computer security what to know and what to do presented to cugg 10-9-2005 jamie leben it-works...
Post on 01-Apr-2015
216 Views
Preview:
TRANSCRIPT
Computer SecurityComputer SecurityWhat to Know and What to DoWhat to Know and What to Do
Presented to CUGG 10-9-2005Presented to CUGG 10-9-2005Jamie Leben IT-Works Computer ServicesJamie Leben IT-Works Computer Services
www.i-t-w.com 970-405-4399 970-405-4399Copyright 2005Copyright 2005
A text version of this presentation A text version of this presentation has been mailed to the grouphas been mailed to the group
Please hold questions to the endPlease hold questions to the end
What to Know?What to Know?
What to KnowWhat to Know
Consumers Union, the organization that Consumers Union, the organization that publishes Consumer Reports, estimates publishes Consumer Reports, estimates there's a 1-in-3 chance this year that there's a 1-in-3 chance this year that computer users at home will have their computer users at home will have their identity stolen or their computer damaged identity stolen or their computer damaged from the proliferation of malicious from the proliferation of malicious programsprograms
What to KnowWhat to Know
ResourcesResources en.wikipedia.org - online encyclopedia, use to en.wikipedia.org - online encyclopedia, use to
research unfamiliar computer termsresearch unfamiliar computer terms www.staysafeonline.org - National Cyber Security www.staysafeonline.org - National Cyber Security
Alliance Home PageAlliance Home Page free.grisoft.com - free AVG antivirusfree.grisoft.com - free AVG antivirus http://shortify.com/1351 - free zone alarm firewallhttp://shortify.com/1351 - free zone alarm firewall http://shortify.com/1350 - free microsoft antispywarehttp://shortify.com/1350 - free microsoft antispyware http://www.safer-networking.org/en/index.html - free http://www.safer-networking.org/en/index.html - free
spybot search and destroy antispywarespybot search and destroy antispyware http://shortify.com/1352 - free Ad-Aware antispywarehttp://shortify.com/1352 - free Ad-Aware antispyware http://www.mozilla.org/products/firefox - Free Firefox http://www.mozilla.org/products/firefox - Free Firefox
web browserweb browser windowsupdate.microsoft.com - free updates for windowsupdate.microsoft.com - free updates for
windowswindows
What to KnowWhat to Know
TerminologyTerminology ActiveX Controls (malicious): ActiveX is a Microsoft ActiveX Controls (malicious): ActiveX is a Microsoft
platform for software componentry. It is used to platform for software componentry. It is used to enable cross-application communication and dynamic enable cross-application communication and dynamic object creation in any programming language that object creation in any programming language that supports the technology. The embedding of COM into supports the technology. The embedding of COM into the Internet Explorer web browser (under the name of the Internet Explorer web browser (under the name of ActiveX) created a combination of problems that has ActiveX) created a combination of problems that has led to an explosion of computer virus, trojan and led to an explosion of computer virus, trojan and spyware infections. These malware attacks mostly spyware infections. These malware attacks mostly depend on ActiveX for their activation and depend on ActiveX for their activation and propagation to other computers.propagation to other computers.
What to KnowWhat to Know
TerminologyTerminology Botnet: Botnet is a jargon term for a collection of Botnet: Botnet is a jargon term for a collection of
software robots, or bots, which run autonomously. A software robots, or bots, which run autonomously. A botnet's originator can control the group remotely, botnet's originator can control the group remotely, usually through a means such as IRC, and usually for usually through a means such as IRC, and usually for nefarious purposes. A botnet can comprise a nefarious purposes. A botnet can comprise a collection of cracked machines running programs collection of cracked machines running programs (usually referred to as worms, Trojan horses, or (usually referred to as worms, Trojan horses, or backdoors) under a common command and control backdoors) under a common command and control infrastructure. Botnets serve various purposes, infrastructure. Botnets serve various purposes, including Denial-of-service attacks, creation or misuse including Denial-of-service attacks, creation or misuse of SMTP mail relays for spam, click fraud, and the of SMTP mail relays for spam, click fraud, and the theft of application serial numbers, login IDs, and theft of application serial numbers, login IDs, and financial information such as credit card numbers.financial information such as credit card numbers.
