Dark Alleys Part1

2,061 views
1,952 views

Published on

Internet Security. Tips in how to keep your internet secure.

Published in: Economy & Finance, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
2,061
On SlideShare
0
From Embeds
0
Number of Embeds
22
Actions
Shares
0
Downloads
58
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • Dark Alleys Part1

    1. 1. Dark Alleys of the Internet Part 1 ACE/NETC 2007 June 19, 2007 Albuquerque, NM
    2. 2. Security <ul><li>Security is the condition of being protected against danger or loss ( http://en.wikipedia.org/wiki/Security ) </li></ul><ul><li>Tradeoff between risk to assets & mitigation of risk to those assets </li></ul>
    3. 3. “ But I Have Nothing” <ul><li>How Wrong! </li></ul><ul><ul><li>Pass your wallets down the row </li></ul></ul><ul><ul><li>Pass your cell phones down the row </li></ul></ul><ul><ul><li>Pass your list of phone numbers down the row </li></ul></ul><ul><li>Recognize that you have something of value on the computer or network </li></ul>
    4. 4. Assets?
    5. 5. Assets <ul><li>University Financial System </li></ul><ul><li>Personally Identifiable Information (PII) </li></ul><ul><li>Clients’ PII </li></ul><ul><li>Your account </li></ul><ul><li>Credit Cards </li></ul><ul><li>Phone Companies </li></ul>
    6. 6. Passwords <ul><li>A common security solution is password </li></ul><ul><li>No reason to share password because you can: </li></ul><ul><ul><li>Share files/folders </li></ul></ul><ul><ul><li>Remote Desktop </li></ul></ul><ul><ul><li>E-mail Proxy </li></ul></ul><ul><ul><li>Online Resources like Google Docs </li></ul></ul>
    7. 7. Managing Passwords <ul><li>Trade-offs </li></ul><ul><ul><li>Different passwords for different systems </li></ul></ul><ul><ul><li>Require passwords to change </li></ul></ul><ul><li>Password Managers </li></ul><ul><ul><li>Password Safe </li></ul></ul><ul><ul><ul><li>http://passwordsafe.sourceforge.net </li></ul></ul></ul><ul><ul><li>Others </li></ul></ul><ul><ul><ul><li>http://www.lifehack.org/articles/technology/10-free-ways-to-track-all-your-passwords.html </li></ul></ul></ul><ul><li>Choosing a good pass phrase </li></ul><ul><ul><li>“ 1wbiDCH” (I was born in Dale County Hospital) </li></ul></ul><ul><ul><li>http://www.aces.edu/extconnections/2006/10/ </li></ul></ul>
    8. 8. Safely Using Email Avoid hoaxes and phishing attempts
    9. 9. Hoaxes <ul><li>Trickery </li></ul><ul><li>Please forward </li></ul><ul><li>Usually harmless </li></ul><ul><li>Waste time and resources </li></ul>
    10. 10. Phishing Clues <ul><li>Return address appears to be legitimate </li></ul><ul><li>Warns of consequences unless urgent action is taken </li></ul><ul><li>No personal info or account name/number in message </li></ul><ul><li>Name of link doesn’t match destination </li></ul><ul><ul><li>Name of link: https://www.firstnational.com </li></ul></ul><ul><ul><li>Destination of link: http://www.sargonas.con/firstnational/login.htm </li></ul></ul><ul><li>Link is not secure (HTTPS) </li></ul><ul><li>http://www.aces.edu/extconnections/2006/12 </li></ul><ul><li>http://www.wikipedia.org/wiki/Phishing </li></ul><ul><li>http://jdorner.blogspot.com/2007/03/every-now-and-then-i-come-across.html </li></ul>
    11. 11. Don’t Become A Victim <ul><li>“ Google” a sentence from the message to see if it’s a hoax or phishing attempt </li></ul><ul><li>Never click on web links and be mindful of HTTPS </li></ul><ul><li>Only open attachments which are in expected messages (just because you know the sender doesn’t mean the message is legitimate) </li></ul>
    12. 12. Protecting You and Your Operating System
    13. 13. Ways to Secure MS Windows <ul><li>Install virus protection software </li></ul><ul><li>Turn on the Windows firewall </li></ul><ul><li>Turn on Windows updates </li></ul><ul><li>Use spyware/adware prevention software </li></ul><ul><li>Use Windows Security Center </li></ul><ul><li>Use limited accounts </li></ul><ul><li>Use password for every account </li></ul>
