Personal Security Security Tips for Home Internet Users.
-
Upload
abel-stanley -
Category
Documents
-
view
221 -
download
0
Transcript of Personal Security Security Tips for Home Internet Users.
Personal Security
Security Tips for Home Internet Users
Securing your home computer
• Accessing the Internet from home– Convenient– Abundance of information– Exposes your computer– Can be costly or damaging
Overview• Internet access
• Why Should I be concerned with Security
• What are the most common vulnerabilities
• What security tools are available
• Where can I find more information
Internet• Complex system of attached networks
• Designed to distribute data geographically at high speeds in a short period of time
• Data is distributed in a variety of formats– Examples: PDF, JPEG, MOV, MP3, Text
• Information is stored or viewed locally on your computer
Broadband• High speed access to the home user
• Types– DSL– Cable Modem
DSL• Digital Subscriber Line• Typically ADSL
– Asymmetric Digital Subscriber Line
• Offers dedicated bandwidth• Speed
– 384 kbps downstream– 128 kbps upstream– Up to 1.5 Mbps down 800 kbps up– Varies depending on service level and distance from CO
(Central Office)– Maximum distance varies 14000 – 17500 ft
DSL Configuration
• DSL Modem
• DSL Splitter and Filters
• DSLAM– Digital Subscriber Line
Access Multiplexer
• ISP– Internet Service Provider
Cable Modem
• Shared bandwidth• Speed per channel
– 27 Mbps shared download– 10 Mbps Upload
• Connects to CMTS (Cable Modem Transmission System) at cable company– Provides packet filtering,
and traffic shaping
What about security?• Why should I be concerned?
• What are the vulnerabilities?
• What can I do to protect myself?
• How do I recover from an attack?
Why should I be Concerned
• You lose crucial data
• You spend time and money on recovery
• You feel violated, helpless and foolish
• You risk propagating the attack to your peers and others
• Your peers and others know how foolish you are
Vulnerabilities• Viruses
• Hacks
• Data Capturing
• Lack of contingency planning
Virus• 60,000 Variations in circulation
• Types of Viruses
• Antivirus Software
• Best Practices
Types of Viruses• Viruses are Segments of code or complete
programs that can damage your system or degrade system performance.– Trojan Horse– Worm– Hoax
Trojan Horses• A program disguised as having a desired purpose
while subversively performing an unwanted action on your system.
• Often open backdoor access to your system• Notorious Trojan Horses
– Simpson's– Backdoor– Sub7– BackOrafice– NetBus
Worm• Self Propagating independent program that
adversely affects your computer performance or damages your computer
• Hall of fame– Melissa– Nimda– LoveLetter– Anna Kournikova– CodeRed– SirCam
Hoax• An unsubstantiated virus alert intended to cause
panic• Typically warning of the most damaging or
dangerous virus• Examples
– BudweiserFrogs– A virtual card for you– !0000 – Stop mass mailings– Wobbler– Win a holiday
Best Practice: Virus prevention
• Always verify your antivirus software is running and Update your antivirus software
Best Practice: Virus prevention 2
• When receiving email do not open attachments unless you are expecting them
• Take virus alerts seriously
• Sources of alerts– Institutional Notification– News Media alerts– Word of mouth
Virus recovery• Use antivirus software and tools to clean
system– http://www.mcafee.com– http://www.symantec.com
• Find manual steps for virus removal
• Reinstall your system from scratch
Hacks• Hacking
– What is hacking– How does hacking happen
• Types of attacks
• Prevention methods
Hacking• Gaining unauthorized access to computer
systems for malicious purposes
How Hacking Happens• System information is collected
– Footprinting– Scanning– Probing– Enumeration
• Software vulnerabilities are exploited• System passwords are guessed or not
employed
Types of Attacks• Interference
• Interception
• Impersonation
Interference• Attacks that render objects or services
unusable– Denial of service– Distributed Denial of service– System alteration
Interception• Captures Data through monitoring or
redirection– Monitoring
• Wire taps
• Network Monitoring
– Redirection• Alteration of DNS servers
• Man in the middle
Impersonation• When the attacker assumes the identity of a
trusted source– Spoof attacks
• Using the IP source address of a trusted source computer
– Password attacks• Password enumeration
Prevention Methods• Know your system
• Tools to help protect your system
• Watch for and apply security patches
• Contingency planning
Know your system• Inventory your system
• Baseline system and network performance
• Identify vulnerabilities
Inventory your system• Software Inventory
– Running Software– File and printer sharing– Startup Software– Installed Software– Software Keys– Software Licensing
• Hardware– Installed components– Vendor specific device drivers
Inventory Tools
• Microsoft– System Information 98– Manage Computer System summary– Windows NT Diagnostics
Inventory Tools 2
• Belarc Advisor
System Baseline• Task manager
