Your SlideShare is downloading. ×
Computer saftey may 2013
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Computer saftey may 2013

112
views

Published on

Published in: Technology

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
112
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
4
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Socastee SC LibraryComputer EducationWhiteHouseComputingSafe ComputingVisualization of the variousroutes through a portion ofthe InternetSource:WWW.Wikipedia.Comhttp:WhiteHouseComputing.Blogspot.Com ”
  • 2. Socastee SC LibraryComputer EducationWhiteHouseComputingOnline SecurityOnline SecurityCommon Computer Security MythsCommon Computer Security Myths Myth: “Myth: “There is nothing important on my computer,There is nothing important on my computer,so no attacker would want to access it”so no attacker would want to access it” Reality:Reality: ““Internet Background Radiation” – a techie termInternet Background Radiation” – a techie termthat refers to the constant stream of probes andthat refers to the constant stream of probes andmalicious traffic on the internet.malicious traffic on the internet. Probes are looking for any machine that can beProbes are looking for any machine that can be“hijacked” to make money for their hijackers.“hijacked” to make money for their hijackers. Spam RobotsSpam Robots (spambot)(spambot) ZombiesZombies trained to attack web sites on demand (extortiontrained to attack web sites on demand (extortionrobots)robots)
  • 3. Socastee SC LibraryComputer EducationWhiteHouseComputingOnline SecurityOnline SecurityCommon Computer Security MythsCommon Computer Security Myths Myth:Myth: “The biggest security threats involve hackers“The biggest security threats involve hackerswho target individual computer users”.who target individual computer users”. Reality:Reality: Many probes are automated. Computers underMany probes are automated. Computers underprogram control can probe other computers muchprogram control can probe other computers muchfaster than computers under human control can.faster than computers under human control can.
  • 4. Socastee SC LibraryComputer EducationWhiteHouseComputingOnline SecurityOnline SecurityCommon Computer Security MythsCommon Computer Security Myths Myth:Myth: “Paying bills online increases the risk of identity“Paying bills online increases the risk of identitytheft”.theft”. Reality:Reality: Communication from the browser can be secure encryptedCommunication from the browser can be secure encrypted LOOK for the LOCKLOOK for the LOCK Either bottom right or just to the right of the addressEither bottom right or just to the right of the addressentry window depending on browser and browserentry window depending on browser and browserversionversionAND look forAND look for httpshttps instead ofinstead of httphttp in the addressin the address For example:For example: https://WWW.Chase.Comhttps://WWW.Chase.Com However – above assumes noHowever – above assumes no keylogerskeylogers ononyour machineyour machine
  • 5. Socastee SC LibraryComputer EducationWhiteHouseComputingOnline SecurityOnline SecurityTypes of ThreatsTypes of Threats AnnoyancesAnnoyances SpamSpam AdwareAdware DangerousDangerous SpywareSpyware VirusVirus PhishingPhishing ScarewareScareware EnablerEnabler TrojanTrojan BackdoorBackdoorMALWARE
  • 6. Socastee SC LibraryComputer EducationWhiteHouseComputingOnline SecurityOnline SecurityTypes of Threats - AnnoyancesTypes of Threats - Annoyances Spam – AKA Unwanted, Unsolicited Junk EmailSpam – AKA Unwanted, Unsolicited Junk Email Clogs your email inboxClogs your email inbox Can be dangerousCan be dangerous Can lead you to dangerous websitesCan lead you to dangerous websites Example – sites that attempt to exploit unpatched bugs in yourExample – sites that attempt to exploit unpatched bugs in yourbrowser to insert “browser to insert “backdoorbackdoor” or other malware in your system” or other malware in your system Adware – Software that delivers targetedAdware – Software that delivers targetedadvertisements to your computeradvertisements to your computer
  • 7. Socastee SC LibraryComputer EducationWhiteHouseComputingOnline SecurityOnline SecurityTypes of Threats - DangerousTypes of Threats - Dangerous SpywareSpyware “is a type of malware that is installed“is a type of malware that is installedsurreptitiously on personal computers to collectsurreptitiously on personal computers to collectinformation about users, their computer orinformation about users, their computer orbrowsing habits without their informedbrowsing habits without their informedconsent.”consent.” Wikipedia. (Spyware)Wikipedia. (Spyware) Can simply record information about your browsingCan simply record information about your browsinghabits to guide Adware in delivering ads ORhabits to guide Adware in delivering ads OR Worst case: Keylogger – can record your keyboardWorst case: Keylogger – can record your keyboardkeystrokes and transmit them over the Internetkeystrokes and transmit them over the Internet
  • 8. Socastee SC LibraryComputer EducationWhiteHouseComputingOnline SecurityOnline SecurityTypes of Threats - DangerousTypes of Threats - Dangerous Virus “AVirus “A computer viruscomputer virus is a computer program thatis a computer program thatcan copy itself and infect a computer without thecan copy itself and infect a computer without thepermission or knowledge of the owner.”permission or knowledge of the owner.” WikipediaWikipedia How is it spread?How is it spread? Email attachmentEmail attachment Visiting a malicious website with an unpatched buggy browserVisiting a malicious website with an unpatched buggy browser Infected files on any portable media (thumb drives, CDs, floppys, etc)Infected files on any portable media (thumb drives, CDs, floppys, etc) Over a network when file sharing is too broadly set upOver a network when file sharing is too broadly set up
  • 9. Socastee SC LibraryComputer EducationWhiteHouseComputingOnline SecurityOnline SecurityTypes of Threats - DangerousTypes of Threats - Dangerous Virus – How Can You Protect Yourself?Virus – How Can You Protect Yourself? Install an antivirus program on your computerInstall an antivirus program on your computer Two parts of an Antivirus program defenseTwo parts of an Antivirus program defense The program itselfThe program itself Understands basic look and feel of generic computer virusUnderstands basic look and feel of generic computer virus Can also read and understand specific descriptions ofCan also read and understand specific descriptions ofspecific virus family and virusspecific virus family and virus Descriptions of specific virus and virus familiesDescriptions of specific virus and virus families New descriptions need to be downloaded to your computerNew descriptions need to be downloaded to your computeron a continuing basis.on a continuing basis. In commercial software, there is an annual fee forIn commercial software, there is an annual fee forsubscription. When your subscription runs out, NEWsubscription. When your subscription runs out, NEWdescriptions stop being downloaded.descriptions stop being downloaded.
