Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Computer

4,503 views

Published on

  • Be the first to comment

  • Be the first to like this

Computer

  1. 1. h ts. ll rig s fu Computer &uthNetwork a in r ret o Securitye 2Awareness 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 00 t t itu S Ins S AN © Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  2. 2. Objectives h ts. ll rig s fu • Malicious software can harm your ret ain computer r • Phishing and Identity Theft are o ut h easily avoidable; if it Key fingerprint = AF19too2F94 998D FDB5 DE3D F8B5 06E4 A169is. looks FA27 good to be true,6,it 4E46 A • Practice your Windows2XP Operating System 00 commands and learn uteyour system In stit • Learn safe networking for you and your kids NS SA • Take passwords seriously and consider using a © password wallet (KeePass) • When your network works, take the time to record its settings • Consider the use of a hardware and personal software firewall (e.g. Belkin and Symantec) Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  3. 3. Threats on the Internetts. h ll rig in s fu • Internet use is growing as is the number of r ret a incidents ut ho A – An “incident” is an adverse event in an information 0 6, Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 20 system, and/or network, or the threat of the occurrence of ssuch tit ute an event. – Incident NS In harm, or the attempt to do harm implies • Recorded© SAincidents in the past: – 1990 – 1994, 5,105 incidents – 1995 – 1999, 18,300 incidents – 2000 – 2003, 294,037 incidents • How many incidents were not reported? Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  4. 4. What is Malicious Code?ts. h ll rig in s fu a • Malicious Code or Malware r retis attack ut ho software and includes: 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 200 – Viruses, Worms, Trojans, Spyware ute In stit • Each attack software has specific NS SA characteristics, propagation techniques © and adware • Now, let’s review each type of Malware Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  5. 5. What is a Virus? h ts. ll rig in s fu a • Programs designed to infectrfiles or operating ret system & multiply by duplication tho Au 0 6, knowledge Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 • Can spread without20 e your t itu – Needs a host st “living” program or n SI • Considered “greatest damage” attack AN © S operating systems – Destroys – Deletes or corrupts files – Sends email to contacts listed in your address book Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  6. 6. How Do Viruses Spread?s. ht ll rig in s fu a • Removable Media r ret u tho – USB thumb drives, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 6 2 00 – Floppies / sCD-ROMs titu te In • MobileSAN Computers - LaptopsS © • Email Attachments • Internet Downloads – Especially game sites Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  7. 7. 10th World Championships Worldwide - Helsinkil righ ts. s ful et ain o rr uth 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 200 ute In stit NS © SA What kind of an environment is needed for short- range mobile phone viruses to spread rapidly? Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  8. 8. A Few Well Known Viruses h ts. ll rig in s fu a • Melissa Virus r ret – Spread so rapidly acrossAut ho Microsoft’s infrastructure that Microsoft actually 6, 00 shut down their email Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 systems. 2 te titu • The ILOVEYOU Virus Ins NS – Was © SA spread to computers all over the world in just six hours causing $7 billion in damage • SoBig Virus – Replicated itself 1,000,000 times in 24 hours. Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  9. 9. Antivirus Software ts. h ll rig s fu • How does antivirus software work to rprotect et ain us? – Each virus has its own characteristics just like your r ut ho handwritten signature 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 200 – Antivirus (AV) identifies and tracks virus signatures, e – Detects, isolates and ut repairs any damage In stit NS • New Viruses, A S Worms and Trojans © • Solution: Behavioral or Heuristic Antivirus – Does not rely on signatures – Relies on artificial intelligence technology to detect viruses – Seeks abnormal patterns of behavior Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  10. 10. Antivirus Updates h ts. ll rig in s fu • Antivirus software must have up-to-date r ret a signatures for maximum ut ho protection 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 • Update your system everyday te 200 – Most antivirusuproducts can be configured stit to perform Inautomatic updating NS SA • Antivirus programs will quarantine, © delete, or fix infected files found • Think you have a virus? – Update your software and perform a scan Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  11. 