Internet Security Dave Palmer Instructional Media Agent South Central Extension District How to  Protect Yourself from Exi...
Disclaimer The information presented here are only options, not recommendations.  You alone are responsible for what you d...
Agenda Part 1 - Existing threats   Scams, Phishing, Viruses, Worms, Trojans   Backdoors, Spyware, Rootkits, Botnets Part 2...
Best Practices <ul><li>Update your operating system regularly </li></ul><ul><li>Update other programs and applications reg...
Best Practices <ul><li>Use multiple layers of security for the best protection </li></ul><ul><li>There are no “safe” websi...
Malware –  mal icious soft ware Intent is to damage, disrupt, steal, control or otherwise inflict problems on computers, d...
Latest Statistics <ul><li>In 2006 there was 1 infected website for every 20,000 websites. Now it’s 1 in 150. </li></ul><ul...
Latest Statistics <ul><li>25 million new strains of malware detected in 2009 </li></ul><ul><li>66% of these new strains we...
Social Networking Threats <ul><li>Sites like MySpace, Facebook, LinkedIn, etc. </li></ul><ul><li>Threats include 3 rd  par...
Social Networking Threats <ul><li>Main risk -  information you post about yourself  that can jeopardize privacy and securi...
The Scope of the Threat Is increasing   rapidly Malware threats have   doubled   every year   since 2006 2007 2008 2006 2009
Why the Dramatic Increase? <ul><li>Signature-based recognition is the basis of most Internet security software </li></ul><...
Malware Stories  You Might Have Missed Handout Also available at: http://techteachtoo.com/category/internet-security/ Hand...
What are the Threats? <ul><li>Tracking Cookies* </li></ul><ul><li>Flash Cookies* </li></ul><ul><li>Adware </li></ul><ul><l...
Tracking Cookies <ul><li>Not malware </li></ul><ul><li>Sometimes useful </li></ul><ul><li>No personal info unless offered ...
Flash Cookies – ‘Super’ Cookies <ul><li>Largely unknown widely used </li></ul><ul><li>Never expires </li></ul><ul><li>Diff...
Flash Cookies Widely used… … including in Extension
Controlling Flash Cookies Go thru each tab and set each accordingly http://www.macromedia.com/support/documentation/en/fla...
Anatomy of a Web address http://collier.ifas.ufl.edu/HomeGarden/A-ZPubs.shtml Top Level Domain (TLD) Domains  never  have ...
Is this URL part of the University of Florida? /webmail.ufl.edu/ premline.ru /img/ http://www. Handout This is the actual ...
Shortened Links <ul><li>TinyURL.com, Bit.ly.com, many others </li></ul><ul><li>Can make a long URL into a short URL </li><...
The Answer? URL Decoders <ul><li>Untiny.me website   http://untiny.me/ </li></ul><ul><li>True URL   http://www.trueurl.net...
Spam &quot;...most non-commercial spam these days is aimed solely   to get you to click on a link ,  even out of curiosity...
Spam E-mail <ul><li>About 90% of all e-mail is spam </li></ul><ul><li>Most gets caught in e-mail filters </li></ul><ul><li...
Social Engineering Means: Manipulating people to do things or to divulge confidential information
Scams <ul><li>Appeal to curiosity, compassion, greed </li></ul><ul><li>Disasters generate large numbers of scams  </li></u...
Scams <ul><li>DO NOT  click on links in these e-mails </li></ul><ul><li>Typically offer  something of value,  ask for mone...
Scam Targets <ul><li>Dating sites  - exploit the victims’ desire for a companionship </li></ul><ul><li>Religious sites  - ...
Scams <ul><li>US - $1-$2 billion </li></ul><ul><li>UK – 150 million pounds </li></ul><ul><li>Australia - $36 million AUD <...
Phishing <ul><li>Aim is to steal valuable information such as credit cards, social security numbers, user IDs and password...
Phishing <ul><li>Often masquerades as legitimate business, or government </li></ul><ul><li>Often contains a threat or cons...
Phishing Example Link #1 Link #2
Place your cursor over the e-mail link. Right  click (If you left click on the link you might get infected) Click on ‘Copy...
The URL: http://stproofing.com /living/bankofamerica.repution/Online_BofA_Banking.UpdatingScreen.dostate=CAupdating.cfmpag...
This instruction has been send to all bank customers and is obligatory to follow. Actual URL: http://pushplaydj.ca /photos...
Phishing Sites 1 st  half of 2009  nearly 100% Increase Source: Anti-Phishing Working Group
<ul><li>Bottom line:  Legitimate organizations  never  ask for sensitive information through e-mail </li></ul>Phishing
Backdoor - malware <ul><li>Backdoors allow access to a computer without a password or user name. </li></ul><ul><li>Allows ...
Trojans <ul><li>Programs that masquerade as “good” programs </li></ul><ul><li>Often carry a “payload” or open a backdoor <...
