Transcript Secure Use of Internet - Virginia Commonwealth University
Secure Use of Internet “Safe Hex”
Presentation by Vlad Olchanski, PhD VCU Department of Internal Medicine at the Virginia Heart Institute February 17, 2006 http://www.intmed.vcu.edu/inm/infotech.shtml
http://www.medinf.vcu.edu
(804) 828-5384
Computers & Communications
Computers started as something highly professional and for use of professionals Now computers are a major means of communications and information retrieval The number of users of Internet is ONE BILLION
Supercomputer World Domination
a nightmare of 1950-1960s – fortunately unimplemented!
Actual Distributed Network
All computers are equal even pigs are equally equal ;-)
Evolution of Connectivity
• Local Area Network • BITNET • Internet • Prodigy • AOL • Compuserv • MSN etc.
general public professional users
Internet
Commercialization
wild users
Dangers
• • • •
Regular Viruses
crash OS, delete files, slow down
Worms, Trojans
wait for event (time, command), steal address book, open backdoor, same as viruses
Spying
– info from computer, your interests
Phishing
– conning you to disclose your info
Specific Dangers
Attachments Javascript, etc.
Connection to network Websites
ActiveX Cookies Javascript Bogus programs Direct intrusion Open ports Running services Remote access
Cure: Hygiene!
• Dr. Wenzel, Chair of MCV Internal Medicine emphasizes the importance of Dr. Semmelweiss’ SHOCKING (?!) discovery of more than 100 ago: PHYSICIANS MUST WASH HANDS!
“ One of the behavioral issues that plague hospitals and especially the infection control team is how to improve handwashing compliance, how to achieve a plateau above the usual threshold of 40% observed in modern ICUs. This is not a new story.” http://stalkingmicrobes.org
– read his latest book!
Same with COMPUTERS!
Workstation Security
Windows Setup & Update Firewall Antivirus Antispy Protection
Web Browsers Email Programs
Pop-up Blockers Spam Filtering
Windows Setup & Update
Windows Setup
Make file extensions visible so that you may easily detect executable files EXE, SCR, BAT, VBS, etc.
that may be infected: Start Settings Control Panel Folder Options View Microsoft Office files DOC, XLS, PPT are also executables and may be infected!
Windows Setup: Security Center Control Panel -> Security Center
Windows Update
->
Automatic
Firewall
->
On
or Firewall of your choice
Virus Protection
->
On
or Antivirus of your .
choice
Windows Update
• Windows has many
security holes
. Practically every week a new one is discovered. Microsoft releases
security patches
.
• Windows Update should be run automatically and
check should be done manually
weekly.
at least • It is recommended to update your XP installation to
Service Pack 2 (SP2)
• Windows Update function -> START button and shows there in the upper part of the menu.
your computer Firewall
outside intrusion world attempt legit application open ports legit communication worm malicious outgoing attempt intrusion attempt
Windows Firewall
• Win-XP/SP2 has
basic firewall
for intrusion protection.
• Free firewall
ZoneAlarm
additionally prevents the viruses that may reside on your computer from sending offensive packets outside of your computer. ZoneAlarm also protects against viruses in email attachments.
• Instructions on ZoneAlarm installation
http://markusjansson.net/eza.html
• If you install ZoneAlarm, you MUST turn off
Windows Firewall
in Win-XP/SP2 Security Center in Control Panel.
Virus Protection
• Symantec (Norton) Antivirus • MacAfee Antivirus • F-Prot (made in Iceland) – most lite-weight • AVG – free, not bad • Kaspersky – most thorough • Sophos – both antivirus and antispy Do not forget to update virus signatures weekly, do not trust automatic update!
Do not run several real-time virus protectors in the same time.
Spyware - 1
Websites or email messages may plant on your computer
spyware
-- programs that are
watching and reporting
what you are doing on your computer, what websites you visit, what files you have on computer, what music you play. They even may
highjack
your commands to the web browser and display for you websites you never intended to visit. This all compromises the confidentiality of information on your computer and slows down its operation.
