home computing personal security
TRANSCRIPT
1
1
Home ComputingHome ComputingPersonal SecurityPersonal Security
Jaqui LynchMainline Information Systems
Email – [email protected]
Share Session 1715 Tuesday 8/15/06 9.30am
http://www.circle4.com/papers/s1715-aug06.pdf
2
AgendaAgenda
Computers– Computer protection– Personal protection– Privacy
NetworkingWirelessQuestions
2
3
ComputersComputers
Windows – Keep it patched
windowsupdate.microsoft.com
– Run Antivirus and keep it up to date– Get a software firewall– Move to Windows XP
ME has too many security holes
– Cleanse regularly– Turn off file sharing unless you know how to
secure it
4
RisksRisks
VirusesCookiesSecurity holesJavascriptScrap files (.shs ….)
3
5
CleansingCleansingCheck out the following:– http://www.webroot.com
SpysweeperWindow washer
– Create a hosts filehttp://www.mvps.org/winhelp2002/hosts.txtThis file redirects adware to 127.0.0.1
– Secure your Internet Explorer– Turn off javascript in your emails– Use a different email client to Outlook
Podcasts– Check out “Security Now” on iTunes
6
Sample hosts fileSample hosts fileThere is no place like 127.0.0.1This file lives in:Windows XP = C:\WINDOWS\SYSTEM32\DRIVERS\ETC Windows 2K = C:\WINNT\SYSTEM32\DRIVERS\ETC Win 98/ME = C:\WINDOWSThe file is called hosts127.0.0.1 localhost#start of lines added by WinHelp2002# [Misc A - Z]
127.0.0.1 phpadsnew.abac.com127.0.0.1 a.abnad.net127.0.0.1 b.abnad.net127.0.0.1 c.abnad.net #[IE-SpyAd] 127.0.0.1 d.abnad.net127.0.0.1 e.abnad.net127.0.0.1 www.accoona.cn
and so on
4
7
Other cool softwareOther cool softwarehttp://spywarewarrior.com/asw-test-guide.htm– Above is an independent review site on Anti-spyware
Spywareblaster– http://www.javacoolsoftware.com/spywareblaster.html
Spybot search and Destroy– http://www.safer-networking.org/en/index.html
Startup Inspector– http://www.windowsstartup.com/
Sunbelt’s Counterspy– http://www.sunbelt-software.com/CounterSpy-Download.cfm
GRC.com– UPNP http://www.grc.com/unpnp/unpnp.htm– DCOM http://www.grc.com/dcom/– MSMSG http://www.grc.com/stm/shootthemessenger.htm
8
Test yourselfTest yourself
www.grc.com– ShieldsUp
https://www.grc.com/x/ne.dll?bh0bkyd2– Leaktest
http://grc.com/lt/leaktest.htm
Scan yourself across the network– security.symantec.com– www.pandasoftware.com/products/ActiveScan.htm– housecall.trendmicro.com/– www3.ca.com/virusinfo/virusscan.aspx– www.kaspersky.com/virusscanner
5
9
EmailEmail
Treat it like a postcardOne to one communications Spam– Never reply as you confirm your address
Use inbox protection (hotmail) or filtering and/or blockingNever say anything that you wouldn’t say in publicRemember ISPs back this stuff up
10
Email AbuseEmail Abuse
SpamScamsFlamingHarrassment and stalkingSpoofingMail bombsVirusesChain lettersPornographyPhotosInline html and/or pdfs
6
11
Chat roomsChat roomsLet you talk to groups of people all around the worldThis generations version of the phonePublic, private or IRCSome have monitors, most do not – watch for computersMost dangerous area of the net– You don’t know who is there (actively or lurking)– You establish a relationship and trust over time– Pedophiles use them to find victims– People lie
They often progress to IM and email where you are now one on oneWatch out for rooms associated with sex, cults, ritualChoose a vendor neutral screen nameTurn on loggingWeb chat is still chat (yahoo & AOL teen chat)Watch out for http://myplace.com
12
Instant MessagingInstant Messaging
Unique identifier associated with profileReal time – more IM than emailBlend of email and chatICQ was the forefather to IMRuns in background and notifies you when there is a messageBuddy list – a notify list of friends
7
13
The Dark Side of IMThe Dark Side of IM
Protect your buddy list - set it so you have to approve the addition of anyone to itPeople can add you to their buddy list and then keep track of when you are onlineSet your options so others can’t add you to their buddy listPredators love buddy lists They also love being able to search profiles and membership directories
14
Profiles & DirectoriesProfiles & DirectoriesAt yahoo you can search the directory by:– Keyword– Gender– Age– Interests
Requesting profiles with picturesAsking whether they are online nowRegularly use Google and Yahoo to search on yourselfNever fill these out truthfullyPredators use these to determine victims
8
15
Personal FirewallsPersonal FirewallsDo a search on the web for “personal firewall”Critical if you are using DSL or Cable Networking but it does happen to people dialed inBlackice Defender– www.networkice.com
