Internet Security:

Les Smee

Georgia Tech Research Institute

Famous Hacking

Claim to fame: Figured out how to make free phone calls using a plastic prize whistle he found in a cereal box. Cap'n Crunch introduced generations of hackers to the glorious concept of phone "phreaking."

John DraperHandle: Cap'n Crunch

Famous Hacking

Robert MorrisHandle: rtm

Claim to fame:

The son of the chief scientist at the National Computer Security Center part of the National Security Agency (NSA) this Cornell University graduate student introduced the word "hacker" into the vernacular when he accidentally unleashed an Internet worm in 1988. Thousands of computers were infected and subsequently crashed.

Famous Hacking

Kevin MitnickHandle: Condor

Claim to fame:

The first hacker to have his face immortalized on an FBI "Most Wanted" poster. His status as a repeat offender, a teenage hacker who couldn't grow up, earned Mitnick the nickname "The Lost Boy of Cyberspace." Inspired the movie “War Games” by hacking NORAD.

Hacking Methods

Viruses:

•computer programs with the sole purpose of destroying data

•Boot Infectors

•Program Infectors

Hacking Methods cont.

Worms:

•Reproducing Virus

•Emails itself to entire address book

Hacking Methods cont.

Trojans:

• Appears safe but look out

Hacking Methods cont.

Cracking:

•using a known vulnerability of a running program to gain additional access/privileges to a system

Prevent Hacking

•Software updates

•Port Scan

•http://www.dslreports.com

•Turn off the computer

Antivirus

• Antivirus software- Norton

- McAfee

- AVG (Free)

• Updates (auto)• Routine Scans• Scan files before use

Firewalls

• Software (Good)- Norton- ZoneAlarm- McAfee- Sygate

• Hardware (Better)- Linksys- Dlink

• Both (Best)

Encryption

History

Cryptography Military use

Encryption cont.

Symmetric-key encryption Must know all computers involved “Shift by 2” example

Public-key encryption Public key Private key PGP

Encryption cont.

Public-key on a grand scale digital certificates certificate authority Secure Sockets Layer (SSL)

- developed by Netscape

Encryption cont.

How it works 128 bit = 2128 =

3,402,823,669,209,384,634,633,746,074,300,000,000,000,000,000,000,000,000,000,000,000,000

Hashing

Encryption cont.

What to look for Padlock on IE Status Bar https://

Wireless Networks

• WEP

• Easy to hack

• Fixed soon?

Cookies

• Small text file to identify you

• “doubleclick”

• Controlling Cookies

• http://www.cookiecentral.com

IE Security

• Avoid profiles

• “Do you trust content from …?”

• Running scripts (pros and cons)

Spyware

• Often comes with useful program

• Weather program , clock sync program

• Causes pop-ups

• Gives out information

• Ad-aware

• Spybot

Email

• Not secure

• Easy to intercept

• Auto Running Programs

• Filters

• Spam - report

Email Don’ts

• Use full name as sender

• Give out passwords

• Use primary email for posting in public forums

• Respond to spam unsubscribe address

• Buy from spammers

• Include name in address

Passwords

• No simple words or phrases

• Longer is better

• “Remembering” passwords

• Change regularly

• Combine letters, numbers, other characters

Network Monitoring

• Keystroke

• Virtual Desktop

• Idle Time

• Email (deleted?)

• 50% Admit to monitoring

Snooping on Kids

• History (cleared?)

• “Documents”

• Check on them

• Filters

Internet Filtering

• Block by key word

• Block by url

• Products

-Net Nanny

-CyberPatrol

-ISP provided

Filtering Software Differences

• Customizable filtering

• Filters other software applications.

• Blocks chat rooms and forums

• Prevents sending personal information in email

• Produces activity logs

• Produces periodic screen shots

Chatting for Kids

• Never give real name and location

• Never meet anyone offline

• Never post email publicly

• Remember people lie

• Private chat?

• Monitored chat rooms

• Use manners

Shopping Online

• Look for the secure transaction symbol

• Check for a money back guarantee from the seller and the product's warranty before buying.

• Use a credit card instead of a bank debit card.

• On auction sites be sure to check the feedback area about the seller.

Shopping Online cont.

• When you make a purchase online, get some proof that you did.

• Try to determine if the company is genuine before ordering. Does it have brick and mortar stores? Does it have a good reputation?

• You can contact The Better Business Bureau (www.bbb.org) and The National Associations Of Attorneys General (www.naag.org) online to investigate a company.

“You have zero privacy anyway”

-Scott McNealy (Sun Microsystems)