Spyware <ul><li>Purpose is to capture information of value </li></ul><ul><li>Email addresses, usernames, passwords, credit...
Rootkit <ul><li>Actively  avoids detection </li></ul><ul><li>Has the ability to  hide & change appearance </li></ul><ul><l...
Bots or Zombies <ul><li>A “bot” is a computer infected with certain malware, and controlled remotely without the knowledge...
Simple Botnet
Botnet Statistics <ul><li>Mariposa botnet, shutdown in 2010 controlled  12.7 million  compromised computers </li></ul><ul>...
Botnet Cyber Attack Estonia, a tiny but highly wired  country  on the Baltic Sea, was essentially   shut down   for 3 week...
Another Botnet Attack Dozens of S. Korean & U.S. agencies  attacked in July 2009. Dept. of Defense, FAA, Homeland Security...
The Child Porn Connection <ul><li>Multiple cases of innocent people accused of child porn </li></ul><ul><li>Malware may re...
Part 2 – The Protection We’ve covered the threats, but how do we protect ourselves?
7-Layer Security Options 2) Wireless Router w/ hardware firewall 3) ZoneAlarm software firewall 4) Spybot w/ tea timer 5) ...
4-Layer Security Options 2) Wireless Router w/ hardware firewall 3) Use a Security Suite should include a software firewal...
Best Practices <ul><li>Treat your laptop as though it were  a wallet or purse  when away from home </li></ul><ul><li>Backu...
Encrypted websites Look for
Best Practices <ul><li>Be paranoid about e-mail attachments </li></ul><ul><li>There’s no such thing as a “safe” website </...
Best Practices <ul><li>Don’t open obvious spam –  delete it </li></ul><ul><li>Never trust unsolicited e-mails </li></ul><u...
Read the Fine Print <ul><li>When you click on the box, you are  signing a legal contract. </li></ul><ul><li>Read before ag...
Use  Good  Passwords <ul><li>Great Internet security means nothing if the bad guys can guess your passwords </li></ul><ul>...
More Passwords henearkrxern
Keep Passwords Safe <ul><li>Need a “system” of choosing and using passwords?  see handout </li></ul><ul><li>Password manag...
Password Management Software <ul><li>Password generator </li></ul><ul><li>Master password </li></ul><ul><li>Encrypted data...
USB Malware <ul><li>Flash drives  banned by US Army  in 2008 due to malware issues. </li></ul><ul><li>Ban lifted in 2010 <...
USB Flash Drive w/ Read-Only <ul><li>‘ Read-only’ or ‘write-protect’ switch prevents malware being written to the flash dr...
Update Your Operating System <ul><li>Install all security patches </li></ul><ul><li>Go to Windows Update website </li></ul...
Update/ Upgrade Your Applications <ul><li>Hackers embed malware in applications  </li></ul><ul><li>4 times  2009-10 it hap...
Update Your Applications <ul><li>Average computer holds 60+ programs </li></ul><ul><li>Use auto-update if available </li><...
7-Layer Security Options 2) Wireless Router w/ hardware firewall 3) ZoneAlarm software firewall 4) Spybot w/ tea timer 5) ...
Hardware Router w/Firewall <ul><li>First layer of defense </li></ul><ul><li>Most wireless routers have a firewall </li></u...
Software Firewall <ul><li>Protects against inbound attacks and  outbound communication  by malware </li></ul><ul><li>ZoneA...
Software Firewall <ul><li>Vista or Windows 7 - Use the pre-installed Windows firewall. </li></ul><ul><li>Turn it off  befo...
7-Layer Security Options 2) Wireless Router w/ hardware firewall 3) ZoneAlarm software firewall 4) Spybot w/ tea timer 5) ...
Anti-spyware: Spybot Search & Destroy <ul><li>Detects and removes: adware spyware Trojans keyloggers dialers </li></ul><ul...
Spybot Search & Destroy <ul><li>Installation of software, including malware, changes the registry </li></ul><ul><li>Spybot...
Spybot Search and Destroy ‘ Immunization’ feature helps block installation of some malware, plus it tweaks browser setting...
Anti-spyware: Super AntiSpyware <ul><li>Detects & removes: spyware Adware Trojans Dialers Worms HiJackers KeyLoggers Rootk...
Only tracking cookies
Trojan location
Removal Reboot
Anti-spyware: MalwareBytes <ul><li>Detects & removes many types of malware </li></ul><ul><li>Free version </li></ul><ul><l...
Antivirus Software <ul><li>Most detect & remove only viruses </li></ul><ul><li>Many software options, free, free trial, pa...
“Rogue” or fake anti-malware
Rogue Anti-Malware Products  600% Increase  1 st  Half of 2009 Also known as “scareware, ransomware”
“ Rogue” Anti-malware products <ul><li>Includes fake anti-virus, fake anti-spyware products </li></ul><ul><li>They DO NOT ...