Spyware -2
• Turn off spying features built in Win-XP. Use
XP-Antispy
program, select “Windows update” profile.
http://www.xp-antispy.org/ • Set
Safe Settings
for Windows XP Services: http://www.intmed.vcu.edu/inm/WindowsS ervices.shtml
Spyware - 3
Install one or more spyware scanners that operate similar to the virus scanners.
-
Adaware SE Personal
download free from http://www.lavasoft.de
-
SpyBot Search and Destroy
free from http://www.safer networking.org/en/download/index.html
Spyware - 4
• •
These 2 programs are recommended to be installed on your computer.
Microsoft Windows Defender
may be run to automatically self-update and in real time check for attempts to plant spies on your computer.
Spy Bot S&D
is not recommended for real time protection.
• Please be careful in using antispy programs. They may give
false positive results
uncheck the programs you are sure are not planted spies and do not delete them.
marking some of your useful applications as spyware. In such cases • You will be amazed how many spies you will find on your computer after the first scan!
Their number will be between a hundred and several thousand.
• Please do not forget to update and run antispy scans
at least once in a week!
Spyware - 5
• Avoid pseudo-freebies commercial programs: media players (Real, QuickTime, MS Windows Media Player, etc.), weather bars, search bars, instant messengers (AIM, MSN, ICQ)
USE INSTEAD
: • Truly free and versatile Media Player Classic http://www.free codecs.com/download/Media_Player_Classic.htm
• Miranda instant messenger (ICQ, AIM, MSN, and more) http://www.miranda-im.org/ • Weather and search extensions to Firefox browser • Completely uninstall Windows Messenger service
Web Browsers
Web Browsers
• • • • •
Internet Explorer
– obsolete and deprecated
Firefox
– the tool of choice
Mozilla
– father of Firefox
Netscape
– granddad of Firefox
Opera
– the best but a bit Nordically strict, not to say Teutonic (made in Norway).
Internet Explorer
• Won in unfair fight with old Netscape, became eventually monopolist • Has many security holes • Is the target of BAD GUYS • Not recommended by the US Department of Homeland Security (DHS).
• Uses ActiveX that plants viruses on computer • Switching to Firefox browser is like starting free walking after a year in wheelchair
Firefox Browser
• Provides for Tabbed Browsing loading pages in background (wheel-click or CTRL-click) • Has “extensions” to restore last session, to restore closed pages, to manage tabs, acceleration, scrapbook, pop-up blocker, unwanted picture removal, weather forecast and more… • Cookies control and Password management • Has Internet Explorer in a tab window with one click for dealing with badly designed websites • Secure!
Pop-up Blockers
• Special applications exist • Firefox does a good job, particularly with Adblock extensions • Internet Explorer has a basic blocker • Firefox removes selected pictures _____________________________________ • It is not desirable to have several different pop up blockers in different applications because this may lead to breaking navigation and display of some websites
Email Programs
Using Email - 1
You read and send email with Email Client
There are so many different Email Client programs - make your own choice
BUT
some of Email Clients and some of Email USERS
go outside
of Internet Standards - incompatibility of messages - errors in transmission and reception
Using Email - 2
POP
server delivers all messages to your computer - good when you are on a fast connection
IMAP
server delivers only message headers and messages on demand - good when you are on a dial-up Yet you will not have all messages on your computer
Thunderbird, Eudora, TheBat!
support multiple email accounts
Webmail
allows to use email with your browser - good when you are on the go For non professional use:
Hotmail, Yahoo
, etc. - but it is not a true email
Email Programs: Outlook
• The use of Outlook and Outlook Express is discouraged although by now Microsoft plugged many of the security holes in them. • These email programs are the targets of virus and malware mongers, which may lead to big problems in your computer. • • If you still intend to use this program, please check regularly that its capability to
execute malicious code in messages
is still turned off - it has a tendency to occasionally turn itself on.
