Home PC Security

abdomendebonairSecurity

Nov 2, 2013 (3 years and 7 months ago)

102 views

Home PC Security
& Internet
Browser Tips

Todd W. Jorns

Senior Director for Educational Technology

Illinois Community College Board

Topics


User Accounts


Passwords


Windows Updates


Anti
-
Virus Software


Anti
-
Spyware Software


Email


Browsers

Logging On to Windows


Do not run Windows as an Administrator


Increases vulnerabilities


Trojan Horse: a program that does something
else than it appears to do


May reformat your hard drive, delete files, create
another user with administrative control


Instead:


Create a User Account

Creating a User

Passwords


Pick a good password for all accounts

it’s your first and sometimes only
defense


Password dangers:


Cracking


Social Engineering

Passwords:

Good Characteristics


Length


Number of characters


Longer is better and harder to guess


Width


Types of characters


Should include at least three of


Uppercase letters


Lowercase letters


Numbers


Special characters (e.g. ? ! @ #)


Depth


Challenging meaning


Phonetic: Imukat2 for I’m a cat, too


Mnemonic: FM2tM for Fly Me to the Moon

Update Windows: Early & Often


Updates close known vulnerabilities that
are targeted by hackers


Options for updates:


Automatically download and install


Manually download and install


To configure:


Control Panel | System | Automatic Updates

Check Office Updates


MS makes updates available on its web
page


Users should check here at least once
per month:


http://office.microsoft.com/en
-
us/officeupdate/default.aspx

Anti
-
Virus Software


A virus is:



Program or programming code that replicates;


Transmitted as attachments to an e
-
mail note or in
a downloaded file, or may be present on a diskette,
CD, or thumb drive.


A virus might:


Immediately affect you or lie dormant;


Be benign and playful or devastatingly harmful.

Anti
-
Virus Software: Key issues


Most AV software can be configured to
automatically
update

itself


Daily is best if possible


After expiration, no updates will occur


Why? New viruses every day!


Scan your computer automatically


Configure the software to run at a time when no one
will be on the computer


At least once a week


If you use IM, try to find software that
scans for IM viruses

Anti
-
Virus: Free software


Online:


Housecall
-

http://housecall.trendmicro.com/


Panda ActiveScan
-
http://www.
panda
software.com/active
scan
/


Downloadable:


AVG Free
-

http://free.grisoft.com/doc/2/lng/us/tpl/v5


avast! Home Edition
-

http://www.avast.com/eng/down_home.html

Spyware: What is it?


Strictly defined, spyware consists of
computer software

that gathers and
reports information about a computer
user
without

the user's
knowledge or

consent
.



From Wikipedia, the free encyclopedia

Spyware: Problems


Installs without user’s informed consent


Invades privacy and steals bandwidth


Often causes system instability


Crashes


Hanging


Slowing


May modify shared files


Causing other applications to fail


Making spyware difficult to remove


Interrupting Internet connectivity

Spyware: Remedies



Numerous Anti
-
spyware programs and
removal tools


Spybot Search and Destroy:


http://www.safer
-
networking.org/en/index.html


Adaware:


http://www.lavasoftusa.com/software/adaware/


MS Anti
-
Spyware:


http://www.microsoft.com/athome/security/spyware/software/default.mspx


Various Anti
-
Virus programs

Spyware: Prevention


Spyblaster:


http://www.javacoolsoftware.com/spywareblaster.html


Disabling Active
-
X


Using only reputable sources for software


Updating Software to fix known
vulnerabilities


Windows operating systems


Browser software

E
-
mail


Most frequently used tool


One of the most vulnerable tools “out of
the box”


Issues


HTML


Attachments

E
-
mail: Attachments


Never open any unsolicited attachments


Do not trust attachments from known
parties


Scan
all

attachments


Executable code


Macros


Never open attachments that are programs

(.bat, .chm, .cmd, .com, .exe, .hta, .ocx, .pif,
.scr, .shs, .vbe, .vbs, or .wsf).

How to see file extensions


In ME, 2000, and XP:


Open My Computer


Choose Tools | Folder Options


Choose the View Tab


Uncheck: Hide file extensions for known file
types


Click OK

Email: Spam


Never respond to spam


Signals a “live” e
-
mail address


May be added to list and sold


Consequence: MORE spam!

E
-
mail: Phishing


The act of sending an e
-
mail to a user falsely
claiming to be an established legitimate
enterprise in an attempt to scam the user into
surrendering private information that will be
used for identify theft


Microsoft, your bank, AOL, PayPal will never
send you announcements about updates
---
and
neither will most businesses. If unsure, use
the telephone!

Web: The World Wide Web


World Wide Web brought color, pictures,
and motion to the Internet


Browser: Software application used to
access the World Wide Web


Internet Explorer


Firefox


Opera


Popularity of WWW means that it’s a
favorite for malicious activities

Web: Making it safer


Consider disabling AutoComplete


anyone at your computer will be able to easily see
where you've been on the Web


worse yet, anyone at your computer will be able to
easily impersonate you at Web sites that require
you to input information


In IE



Select Tools and choose "Internet Options ..."


Click the "Advanced" tab.


Scroll down and uncheck the box next to "Use
inline AutoComplete for Web addresses".

Web: Signals of secure site


Look for a site that uses a secure
channel for transmission of credit card
information


Key clues:


https


Locked padlock

Test Browser Security


Jason’s Toolbox:


Online test of browser security


Leads you through each step


http://www.jasons
-
toolbox.com/BrowserSecurity/

The Internet: A huge network


When you connect to the Internet, your
computer is connected to all the other
computers
---
and the good and bad users
behind them


Understanding a little about that
communication will help you to understand
the need for something called a Firewall

IP Addresses


IP or Internet addresses are like addresses
for buildings


If you know the address of a building, you can
locate it and send it information


If you know the address for a computer, you can
send it information


Fortunately, we don’t have to remember the
numbers because of an Internet service
called Domain Name System which
translates for us!

Firewalls: Filters for packets


A firewall is a piece of software or
hardware, which stands between two
networks or computers and controls access
between them


Controls the traffic flow in and out of
networks or computers based on IP
Addresses and Port numbers

Router (Hardware )


Hides your computer from the Internet


Internet address is given to your router


Computer receives a private Internet address


The harder you are to find, the harder it will be for
someone

or something

to hurt you!


A must for broadband (cable/dsl) Internet
connections


Key: Change the default password!

Personal Firewalls (software)


Watches information going in and out of the
computer


but you decide


Will allow you to monitor programs


Allow only programs of which you are sure


Watch for outgoing programs (e.g.,spyware)


Know how to shutdown Internet
connectivity

Personal Firewalls
-

Software


Zone Alarm


http://www.zonelabs.com/store/content/company/pr
oducts/znalm/freeDownload.jsp


Sygate Personal Firewall


http://smb.sygate.com/products/spf_standard.htm

Test Your System


HackerWacker:


http://hackerwhacker.com:4000/freetools.php


ShieldsUp:


http://www.grc.com/default.htm

Online Resource



www.iccb.org/pchelp

Questions

Todd W. Jorns

(217) 785
-
0144

Todd.Jorns@illinois.gov