To buy products other than those mentioned  Type the name of the software into Google and read the results that appear.
Find a System That Works for You <ul><li>Run Secunia – update apps as needed </li></ul><ul><li>Export bookmarks / favorite...
7-Layer Security Options 2) Wireless Router w/ hardware firewall 3) ZoneAlarm software firewall 4) Spybot w/ tea timer 5) ...
Backup Your Data <ul><li>Why backup? </li></ul><ul><li>Data loss or corruption </li></ul><ul><li>Human error, fire, flood,...
Backup Your Data <ul><li>Many ways to backup </li></ul><ul><li>Data only, whole system, online, local </li></ul><ul><li>Co...
Data-Only Backup <ul><li>Dozens of software choices for every budget including free </li></ul><ul><li>Backs up selected fi...
Whole-System Backup <ul><li>Takes an “image” of the whole system not  each file individually </li></ul><ul><li>Included in...
Online Backup Options <ul><li>Advantages </li></ul><ul><li>Inexpensive </li></ul><ul><li>Some operate in the background </...
Local External Backup <ul><li>Advantages </li></ul><ul><li>Low one-time cost 1 TB less than $100 </li></ul><ul><li>Multi-p...
7-Layer Security Options 2) Wireless Router w/ hardware firewall 3) ZoneAlarm software firewall 4) Spybot w/ tea timer 5) ...
User Accounts <ul><li>All users should be required to log in, even at home  </li></ul><ul><li>A PC with no log-in password...
<ul><li>The Windows default is to run in Administrator mode - allows easy installation of other programs –  even malware <...
4-Layer Security Options 2) Wireless Router w/ hardware firewall 3) Use a Security Suite 4) Backup Data Data 1) Use Best P...
Security Suite Options <ul><li>Webroot  </li></ul><ul><li>Kaspersky </li></ul><ul><li>BitDefender </li></ul><ul><li>Norton...
Security Suite Information <ul><li>Security Software Testing service http://www.matousec.com/projects/proactive-security-c...
Secure Browsing Options FireFox with Security Plugins <ul><li>Plugins are a feature that can be added to a larger program ...
<ul><li>Creates a small “virtual” space inside your computer called a “sandbox.” </li></ul><ul><li>Can run a program or  a...
CompUSA, Geek Squad,  Local repair shop When you do need help… 3) Online help   forums 4) Commercial   Repair 2) Local PC ...
Don’t Forget ‘Safe Mode’ <ul><li>Stops malware from running & defending itself </li></ul><ul><li>Windows versions have dif...
<ul><li>50+ groups around the state. Dues avg $12-$35/yr </li></ul><ul><li>Classes, meetings, learn about computers, build...
Help / Support Forums <ul><li>Can be very useful when you need help.  A few suggestions:  </li></ul><ul><li>Do your readin...
Support Forums
Resources My website is at :  TechTeachToo.com - Practical technology tips & tricks - Relevant tech news  - Software revie...
Many thanks to… <ul><li>Bill Black – IT Support Ninja </li></ul><ul><li>Brent Broaddus – Local IT Jedi </li></ul><ul><li>D...
Upcoming SlideShare
Loading in...5
×

100812 internet security2.0

1,775

Published on

This 2 hour presentation provides an overview of Internet Security. The first part addresses current threats such as viruses, Trojans, backdoors, botnets and more. The second part talks about how to protect yourself from these threats by changing the way you surf the ‘Net and by understanding your software and hardware options.

Published in: Technology
1 Comment
1 Like
Statistics
Notes
  • plz sir send me the presentation of internet security
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Views
Total Views
1,775
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
161
Comments
1
Likes
1
Embeds 0
No embeds

No notes for slide

100812 internet security2.0

  1. 1. Internet Security Dave Palmer Instructional Media Agent South Central Extension District How to Protect Yourself from Existing Internet Threats 2.0
  2. 2. Disclaimer The information presented here are only options, not recommendations. You alone are responsible for what you do on your own computer.
  3. 3. Agenda Part 1 - Existing threats Scams, Phishing, Viruses, Worms, Trojans Backdoors, Spyware, Rootkits, Botnets Part 2 - Protection Layered Security Best Practices Security Software & Suites Backups Support
  4. 4. Best Practices <ul><li>Update your operating system regularly </li></ul><ul><li>Update other programs and applications regularly </li></ul><ul><li>Backup your data or your whole system on a regular basis. </li></ul>Handout
  5. 5. Best Practices <ul><li>Use multiple layers of security for the best protection </li></ul><ul><li>There are no “safe” websites. Any website can be compromised. </li></ul><ul><li>Use STRONG passwords where money or sensitive information is involved. </li></ul>Handout
  6. 6. Malware – mal icious soft ware Intent is to damage, disrupt, steal, control or otherwise inflict problems on computers, data, hosts, or networks.