Thunderbird Email Program
easily imports all Outlooks settings and archived messages
Email Programs: Thunderbird
• Modern program for email much similar to old Netscape 4 • Powerful message filtering in specified topic folders • Has an inbuilt
self-learning spam filter
that is very efficient and excludes the need of an external spam blocker • May operate several different email accounts • Turn off
writing in HTML
in option settings!
• Thunderbird easily imports settings and messages from major email programs
Email Programs: LotusNotes
• Turn off the capability to execute malicious code that may be included in email messages. • Change the default for calling browser when clicking on the link embedded in a message. This default needs to be replaced with the installed default browser -- Firefox or Opera. Calling Internet Explorer is dangerous!
Using Email - 9
Basic Rules of Nice Conduct
1. Never consider email as confidential 2. Email should best be a simple message 3. Do not send messages formatted with HTML - not all email clients can deal with them in the same way, opening HTML message confirms a hit for spammers (impossible in AOL email program ) 4. Avoid sending binary attachments these may come corrupted and can carry viruses How to avoid binary attachments in Email, see http://www.intmed.vcu.edu/inm/advice.html
5. Do not open “strange” messages
Internet’s Most Intimate Secret
Like Wine Dichotomy in Russia
- Vodka, Moonshine , Brandy are considered
White wine
- all the rest are
Red wines
Internet’s Most Intimate Secret
Data Dichotomy in Internet
- Text files: Plain English text: A-Z, a-z, 0-9 - Binary files: all the rest
Internet’s Most Intimate Secret
The Revelation
Only text files can go through Internet Binary files will come corrupted
To send a binary, it must be converted to a text file (encoded) and on the receiving end the encoded file must be decoded.
In Email, binary files go as
attachments
.
Different email programs treat attachments differently, which may lead to confusion and errors
Professional Communications
medical and confidential
• Communications with patients should be authenticated to avoid forgeries and
trolling
• Cryptographic signature/certificate • Watch for SECURE CONNECTION “lock” icon in the browser when submitting confidential data!
• Beware of the bogus
phishing
websites!
Phishing in Email
O Bad guys try to obtain info on your financial data and other confidentials O Banks and real traders never ask you about such with emails – NEVER.
O Bad guys create fake websites looking like real ones, say Amazon and steal your data.
O Always check if your data will be sent to the right destination by analyzing the links!
Security: Communications
Cryptonomicon
by Neal Stephenson 80% adventures and fiction, 5% pearls
Recommendations - 1
• Avoid mainstream programs like Microsoft’s, AOL’s, etc. – use existing alternatives • Use Firefox for web browser • Use Thunderbird for email • Update Windows and verify that update completed – weekly • Never connect to Internet without running virus protection
Recommendations - 2
• Install a firewall – ZoneAlarm • Turn off Windows spying features and unneeded services • Make file extensions visible • Install, update and run weekly several Antispy programs – Adaware, Spybot, MSAntispy • Use anti-spam filters in email • Do not open strange email messages – trash them
Recommendations - 3
• Do not emulate spammers: do not write messages formatted in HTML • Avoid sending binary attachments.
Never send EXE and ZIP files • Never open attachments in unsolicited emails • Be cautious opening attachments even from your known partners. They may be infected
Recommendations - 4
• Install extensions in Firefox browser to expand its functionality • Before clicking on any link, verify where this link actually leads you • Set up your browser to delete cookies when you close browser • Set up your email program not to execute javascript embedded in messages • Beware of phishing
Secure Use of Internet “Safe Hex”
Presentation by Vlad Olchanski, PhD VCU Department of Internal Medicine at the Virginia Heart Institute February 17, 2006 http://www.intmed.vcu.edu/inm/infotech.shtml
http://www.medinf.vcu.edu
(804) 828-5384