The risk factor between the keyboard and the chair – or nobody's child? <ul><ul><li>SPI2009 </li></ul></ul><ul><ul><li>Kai...
A crazy dream <ul><li>An evil wizard made all the traffic cops to disappear </li></ul><ul><li>...driving schools disappear...
The reality case: Joe Sixpack <ul><li>A nice guy and family man, a mechanic by trade </li></ul><ul><li>Joe goes to the big...
What is the real problem <ul><li>Joe Sixpack dealt with </li></ul><ul><ul><li>Computer seller </li></ul></ul><ul><ul><li>S...
In the old times <ul><li>Cracking computers was </li></ul><ul><ul><li>less malicious (pranks)‏ </li></ul></ul><ul><ul><li>...
Today:  Netbus....
Back Orifice 2000....
Sub7
The mass factor <ul><li>For each malicious AND skilled cracker, there is a large number of script kiddies with </li></ul><...
Wild shots <ul><li>In fact, no one actually aimed to nail Mr Sixpack </li></ul><ul><li>It was just an undefended machine <...
“ Who gives a sh...?” <ul><li>Quite a common reaction – I am no president/businessman/actor/politician/sportsman </li></ul...
A botnet? <ul><li>Lots of hijacked computers controlled centrally </li></ul><ul><li>Major uses </li></ul><ul><ul><li>Sendi...
Some other uses for a hijacked PC <ul><li>Online porn archive – ordinary is just an embarrassment, but child/snuff porn al...
Another problem: pick two of three <ul><li>Simple, affordable, secure </li></ul><ul><li>Typical perception: </li></ul><ul>...
Hopeless....? <ul><li>Not really </li></ul><ul><li>Most really simple attacks target systems without updates – keeping a s...
Ten Commandments for home users <ul><li>1. Thou shalt keep your Systems updated </li></ul><ul><li>2. Thou shalt not take t...
<ul><li>6. Thou shalt not touch unknown Attachments in thine Mail and not allow anyone who lives in thine household to do ...
Scripture commentary follows <ul><li>1. Update, update, update. Every system </li></ul><ul><li>2. Have at least two accoun...
<ul><li>4. If there are more than one user, each should have their own account – makes it easier to track problems </li></...
<ul><li>8. Your computer is not a box of chocolates (sorry, Forrest!). Or else the bad guys won't even need a rootkit </li...
Some notes about the Web <ul><li>Passwords should not be </li></ul><ul><ul><li>written down </li></ul></ul><ul><ul><li>rec...
Conclusion <ul><li>Things are bad enough </li></ul><ul><li>Protecting one's machine adequately means one less machine in b...
Upcoming SlideShare
Loading in …5
×

MS Powerpoint 97 (.ppt)

371 views
316 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
371
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
8
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

MS Powerpoint 97 (.ppt)