– Memory Utilization
– Process Utilization
• Performance monitor– Log low use system state
– Log high use system state
Network Baseline• Check Internet
Bandwidth speed– McAfee
Speedometer• http://promos.mcafee
.com/speedometer/test_0150.asp
– Ftp Large Files• Hash
• Download Statistics
Network Baseline 2
• Use traceroute– Check TTL stats
• Use performance monitor to check utilization– Network
Utilization
Identify Vulnerablilities
• Filesharing– Opens access to your files remotely– Should be turned off if not used– Protected with security device and used with complex
passwords
• Web Browsing– Personal information is accessible via cookie files– ActiveX components can launch Visual Basic
Application components included in Microsoft Office– Disable ActiveX components unless necessary
Security Boundries
• Personal Computer
• Local Network Security
• Internet Security
Internet Protocol (IP)• Address your computer on the network and where
your computer can be reached• 32 Bit numeric device address.• Dotted Decimal Notation
– Ex: 192.168.99.32
• Consists of network and host address.• Determined by subnet mask
– 255.255.255.0– Network 192.168.99.0– Host 0.0.0.32
Network Security• Dynamic Addressing
– IP address changes over scheduled time
• Private Addressing– Reserved address range by IANA– 10.0.0.0– 192.168.0.0 – 172.16.0.0
• Encryption
Encryption• Method of repackaging data into cyphertext in order to keep
observers from viewing data and preserve data integrity• SSL – Secure Sockets Layer
– Encrypts Communication between web browsers and web servers over the internet
– Uses Public and private key exchange
• VPN – Virtual Private Networking– Secure Tunnel– Key Encryption
• Symmetric• Asymmetric
– Encryption Algorithms• SHA – Secure Hashing Algorithm• DES – Data Encryption Standard
What your ISP does for you
• Private addressing
• Dynamic addressing
• Email virus scanning
Security Tools• Routers
• Proxy Servers
• Firewalls– Application– Circuit Switching
• Scanners
Routers• ACL Filter packets
– Deny or Allow– Destination or Source
• Separate Networks– Gateway– Private Network
Proxy Server• Resides between web sites and web browser
• Takes Request from client
• Issues request to web server
• Caches web content locally– Improves network performance
Firewalls• Separates untrusted external network with
trusted internal network.
• Types of Firewalling
• Personal Firewall
• Network Firewall
Types of Firewalling• ACL – Access Control Lists
– Filters Packets
• Application Firewalling– Verifies command legitimacy– Can be performance intensive
• Proxying• Circuit Switching
– Allows data sessions by request
Personal Firewall• Installed on local Computer• Rules Based• Alerts to system intrusion• Accounting Logs events for network forensics• Risky can affect stability of your computer
– Personal firewalls replace operating system kernel components and can conflict with other applications
• Vendors– Sygate Personal Firewall – http://www.sygate.com– Black Ice Defender – http://www.networkice.com– McAfee Personal Firewall – http://www.mcafee.com– Norton Personal Firewall – http://www.symantec.com– Zone Alarm – http://www.zonelabs.com
Network Firewalls• DSL Cable Routers
– Filter Packets– Separates Network
• Uses Private Addressing
• Vendors• Linksys DSL/Cable Router
– http://www.linksys.com
• Dlink Home Gateway Internet Sharing and Firewall– http://www.dlink.com
• Proxim – Netline Gateway– http://www.proxim.com
• SMC Barricade– http://www.smc.com
Port Scanners• Scans IP Port numbers for
available services
• Gibson Research Center– http://www.grc.com
Contingency• Backup your data
• Often
• Use Rotation schedule
• Store software, license and key information in a safe convenient place.
• Software includes device drivers, application software, and operating system
Who can I turn to?• [email protected]• System Administration Networking Security
– http://www.sans.org
• Carnegie Mellon - Computer Emergency Response Center– http://www.cert.org
• FBI – Internet Fraud Complaint Center– http://www.fbi.gov/interagency/ifcc/
filingcomplaint.htm
Links• Broadband
– http://www.cable-modem.net/gc/questions.html– http://www.dslreports.com/
• Antivirus– http://www.mcafeeb2b.com/naicommon/avert/avert-research-center/defau
lt.asp– http://www.symantec.com/avcenter/index.html
• System Inventory– http://www.belarc.comPersonal Firewalls– http://www.zonelabs.com– http://www.symantec.com– http://www.mcafee.com– http://www.networkice.com– http://www.sygate.com
Links 2• Network Firewalls/Routers
– http://www.linksys.com– http://www.dlink.com– http://www.proxim.com– http://www.smc.com
• System and Port Scanners– http://www.grc.com– http://security1.norton.com/us/home.asp– http://www.mcafee.com/support/system_req/browser_test.asp– http://www.microsoft.com/technet/mpsa/start.asp
• Agencies– http://www.ciac.org/ciac/– http://www.sans.org– http://www.fbi.gov/interagency/ifcc/filingcomplaint.htm– Report abuse to any ISP. Ex [email protected]
• This Presentation– http://homepage.smc.edu/rojas_dan