Transcript Document

Surf Safely with a “Clean” Computer
Roger Thornburn
June 2008
2
Surf Safely with a Clean Computer
Seminar Goals
Internet Security
 Background on internet security threats
 How to protect your computer
 Using a “Sandbox”
A Clean Computer
 Using CCleaner
 To clean out temporary files
 To clean the registry
 Disk defrag
 Scheduling these tasks
June 2008
Roger Thornburn
3
Surf Safely with a Clean Computer
Unwanted Visitors!
The Four Main Threats to Your Computer
 Hackers
 Viruses, worms & trojans
 Spyware and hijacks
 Operating System/Apps
security “holes”
Annoyances
 Email Spam
 Adware
 Pop-up Ads
See Wikipedia (http://en.wikipedia.org/wiki/Malware) or handout
June 2008
Roger Thornburn
4
Surf Safely with a Clean Computer
Dealing With the Threats
Hackers
 Use a Firewall. Windows XP and Vista both have a
good built-in software firewall
 If on broadband, then use a router with a h/w firewall
Viruses
 Use ONE Anti-Virus tool
Spyware
 Use ONE real time Anti-Spyware tool
 Can use more than one anti-spyware scanner
June 2008
Roger Thornburn
5
Surf Safely with a Clean Computer
So, Are You Safe Now?
Better – but not completely
 Security holes not yet patched.
 Not yet acknowledged by software suplier
 No fix yet available
 Haven’t updated all your programs
 Pop up windows requiring user action
 Standard “Window” with a question or offer, with Yes/No
buttons
So, still at risk from:
 “Drive-by” that exploits a software security hole
 Malicious java script, Flash animations, etc.
Both exploit weaknesses in poorly written software
that enable Spyware, Hijacks, Worms, Bots, etc. to
be put on your computer, directly from a Webpage
June 2008
Roger Thornburn
6
Surf Safely with a Clean Computer
The Answer Is ….
 A “sandbox” is a special software program that




June 2008
isolates any application running inside it, from the
rest of your computer.
After running your application, delete the sandbox
and all traces of the application are also deleted.
So, if we open our Internet Browser inside a
sandbox, then any malware that tries to enter our
computer, either by accidentally “clicking” the
wrong thing, or by a drive-by, will be trapped inside.
The sandbox I will show you today, is a freeware
program called Sandboxie
Can be downloaded from www.sandboxie.com
A Sandbox!
Roger Thornburn
7
Surf Safely with a Clean Computer
How Sandboxie works
Without
Sandboxie
Using
Sandboxie
Writes
Reads
Sandboxie
temporary storage
Reads
Writes
Hard Drive
Hard Drive
For a complete explanation, see http://www.sandboxie.com/index.php?FrequentlyAskedQuestions
June 2008
Roger Thornburn
8
Surf Safely with a Clean Computer
Sandboxie
Basics
 All programs can be opened sandboxed
 Main use is for your Internet Browser and email client
 Can also be used to run downloaded or other programs to
“test” without leaving any traces on your computer
 Email attachments opened inside the sandbox
 Files you want to keep can be copied from the
sandbox
Do I still need A-V and A-S?
 Yes.
 Sandboxie will stop any program or software being written
to your hard drive.
 It does not do any virus or Spyware checking
June 2008
Roger Thornburn
9
Surf Safely with a Clean Computer
Using Sandboxie
 Good tutorial.
 Open Sandboxie, click Help>Getting Started Tutorial
 Sandboxie automatically creates a desktop icon that
opens your default browser in a sandbox (e.g. Internet
Explorer)
 Just double click this icon
 Use “Right Click” and select “Open Sandboxed” to
open any other program in a sandbox
 Use for email – Outlook Express, Windows Mail, etc.
 Also for “testing” new programs.
