1

1

Home ComputingHome ComputingPersonal SecurityPersonal Security

Jaqui LynchMainline Information Systems

Email – jaqui.lynch@mainline.com

Share Session 1715 Tuesday 8/15/06 9.30am

http://www.circle4.com/papers/s1715-aug06.pdf

2

AgendaAgenda

Computers– Computer protection– Personal protection– Privacy

NetworkingWirelessQuestions

2

3

ComputersComputers

Windows – Keep it patched

windowsupdate.microsoft.com

– Run Antivirus and keep it up to date– Get a software firewall– Move to Windows XP

ME has too many security holes

– Cleanse regularly– Turn off file sharing unless you know how to

secure it

4

RisksRisks

VirusesCookiesSecurity holesJavascriptScrap files (.shs ….)

3

5

CleansingCleansingCheck out the following:– http://www.webroot.com

SpysweeperWindow washer

– Create a hosts filehttp://www.mvps.org/winhelp2002/hosts.txtThis file redirects adware to 127.0.0.1

– Secure your Internet Explorer– Turn off javascript in your emails– Use a different email client to Outlook

Podcasts– Check out “Security Now” on iTunes

6

Sample hosts fileSample hosts fileThere is no place like 127.0.0.1This file lives in:Windows XP = C:\WINDOWS\SYSTEM32\DRIVERS\ETC Windows 2K = C:\WINNT\SYSTEM32\DRIVERS\ETC Win 98/ME = C:\WINDOWSThe file is called hosts127.0.0.1 localhost#start of lines added by WinHelp2002# [Misc A - Z]

127.0.0.1 phpadsnew.abac.com127.0.0.1 a.abnad.net127.0.0.1 b.abnad.net127.0.0.1 c.abnad.net #[IE-SpyAd] 127.0.0.1 d.abnad.net127.0.0.1 e.abnad.net127.0.0.1 www.accoona.cn

and so on

4

7

Other cool softwareOther cool softwarehttp://spywarewarrior.com/asw-test-guide.htm– Above is an independent review site on Anti-spyware

Spywareblaster– http://www.javacoolsoftware.com/spywareblaster.html

Spybot search and Destroy– http://www.safer-networking.org/en/index.html

Startup Inspector– http://www.windowsstartup.com/

Sunbelt’s Counterspy– http://www.sunbelt-software.com/CounterSpy-Download.cfm

GRC.com– UPNP http://www.grc.com/unpnp/unpnp.htm– DCOM http://www.grc.com/dcom/– MSMSG http://www.grc.com/stm/shootthemessenger.htm

8

Test yourselfTest yourself

www.grc.com– ShieldsUp

https://www.grc.com/x/ne.dll?bh0bkyd2– Leaktest

http://grc.com/lt/leaktest.htm

Scan yourself across the network– security.symantec.com– www.pandasoftware.com/products/ActiveScan.htm– housecall.trendmicro.com/– www3.ca.com/virusinfo/virusscan.aspx– www.kaspersky.com/virusscanner

5

9

EmailEmail

Treat it like a postcardOne to one communications Spam– Never reply as you confirm your address

Use inbox protection (hotmail) or filtering and/or blockingNever say anything that you wouldn’t say in publicRemember ISPs back this stuff up

10

Email AbuseEmail Abuse

SpamScamsFlamingHarrassment and stalkingSpoofingMail bombsVirusesChain lettersPornographyPhotosInline html and/or pdfs

6

11

Chat roomsChat roomsLet you talk to groups of people all around the worldThis generations version of the phonePublic, private or IRCSome have monitors, most do not – watch for computersMost dangerous area of the net– You don’t know who is there (actively or lurking)– You establish a relationship and trust over time– Pedophiles use them to find victims– People lie

They often progress to IM and email where you are now one on oneWatch out for rooms associated with sex, cults, ritualChoose a vendor neutral screen nameTurn on loggingWeb chat is still chat (yahoo & AOL teen chat)Watch out for http://myplace.com

12

Instant MessagingInstant Messaging

Unique identifier associated with profileReal time – more IM than emailBlend of email and chatICQ was the forefather to IMRuns in background and notifies you when there is a messageBuddy list – a notify list of friends

7

13

The Dark Side of IMThe Dark Side of IM

Protect your buddy list - set it so you have to approve the addition of anyone to itPeople can add you to their buddy list and then keep track of when you are onlineSet your options so others can’t add you to their buddy listPredators love buddy lists They also love being able to search profiles and membership directories

14

Profiles & DirectoriesProfiles & DirectoriesAt yahoo you can search the directory by:– Keyword– Gender– Age– Interests