  7. 7. Latest Statistics <ul><li>In 2006 there was 1 infected website for every 20,000 websites. Now it’s 1 in 150. </li></ul><ul><li>1 in 78 links in instant messages leads to malware. Experts predict that will rise to 1 in 12. </li></ul>
  8. 8. Latest Statistics <ul><li>25 million new strains of malware detected in 2009 </li></ul><ul><li>66% of these new strains were Trojans </li></ul><ul><li>McAfee reported a new record in the 2 nd quarter of 2010 - 6 million new malware recorded </li></ul>
  9. 9. Social Networking Threats <ul><li>Sites like MySpace, Facebook, LinkedIn, etc. </li></ul><ul><li>Threats include 3 rd party applications and quizzes, games, shortened links </li></ul><ul><li>May contain malware, worms viruses, etc. but not the main threat </li></ul>
  10. 10. Social Networking Threats <ul><li>Main risk - information you post about yourself that can jeopardize privacy and security like… </li></ul><ul><li>Date of birth, phone number, address, resume, current activities or other ways to specifically identify who you are and where you are . </li></ul>
  11. 11. The Scope of the Threat Is increasing rapidly Malware threats have doubled every year since 2006 2007 2008 2006 2009
  12. 12. Why the Dramatic Increase? <ul><li>Signature-based recognition is the basis of most Internet security software </li></ul><ul><li>Many malware variants now create unique versions of themselves for individual users to avoid signature-based recognition . </li></ul><ul><li>Such malware is called “polymorphic.” </li></ul>
  13. 13. Malware Stories You Might Have Missed Handout Also available at: http://techteachtoo.com/category/internet-security/ Handout
  14. 14. What are the Threats? <ul><li>Tracking Cookies* </li></ul><ul><li>Flash Cookies* </li></ul><ul><li>Adware </li></ul><ul><li>Hoaxes </li></ul><ul><li>Scams* </li></ul><ul><li>Phishing* </li></ul>Not malware <ul><li>Backdoors* </li></ul><ul><li>Keyloggers </li></ul><ul><li>Viruses </li></ul><ul><li>Worms </li></ul><ul><li>Trojans* </li></ul><ul><li>Spyware* </li></ul><ul><li>Rootkits* </li></ul><ul><li>Bots* </li></ul>Malware
  15. 15. Tracking Cookies <ul><li>Not malware </li></ul><ul><li>Sometimes useful </li></ul><ul><li>No personal info unless offered </li></ul><ul><li>Storage can be limited </li></ul><ul><li>Can be set to expire </li></ul><ul><li>Easy to remove </li></ul>
  16. 16. Flash Cookies – ‘Super’ Cookies <ul><li>Largely unknown widely used </li></ul><ul><li>Never expires </li></ul><ul><li>Difficult to find & remove </li></ul><ul><li>Can send info w/o your permission </li></ul><ul><li>Not a big threat </li></ul>Adobe Flash logo
  17. 17. Flash Cookies Widely used… … including in Extension
  18. 18. Controlling Flash Cookies Go thru each tab and set each accordingly http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager03.html
  19. 19. Anatomy of a Web address http://collier.ifas.ufl.edu/HomeGarden/A-ZPubs.shtml Top Level Domain (TLD) Domains never have a single slash on both ends 2 Handouts Handout Web folder domain subdomains Webpage URL or Web address Notice the slashes (/)
  20. 20. Is this URL part of the University of Florida? /webmail.ufl.edu/ premline.ru /img/ http://www. Handout This is the actual domain This is a domain registered in Russia. It’s not connected with UF. See the slashes? This is not the domain!
