Date post: | 24-May-2015 |
Category: |
Technology |
Upload: | jimwhite |
View: | 139 times |
Download: | 0 times |
Socastee SC Library
Computer EducationWhiteHouseComputing
Safe Computing
Visualization of the various routes through a portion of the Internet
Source: WWW.Wikipedia.Com
http:\\WhiteHouseComputing.Blogspot.Com ”
Socastee SC Library
Computer EducationWhiteHouseComputing
Online SecurityOnline SecurityCommon Computer Security MythsCommon Computer Security Myths Myth: “Myth: “There is nothing important on my There is nothing important on my
computer, so no attacker would want to access computer, so no attacker would want to access it”it”
Reality:Reality: ““Internet Background Radiation” – a techie Internet Background Radiation” – a techie
term that refers to the constant stream of term that refers to the constant stream of probes and malicious traffic on the internet.probes and malicious traffic on the internet.
Probes are looking for any machine that can Probes are looking for any machine that can be “hijacked” to make money for their be “hijacked” to make money for their hijackers.hijackers.
Spam Robots (spambot)(spambot) Zombies trained to attack web sites on demand trained to attack web sites on demand
(extortion robots)(extortion robots)
Socastee SC Library
Computer EducationWhiteHouseComputing
Online SecurityOnline SecurityCommon Computer Security MythsCommon Computer Security Myths
Myth:Myth: “The biggest security threats “The biggest security threats involve hackers who target individual involve hackers who target individual computer users”.computer users”.
Reality:Reality: Many probes are automated. Many probes are automated.
Computers under program control can Computers under program control can probe other computers much faster probe other computers much faster than computers under human control than computers under human control can.can.
Socastee SC Library
Computer EducationWhiteHouseComputing
Online SecurityOnline SecurityCommon Computer Security MythsCommon Computer Security Myths Myth:Myth: “Paying bills online increases the risk “Paying bills online increases the risk
of identity theft”. of identity theft”. Reality:Reality:
Communication from the browser can be secure Communication from the browser can be secure encryptedencrypted
LOOK for the LOCKLOOK for the LOCK Either bottom right or just to the right of the Either bottom right or just to the right of the
address entry window depending on browser address entry window depending on browser and browser versionand browser version
AND look for AND look for httpshttps instead of instead of httphttp in the in the addressaddress
For example: For example: https://WWW.Chase.Com
However – above assumes no However – above assumes no keylogers on your machine on your machine
Socastee SC Library
Computer EducationWhiteHouseComputing
Online SecurityOnline SecurityTypes of ThreatsTypes of Threats
AnnoyancesAnnoyances Spam Adware
DangerousDangerous Spyware Virus Phishing Scareware
EnablerEnabler Trojan Backdoor
MALWARE
Socastee SC Library
Computer EducationWhiteHouseComputing
Online SecurityOnline SecurityTypes of Threats - AnnoyancesTypes of Threats - Annoyances
Spam – AKA Unwanted, Unsolicited Junk Spam – AKA Unwanted, Unsolicited Junk EmailEmail Clogs your email inboxClogs your email inbox Can be dangerousCan be dangerous
Can lead you to dangerous websitesCan lead you to dangerous websites Example – sites that attempt to exploit unpatched bugs Example – sites that attempt to exploit unpatched bugs
in your browser to insert “in your browser to insert “backdoor” or other malware ” or other malware in your systemin your system
Adware – Software that delivers targeted Adware – Software that delivers targeted advertisements to your computeradvertisements to your computer
Socastee SC Library
Computer EducationWhiteHouseComputing
Online SecurityOnline SecurityTypes of Threats - DangerousTypes of Threats - Dangerous
Spyware “is a type of malware that is “is a type of malware that is installed surreptitiously on personal installed surreptitiously on personal computers to collect information about computers to collect information about users, their computer or browsing habits users, their computer or browsing habits without their informed consent.” without their informed consent.” Wikipedia. Wikipedia. (Spyware)(Spyware)
Can simply record information about your Can simply record information about your browsing habits to guide Adware in delivering browsing habits to guide Adware in delivering ads ORads OR
Worst case: Keylogger – can record your Worst case: Keylogger – can record your keyboard keystrokes and transmit them over the keyboard keystrokes and transmit them over the InternetInternet
Socastee SC Library
Computer EducationWhiteHouseComputing
Online SecurityOnline SecurityTypes of Threats - DangerousTypes of Threats - Dangerous
Virus “A Virus “A computer viruscomputer virus is a computer is a computer program that can copy itself and infect a program that can copy itself and infect a computer without the permission or computer without the permission or knowledge of the owner.” knowledge of the owner.” WikipediaWikipedia
How is it spread?How is it spread? Email attachmentEmail attachment Visiting a malicious website with an unpatched Visiting a malicious website with an unpatched
buggy browserbuggy browser Infected files on any portable media (thumb drives, Infected files on any portable media (thumb drives,
CDs, floppys, etc)CDs, floppys, etc) Over a network when file sharing is too broadly set Over a network when file sharing is too broadly set
upup
Socastee SC Library
Computer EducationWhiteHouseComputing
Online SecurityOnline SecurityTypes of Threats - DangerousTypes of Threats - Dangerous
Virus – How Can You Protect Yourself?Virus – How Can You Protect Yourself? Install an antivirus program on your Install an antivirus program on your
computercomputer Two parts of an Antivirus program defenseTwo parts of an Antivirus program defense
The program itselfThe program itself Understands basic look and feel of generic computer Understands basic look and feel of generic computer
virusvirus Can also read and understand specific descriptions of Can also read and understand specific descriptions of
specific virus family and virusspecific virus family and virus Descriptions of specific virus and virus familiesDescriptions of specific virus and virus families
New descriptions need to be downloaded to your New descriptions need to be downloaded to your computer on a continuing basis. computer on a continuing basis.
