Online Security


Published on

Presentation slides for a class in online security at the Socastee South Carolina public library.

  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Online Security

  1. 1. Online Security Internet 303 - Socastee South Carolina Public Library Visualization of the various routes through a portion of the Internet Source: WWW.Wikipedia.Com A link to and discussion of this presentation on the web can be found on my blog. Go to http:WhiteHouseComputing.Blogspot.Com and scroll down if necessary to “Online Security Class”
  2. 2. Online Security Common Computer Security Myths <ul><li>Myth: “ There is nothing important on my computer, so no attacker would want to access it” </li></ul><ul><li>Reality: </li></ul><ul><ul><li>“ Internet Background Radiation” – a techie term that refers to the constant stream of probes and malicious traffic on the internet. </li></ul></ul><ul><ul><li>Probes are looking for any machine that can be “hijacked” to make money for their hijackers. </li></ul></ul><ul><ul><ul><ul><ul><li>Spam Robots (spambot) </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>Zombies trained to attack web sites on demand (extortion robots) </li></ul></ul></ul></ul></ul>
  3. 3. Online Security Common Computer Security Myths <ul><li>Myth: “The biggest security threats involve hackers who target individual computer users”. </li></ul><ul><li>Reality: </li></ul><ul><ul><li>Many probes are automated. Computers under program control can probe other computers much faster than computers under human control can. </li></ul></ul>
  4. 4. Online Security Common Computer Security Myths <ul><li>Myth: “Paying bills online increases the risk of identity theft”. </li></ul><ul><li>Reality: </li></ul><ul><ul><li>Communication from the browser can be secure encrypted </li></ul></ul><ul><ul><ul><li>LOOK for the LOCK </li></ul></ul></ul><ul><ul><ul><ul><li>Either bottom right or just to the right of the address entry window depending on browser and browser version </li></ul></ul></ul></ul><ul><ul><ul><li>AND look for https instead of http in the address </li></ul></ul></ul><ul><ul><ul><ul><li>For example: https://WWW.Chase.Com </li></ul></ul></ul></ul><ul><ul><li>However – above assumes no keylogers on your machine </li></ul></ul>
  5. 5. Online Security Types of Threats <ul><li>Annoyances </li></ul><ul><ul><li>Spam </li></ul></ul><ul><ul><li>Adware </li></ul></ul><ul><li>Dangerous </li></ul><ul><ul><li>Spyware </li></ul></ul><ul><ul><li>Virus </li></ul></ul><ul><ul><li>Phishing </li></ul></ul><ul><li>Enabler </li></ul><ul><ul><li>Trojan </li></ul></ul><ul><ul><li>Backdoor </li></ul></ul>MALWARE
  6. 6. Online Security Types of Threats - Annoyances <ul><li>Spam – AKA Unwanted, Unsolicited Junk Email </li></ul><ul><ul><li>Clogs your email inbox </li></ul></ul><ul><ul><li>Can be dangerous </li></ul></ul><ul><ul><ul><li>Can lead you to dangerous websites </li></ul></ul></ul><ul><ul><ul><ul><li>Example – sites that attempt to exploit unpatched bugs in your browser to insert “ backdoor ” or other malware in your system </li></ul></ul></ul></ul><ul><li>Adware – Software that delivers targeted advertisements to your computer </li></ul>
  7. 7. Online Security Types of Threats - Dangerous <ul><li>Spyware “is a type of malware that is installed surreptitiously on personal computers to collect information about users, their computer or browsing habits without their informed consent.” Wikipedia. ( Spyware ) </li></ul><ul><ul><li>Can simply record information about your browsing habits to guide Adware in delivering ads OR </li></ul></ul><ul><ul><li>Worst case: Keylogger – can record your keyboard keystrokes and transmit them over the Internet </li></ul></ul>
  8. 8. Online Security Types of Threats - Dangerous <ul><li>Virus “A computer virus is a computer program that can copy itself and infect a computer without the permission or knowledge of the owner.” Wikipedia </li></ul><ul><ul><li>How is it spread? </li></ul></ul><ul><ul><ul><li>Email attachment </li></ul></ul></ul><ul><ul><ul><li>Visiting a malicious website with an unpatched buggy browser </li></ul></ul></ul><ul><ul><ul><li>Infected files on any portable media (thumb drives, CDs, floppys, etc) </li></ul></ul></ul><ul><ul><ul><li>Over a network when file sharing is too broadly set up </li></ul></ul></ul>