  • 10. Socastee SC LibraryComputer EducationWhiteHouseComputingOnline SecurityOnline SecurityTypes of Threats - DangerousTypes of Threats - Dangerous Virus – How CanVirus – How CanYou ProtectYou ProtectYourself?Yourself? See handout forSee handout forexamples of goodexamples of goodantivirus software.antivirus software. For another source goFor another source gototo WWW.PCMag.ComWWW.PCMag.Com Look past “sponsored links”Look past “sponsored links”which are ads and click onwhich are ads and click onappropriate articles.appropriate articles.SelectReviews hereEnter Antivirus inthe search box here
  • 11. Socastee SC LibraryComputer EducationWhiteHouseComputingOnline SecurityOnline SecurityTypes of Threats - DangerousTypes of Threats - Dangerous Phishing “is the criminally fraudulent process ofPhishing “is the criminally fraudulent process ofattempting to acquire sensitive information suchattempting to acquire sensitive information suchas usernames, passwords and credit card detailsas usernames, passwords and credit card detailsby masquerading as a trustworthy entity in anby masquerading as a trustworthy entity in anelectronic communication.”electronic communication.” WikipediaWikipedia Fraudulent email scares you into clicking a link in theFraudulent email scares you into clicking a link in theemail taking you to a site that LOOKS like a realemail taking you to a site that LOOKS like a realbank (for example) but is notbank (for example) but is not Fraud site asks for userid password account number etcFraud site asks for userid password account number etcPhishingPhishing
  • 12. Socastee SC LibraryComputer EducationWhiteHouseComputingOnline SecurityOnline SecurityTypes of Threats - DangerousTypes of Threats - Dangerous Phishing – How to Avoid Being FooledPhishing – How to Avoid Being Fooled Avoid following links in emailsAvoid following links in emails If you do and the site wants info DO NOT GIVE ITIf you do and the site wants info DO NOT GIVE IT Banks, Brokerage Houses, etc WILL NOT ASKBanks, Brokerage Houses, etc WILL NOT ASKYOU VIA EMAIL TO VERIFY INFORMATIONYOU VIA EMAIL TO VERIFY INFORMATION If they seem to be doing that IT IS A FRAUDIf they seem to be doing that IT IS A FRAUD
  • 13. Socastee SC LibraryComputer EducationWhiteHouseComputingOnline SecurityOnline SecurityTypes of Threats - DangerousTypes of Threats - Dangerous ScarewareScareware Spyware masquerading as antivirus softwareSpyware masquerading as antivirus software Message will pop up while using your browserMessage will pop up while using your browser Message will tell you have been infected and need to clickMessage will tell you have been infected and need to clicksomewhere on it to download software to get rid of thesomewhere on it to download software to get rid of theinfectioninfection Could happen even on a legitimate site it the site has beenCould happen even on a legitimate site it the site has beencompromisedcompromised Do not click ANYWHERE on the messageDo not click ANYWHERE on the message Start Taskmanager and end browser applicationsStart Taskmanager and end browser applications
  • 14. Socastee SC LibraryComputer EducationWhiteHouseComputingOnline SecurityOnline SecurityTypes of Threats - DangerousTypes of Threats - Dangerous Learn to Recognize Scams of All KindsLearn to Recognize Scams of All Kinds Check the web address. type in the web addressexactly as it appears on your statement. Look for a https:// a secure connection However, even scam sites can usesecure connections, so use this rule in conjunction withthe others. Check the spelling and grammar.