  21. 21. Shortened Links <ul><li>TinyURL.com, Bit.ly.com, many others </li></ul><ul><li>Can make a long URL into a short URL </li></ul>They change this: http://hillsborough.extension.ufl.edu/internetsecurityresources.html Into this: http://tinyurl.com/2eqmr32
  22. 22. The Answer? URL Decoders <ul><li>Untiny.me website http://untiny.me/ </li></ul><ul><li>True URL http://www.trueurl.net/service/ website or FF addon </li></ul><ul><li>LongURLplease – http://www.longurlplease.com/ Firefox addon and bookmarklet </li></ul><ul><li>More information at: http://techteachtoo.com/url-decoders/ </li></ul>
  23. 23. Spam &quot;...most non-commercial spam these days is aimed solely to get you to click on a link , even out of curiosity. As soon as you click on that link, you're infected , most likely to become yet another botnet victim , have your identity and information stolen and go on to participate, all unknowingly in the infection of further victims .&quot; Rik Ferguson senior security analyst Trend Micro
  24. 24. Spam E-mail <ul><li>About 90% of all e-mail is spam </li></ul><ul><li>Most gets caught in e-mail filters </li></ul><ul><li>Spam increased 14% in 1 st half of 2010 </li></ul><ul><li>Just 2 botnets generate 53% of all spam </li></ul><ul><li>Spam is the primary means of distributing malware </li></ul>
  25. 25. Social Engineering Means: Manipulating people to do things or to divulge confidential information
  26. 26. Scams <ul><li>Appeal to curiosity, compassion, greed </li></ul><ul><li>Disasters generate large numbers of scams </li></ul><ul><li>Appear legitimate </li></ul>
  27. 27. Scams <ul><li>DO NOT click on links in these e-mails </li></ul><ul><li>Typically offer something of value, ask for money in advance </li></ul><ul><li>Nearly impossible to track the monetary transactions </li></ul>
  28. 28. Scam Targets <ul><li>Dating sites - exploit the victims’ desire for a companionship </li></ul><ul><li>Religious sites - seek donations for “worthy cause” </li></ul><ul><li>Social websites - exploit personal info </li></ul>
  29. 29. Scams <ul><li>US - $1-$2 billion </li></ul><ul><li>UK – 150 million pounds </li></ul><ul><li>Australia - $36 million AUD </li></ul>Estimated annual losses
  30. 30. Phishing <ul><li>Aim is to steal valuable information such as credit cards, social security numbers, user IDs and passwords </li></ul><ul><li>Usually done by e-mail </li></ul><ul><li>Social engineering </li></ul>2 Handouts
  31. 31. Phishing <ul><li>Often masquerades as legitimate business, or government </li></ul><ul><li>Often contains a threat or consequence </li></ul><ul><li>E-mails try look genuine, trustworthy </li></ul>Excellent Phishing IQ test: www.sonicwall/phishing/
  32. 32. Phishing Example Link #1 Link #2
  33. 33. Place your cursor over the e-mail link. Right click (If you left click on the link you might get infected) Click on ‘Copy Shortcut’ Open a Word doc or Notepad Paste
  34. 34. The URL: http://stproofing.com /living/bankofamerica.repution/Online_BofA_Banking.UpdatingScreen.dostate=CAupdating.cfmpage=corp_bofacom.BankofAmricaScreen.dostate=CA/ The link: Link #1
  35. 35. This instruction has been send to all bank customers and is obligatory to follow. Actual URL: http://pushplaydj.ca /photos/albums/userpics/notice/www.bankofamerica.com/ Link #2
  36. 36. Phishing Sites 1 st half of 2009 nearly 100% Increase Source: Anti-Phishing Working Group
  37. 37. <ul><li>Bottom line: Legitimate organizations never ask for sensitive information through e-mail </li></ul>Phishing
  38. 38. Backdoor - malware <ul><li>Backdoors allow access to a computer without a password or user name. </li></ul><ul><li>Allows downloading of more malware </li></ul>
  39. 39. Trojans <ul><li>Programs that masquerade as “good” programs </li></ul><ul><li>Often carry a “payload” or open a backdoor </li></ul><ul><li>Can spy, steal information, log keystrokes, phone home & download other malware </li></ul>
  40. 40. Spyware <ul><li>Purpose is to capture information of value </li></ul><ul><li>Email addresses, usernames, passwords, credit card info, etc. </li></ul><ul><li>Can transmit this information </li></ul>
  41. 41. Rootkit <ul><li>Actively avoids detection </li></ul><ul><li>Has the ability to hide & change appearance </li></ul><ul><li>Can turn off System Restore, anti-virus, anti spyware programs </li></ul><ul><li>Very difficult to remove even for experts </li></ul>
  42. 42. Bots or Zombies <ul><li>A “bot” is a computer infected with certain malware, and controlled remotely without the knowledge of the user </li></ul><ul><li>Combined into networks called botnets </li></ul><ul><li>Botnets rented or sold to criminals </li></ul>
  43. 43. Simple Botnet
  44. 44. Botnet Statistics <ul><li>Mariposa botnet, shutdown in 2010 controlled 12.7 million compromised computers </li></ul><ul><li>Over 3,000 botnets are believed to exist </li></ul><ul><li>Botnets use compromised computers send 100+ billion spam messages daily </li></ul><ul><li>Botnets also used to attack commercial & government websites. </li></ul>
  45. 45. Botnet Cyber Attack Estonia, a tiny but highly wired country on the Baltic Sea, was essentially shut down for 3 weeks during April and May of 2007 by organized cyber (botnet) attacks.
  46. 46. Another Botnet Attack Dozens of S. Korean & U.S. agencies attacked in July 2009. Dept. of Defense, FAA, Homeland Security, NYSE, NASDAQ, etc.
  47. 47. The Child Porn Connection <ul><li>Multiple cases of innocent people accused of child porn </li></ul><ul><li>Malware may redirect a computer to webpages </li></ul><ul><li>Or visit child porn sites at a rate of 40/minute </li></ul><ul><li>Use remotely controlled computers for storage </li></ul><ul><li>http://www.theregister.co.uk/2009/11/09/malware_child_abuse_images_frame_up/ </li></ul>
  48. 48. Part 2 – The Protection We’ve covered the threats, but how do we protect ourselves?