Requesting profiles with picturesAsking whether they are online nowRegularly use Google and Yahoo to search on yourselfNever fill these out truthfullyPredators use these to determine victims

8

15

Personal FirewallsPersonal FirewallsDo a search on the web for “personal firewall”Critical if you are using DSL or Cable Networking but it does happen to people dialed inBlackice Defender– www.networkice.com

Zone Alarm– www.zonelabs.com

Norton Personal Security– www.symantec.com & security2.symantec.com– Scan yourself with their security scanner on the web

McAfee Personal Firewall– www.mcafee.com

16

PrivacyPrivacyIt is illegal to intentionally transmit name, address, phone, SSnoor email info of a child under 16 to entice, encourage or solicit illegal sexual activityKnow how information is being shared– Registration information for products such as MS Word– Opt out versus opt in– Win ME – control panel – automatic updates– Realplayer– Winamp– Media Player– Napster– 3D Frog Frenzy and many more

Have a yahoo or other email address just for registrations, etc

9

17

Tips to staying safeTips to staying safeKeep your identity private– Never give out name, address, phone ….– Don’t mention your city or school & never provide photos– Lie in your online profile– Use a gender neutral screen name– Don’t reveal anything about your friends either

Never get together with someone you meet online– Online dating – meet in a public place and take a friend

Never respond to email, chat, messages that are hostile, inappropriate or make you feel uncomfortableNever give out your password and don’t let others post from your account/computer EVER

18

Tips to staying safeTips to staying safeDon’t list yourself in the members directory at your ISP or yahoo, ICQ, IM ….Keep an eye on your IM buddy list – secure itEmail yourself and check the headers – what did you give awayBe careful what you put in the registration files for things like Office – they get embedded in any documentsIf email needs to be confidential use PGP and encrypt it

10

19

Common SenseCommon SenseHave on credit card that you use online Check that card statement regularly NEVER put your credit card into a site that uses ip numbers in the URLLook for the lock and httpsNo-one legitimate will ask you for your username and pin by phone or emailTeach your kids and others never to download things– I.e. don’t accept gifts from strangers

20

Online ShoppingOnline Shopping

Be as careful as you would be in a storeMake sure it is https, not httpPrint a copy of the online order Use only one card for all online purchasesCheck out new companies with the Better Business BureauIf an offer looks too good to be true then guess what

11

21

Parents ExtrasParents ExtrasYou should be the only one with the dial in passwordMake sure they don’t turn on Parental Controls or filteringUnderstand the servicesMonitor your kids activities – no computers outside of public placesLimit computer timeSign a family internet usage agreementHuman friends are better than computers and healthierDon’t post pictures of your kids anywhere on the web – They will turn up in kiddy porn later– If you must post them do it in groups with no names or addresses– Make sure the school isn’t putting up photos of your child with

identifying information– Watch out for those “build an autobiographical website” projects at

school

22

NetworkingNetworking

Users Router Cable/DSLor HUB Modem

Internet

12

23

Wired RoutersWired Routers

Buy one with enough ports and a firewallTry to keep all network equipment the same brandUsing Linksys as an example– Set time and IP address ranges correctly– Set password for admin to something other

than admin– Turn off remote administration

24

FirewallFirewall

13

25

Password Password

1. Set the password2. Also set loggingto be enabled3. Turn off remoteAdministration4. Disable snmp5. Disable UPNP

26

Check your DHCP clientsCheck your DHCP clients

14

27

DHCP ClientsDHCP Clients

28

WirelessWireless

Same basics as wired plus:Change default SSID to something meaninglessCloak it (do not broadcast SSID)Turn off remote AdministrationTurn on WEP 128 and use a good passphraseTurn on and use MAC filtering

15

29

Setting the SSIDSetting the SSID

30

WEP and WEP and PassphrasePassphrase

16

31

MAC FilteringMAC Filtering

32

MAC FilterMAC Filter

17

33

FirewallFirewall

34

SummarySummaryTeach yourself and your kids to be safeRemember that the Cyberworld poses the same risks as the real world – never do something on the net that you wouldn’t do normallyCommon sense is worth more than banning useIf you get stuck – ask a 12 year old for helpOther information is at:– http://www.haltabuse.org/– http://www.wiredsafety.org

Check out the Naperville Police booklet at:– http://www.naperville.il.us/emplibrary/pdskworkbook.pdf

Have a family agreement about internet use– www.wiredkids.org/documents/safesurf_agreement.html

18

35

QuestionsQuestions

jaqui@circle4.com