Transcript Surfing Safely: Security for the Masses

Surfing Safely:
Security for the Masses
Kevin W. Wall, CISSP
[email protected]
http://www.wideopenwest.com/~kwwall/pr
esentations/security/safe-surfing.ppt
Copyright © – Kevin W. Wall – Some Rights Reserved.
This work is licensed under the Creative Commons®
Attribution-NonCommercial-ShareAlike 2.5 License.
To view a copy of this license, visit
http://creativecommons.org/licenses/by-nc-sa/2.5/
Overview
•
•
•
•
•
What this talk is and is not
Some security statistics
Fundamental security tips
Basic security ideas
Fighting common problems
–
–
–
–
Combating identity theft
Worms and viruses
Spyware / adware
Common Internet scams
What This Talk Is… and Is Not
• What it is…
–
–
–
–
An attempt to give back to the community
Make my job easier by having a smarter populace
Focuses on Windows (specifically XP Home)
Focuses on common problems
• What it is not…
– An endorsement of particular products
– An attempt to sell services or consulting
– An offer to fix your computer (that’s why the others are
here ;-)
– Comprehensive
Some Security Statistics
• One in four people see at least one scam e-mail a
month (usually phishing).
• 23% of Americans affected by online identity
theft.
• 70% of consumers thought fraudulent e-mails they
received from legitimate company.
• 80% PCs lack up-to-date anti-virus, spyware
protection, or firewall.
• Most people surveyed believed their PCs were
safe online.
• 4 minutes: Average amount of time a default
install, unpatched Windows XP SP1 system lasted
on the Internet before being compromised.
Fundamental Security Tips
•
Jeff Richards’ Laws of Data Security:
1. Don’t buy a computer
2. If you buy a computer, don’t turn it on.
•
To which Matt Bishop added:
3. If you’ve already turned on your computer,
don’t connect it to the Internet.
•
Kevin Wall’s Corollary:
4. If you do connect to the Internet, use nothing
faster than a 300 baud modem, as this will
slow down the rate your PC is infected with
viruses, worms, and spyware.
Fundamental Security Tips
(The Real Ones)
1.
2.
Regularly back up your PC.
Enable auto-updates.
•
Minimally for Windows, your anti-virus software, your antispyware software, and your browser.
Login using “limited” account normal work.
Install and configure a firewall.
Install and configure anti-virus and anti-spyware
software so they are always active.
6. If possible, switch to less “targeted” software.
7. Don’t surf to “seedy” sites.
8. Don’t open unexpected e-mail attachments.
9. Secure your WiFi connections at home.
10. Pick strong passwords and use software to manage them.
3.
4.
5.
Strong Passwords: An Example
Example:
TLhdgt4u,&wafwj.
Mnemonic: The LORD has done great things for us,
and we are filled with joy.
(Psalm 126:3 NIV)
Technique: Use first letter of each word, include
punctuation, change some words to digits or
symbols.
(Shameless plug) more techniques and examples at:
http://www.wideopenwest.com/~kwwall/presentation
s/security/good-passwords.html
Basic Security Ideas
Security is about:
• Managing risk
• Ensuring trust
Avoiding Identity Theft:
Phishing, Pharming, and other Phunny
Sounding Security Words
• Phishing
• Pharming
• Miscellaneous phiendishly clever spam
scams
• Tips for avoiding
Phishing
Definition: Phishing is a form of Internet
fraud whereby a criminal attempts to trick a
victim into accepting a false identity
presented by the criminal in order to trick
the victim into providing them with
valuable confidential information.
Typical bait: A phony e-mail
Typical hook: A phony web site that captures
your password, SSN, credit card
information, etc.
Identity Theft: Avoiding
• Order your free credit report yearly. Call 1877-322-8228 or visit:
http://www.annualcreditreport.com/
• Regularly check your credit card / bank
statements for unauthorized spending.
Pharming
• Definition: An attack that redirects the user
to a phony web site by “poisoning” the local
Domain Name System (DNS) server(s).
• Typical victim: User using the Internet via
an open WiFi hotspot.
• Security issue: Allows attacker to use a
“man-in-the-middle” attack to capture
everything you send to the phony web site.
Defeating Pharmers
• If you need to do something that you are not
willing to have everyone see, then use a virtual
private network (VPN).
– That includes e-mail, web surfing, IM, watching
podcasts, etc. What software tool is used is irrelevant.
• Otherwise, do not enter that type of information
while accessing the Internet via a WiFi hotspot.
• Change default router password on your home
router to avoid “drive-by” pharming.
Identity Theft: Avoiding
• Remove your name from the marketing lists
of the three credit reporting bureaus, to limit
pre-approved offers for credit or insurance.
Those offers contain sensitive information
that can be retrieved by identity thieves.
Call toll-free 1-888-567-8688 or go to
https://www.optoutprescreen.com/
Identity Theft: Avoiding
• Reduce the number of credit cards you
actively use.
– Carry only one or two of them in your wallet.
– Consider canceling unused accounts.
– Use temporary cards online.
• Never give out your Social Security
number, credit card number or other
personal information over the phone, by
mail or on the Internet unless you initiated
the call and have a trusted business
relationship with the company.
Identity Theft: Avoiding
• Always take your credit card receipts with
you and shred them whenever possible.
• Keep all security patches of your operating
system and applications up-to-date.
– Use automated updates if supported.
• Install a separate firewall at your router.
– Many decent, cheap router / firewall
combinations.
– Be sure to disable remote access.
– Keep anti-virus and spyware protection up-todate and run regularly.
Signs of Malware Infection
1. Browser homepage changed
2. Extra toolbars installed on browser that you didn’t install
3. Firewall keeps warning you of programs attempt to
connect to the Internet
4. Firewall or AV software keeps getting disabled
5. Your PC becomes inexplicably slow at times when you
aren’t really doing anything on it
6. Excessive pop-up windows that continually pop-up and
you can’t close while surfing the web
7. Your PC takes much longer in booting than it used to.
8. You get a lot of e-mail “bounces” addressed to people you
don’t know or a substantial increase in spam.
Two Common Internet Scams
• 419 (a.k.a.,
“Nigerian”) scam
• Fake stock broker
forecasting stock scam
Wk #
# left
Wk #
# left
1
4,000,0
00
7
62,500
2
2,000,0
00
8
31,250
3
1,000,0
00
9
15,625
4
500,000 10
7812
5
250,000 11
3906
6
125,000 12
1953
Avoiding Common Internet Scams
• Remember what your parent’s taught you: “If it sounds too
good to be true, then it probably is.”
• Beware of general fraud indicators:
–
–
–
–
–
Promise you money, jobs or prizes
Ask for donations
Propose lucrative business deals
Ask you to provide sensitive personal information
Ask you to follow a link to a website and log on to an account.
• Two good sites:
– http://www.hoax-slayer.com/common-internet-scams.html
– http://www.fbi.gov/majcases/fraud/internetschemes.htm
Useful References
• Qwest’s Incredible Internet site; in particular,
http://www.incredibleinternet.com/index.php?do=
protect_your_identity
• David Wheeler’s “Securing Microsoft Windows
(for Home and Small Business Users)”,
http://www.dwheeler.com/essays/securingwindows.html
• Internet Scambusters:
http://www.scambusters.org/