11. Software Patches h ts. ll rig in s fu • What are software patches?r reta – Patches fix weaknesses inuoperating systems duetho Key fingerprint =to programming errors A169 4E46 AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 , A 6 00 • How often do I need to patch? te 2 – Daily or useIWinXP ns titu automatic update whenever possible to download (and install) immediately NS SA upon release © • Potential risks of patching – Review severity of problem; patch may need installation immediately Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  12. 12. What is a Worm? h ts. ll rig in s fu a • A virus requires some action onetthe part of the r r user such as opening an Aut ho attachment 0 6, Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 • However, a worm runs independently and can 20 ute replicate a working copy of itself to hosts across In stit a network NS SA • A worm© takes advantage of weaknesses in your computer’s networking services and breaks in • A worm probes the network for other vulnerable computers Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  13. 13. A Few Well Known Worms h ts. ll rig in s fu • Slammer (Sapphire Worm) r reta ho – Probed 55+ million hosts per second and infectedut 90+ % of vulnerable00 6, A in 10 minutes; $2 hosts Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 billion in damage te 2 titu • Code Red S Ins – Launched AN Buffer Overflow attack and infected ©S more than 250,000 systems in just 9 hours • MS Blaster - Remote Procedure Call (RPC) – Launched Denial of Service (DOS) attacks against Microsoft Windows Update Web site. Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  14. 14. What is a Trojan? h ts. ll rig in s fu a • A Trojan is a program thatordisguises itself as ret legitimate, but contains uth A hidden and often 0 6, Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 malicious functionality 20 ute • The most common way they spread is on In stit porn picture sites. Users click on picture SA NS after picture and do not notice the © executable software (.exe) files • Often included in Internet downloads, pop- ups, or emails Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  15. 15. A Few Well Known Trojans and How They Workl righ ts. s ful • SubSeven and BackOrifice et ain – Allow a hacker to gain remote control r rover a computer tho – AF19 view 998D FDB5 DE3D F8B5 06E4 A169 u Key fingerprint =CanFA27 2F94your screen, control your mouse, send popup A 4E46 messages, turn Web cam 0 6, microphone on or off to see and hear you 20 or ute allows hacker to control thousands of stit – Special “bot net” software In Trojans • SoBig-E Variants NS © SA – Mass-mailing Trojan included in later versions of SoBig virus • Rbot-GR – Malicious program enables Web cams – New Rbot worms appear on the Internet almost every day Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  16. 16. h ts. ll rig in s fu a r ret u tho 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 0 e 20 t s titu S In S AN © Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  17. 17. What is Spyware? h ts. ll rig in s fu • Spyware software covertly gathersetuser information r a through the user’s Internet connection without their r ut ho knowledge, usually for advertising purposes. 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 200 – Spyware monitors all activity, even keystrokes, names, ute card numbers which can passwords, and scredit tit introduce vulnerabilities In NS • Webroot © SA Earthlink found over 26 spyware traces and on computers over a 6 month period – 2 million scans indicated 55 million instances of spyware • National Cyber Security Alliance – June 2003 estimates 9 out of 10 PCs run spyware Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  18. 18. Spyware – Why Be Concerned? ts. lr igh s ful ain • Spyware takes form as tracking cookies, rr et installed applications, uoro software th update programs200 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 ute • Can create sluggish PC performance, In stit strange ANS emails, and unintended web sessions ©S • Can correlate web surfing habits, online transactions, email addresses and scan hard drive for personal information Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  19. 19. Anti-Spyware h ts. ll rig in s fu • Anti-Spyware removes spywarea similar to r ret antivirus ut ho – Identifies and tracks signatures A 0 6, Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 – Will not detect altered20 signatures ute • Antivirus andIn stit Anti-Spyware NS – Best protection is provided by using two separate SA software processes © • Some Anti-Spyware software is free or very affordable – Free Anti-Spyware software: Lavasoft Ad-aware, Spybot Search & Destroy, Microsoft Anti-Spyware Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  20. 