  49. 49. 7-Layer Security Options 2) Wireless Router w/ hardware firewall 3) ZoneAlarm software firewall 4) Spybot w/ tea timer 5) Super Anti Spyware 6) Anti virus software 1) Use Best Practices 7) Backup Data Optional: Create user accounts Data
  50. 50. 4-Layer Security Options 2) Wireless Router w/ hardware firewall 3) Use a Security Suite should include a software firewall, anti-virus and anti-spyware 4) Backup Data Data 1) Use Best Practices Optional: Create user accounts
  51. 51. Best Practices <ul><li>Treat your laptop as though it were a wallet or purse when away from home </li></ul><ul><li>Backup regularly </li></ul><ul><li>Don’t conduct financial transactions online on non-encrypted sites ( look for https:// or the padlock icon ) </li></ul>Handout
  52. 52. Encrypted websites Look for
  53. 53. Best Practices <ul><li>Be paranoid about e-mail attachments </li></ul><ul><li>There’s no such thing as a “safe” website </li></ul><ul><li>Analysis of domains by Symantec revealed that 90% of infected websites are legitimate sites that had been compromised without the owners knowledge. ( July 2010 ) </li></ul>
  54. 54. Best Practices <ul><li>Don’t open obvious spam – delete it </li></ul><ul><li>Never trust unsolicited e-mails </li></ul><ul><li>Don’t click on links in e-mail – type them in </li></ul><ul><li>Use strong passwords when $$ is involved </li></ul><ul><li>Watch URLs to know where you are </li></ul><ul><li>Turn computer off when not in use </li></ul><ul><li>Nothing is foolproof – be prepared </li></ul>Handout
  55. 55. Read the Fine Print <ul><li>When you click on the box, you are signing a legal contract. </li></ul><ul><li>Read before agreeing </li></ul><ul><li>Keep a copy (paper or digital) esp. if money is involved. </li></ul>
  56. 56. Use Good Passwords <ul><li>Great Internet security means nothing if the bad guys can guess your passwords </li></ul><ul><li>Use strong passwords when dealing with $$ </li></ul>Handout
  57. 57. More Passwords henearkrxern
  58. 58. Keep Passwords Safe <ul><li>Need a “system” of choosing and using passwords? see handout </li></ul><ul><li>Password management software </li></ul><ul><li>Roboform, KeePass, FreePass , Password Safe, others </li></ul>KeePass RoboForm Handout
  59. 59. Password Management Software <ul><li>Password generator </li></ul><ul><li>Master password </li></ul><ul><li>Encrypted database of passwords </li></ul><ul><li>Desktop, portable, Web-based </li></ul>
  60. 60. USB Malware <ul><li>Flash drives banned by US Army in 2008 due to malware issues. </li></ul><ul><li>Ban lifted in 2010 </li></ul><ul><li>Lots of malware is written to move on a flash drive. </li></ul>
  61. 61. USB Flash Drive w/ Read-Only <ul><li>‘ Read-only’ or ‘write-protect’ switch prevents malware being written to the flash drive </li></ul><ul><li>Useful if using multiple unfamiliar computers </li></ul>
  62. 62. Update Your Operating System <ul><li>Install all security patches </li></ul><ul><li>Go to Windows Update website </li></ul>windowsupdate .microsoft.com/
  63. 63. Update/ Upgrade Your Applications <ul><li>Hackers embed malware in applications </li></ul><ul><li>4 times 2009-10 it happened to Adobe PDF files. Adobe issued patches. </li></ul><ul><li>Without the patches, you’re vulnerable to infection when viewing PDFs </li></ul><ul><li>Alternative – use 3 rd party (not Adobe) application to read pdfs – FoxIt reader </li></ul>
  64. 64. Update Your Applications <ul><li>Average computer holds 60+ programs </li></ul><ul><li>Use auto-update if available </li></ul><ul><li>Update manually if needed </li></ul><ul><li>Use Secunia.com , others </li></ul><ul><li>Free, safe, checks your programs, notifies you if updates are needed </li></ul>
  65. 65. 7-Layer Security Options 2) Wireless Router w/ hardware firewall 3) ZoneAlarm software firewall 4) Spybot w/ tea timer 5) Super Anti Spyware 6) Anti virus software 1) Use Best Practices 7) Backup Data Optional: Create user accounts Data
  66. 66. Hardware Router w/Firewall <ul><li>First layer of defense </li></ul><ul><li>Most wireless routers have a firewall </li></ul><ul><li>Hard wire if possible </li></ul><ul><li>Protects against incoming attacks </li></ul><ul><li>$100 - $150 </li></ul>
  67. 67. Software Firewall <ul><li>Protects against inbound attacks and outbound communication by malware </li></ul><ul><li>ZoneAlarm, Comodo free & paid versions just get basic firewall, Vista and Windows 7 has good firewall too </li></ul>Outbound Communication
  68. 68. Software Firewall <ul><li>Vista or Windows 7 - Use the pre-installed Windows firewall. </li></ul><ul><li>Turn it off before installing another, including security suites DO NOT use more than 1 software firewall </li></ul><ul><li>If you have the XP operating system you SHOULD obtain a software firewall. DO NOT use XP’s firewall . </li></ul>
  69. 69. 7-Layer Security Options 2) Wireless Router w/ hardware firewall 3) ZoneAlarm software firewall 4) Spybot w/ tea timer 5) Super Anti Spyware 6) Anti virus software 1) Use Best Practices 7) Backup Data Optional: Create user accounts Data
  70. 70. Anti-spyware: Spybot Search & Destroy <ul><li>Detects and removes: adware spyware Trojans keyloggers dialers </li></ul><ul><li>Free - Real-time protection - Donations only </li></ul>
  71. 71. Spybot Search & Destroy <ul><li>Installation of software, including malware, changes the registry </li></ul><ul><li>Spybot warns of potential registry changes with “TeaTimer” feature </li></ul>
  72. 72. Spybot Search and Destroy ‘ Immunization’ feature helps block installation of some malware, plus it tweaks browser settings to help block cookies, malware installations, bad websites and more.