  9. 9. Online Security Types of Threats - Dangerous <ul><li>Virus – How Can You Protect Yourself? </li></ul><ul><ul><li>Install an antivirus program on your computer </li></ul></ul><ul><ul><ul><li>Two parts of an Antivirus program defense </li></ul></ul></ul><ul><ul><ul><ul><li>The program itself </li></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>Understands basic look and feel of generic computer virus </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>Can also read and understand specific descriptions of specific virus family and virus </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><li>Descriptions of specific virus and virus families </li></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>New descriptions need to be downloaded to your computer on a continuing basis. </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>In commercial software, there is an annual fee for subscription. When your subscription runs out, NEW descriptions stop being downloaded. </li></ul></ul></ul></ul></ul>
  10. 10. Online Security Types of Threats - Dangerous <ul><li>Virus – How Can You Protect Yourself? </li></ul><ul><ul><li>See handout for examples of good antivirus software. </li></ul></ul><ul><ul><li>For another source go to WWW.PCMag.Com </li></ul></ul>Select Reviews here Enter Antivirus in the search box here
  11. 11. Online Security Types of Threats - Dangerous <ul><li>Phishing “is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.” Wikipedia </li></ul><ul><ul><li>Fraudulent email scares you into clicking a link in the email taking you to a site that LOOKS like a real bank (for example) but is not </li></ul></ul><ul><ul><ul><li>Fraud site asks for userid password account number etc </li></ul></ul></ul>Phishing
  12. 12. Online Security Types of Threats - Dangerous <ul><li>Phishing – How to Avoid Being Fooled </li></ul><ul><ul><li>Avoid following links in emails </li></ul></ul><ul><ul><ul><li>If you do and the site wants info DO NOT GIVE IT </li></ul></ul></ul><ul><ul><li>Banks, Brokerage Houses, etc WILL NOT ASK YOU VIA EMAIL TO VERIFY INFORMATION </li></ul></ul><ul><ul><ul><li>If they seem to be doing that IT IS A FRAUD </li></ul></ul></ul>
  13. 13. Online Security Types of Threats - Dangerous <ul><li>Four Rules </li></ul><ul><li>Run Windows Update – plug the holes that let the gunk in </li></ul>For Virus and Spyware gunk that gets in anyway… 2. Install and run Anti Virus software – keep subscription current 3. Install and run AntiSpyware software–keep subscription current 4. Run a Firewall <ul><li>Start </li></ul><ul><li>Control Panel </li></ul><ul><li>Security Center </li></ul>4. Windows Firewall 5. On Note – assumes you are not running a different firewall already
  14. 14. Online Security Firewalls <ul><li>Prevent unauthorized entry from outside </li></ul><ul><li>Can be hardware </li></ul><ul><ul><li>Routers include a NAT firewall preventing unauthorized entry from outside but not necessarily reporting or preventing rogue applications inside your computer from communicating outbound </li></ul></ul><ul><li>Can be software ( Windows firewall, ZoneAlarm) </li></ul><ul><ul><li>Software firewalls can/will prevent unauthorized outbound communication too </li></ul></ul>
  15. 15. Online Security Firewalls <ul><li>How Secure is Your Firewall? </li></ul><ul><ul><li>Major corporations have their firewalls intentionally probed periodically by a security service to test them. </li></ul></ul><ul><ul><ul><li>You can do the same thing at the “Shields Up” site located at </li></ul></ul></ul><ul><ul><ul><li>NOTE the above site DOES NOT scan your machine for malware of any sort. It provides only a test of your firewall (or lack thereof) and its ability to block intrusion. </li></ul></ul></ul>
  16. 16. Online Security Firewalls <ul><li>Laptops </li></ul><ul><ul><li>If you depend on the hardware firewall at home, you need to be sure you have a software firewall running on your laptop if you take it out of your house to connect from another location. If you have file and printer sharing turned on (to share files with other computers in you house) TURN IT OFF before connecting to a public WiFi hotspot or someone else’s hard wired LAN because you will be behind their firewall sharing your files with them </li></ul></ul>
  17. 17. Online Security Information Source <ul><li>WWW.OnguardOnline.Gov </li></ul><ul><ul><li>“a partnership between the FTC, other federal agencies, and the technology industry -- offers tips to help you be on guard against Internet fraud, secure your computer, and protect your personal information. “ Federal Trade Commission web site </li></ul></ul>
  18. 18. The End