What to KnowWhat to Know
TerminologyTerminology Firewall: In computing, a firewall is a piece of Firewall: In computing, a firewall is a piece of
hardware and/or software which functions in a hardware and/or software which functions in a networked environment to prevent some networked environment to prevent some communications forbidden by the security communications forbidden by the security policy, analogous to the function of firewalls in policy, analogous to the function of firewalls in building construction.building construction.
What to KnowWhat to Know
TerminologyTerminology Malware: Malware (a portmanteau of Malware: Malware (a portmanteau of
"malicious software") is software program "malicious software") is software program designed to fulfill any purpose contrary to the designed to fulfill any purpose contrary to the interests of the person running it. Examples of interests of the person running it. Examples of malware include viruses and trojan horses.malware include viruses and trojan horses.
What to KnowWhat to Know
TerminologyTerminology Peer to Peer (P2P): A peer-to-peer (or P2P) computer Peer to Peer (P2P): A peer-to-peer (or P2P) computer
network is a network that relies on the computing network is a network that relies on the computing power and bandwidth of the participants in the power and bandwidth of the participants in the network rather than concentrating it in a relatively few network rather than concentrating it in a relatively few servers. P2P networks are typically used for servers. P2P networks are typically used for connecting nodes via largely ad hoc connections. connecting nodes via largely ad hoc connections. Such networks are useful for many purposes. Sharing Such networks are useful for many purposes. Sharing content files (see file sharing) containing audio, video, content files (see file sharing) containing audio, video, data or anything in digital format is very common, and data or anything in digital format is very common, and realtime data, such as telephony traffic, is also realtime data, such as telephony traffic, is also passed using P2P technology.passed using P2P technology.
What to KnowWhat to Know
TerminologyTerminology Pharming: Pharming is the exploitation of a Pharming: Pharming is the exploitation of a
vulnerability in the DNS server software that vulnerability in the DNS server software that allows a cracker to acquire the Domain Name allows a cracker to acquire the Domain Name for a site, and to redirect that website's traffic for a site, and to redirect that website's traffic to another web site. DNS servers are the to another web site. DNS servers are the machines responsible for resolving internet machines responsible for resolving internet names into their real addresses — the names into their real addresses — the "signposts" of the internet."signposts" of the internet.
What to KnowWhat to Know
TerminologyTerminology Spyware: Spyware is a broad category of Spyware: Spyware is a broad category of
malicious software intended to intercept or malicious software intended to intercept or take partial control of a computer's operation take partial control of a computer's operation without the user's informed consent.without the user's informed consent.
What to KnowWhat to Know
TerminologyTerminology SSL security certificate: SSL provides SSL security certificate: SSL provides
endpoint authentication and communications endpoint authentication and communications privacy over the Internet using cryptography. privacy over the Internet using cryptography. In typical use, only the server is authenticated In typical use, only the server is authenticated (i.e. its identity is ensured) while the client (i.e. its identity is ensured) while the client remains unauthenticated.remains unauthenticated.
What to KnowWhat to Know
TerminologyTerminology Phishing: In computing, phishing (also known Phishing: In computing, phishing (also known
as carding and spoofing) is a form of social as carding and spoofing) is a form of social engineering, characterised by attempts to engineering, characterised by attempts to fraudulently acquire sensitive information, fraudulently acquire sensitive information, such as passwords and credit card details, by such as passwords and credit card details, by masquerading as a trustworthy person or masquerading as a trustworthy person or business in an apparently official electronic business in an apparently official electronic communication, such as an email or an communication, such as an email or an instant message. The term phishing arises instant message. The term phishing arises from the use of increasingly sophisticated from the use of increasingly sophisticated lures to "fish" for users' financial information lures to "fish" for users' financial information and passwords.and passwords.
What to KnowWhat to Know
TerminologyTerminology Trojan: A trojan horse program has a useful and Trojan: A trojan horse program has a useful and
desired function, or at least it has the appearance of desired function, or at least it has the appearance of having such. Secretly the program performs other, having such. Secretly the program performs other, undesired functions. The useful, or seemingly useful, undesired functions. The useful, or seemingly useful, functions serve as camouflage for these undesired functions serve as camouflage for these undesired functions. The kind of undesired functions are not part functions. The kind of undesired functions are not part of the definition of a Trojan Horse; they can be of any of the definition of a Trojan Horse; they can be of any kind. They relied on fooling people to allow the kind. They relied on fooling people to allow the program to perform actions that they would otherwise program to perform actions that they would otherwise not have voluntarily performed. Trojans of recent not have voluntarily performed. Trojans of recent times also contain functions and strategies that times also contain functions and strategies that enable their spreading. This moves them closer to the enable their spreading. This moves them closer to the definition of computer viruses, and it becomes difficult definition of computer viruses, and it becomes difficult to clearly distinguish such mixed programs between to clearly distinguish such mixed programs between Trojan horses and viruses.Trojan horses and viruses.