20. Know if You’ve Been Hacked ts. lr igh ful ins • Be alert for signs of strange or unanticipated ret a behavior ho r Key fingerprint =Strange emails you didn't send 4E46 – AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 ut 6, A – Applications YOU did not0install 2 0 – Pop-up ads when youeare not browsing the Web itu t nst – Odd behavior, Iyou cannot explain • Take action! NS SA – Update and run Antivirus and Spyware removal software © – Update Operating System and installed applications • If you are unsure about the integrity of your system, unplug it – Scans and updates may not remove every infection – System backup or reinstall may be needed to fully recover Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  21. 21. You’ve Been Hacked… What Do You Do? l righ ts. s ful If your PC is hacked, it is crucialet ainlimit or NAIL to rr your financial exposure quickly: tho Au 0 6, Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 • Notify: Technical support, financial 20 institutions, credittecard companies titu • Action: Monitor Ins credit report, change all NS passwords, place fraud alert on credit report © SA • Inspect: Use a firewall and enable logging to track activity • Law Enforcement: File a police report, contact your state’s Attorney General, report identify theft to FTC Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  22. 22. Defending Yourself from Malware ts. lr igh s ful • Home computers have become a ain common r ret target ut ho 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 • Take steps to protect0 yourself from loss, 20 damage or attack ute In stit – OperatingNS A Systems, email Awareness, Backups, ©S Antivirus, Anti-Spyware, Firewall software, Software Patches and Strong Passwords • As we progress we will discuss how to defend yourself against the dangers lurking on the Internet. Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  23. 23. Emails and Attachmentsts. h ll rig s fu • July 2004, MSNBC research found r1t of e ain 3 users were unable to recognize fake emailho r ut Key fingerprint = AF19 communication use is wide-spread • Email FA27 2F94 998D FDB5 DE3D F8B5 06E46A169 4E46 ,A 2 0 – Attachments can contain0viruses, worms, and Trojan horses • Dangers can be hidden ute in emails even without stit attachments S In AN • Don’t know the sender? Don’t open it! ©S • If you receive mail with an attachment from someone you know, call and ask if they sent an attachment before opening it • With Outlook, you can right click and delete the email and attachment safely Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  24. 24. Be Wary of Email W/O Recipient List (i.e. To: orriCC:) ll gh ts. in s fu a r ret u tho 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 0 e 20 itu While we are at it, be wary t In st S of email that promises AN ©S something for something, if it sounds too good to be true; it is. Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  25. 25. Examine Email Headers to Detect Spoofed Emailigh ll r ts. in s fu a View Options r ret or with Outlook tho Au 0 6, Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 2003 in reading 20 pane: ute stit right click, Options In NS © SA Email Headers Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  26. 26. RCPT TO: is Destination Mailbox TO: is Display Mailboxgh ul l ri ts. f ns The ‘Destination’ and the ‘Display’tai re mailboxes do NOT match and they should.uthor 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 MAIL FROM: sender@somehost.com 200 RCPT TO: faber@sans.orge itu t DATA nst From: spoof@someotherhost.com SI AN To: anyone@anyhost.com©S Subject: Test Mail Date: Mon, 18 Jul 18:00:00 +0100 MIME-Version: 1.0 Content-Type: text/plain Hello, world Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  27. 27. Return Path and Fromhts. ll rig in s fu The ‘Return-Path’ and the ‘From’ do ret aNOT match and they should. r ut ho 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 Return-Path: <sender@somehost.com> Delivered-To: faber@mx1.sans.org 200 ute -0400 (EDT) Received:18 Jul 2005 15:52:43 In stit Received: from mymailserver.net NS by mua.mymailserver.net © SA for <faber@sans.org>; Mon, 18 Jul 15:52:43 -0400 (EDT) From: spoof@wellsfargo.com To: anyone@anyhost.com Subject: Test Mail Date: Mon, 18 Jul 18:00:00 +0100 MIME-Version: 1.0 Content-Type: text/plain Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  28. 28. What is Phishing? h ts. ll rig s fu • Attempts to steal personal identityret ain financial and r information tho 6, Au • Generally, there are two 0components to attempts Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 – Social engineering tottrick 20 the unsuspecting user ue – Technical trickery to In stit make them think a fraudulent web site NS is a trustworthy one like a bank’s • Common Targets © SA – eBay – PayPal – Banks – Credit Unions – Credit Cards Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  29. 