 When using a sandboxed browser or email client,
nothing is saved:
 Cookies, temporary internet files, favorites
 New add-ons (e.g. Flash plug-in)
 Downloaded files or programs
 Saved attachments
June 2008
Roger Thornburn
10
Surf Safely with a Clean Computer
Using Sandboxie
Saving files from the sandbox
 Download to “My Documents” or Desktop’
 Sandboxie will allow you to “recover” these files
 Other folders can be added to be recovered
Online banking, credit card, brokerage or other
“trusted” website.
 As cookies will not be saved, these hi-security sites
may require you to answer a security question
 Go to these sites once, outside the sandbox, login and the
cookie will be saved
Other
 By default, favorites will not be saved
 Can make a change in the Sandbox Settings
June 2008
Roger Thornburn
11
Surf Safely with a Clean Computer
Sandboxie Settings
 Open Sandboxie Default Settings
 Open Sandboxie Control
 click Sandbox>DefaultBox>Sandbox Settings
 Recovery folders
 click Recovery>Quick Recovery. Add folders if necessary
 Automatically delete sandbox when no longer active
 click Delete. Check “Automatically delete…..
 Enable web browser favorites:
 click Applications>Web Browser. Check “Allow Direct
Access to ….. And/or for Firefox
 Also check “Allow Full Access to Protected…. If you use
saved password.
 Enable email client:
 click Applications>Email Reader. Check the appropriate
check box for you email client.
June 2008
Roger Thornburn
12
Surf Safely with a Clean Computer
Summary for Safe Surfing
 Use a Firewall – Windows XP/Vista is fine
 Keep your Windows and internet enabled apps
patched/updated
 Use ONE Anti-Virus program
 Use a ONE real time Anti-Spyware program
 Consider using a combined A-V & A-S, e.g. AVG 8,
Norton AV, Kapersky AV, Webroot, Avast, etc.
 A total internet suite is not a necessity.
 Use an email/ISP service that scans ALL your email
 Yahoo, Excite, Google, Dell, etc.
 Only download programs from known sites
 Don’t accept programs on CD from unknown people
 Use Sandboxie for surfing the web and email
June 2008
Roger Thornburn
13
Surf Safely with a Clean Computer
Let’s do some
more demos
June 2008
Roger Thornburn
14
Surf Safely with a Clean Computer
Cleaning Up Your Computer
Use CCleaner
 Removes all temporary files
 Internet
 Logs
 Windows
 Removes cookies
 Select those to keep
 Registry cleanup
Defragment your Hard Drive
 Combines fragmented files
 Speeds up disk operations
 Slightly different interface XP to Vista
June 2008
Roger Thornburn
15
Surf Safely with a Clean Computer
Suggested Sequence
 Download and install Sandboxie & CCleaner
 In CCleaner, select items to clean, include all cookies
 Run CCleaner including the Registry cleaner
 Open non-sandoxed browser, and login to all your hi-
security sites (bank, credit card, etc.) and any
customized page (e.g. Yahoo)
 Reopen CCleaner, in Options>Cookies, move all
cookies to “Cookies To Keep”
 Change settings to default Sandbox
 Applications>Web Browser
 Check to Allow Direct Access to Internet Explorer Favorites
 Check to Allow Access to Protected Storage
 Applications>Email Reader
 Delete>Invocation and check Automatically delete contents
 Now can run browser in sandbox and run CCleaner
June 2008
Roger Thornburn
16
Surf Safely with a Clean Computer
Scheduling the Cleanup
Vista
 Defragmenter includes a scheduler
 Select daily/weekly and time (computer needs to be on)
 Use Task Scheduler for CCleaner
 Control Panel>Administrative Tools>Task Scheduler
 Action>Basic task – set day and time (computer needs to be on)
 Select CCleaner and type /auto for the argument
Windows XP
 Create a batch file (c:\cleanup.bat)
 “c:\program files\ccleaner\ccleaner.exe” /auto
“c:\windows\system32\defrag.exe” c:
 Use Scheduled Tasks to run this batch file
 Control Panel>Scheduled Tasks>Add scheduled task
 Select c:\cleanup.bat – set day and time
 Check “Open advanced…” and check “Run only..”
June 2008
Roger Thornburn
Enjoy Your Surfing Experience
June 2008