What to KnowWhat to Know
TerminologyTerminology Virus: In computer security technology, a virus Virus: In computer security technology, a virus
is a self-replicating program that spreads by is a self-replicating program that spreads by inserting copies of itself into other executable inserting copies of itself into other executable code or documents.code or documents.
What to KnowWhat to Know
TerminologyTerminology Worm: A computer worm is a self-replicating Worm: A computer worm is a self-replicating
computer program, similar to a computer computer program, similar to a computer virus. a worm is self-contained and does not virus. a worm is self-contained and does not need to be part of another program to need to be part of another program to propagate itself.propagate itself.
What to Do?????What to Do?????
What to Do?What to Do?
Don't let the grandkids use the computer :)Don't let the grandkids use the computer :) They are great for installing malicious ActiveX They are great for installing malicious ActiveX
and javascriptand javascript Many use P2P software- a haven for infected Many use P2P software- a haven for infected
filesfiles Will readily click the button labeled Will readily click the button labeled
“ “Click here to install junk on this machine”Click here to install junk on this machine”
What to Do?What to Do?
Antivirus software installed and up to dateAntivirus software installed and up to date free.grisoft.com - free AVG antivirusfree.grisoft.com - free AVG antivirus
What to Do?What to Do?
Antispyware software installed and up to Antispyware software installed and up to datedate http://shortify.com/1350 - free microsoft http://shortify.com/1350 - free microsoft
antispywareantispyware http://www.safer-networking.org/en/index.html http://www.safer-networking.org/en/index.html
- free spybot search and destroy antispyware- free spybot search and destroy antispyware http://shortify.com/1352 - free Ad-Aware http://shortify.com/1352 - free Ad-Aware
antispywareantispyware
What to Do?What to Do?
Have an active FirewallHave an active Firewall External router is a good idea w/ high speedExternal router is a good idea w/ high speed Windows XP SP1 or greater includes a good Windows XP SP1 or greater includes a good
firewallfirewall http://shortify.com/1351 - free zone alarm http://shortify.com/1351 - free zone alarm
firewallfirewall
What to Do?What to Do?
Update operating systemUpdate operating system windowsupdate.microsoft.com - free updates windowsupdate.microsoft.com - free updates
for windowsfor windows
What to Do?What to Do?
Use alternative browser- Firefox, Mozilla, Use alternative browser- Firefox, Mozilla, Netscape, OperaNetscape, Opera http://www.mozilla.org/products/firefox - Free http://www.mozilla.org/products/firefox - Free
Firefox web browserFirefox web browser
What to Do?What to Do?
Don't trust emails claiming to be from Don't trust emails claiming to be from banks, ebay, paypalbanks, ebay, paypal Who can remember the term for these?Who can remember the term for these?
What to Do?What to Do?
Be extremely cautious of websites that Be extremely cautious of websites that produce (SSL) security certificate produce (SSL) security certificate warningswarnings May mean the website itself has been May mean the website itself has been
hijackedhijacked Who recalls the term for this?Who recalls the term for this?
What to Do?What to Do?
Don't click pop up windows. PeriodDon't click pop up windows. Period Can link to trojansCan link to trojans
What to Do?What to Do?
Don't install ActiveX without verificationDon't install ActiveX without verification Beware “unsigned ActiveX control” messagesBeware “unsigned ActiveX control” messages
What to Do?What to Do?
Don't open email attachments without Don't open email attachments without verifying with the sender first.verifying with the sender first.
What to Do?What to Do?
Be wary of content on Peer to peer file Be wary of content on Peer to peer file sharing networks (don't share copyrighted sharing networks (don't share copyrighted material)material)
What to Do?What to Do?
Switch to Linux or Mac OSSwitch to Linux or Mac OS
Questions?Questions?
The EndThe End
top related