29. Phishing Example 1 h ts. ll rig in s fu a r ret u tho 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 0 e 20 t s titu S In S AN © Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  30. 30. Phishing Example 1: A Closer Look - This Site is Fake r igh ts. sf ull et ain o rr uth 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 200 ute In stit NS © SA Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  31. 31. Phishing Example 2: Your Account Information Has Been Received… lr igh ts. s ful et ain o rr uth 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 200 ute In stit NS © SA Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  32. 32. Phishing Example 3 h ts. ll rig in s fu a r ret tho Au 0 6, Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 You don’t even have an account with this bank! 20 ute stit In match A NS not ©S s do URL Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  33. 33. h ts. ll rig s fu Phishing Example 4 or ret a in uth 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 200 t ch ute ma stit ot In on NS sd © SA URL Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  34. 34. Phishing Example 5 h ts. ll rig in s fu a r ret u tho 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 0 e 20 t s titu S In S AN © Grammar Error LoginComputer & Network Security Awareness - © 2006 SANS takes you to a game site © SANS Institute 2006, Author retains full rights.
  35. 35. Phishing Example 6: If You Don’t Speak the Language, Don’t Click on thehtIcon rig s. sf ull et ain o rr uth 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 200 ute In stit NS © SA Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  36. 36. Netcraft Toolbar Helps Warn You About Phishing Webl riSites l gh ts. in s fu a r ret u tho 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 0 e 20 t s titu S In S AN © Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  37. 37. Phishing Credit Card Scams h ts. ll rig in s fu a r ret u tho 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 0 e 20 t s titu S In S AN © Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  38. 38. Ignore Credit Card “Protection” Offers by Email ll r igh ts. in s fu a • Federal Trade Commission r retWeb page ut ho says: 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 200 – “If you did tnot authorize it, do not ute s it pay it” NS In SA – “Liability limited to $50 per card” © • Responding to this email offer may disclose account information to scam artist Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  39. 39. What is Identity Theft?hts. ll rig in s fu • Identity theft is the use of another person’s r ret a personal information (ex. tname, social u ho Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D credit A 4E46 security number, 0 6, card number, F8B5 06E4 A169 passport) withoutte 20 person’s knowledge. u that • A Gartner study titfound that approximately 7 Ins million people were victims of identity theft in NS SA 2003. © • The Consumer Sentinel received over 635,000 consumer fraud complaints in 2004. Of those complaints, 39% were identity theft complaints. Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  40. 40. Identity Theft h ts. ll rig in s fu a – Lighter side – r ret tho • FA27 2F94 998D wallet maker u Key fingerprint = AF19 In 1938,FDB5 DE3D F8B5 06E4 A169used a sample “SSN” 6, A 4E46 2 0 card to show that0such a card fit in the wallet. ute stit • The card was fake, however the SSN number In was ANS NOT! ©S Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  41. 41. Over 40,000 People Used That as Their Own Social Security Number r igh ts. sf ull ain “They started using the or r et number. They thoughtAit uth 0 6, Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 20 was their own. Itucan’t te sti understand S In people how AN can be so stupid. I can’t ©S understand that.” –Mrs. Hilda Schrader Whitcher http://www.ssa.gov/history/ssn/misused.html Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  42. 42. eBay Statistics h ts. ll rig in s fu a • 168 million registered users r ret worldwide ut ho • eBay estimates that, more than 430,000 6A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 200 people in thetiUnited States make their ute s t living selling NS In items on the site SA • “Any given day…millions of items sold” © • Everything from boats, cars, art, electronics, to professional services (web design, accounting, etc.) Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  43. 