  1. 1. The risk factor between the keyboard and the chair – or nobody's child? <ul><ul><li>SPI2009 </li></ul></ul><ul><ul><li>Kaido Kikkas </li></ul></ul>
  2. 2. A crazy dream <ul><li>An evil wizard made all the traffic cops to disappear </li></ul><ul><li>...driving schools disappeared too </li></ul><ul><li>...as well as most traffic signs </li></ul><ul><li>The traffic started to look like Internet </li></ul>
  3. 3. The reality case: Joe Sixpack <ul><li>A nice guy and family man, a mechanic by trade </li></ul><ul><li>Joe goes to the big department store and decides to buy his family a new computer for Christmas – great, they had a nice deal with printer and scanner included! </li></ul><ul><li>He will unpack the PC and set it up, next day a technician will come and set up his network </li></ul><ul><li>For a couple of days, everything is smooth </li></ul><ul><li>Then some new programs appear, the computer slows down, lots of ads will show up... </li></ul>
  4. 4. What is the real problem <ul><li>Joe Sixpack dealt with </li></ul><ul><ul><li>Computer seller </li></ul></ul><ul><ul><li>Software seller </li></ul></ul><ul><ul><li>Network company </li></ul></ul><ul><li>None of them were concerned of his security </li></ul>
  5. 5. In the old times <ul><li>Cracking computers was </li></ul><ul><ul><li>less malicious (pranks)‏ </li></ul></ul><ul><ul><li>seldom economically motivated </li></ul></ul><ul><ul><li>a contest of equals </li></ul></ul><ul><ul><li>demanding some skill </li></ul></ul><ul><ul><li>done by quite a small number of people </li></ul></ul>
  6. 6. Today: Netbus....
  7. 7. Back Orifice 2000....
  8. 8. Sub7
  9. 9. The mass factor <ul><li>For each malicious AND skilled cracker, there is a large number of script kiddies with </li></ul><ul><ul><li>no skills </li></ul></ul><ul><ul><li>no life </li></ul></ul><ul><ul><li>lots of free time to burn </li></ul></ul><ul><li>Again the well-equipped fools – but this time a bit different kind </li></ul>
  10. 10. Wild shots <ul><li>In fact, no one actually aimed to nail Mr Sixpack </li></ul><ul><li>It was just an undefended machine </li></ul><ul><li>“ Nothing personal” (followed by two head shots)‏ </li></ul><ul><li>The kiddies comb a segment of the Net, typically scanning for a certain vulnerability (can also function as foot soldiers for more sophisticated cracker gangs or RBN-like criminal networks)‏ </li></ul>
  11. 11. “ Who gives a sh...?” <ul><li>Quite a common reaction – I am no president/businessman/actor/politician/sportsman </li></ul><ul><li>Who cares if my machine is cracked? </li></ul><ul><li>I DO! </li></ul><ul><li>Because it will typically join thousands of others in Storm or similar botnet – AND I MAY GET HIT </li></ul>
  12. 12. A botnet? <ul><li>Lots of hijacked computers controlled centrally </li></ul><ul><li>Major uses </li></ul><ul><ul><li>Sending spam and propagating scams </li></ul></ul><ul><ul><li>DDOS attacks – increasingly used in organised extortion schemes </li></ul></ul><ul><ul><li>Increasingly used in political attacks </li></ul></ul>
  13. 13. Some other uses for a hijacked PC <ul><li>Online porn archive – ordinary is just an embarrassment, but child/snuff porn also exists – and earns the propagators a long time in prison </li></ul><ul><li>Warehouse for illegal software – BSA will freak out </li></ul><ul><li>IRC trading channel for e.g. stolen credit cards </li></ul><ul><li>Spam engine </li></ul><ul><li>Attack springboard </li></ul><ul><li>Money source (via online banking)‏ </li></ul>
  14. 14. Another problem: pick two of three <ul><li>Simple, affordable, secure </li></ul><ul><li>Typical perception: </li></ul><ul><ul><li>Windows PC: (quite) affordable, simple </li></ul></ul><ul><ul><li>Mac: simple and (quite) secure </li></ul></ul><ul><ul><li>Linux PC: affordable and secure </li></ul></ul><ul><li>Not exactly true, but hard to change </li></ul><ul><li>Car race analogy: Joe Sixpack in a top-notch race car vs Sebastian Loeb in an old Lada – the driver counts the most, but the platform plays a role too </li></ul>
  15. 15. Hopeless....? <ul><li>Not really </li></ul><ul><li>Most really simple attacks target systems without updates – keeping a system up to date helps a lot </li></ul><ul><li>The apartment door analogy: all sensible people invest in locks which won't last against any special operations unit – but will keep out the guys needing the next needle </li></ul><ul><li>Remember: there is no 100% security – but we may raise the level high enough to keep a majority of smaller pests out </li></ul>
  16. 16. Ten Commandments for home users <ul><li>1. Thou shalt keep your Systems updated </li></ul><ul><li>2. Thou shalt not take the Rights of Administrator in vain </li></ul><ul><li>3. Thou shalt choose all passwords carefully, paying utmost care to the Administrator account, likewise shall thine passwords not have valid meaning in any known language </li></ul><ul><li>4. Thou shalt create separate accounts for each User of thine Computer </li></ul><ul><li>5. Thou shalt have good shields if thou insist on using Windows </li></ul>
  17. 17. <ul><li>6. Thou shalt not touch unknown Attachments in thine Mail and not allow anyone who lives in thine household to do it </li></ul><ul><li>7. Thou shalt put junk mail filters into good use </li></ul><ul><li>8. Thou shalt know what Software lies in thine Computer </li></ul><ul><li>9. Thou dost well if thou use OpenOffice.org, Mozilla Thunderbird and Firefox instead of MS Office, MS Outlook and Internet Explorer </li></ul><ul><li>10. Thou shalt seek wise people to help thee, and wisdom for thyself. A wise Man may err once, while a Fool keeps doing it all over </li></ul><ul><li>(Amen!)‏ </li></ul>
  18. 18. Scripture commentary follows <ul><li>1. Update, update, update. Every system </li></ul><ul><li>2. Have at least two accounts in XP – one for administration, another for everyday use. Vista's UAC may make it a little less important, but it can be done there too </li></ul><ul><li>3. Typical password attacks are based on dictionary-type files. Therefore – no straight meaning (hidden ones are recommended though), at least 6-8 symbols, at least two cases plus numbers </li></ul>
  19. 19. <ul><li>4. If there are more than one user, each should have their own account – makes it easier to track problems </li></ul><ul><li>5. Shields in Windows include </li></ul><ul><ul><li>Antivirus (ClamWin is free and open-source)‏ </li></ul></ul><ul><ul><li>Anti-spyware (Defender, S&D, others)‏ </li></ul></ul><ul><ul><li>Firewall (Comodo is good)‏ </li></ul></ul><ul><ul><li>Browser popup and script blockers (for Firefox e.g. AdBlock Plus and NoScript)‏ </li></ul></ul><ul><li>6. If you don't know the sender, don't open it </li></ul><ul><li>7. Junk mail filters can be combined if needed, e.g. may add SpamAssassin to Thunderbird etc, they also need to be trained </li></ul>
  20. 20. <ul><li>8. Your computer is not a box of chocolates (sorry, Forrest!). Or else the bad guys won't even need a rootkit </li></ul><ul><li>9. MS Office, Outlook and IE are </li></ul><ul><ul><li>Big targets </li></ul></ul><ul><ul><li>Easy targets </li></ul></ul><ul><li>10. “A man learns all his life, yet dies a fool” - the question is, how big a fool... </li></ul>
  21. 21. Some notes about the Web <ul><li>Passwords should not be </li></ul><ul><ul><li>written down </li></ul></ul><ul><ul><li>recycled </li></ul></ul><ul><li>In case of a monetary transaction over the web </li></ul><ul><ul><li>Check the address. Twice </li></ul></ul><ul><ul><li>Check the web page – is it the right one or only poses as one? </li></ul></ul><ul><ul><li>Think critically – does a bank ask things like this? </li></ul></ul>
  22. 22. Conclusion <ul><li>Things are bad enough </li></ul><ul><li>Protecting one's machine adequately means one less machine in botnets </li></ul><ul><li>PROTECT YOURSELF AND TEACH OTHERS </li></ul>

×