    14. 14. Virus Protection Software <ul><li>Install & routinely update virus protection software </li></ul><ul><ul><li>McAfee </li></ul></ul><ul><ul><ul><li>Virus Protection Only! </li></ul></ul></ul><ul><ul><ul><li>Purchase from any Office Supply Store </li></ul></ul></ul><ul><ul><li>AVG </li></ul></ul><ul><ul><ul><li>Free for non-commercial use </li></ul></ul></ul><ul><ul><ul><li>Download at www.downloads.com </li></ul></ul></ul><ul><ul><li>Symantec (Norton) </li></ul></ul><ul><ul><ul><li>Resource intensive </li></ul></ul></ul>
    15. 15. Windows Firewall <ul><li>Choose “On” </li></ul><ul><li>Only unblock programs that you trust </li></ul>
    16. 16. Windows Updates <ul><li>Select “Automatic (recommended)” </li></ul><ul><li>Select “Everyday” </li></ul><ul><li>Choose an appropriate time </li></ul><ul><li>Leave computer on! (check sleep/ hibernate) </li></ul>
    17. 17. Spyware/Malware Prevention Software <ul><li>Preventative—combine w/ Reactive </li></ul><ul><ul><li>Windows Defender </li></ul></ul><ul><ul><ul><li>http://www.microsoft.com/athome/security/spyware/software/default.mspx </li></ul></ul></ul><ul><ul><li>AVG Anti-Spyware </li></ul></ul><ul><ul><ul><li>www.downloads.com </li></ul></ul></ul><ul><li>Reactive (run once a week) </li></ul><ul><ul><li>Spybot </li></ul></ul><ul><ul><ul><li>www.downloads.com </li></ul></ul></ul><ul><ul><li>Adaware </li></ul></ul><ul><ul><ul><li>www.downloads.com </li></ul></ul></ul>
    18. 18. Security Center <ul><li>Ensures: </li></ul><ul><ul><li>Firewall is on </li></ul></ul><ul><ul><li>Automatic updates are installed </li></ul></ul><ul><ul><li>Virus protection installed & up-to-date </li></ul></ul>
    19. 19. Security Center Click on the shield to fix the problem You don’t want the RED or Yellow shield
    20. 20. Limited Accounts <ul><li>Prohibited from installing software </li></ul><ul><ul><li>Prevents installation of malware/viruses </li></ul></ul><ul><ul><li>User has access to currently installed software </li></ul></ul><ul><li>Prohibited from accessing Administrator’s documents & settings </li></ul><ul><ul><li>Prevents changes to administrator password </li></ul></ul><ul><ul><li>Prevents access to Administrator’s Documents, Desktop, etc. </li></ul></ul><ul><li>Create/modify system accounts under “ Control Panel/User Accounts ” </li></ul>
    21. 21. Limited Accounts <ul><li>Easily switch between accounts </li></ul><ul><li>Leave programs running while others login (windows-L) </li></ul>
    22. 22. Home Networking Everyone Needs a Router!
    23. 23. Home Networking Routers <ul><li>One internet connection, multiple computers </li></ul><ul><li>Firewall protection </li></ul><ul><li>Access restrictions </li></ul>
    24. 24. One Internet Connection
    25. 25. Firewall Protection <ul><li>One-way valve that lets you out, but doesn’t let intruders in </li></ul><ul><ul><li>Prevents unauthorized access to your computer(s) </li></ul></ul><ul><ul><li>Hides your computer(s) from the internet while still allowing access to the internet </li></ul></ul><ul><li>Justification: Attacks on AU (week of 5/28-6/02) </li></ul><ul><ul><li>90,540 blocked </li></ul></ul><ul><ul><li>25,147 suspicious </li></ul></ul><ul><ul><li>3,893 possibly successful </li></ul></ul>
    26. 26. Access Restrictions <ul><li>Control when a computer can access the internet </li></ul><ul><ul><li>Deny/Allow by website or keyword </li></ul></ul><ul><li>Multiple configurations </li></ul><ul><ul><li>Everyday or only on school days etc. </li></ul></ul><ul><ul><li>All the time, or only between 4p.m. & 10p.m, etc. </li></ul></ul>
    27. 27. Secure Wireless <ul><li>Disable wireless, if you’re not using it </li></ul><ul><li>Most routers can be configured w/a CD </li></ul><ul><li>What can be done manually? </li></ul><ul><ul><li>Change the SSID (wireless network name) </li></ul></ul><ul><ul><li>Disable SSID Broadcast (make it invisible) </li></ul></ul><ul><ul><li>Require a password to join the wireless network </li></ul></ul><ul><ul><li>Restrict by MAC address </li></ul></ul>
    28. 28. Questions? Thank You! Greg Parmer , Jonas Bowersock , Scott Snyder , Anne Adrian

    ×