43. eBay Scams h ts. ll rig in s fu • Non-delivery or Misrepresentation r ret a ho • “Triangulation” – Seller dealing in goods 6, A ut Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 bought with stolen0 identities/CC 20 numbers. Buyer ute purchases stolen In stit goods without knowing NS SA • Be aware of eBay’s rules and policies to © protect you • Hidden Fees for shipping, handling, etc. • Practice careful bidding! Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  44. 44. h ts. ll rig in s fu a r ret u tho 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 0 e 20 t s titu S In S AN © Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  45. 45. File an Online Fraud Complaint Report ll righ ts. in s fu • Submitting an eBay online Fraud Complaintta for Fraud Protection coverage, http://crs.ebay.com/aw- r re provides eligibility cgi/ebayisapi.dll?crsstartpage ut ho 6A • An eBay Fraud Protection Claim ,must be filed separately within Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 0 90 days of close of listing. 20 e – Coverage available titu t to winning bidders/buyers for purchases made Ins on eBay via an eBay listing only – Claim must NSmade for each item won be S A – Copy of complaint is forwarded to Federal Trade Commission (FTC) © • If claim is approved, maximum coverage is $200 less $25 processing costs. • You may also file complaints with: – Internet Fraud Complaint Center, http://www.ifccfbi.gov/index.asp – Federal Trade Commission, http://www.consumer.gov/idtheft/ Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  46. 46. What is a Web Browser?s. ht ll rig in s fu a • Software used to browser the ret World tho Wide Web 0 6, Au Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 20 • Some examplesteof web browsers: titu Ins – MicrosoftS Internet Explorer, Mozilla Firefox, AN ©S Netscape Navigator, Safari, Opera • Browser software must always be kept up-to-date regardless of type Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  47. 47. Web Browser Security hts. ll rig in s fu • Most commonly used and r reta exploited web browser is Microsoft Internet Explorer tho Au • Firefox is second most 0 6, commonly used Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 20 and has been texploited to a lesser degree ute s it In exploits require “clicking” • Most browser NS • Be aware © SA of patched, unpatched, and behavior-based vulnerabilities • Maintain a secure environment; become an educated user Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  48. 48. Microsoft Internet Explorer (IE) Browser Weakness l righ ts. s ful • Most problems are due to a programming ain r ret language called Active X ut ho • Also, users often surf the web as “Administrator” 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 which has power tote 200 install software itu nst • Start -> My Computer (right click) -> Manage, SI Users andSGroups, select yourself, double click, AN Member © of • Sample vulnerability: Status Bar – Displays Web site link in status bar that takes you to a different Web site Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  49. 49. IE’s Protected Storage Isn’t h ts. ll rig in s fu a r ret u tho 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 0 e 20 t s titu S In S AN © Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  50. 50. h ts. ll rig in s fu a r ret u tho 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 0 e 20 t s titu S In S AN © Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  51. 51. Mozilla Firefox Browserhts. ll rig in s fu a • Firefox does not support ho r ret Microsoft ut ActiveX 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 200 ute • Sample vulnerability: Spoofed Link In stit NS in earlyA version ©S – “Save Link As” function will save wrong destination link Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  52. 52. Keep Your Browser Patched h ts. ll rig in s fu a • Run Windows Update automatically r ret ut ho • Run Office Update0-, A 6 office applications Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 0 2 te • To downloadstiFirefox updates tu In – Check ANS current version S your • Help© About Mozilla Firefox – Check for Software updates • Tools Options Advanced: Scroll down to “Software Update” and click “Check Now” Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  53. 53. Keep Your Browser In Check h ts. ll rig in s fu ta • Test to ensure patches ho r rehave been ut applied, by: 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 200 – Attemptingtit ute vulnerability exploit after ns patchAN SI ©S – Use scanit, http://bcheck.scanit.be/bcheck/ to check your browser for vulnerabilities Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  54. 54. Protecting Children h ts. ll rig in s fu a r ret u tho 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 0 e 20 t s titu S In S AN © Tools like K9 can prevent kids from surfing offensive or dangerous Web sites Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  55. 