  73. 73. Anti-spyware: Super AntiSpyware <ul><li>Detects & removes: spyware Adware Trojans Dialers Worms HiJackers KeyLoggers Rootkits </li></ul>- Free version available - Paid version includes Real-time protection Scheduling of scans $29.95 $14.95 $9.95
  74. 74. Only tracking cookies
  75. 75. Trojan location
  76. 76. Removal Reboot
  77. 77. Anti-spyware: MalwareBytes <ul><li>Detects & removes many types of malware </li></ul><ul><li>Free version </li></ul><ul><li>Full version $24.95 one-time fee real-time protection automatic updates automated scheduling </li></ul>
  78. 78. Antivirus Software <ul><li>Most detect & remove only viruses </li></ul><ul><li>Many software options, free, free trial, paid </li></ul><ul><li>UF faculty has access to McAfee for free </li></ul><ul><li>Do not install multiple anti-virus programs </li></ul>
  79. 79. “Rogue” or fake anti-malware
  80. 80. Rogue Anti-Malware Products 600% Increase 1 st Half of 2009 Also known as “scareware, ransomware”
  81. 81. “ Rogue” Anti-malware products <ul><li>Includes fake anti-virus, fake anti-spyware products </li></ul><ul><li>They DO NOT protect you </li></ul><ul><li>They may install or download malware </li></ul><ul><li>Very difficult to uninstall </li></ul><ul><li>May ask for money to uninstall </li></ul><ul><li>This type called “ransomeware” </li></ul><ul><li>Investigate before buying </li></ul>
  82. 82. To buy products other than those mentioned Type the name of the software into Google and read the results that appear.
  83. 83. Find a System That Works for You <ul><li>Run Secunia – update apps as needed </li></ul><ul><li>Export bookmarks / favorites </li></ul><ul><li>Scan with anti-spyware program(s) </li></ul><ul><li>Scan with anti-virus program – 1 only </li></ul><ul><li>When finished set a Restore Point </li></ul><ul><li>Backup whole system with image tool </li></ul><ul><li>Backup data only </li></ul><ul><li>Label all backups as “clean” & add date </li></ul>
  84. 84. 7-Layer Security Options 2) Wireless Router w/ hardware firewall 3) ZoneAlarm software firewall 4) Spybot w/ tea timer 5) Super Anti Spyware 6) Anti virus software 1) Use Best Practices 7) Backup Data Optional: Create user accounts Data
  85. 85. Backup Your Data <ul><li>Why backup? </li></ul><ul><li>Data loss or corruption </li></ul><ul><li>Human error, fire, flood, malware </li></ul><ul><li>Backing up is cheaper, easier than re-creating the data </li></ul>
  86. 86. Backup Your Data <ul><li>Many ways to backup </li></ul><ul><li>Data only, whole system, online, local </li></ul><ul><li>Compressed, uncompressed, automated </li></ul>
  87. 87. Data-Only Backup <ul><li>Dozens of software choices for every budget including free </li></ul><ul><li>Backs up selected files </li></ul><ul><li>Paid products typically use proprietary compression </li></ul><ul><li>SyncToy – Free MS program – no compression </li></ul>Back2Zip free software
  88. 88. Whole-System Backup <ul><li>Takes an “image” of the whole system not each file individually </li></ul><ul><li>Included in Win 7, others include Acronis, Norton Ghost </li></ul><ul><li>Backup in 20-30 min, restore - 30 min to 1 hr </li></ul>
  89. 89. Online Backup Options <ul><li>Advantages </li></ul><ul><li>Inexpensive </li></ul><ul><li>Some operate in the background </li></ul><ul><li>Disadvantages </li></ul><ul><li>Monthly fee </li></ul><ul><li>Depends on Internet access </li></ul>
  90. 90. Local External Backup <ul><li>Advantages </li></ul><ul><li>Low one-time cost 1 TB less than $100 </li></ul><ul><li>Multi-purpose </li></ul><ul><li>Easily accessible </li></ul><ul><li>Disadvantage </li></ul><ul><li>Risks similar to original data </li></ul><ul><li>Note – keep unit unplugged unless in use </li></ul>External Hard Drive
  91. 91. 7-Layer Security Options 2) Wireless Router w/ hardware firewall 3) ZoneAlarm software firewall 4) Spybot w/ tea timer 5) Super Anti Spyware 6) Anti virus software 1) Use Best Practices 7) Backup Data Optional: Create user accounts Data