In commercial software, there is an annual fee for In commercial software, there is an annual fee for subscription. When your subscription runs out, NEW subscription. When your subscription runs out, NEW descriptions stop being downloaded.descriptions stop being downloaded.
Socastee SC Library
Computer EducationWhiteHouseComputing
Online SecurityOnline SecurityTypes of Threats - DangerousTypes of Threats - Dangerous
Virus – How Can Virus – How Can You Protect You Protect Yourself?Yourself? See handout for See handout for
examples of good examples of good antivirus software.antivirus software.
For another For another source go to source go to WWW.PCMag.ComWWW.PCMag.Com
Look past “sponsored Look past “sponsored links” which are ads and links” which are ads and click on appropriate click on appropriate articles.articles. Select
Reviews here
Enter Antivirus in the search box here
Socastee SC Library
Computer EducationWhiteHouseComputing
Online SecurityOnline SecurityTypes of Threats - DangerousTypes of Threats - Dangerous
Phishing “is the criminally fraudulent Phishing “is the criminally fraudulent process of attempting to acquire sensitive process of attempting to acquire sensitive information such as usernames, passwords information such as usernames, passwords and credit card details by masquerading as and credit card details by masquerading as a trustworthy entity in an electronic a trustworthy entity in an electronic communication.” communication.” WikipediaWikipedia
Fraudulent email scares you into clicking a link Fraudulent email scares you into clicking a link in the email taking you to a site that LOOKS in the email taking you to a site that LOOKS like a real bank (for example) but is notlike a real bank (for example) but is not
Fraud site asks for userid password account number Fraud site asks for userid password account number etcetc
PhishingPhishing
Socastee SC Library
Computer EducationWhiteHouseComputing
Online SecurityOnline SecurityTypes of Threats - DangerousTypes of Threats - Dangerous
Phishing – How to Avoid Being Phishing – How to Avoid Being FooledFooled Avoid following links in emailsAvoid following links in emails
If you do and the site wants info DO NOT If you do and the site wants info DO NOT GIVE ITGIVE IT
Banks, Brokerage Houses, etc WILL Banks, Brokerage Houses, etc WILL NOT ASK YOU VIA EMAIL TO VERIFY NOT ASK YOU VIA EMAIL TO VERIFY INFORMATIONINFORMATION If they seem to be doing that IT IS A FRAUDIf they seem to be doing that IT IS A FRAUD
Socastee SC Library
Computer EducationWhiteHouseComputing
Online SecurityOnline SecurityTypes of Threats - DangerousTypes of Threats - Dangerous
ScarewareScareware Spyware masquerading as antivirus softwareSpyware masquerading as antivirus software Message will pop up while using your browserMessage will pop up while using your browser
Message will tell you have been infected and need Message will tell you have been infected and need to click somewhere on it to download software to to click somewhere on it to download software to get rid of the infectionget rid of the infection
Could happen even on a legitimate site it the site Could happen even on a legitimate site it the site has been compromisedhas been compromised
Do not click ANYWHERE on the messageDo not click ANYWHERE on the message Start Taskmanager and end browser applicationsStart Taskmanager and end browser applications
Socastee SC Library
Computer EducationWhiteHouseComputing
Online SecurityOnline SecurityTypes of Threats - DangerousTypes of Threats - Dangerous
Learn to Recognize Scams of All Learn to Recognize Scams of All KindsKinds Check the web address. type in the
web address exactly as it appears on your statement.
Look for a https:// a secure connection However, even scam
sites can use secure connections, so use this rule in conjunction with the others.
Check the spelling and grammar.