55. Chat, Myspace.com, etc.s. ht ll rig s fu et ain r rKids can give too much ut ho information away. Also, 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 the new trend of 2 00 itu te blogging and posting nst personal photos can SI S AN attract predators. This © photo is shot from above and the subject appears not to be alert. What kind of person will this appeal to? Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  56. 56. Trouble Signs for Kids hts. ll rig in s fu • Computers used by kids shouldanever be in a r ret private place, be concerned ut ho if they ask for the computer to be in their A 0 6, bedroom Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 • Too much time spent 20 on computer tit ute • Irritated if not In sable to access Internet, or other changes NS in behavior © SA • They touch the keyboard if you enter the area: alt tab switches to last application used, alt F4 closes an application immediately • Mysterious about where they are going Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  57. 57. Online Music Downloads and Software Piracy ll righ ts. in s fu a • Be aware of illegal downloading of r ret ho music or 998D FDB5 DE3D F8B5 06E46A169 ut of software Key fingerprint = AF19 FA27 2F94 pirated copies , A 4E46 • Digital Millennium Copyright Act 200 ute (DMCA), took In stiteffect in 1998 to protect CDs, DVDs NS and other digital media © SA • Ensure you are downloading music legally, over $70M in penalties reportedly collected Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  58. 58. Think Before You Click…ts. h ll rig in s fu a • Change your web browsing ho r ret habits to: ut – Prevent unknown0 6, A installed malware Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 0 2 – Prevent phishers te from obtaining your titu Ins personalS information AN ©S • Create a list of general guidelines for you and other end users’ reference • Apply your new browsing behavior Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  59. 59. Principle of Least Privilege h ts. ll rig in s fu • You are far safer not surfing theta r r Web as the e Windows Administrator sinceo the Administrator uth has the right to install00 6, A software Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 2 • Mac Operating Systems (OS X) requires ute In stit Administrative privileges and password NS SA • Windows users choose “Run As” to enter © administrative credentials • DropMyRights software launches your browser with minimal privilege - Demonstration Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  60. 60. Firefox Software Install Option h ts. ll rig in s fu a r ret u tho 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 0 e 20 t s titu S In S AN © Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  61. 61. Operating Systems (OSes) h ts. ll rig in s fu • Modern OSes are ‘user’ friendlya r ret tho – Example, Windows XP Professional provides: File u Key fingerprint =sharing, 998D FDB5 DE3D F8B5 06E4 A169 4E46 AF19 FA27 2F94 printer sharing, A 0 6, Internet firewalling, Internet connection2sharing, personal web server, 0 ute remote desktoptconnectivity, home movie creating, just to In sti name a few services NS • ServicesSare features accessible to non-local © A users • Your OS can be too friendly – Protected Storage Explorer – What sensitive information is stored about you? Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  62. 62. NET SHARE h ts. ll rig in s fu a r ret u tho 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 0 e 20 t s titu S In S AN © Always check NET SHARE before taking a computer on travel. Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  63. 63. Net Statistics Workstation. hts ll rig in s fu a r ret u tho 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 0 e 20 t s titu S In S AN © Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  64. 64. Net Accounts h ts. ll rig in s fu a r ret u tho 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 0 e 20 t s titu S In S AN © Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  65. 65. Net Users h ts. ll rig in s fu a r ret u tho 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 0 e 20 t s titu S In S AN © Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  66. 66. Net Localgroup h ts. ll rig in s fu a r ret u tho 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 0 e 20 t s titu S In S AN © Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.
  67. 67. Genuine Windows Validation - Windows Piracy Checkh ll rig ts. in s fu a r ret u tho 6, A Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 0 e 20 t s titu S In S AN © http://www.microsoft.com/resources/howtotell/ww/windows/default.mspx Computer & Network Security Awareness - © 2006 SANS © SANS Institute 2006, Author retains full rights.

×