Zone Alarm– www.zonelabs.com
Norton Personal Security– www.symantec.com & security2.symantec.com– Scan yourself with their security scanner on the web
McAfee Personal Firewall– www.mcafee.com
16
PrivacyPrivacyIt is illegal to intentionally transmit name, address, phone, SSnoor email info of a child under 16 to entice, encourage or solicit illegal sexual activityKnow how information is being shared– Registration information for products such as MS Word– Opt out versus opt in– Win ME – control panel – automatic updates– Realplayer– Winamp– Media Player– Napster– 3D Frog Frenzy and many more
Have a yahoo or other email address just for registrations, etc
9
17
Tips to staying safeTips to staying safeKeep your identity private– Never give out name, address, phone ….– Don’t mention your city or school & never provide photos– Lie in your online profile– Use a gender neutral screen name– Don’t reveal anything about your friends either
Never get together with someone you meet online– Online dating – meet in a public place and take a friend
Never respond to email, chat, messages that are hostile, inappropriate or make you feel uncomfortableNever give out your password and don’t let others post from your account/computer EVER
18
Tips to staying safeTips to staying safeDon’t list yourself in the members directory at your ISP or yahoo, ICQ, IM ….Keep an eye on your IM buddy list – secure itEmail yourself and check the headers – what did you give awayBe careful what you put in the registration files for things like Office – they get embedded in any documentsIf email needs to be confidential use PGP and encrypt it
10
19
Common SenseCommon SenseHave on credit card that you use online Check that card statement regularly NEVER put your credit card into a site that uses ip numbers in the URLLook for the lock and httpsNo-one legitimate will ask you for your username and pin by phone or emailTeach your kids and others never to download things– I.e. don’t accept gifts from strangers
20
Online ShoppingOnline Shopping
Be as careful as you would be in a storeMake sure it is https, not httpPrint a copy of the online order Use only one card for all online purchasesCheck out new companies with the Better Business BureauIf an offer looks too good to be true then guess what
11
21
Parents ExtrasParents ExtrasYou should be the only one with the dial in passwordMake sure they don’t turn on Parental Controls or filteringUnderstand the servicesMonitor your kids activities – no computers outside of public placesLimit computer timeSign a family internet usage agreementHuman friends are better than computers and healthierDon’t post pictures of your kids anywhere on the web – They will turn up in kiddy porn later– If you must post them do it in groups with no names or addresses– Make sure the school isn’t putting up photos of your child with
identifying information– Watch out for those “build an autobiographical website” projects at
school
22
NetworkingNetworking
Users Router Cable/DSLor HUB Modem
Internet
12
23
Wired RoutersWired Routers
Buy one with enough ports and a firewallTry to keep all network equipment the same brandUsing Linksys as an example– Set time and IP address ranges correctly– Set password for admin to something other
than admin– Turn off remote administration
24
FirewallFirewall
13
25
Password Password
1. Set the password2. Also set loggingto be enabled3. Turn off remoteAdministration4. Disable snmp5. Disable UPNP
26
Check your DHCP clientsCheck your DHCP clients
14
27
DHCP ClientsDHCP Clients
28
WirelessWireless
Same basics as wired plus:Change default SSID to something meaninglessCloak it (do not broadcast SSID)Turn off remote AdministrationTurn on WEP 128 and use a good passphraseTurn on and use MAC filtering
15
29
Setting the SSIDSetting the SSID
30
WEP and WEP and PassphrasePassphrase
16
31
MAC FilteringMAC Filtering
32
MAC FilterMAC Filter
17
33
FirewallFirewall
34
SummarySummaryTeach yourself and your kids to be safeRemember that the Cyberworld poses the same risks as the real world – never do something on the net that you wouldn’t do normallyCommon sense is worth more than banning useIf you get stuck – ask a 12 year old for helpOther information is at:– http://www.haltabuse.org/– http://www.wiredsafety.org
Check out the Naperville Police booklet at:– http://www.naperville.il.us/emplibrary/pdskworkbook.pdf
Have a family agreement about internet use– www.wiredkids.org/documents/safesurf_agreement.html