Socastee SC Library
Computer EducationWhiteHouseComputing
Online SecurityOnline SecurityTypes of Threats - DangerousTypes of Threats - Dangerous
Four RulesFour Rules1. Run Windows Update – plug the holes that let the gunk in
For Virus and Spyware gunk that gets in anyway…
2. Install and run Anti Virus software – keep subscription current
3. Install and run AntiSpyware software–keep subscription current
4. Run a Firewall 1. Start
2. Control Panel
3. Security Center
4. Windows Firewall
5. On
Note – assumes you are not running a different firewall already
Socastee SC Library
Computer EducationWhiteHouseComputing
Online SecurityOnline SecurityFirewallsFirewalls
Prevent unauthorized entry from outside Prevent unauthorized entry from outside Can be hardwareCan be hardware
Routers include a NAT firewall preventing Routers include a NAT firewall preventing unauthorized entry from outside but not unauthorized entry from outside but not necessarily reporting or preventing rogue necessarily reporting or preventing rogue applications inside your computer from applications inside your computer from communicating outboundcommunicating outbound
Can be software ( Windows firewall, Can be software ( Windows firewall, ZoneAlarm)ZoneAlarm) Software firewalls can/will prevent unauthorized Software firewalls can/will prevent unauthorized
outbound communication toooutbound communication too
Socastee SC Library
Computer EducationWhiteHouseComputing
Online SecurityOnline SecurityFirewallsFirewalls
How Secure is Your Firewall?How Secure is Your Firewall? Major corporations have their firewalls Major corporations have their firewalls
intentionally probed periodically by a intentionally probed periodically by a security service to test them.security service to test them. You can do the same thing at the “Shields You can do the same thing at the “Shields
Up” site located at Up” site located at https://www.grc.com/x/ne.dll?bh0bkyd2https://www.grc.com/x/ne.dll?bh0bkyd2
NOTENOTE the above site DOES NOT scan your the above site DOES NOT scan your machine for malware of any sort. It machine for malware of any sort. It provides only a test of your firewall (or lack provides only a test of your firewall (or lack thereof) and its ability to block intrusion.thereof) and its ability to block intrusion.
Socastee SC Library
Computer EducationWhiteHouseComputing
Online SecurityOnline SecurityFirewallsFirewalls
LaptopsLaptops If you depend on the hardware firewall at home, If you depend on the hardware firewall at home,
you need to be sure you have a software firewall you need to be sure you have a software firewall running on your laptop if you take it out of your running on your laptop if you take it out of your house to connect from another location. If you house to connect from another location. If you have file and printer sharing turned on (to share have file and printer sharing turned on (to share files with other computers in you house) TURN IT files with other computers in you house) TURN IT OFF before connecting to a public WiFi hotspot or OFF before connecting to a public WiFi hotspot or someone else’s hard wired LAN because you will be someone else’s hard wired LAN because you will be behind their firewallbehind their firewall sharing sharing youryour files with files with themthem
ON WINDOWS 7: START – CONTROL PANEL - ON WINDOWS 7: START – CONTROL PANEL - NETWORK & SHARING CENTER – ADVANCED SHARING NETWORK & SHARING CENTER – ADVANCED SHARING – TURN OFF FILE AND PRINTER SHARING – TURN OFF FILE AND PRINTER SHARING
Socastee SC Library
Computer EducationWhiteHouseComputing
Online SecurityOnline SecurityInformation SourceInformation Source
WWW.OnguardOnline.GovWWW.OnguardOnline.Gov ““a partnership between the FTC, other a partnership between the FTC, other
federal agencies, and the technology federal agencies, and the technology industry -- offers tips to help you be on industry -- offers tips to help you be on guard against Internet fraud, secure guard against Internet fraud, secure your computer, and protect your your computer, and protect your personal information. “ personal information. “ Federal Trade Federal Trade Commission web siteCommission web site
Socastee SC Library
Computer EducationWhiteHouseComputing
Online SecurityOnline SecurityBackupBackup
Make partial backups practicalMake partial backups practical Keep your files organizedKeep your files organized
Choose Backup MediumChoose Backup Medium CD – Holds Max 700 MbCD – Holds Max 700 Mb DVD – Holds Max 4.4 Gb single layer 7.9 DVD – Holds Max 4.4 Gb single layer 7.9
Gb double layer. Only new higher end Gb double layer. Only new higher end machines today will burn double layermachines today will burn double layer
External hard drive – holds 1Tb ++External hard drive – holds 1Tb ++ If If CRITICALCRITICAL keep copy off site keep copy off site
Socastee SC Library
Computer EducationWhiteHouseComputing
The End The End
Socastee SC Library
Computer EducationWhiteHouseComputing
Developments to Watch:
Social Fortress ( WWW.SocialFortress.Com ) see http://www.teten.com/blog/2012/09/13/social-fortress-publicly-launches-at-techcrunch-disrupt/
See “Emerging Cyber Threats Report 2013” at http://gtsecuritysummit.com/report.html