  • 15. Socastee SC LibraryComputer EducationWhiteHouseComputingOnline SecurityOnline SecurityTypes of Threats - DangerousTypes of Threats - DangerousFour RulesFour Rules1. Run Windows Update – plug the holes that let the gunk inFor Virus and Spyware gunk that gets in anyway…2. Install and run Anti Virus software – keep subscription current3. Install and run AntiSpyware software–keep subscription current4. Run a Firewall 1. Start2. Control Panel3. Security Center4. Windows Firewall5. OnNote – assumes you are not runninga different firewall already
  • 16. Socastee SC LibraryComputer EducationWhiteHouseComputingOnline SecurityOnline SecurityFirewallsFirewalls Prevent unauthorized entry from outsidePrevent unauthorized entry from outside Can be hardwareCan be hardware Routers include a NAT firewall preventingRouters include a NAT firewall preventingunauthorized entry from outside but not necessarilyunauthorized entry from outside but not necessarilyreporting or preventing rogue applications inside yourreporting or preventing rogue applications inside yourcomputer from communicating outboundcomputer from communicating outbound Can be software ( Windows firewall, ZoneAlarm)Can be software ( Windows firewall, ZoneAlarm) Software firewalls can/will prevent unauthorizedSoftware firewalls can/will prevent unauthorizedoutbound communication toooutbound communication too
  • 17. Socastee SC LibraryComputer EducationWhiteHouseComputingOnline SecurityOnline SecurityFirewallsFirewalls How Secure is Your Firewall?How Secure is Your Firewall? Major corporations have their firewalls intentionallyMajor corporations have their firewalls intentionallyprobed periodically by a security service to test them.probed periodically by a security service to test them. You can do the same thing at the “Shields Up” siteYou can do the same thing at the “Shields Up” sitelocated at https://www.grc.com/x/ne.dll?bh0bkyd2located at https://www.grc.com/x/ne.dll?bh0bkyd2 NOTENOTE the above site DOES NOT scan your machinethe above site DOES NOT scan your machinefor malware of any sort. It provides only a test of yourfor malware of any sort. It provides only a test of yourfirewall (or lack thereof) and its ability to block intrusion.firewall (or lack thereof) and its ability to block intrusion.
  • 18. Socastee SC LibraryComputer EducationWhiteHouseComputingOnline SecurityOnline SecurityFirewallsFirewalls LaptopsLaptops If you depend on the hardware firewall at home, you need toIf you depend on the hardware firewall at home, you need tobe sure you have a software firewall running on your laptop ifbe sure you have a software firewall running on your laptop ifyou take it out of your house to connect from anotheryou take it out of your house to connect from anotherlocation. If you have file and printer sharing turned on (tolocation. If you have file and printer sharing turned on (toshare files with other computers in you house) TURN ITshare files with other computers in you house) TURN ITOFF before connecting to a public WiFi hotspot or someoneOFF before connecting to a public WiFi hotspot or someoneelse’s hard wired LAN because you will beelse’s hard wired LAN because you will be behind their firewallbehind their firewallsharingsharing youryour files withfiles with themthem ON WINDOWS 7: START – CONTROL PANEL - NETWORKON WINDOWS 7: START – CONTROL PANEL - NETWORK& SHARING CENTER – ADVANCED SHARING – TURN OFF& SHARING CENTER – ADVANCED SHARING – TURN OFFFILE AND PRINTER SHARINGFILE AND PRINTER SHARING
  • 19. Socastee SC LibraryComputer EducationWhiteHouseComputingOnline SecurityOnline SecurityInformation SourceInformation Source WWW.OnguardOnline.GovWWW.OnguardOnline.Gov ““a partnership between the FTC, other federala partnership between the FTC, other federalagencies, and the technology industry -- offers tips toagencies, and the technology industry -- offers tips tohelp you be on guard against Internet fraud, securehelp you be on guard against Internet fraud, secureyour computer, and protect your personalyour computer, and protect your personalinformation. “information. “ Federal Trade Commission web siteFederal Trade Commission web site
  • 20. Socastee SC LibraryComputer EducationWhiteHouseComputingOnline SecurityOnline SecurityBackupBackup Make partial backups practicalMake partial backups practical Keep your files organizedKeep your files organized Choose Backup MediumChoose Backup Medium CD – Holds Max 700 MbCD – Holds Max 700 Mb DVD – Holds Max 4.4 Gb single layer 7.9 GbDVD – Holds Max 4.4 Gb single layer 7.9 Gbdouble layer. Only new higher end machines todaydouble layer. Only new higher end machines todaywill burn double layerwill burn double layer External hard drive – holds 1Tb ++External hard drive – holds 1Tb ++ IfIf CRITICALCRITICAL keep copy off sitekeep copy off site
  • 21. Socastee SC LibraryComputer EducationWhiteHouseComputingThe EndThe End
  • 22. Socastee SC LibraryComputer EducationWhiteHouseComputingDevelopments to Watch:Social Fortress ( WWW.SocialFortress.Com ) seehttp://www.teten.com/blog/2012/09/13/social-fortress-publicly-launches-at-techcrunch-disrupt/See “Emerging Cyber Threats Report 2013” at http://gtsecuritysummit.com/report.html