave them lying around or attach the drives to key chains. How often have you lost your keys?
· Better are ones that you can attach to a cord and wear around your neck. This won’t appeal to the fashion-conscious, but it helps prevent loss or theft.
· Some thumb drives have cords that connect to the drive’s protective removable cap. Forgo these. You want one with a cord that connects to the body of the drive.
2. Watch out for viruses
· Be careful when you connect your thumb drive to shared computers. Just like floppy disks, thumb drives can easily transfer viruses.
· Make sure you’re only transferring data. Any computer you connect the drive to should have anti-virus software running. Of course, the virus definitions must be current. The anti-virus software should scan the drive as soon as it is connected.
· If the drive isn’t from a trusted source, don’t connect it to your computer.
3. Encrypt your data
· If your thumb drive falls into the wrong hands, your data is fair game. So it is important to protect your files.
· Encryption will “scramble” your data. It can only be unscrambled with the correct password. Encryption that is 128-bit is very secure.
· Many drives come bundled with encryption features. Double-check that the encryption software is not a trial version. Otherwise, you will need to pay to use it once the trial expires.
· Once you set up the encryption software, get in the habit of using it. And don’t forget to create a strong password. A combination of at least eight numbers and upper- and lower-case letters is most effective. Don’t use an easily recognizable word, but make sure you can remember it — without writing it down.
· If your thumb drive doesn’t have encryption software, you can buy additional software.
· File Encryption XP (www.cp-lab.com, $30)
· Folder Crypto Password (www.folder-password-protect.com, $20)
· Folder Lock (www.newsoftwares.net, $35) can encrypt your thumb drive files.
· TrueCrypt is a free open source which allows you to encrypt your disk. This is really useful for securing your USB thumb drive as you wouldn’t want your documents and data exposed to third party when it got stolen or lost. Main features are:
· Additionally, some manufacturers make drives with biometric fingerprint readers. A built-in scanner reads your fingerprint before granting access to the drive. This provides excellent security. Expect to pay a premium for this feature.
· Drives with biometric scanners require that software be installed on the computer. This limits where you can access your thumb drive. You might find yourself in a situation where you can’t access your data.
4. Back up your data
· Losing your thumb drive is painful, even when the contents are protected. So, back up your data!
· You should always keep multiple copies of important data. This is particularly true when the storage medium is susceptible to loss or damage. Most thumb drives are made of plastic, which isn’t always durable.
3. Locking down your environment
1. Wireless Networks
Step 1: Change the Router’s Default Administrator Password
Out of the box, most routers contain a default user ID and password. Because this password is well known (i.e., printed in documentation included with the router), you must change the default password. You can easily make this change by running the router’s installation and setup wizard.
Step 2: Change the Default SSID and Disable SSID Broadcast
All routers are shipped with a Service Set Identifier (SSID) that’s set by the manufacturer. An SSID is a sequence of as many as 32 letters or numbers that comprise a wireless LAN’s (WLAN’s) ID or name. For example, the Linksys router’s default SSID name is Linksys. Default SSIDs are well known and published.
Step 3: Change the IP Address Setting
Router manufacturers set every router with an IP address. Linksys routers, for example, come configured with an IP address of 192.168.1.1. These address settings are well known and published, and thus malicious users can easily discover your IP address if they know the router manufacturer and type. Therefore, you should change the IP address as a part of the setup process. Continuing with the Linksys example, you can change the default 192.168.1.1 IP address to 192.168.10.1. Although changing the IP address doesn’t secure the router, it does leave the eavesdropper guessing for the IP address.
DHCP is also enabled by default on every router. DHCP provides IP address information to client machines. By default, the DHCP server hands out IP addresses in the 2-to-254 range. Therefore, 253 client machines can get an IP address from the router. You probably don’t have that many systems at home, so it’s best to reduce the DHCP range to the number of machines that you expect to have in your network. As a rule of thumb, I set the router to hand out addresses for the number of machines in my network, plus an additional two for visiting friends and family.
Step 4: Set Up Your Router to Use Encryption
A router’s default settings don’t include encryption. Because encryption provides security to your wireless communication, you must enable it. However, before setting up encryption, you must understand a few facts about wireless encryption and the security that different types of encryption standards—specifically, Wired Equivalent Privacy (WEP) and WiFi Protected Access (WPA)—provide.
Step 5: Use the MAC Address Filter
Every NIC has a unique MAC address. You can configure most wireless routers to filter based on these addresses. To display XP’s IP configuration, which includes the MAC address (as Figure 2 shows), simply type “C:\>ipconfig /all” at a command prompt. After you know the MAC (Physical) address, you can log on to the router (at http://router’s IP address) and add the MAC address to the filter. Figure 3 shows how to add the MAC address to a Linksys router. However, you will have to add and save the MAC address to your router only once and subsequent visits will be seamless.
Just like Locking Your Home
Just as you secure your home by locking your doors and windows, you must take the precaution of securing your wireless network by locking it down. By changing your router’s default administrator password, changing the default SSID and disabling SSID broadcast, changing your IP address settings, setting up your router to use encryption, and using the MAC address filter, you can easily secure your home wireless network, as my friend did. Although these steps won’t prevent a dedicated intruder whose intent on hacking your network, they’ll keep most malicious users and eavesdroppers away.
Recent Comments