  92. 92. User Accounts <ul><li>All users should be required to log in, even at home </li></ul><ul><li>A PC with no log-in password is like a car with the keys in the ignition. </li></ul><ul><li>Most malware requires administrator privileges to work </li></ul>2 Handouts
  93. 93. <ul><li>The Windows default is to run in Administrator mode - allows easy installation of other programs – even malware </li></ul><ul><li>A safer option is to create a user account without admin privileges </li></ul><ul><li>Use admin account only when installing software. </li></ul><ul><li>Handouts contain how-to instructions for Windows XP and Vista </li></ul>User Accounts 2 Handouts
  94. 94. 4-Layer Security Options 2) Wireless Router w/ hardware firewall 3) Use a Security Suite 4) Backup Data Data 1) Use Best Practices Optional: Create user accounts
  95. 95. Security Suite Options <ul><li>Webroot </li></ul><ul><li>Kaspersky </li></ul><ul><li>BitDefender </li></ul><ul><li>Norton </li></ul><ul><li>ESET </li></ul><ul><li>Trend Micro </li></ul><ul><li>AVG </li></ul><ul><li>ZoneAlarm </li></ul><ul><li>McAfee </li></ul><ul><li>F-Secure </li></ul><ul><li>Avira </li></ul><ul><li>Panda </li></ul><ul><li>Symantec </li></ul><ul><li>PC Tools </li></ul>
  96. 96. Security Suite Information <ul><li>Security Software Testing service http://www.matousec.com/projects/proactive-security-challenge/results.php </li></ul><ul><li>Comprehensive information http://www.firewallguide.com/suites.htm#More_Security_Suites </li></ul>
  97. 97. Secure Browsing Options FireFox with Security Plugins <ul><li>Plugins are a feature that can be added to a larger program to expand capabilities </li></ul><ul><li>NoScript – plugin to stop web scripts from running </li></ul><ul><li>Better Privacy – plugin to control Flash cookies </li></ul>
  98. 98. <ul><li>Creates a small “virtual” space inside your computer called a “sandbox.” </li></ul><ul><li>Can run a program or a browser inside the sandbox. </li></ul><ul><li>Whatever happens in there stays in there unless you say otherwise </li></ul>Secure Browsing Options - Sandboxie
  99. 99. CompUSA, Geek Squad, Local repair shop When you do need help… 3) Online help forums 4) Commercial Repair 2) Local PC Users Group 1) Friends & family You
  100. 100. Don’t Forget ‘Safe Mode’ <ul><li>Stops malware from running & defending itself </li></ul><ul><li>Windows versions have different process </li></ul><ul><li>Boots using minimal programs - no malware </li></ul><ul><li>You should see “Safe Mode” in all 4 corners of your screen </li></ul><ul><li>Run your scanning programs normally </li></ul><ul><li>To exit Safe Mode, reboot </li></ul>
  101. 101. <ul><li>50+ groups around the state. Dues avg $12-$35/yr </li></ul><ul><li>Classes, meetings, learn about computers, build relationships </li></ul><ul><li>Members help members with problems </li></ul><ul><li>For more info go to Fla Assn of Computer User Groups http://www.facug.org/ </li></ul>PC Users Groups
  102. 102. Help / Support Forums <ul><li>Can be very useful when you need help. A few suggestions: </li></ul><ul><li>Do your reading. You may be able to find what you need without asking any questions. </li></ul><ul><li>Sign up for a free account. </li></ul><ul><li>Read the rules, stickys and FAQs before you start asking questions. </li></ul>Handout
  103. 103. Support Forums
  104. 104. Resources My website is at : TechTeachToo.com - Practical technology tips & tricks - Relevant tech news - Software reviews & tutorials - A brief weekly newsletter
  105. 105. Many thanks to… <ul><li>Bill Black – IT Support Ninja </li></ul><ul><li>Brent Broaddus – Local IT Jedi </li></ul><ul><li>DarryD – Obi-Wan & IT Master </li></ul>My Time is UP!
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×