Securing Your Computer

Download Report

Transcript Securing Your Computer 

Securing Your Computer
Daniel W. Saylak, D.O.
Bryan, Texas
[email protected]
Why is everybody always picking
on me?” Charlie Brown
• Criminal
– Stealing identities
– Credit Card Numbers
– Bank Fraud
• Commercial
– On-Line Shopping tendencies
– Plotting activities within the web site
• Malicious
– “Because we can” Dead Cow Society
“Legitimate Use”
• Federal and some state jurisdictions allow
real-time logging of keystrokes if certain
legal requirements are satisfied.
• Hard Drives are regularly confiscated and
even deleted data can be recovered for
use as evidence
• Pornography
• Terrorism
• National Security
“Cookies”
• Usually very small files/ pieces of
information that help you go to certain web
sites
• Example E-bay knows what your
purchasing preferences are based on
these tiny files.
• Usually harmless
• Occupies hard drive space
Viruses
• A program within a program which
frequently disables parts of the operating
system.
• Although technically different, the terms
virus, worm, Trojan all indicate similar
behaving program.
• Usually malicious
• Surprising high number of code writer
prosecuted are under 21 years of age
Viruses
• Causes billions of dollars in damage and
expense not only to businesses but also to
individual users
• Huge industry has developed to prevent
propagation of these programs
• But some seem very attractive
• CoolWWWeb search
• Weatherbug
Viruses
• Some viruses are capable of deleting all
contents of hard drives
• Force browsers to a “new” home page
• May “hide" from some virus security
programs
Spyware
• Small files that store and/ or send
information about your computing activities
• Music purchases
• On-Line purchases
• Automobile information
• Information may be sold to other vendors
• At this time, this is the most actively
prosecuted computer activity. Usually
handled in federal courts.
AdWare
• Small files or programs that are like
commercials
• More and more vendors including
Microsoft are combating this.
• Frequently you may allow this with some
licencesing agreements or site use
agreements.
Facts
• It is estimated that an unprotected
computer exposed to the internet will
experience its first attack within 5-7
minutes
• A virus/worm opened from an unsolicited
e-mail shut down the CNN network and
affiliates completely for nearly 8 hours.
• It was written by a 15 high school student
in Israel.
Lions and Tigers and Bears
Oh My! Wizard of Oz
• Two types of Solutions
• Hardware
• Software
Hardware
• Firewall
– A device that monitors ports and points of
access for every computer running through
the device.
– Complicated to setup
– Requires regular maintenance
– Usually used in medium and large business
networks.
– Some internet service providers are now
doing this for subscribers
Hardware
• Router
– Inexpensive (<$80)
– Plug and Play
– Creates an internal network so the bad guys”
can not see your computer directly.
Software Solutions
• Personal Bias:
– The Software should be:
• Free (freeware) or at minimal cost
• Easily accessible
• Easy to Use
Remember: No one single solution is
perfect
Keep your operating system
up-to-date
•
•
•
•
•
Microsoft
http://update.microsoft.com
Turn on the Windows Firewall
Turn on Automatic update
Linux, Apple, BSD, Unix all have user
groups
Malware
• http://www.microsoft.com/security/malwareremove/defau
lt.mspx
• The Microsoft Windows Malicious Software Removal
Tool checks computers running Windows XP, Windows
2000, and Windows Server 2003 for infections by
specific, prevalent malicious software—including Blaster,
Sasser, and Mydoom—and helps remove any infection
found. When the detection and removal process is
complete, the tool displays a report describing the
outcome, including which, if any, malicious software was
detected and removed.
Antivirus
• 2 vendors dominate the purchase patterns:
• Symantec (Norton)
– (http//www.symantec.com)
• McAfee
– (http://www.mcafee.com)
Source: PC Magazine 9/2005
• Freeware alternative:
• AVG
– (http://www.grisoft.com)
– Surprisingly elegant!
– Extremely effective
• Warning: Use only one antivirus program
Spyware
SpyBot Search & Destroy
http://www.safer-networking.org/en/
•
Spybot - Search & Destroy can detect and remove spyware of different kinds from
your computer. Spyware is a relatively new kind of threat that common anti-virus
applications do not yet cover. If you see new toolbars in your Internet Explorer that
you didn't intentionally install, if your browser crashes, or if you browser start page
has changed without your knowing, you most probably have spyware. But even if
you don't see anything, you may be infected, because more and more spyware is
emerging that is silently tracking your surfing behavior to create a marketing profile
of you that will be sold to advertisement companies. Spybot-S&D is free, so there's
no harm in trying to see if something snooped into your computer, too :)
•
To see a list of threats that Spybot-S&D can remove, click on Support in the
navigation bar at the left, and there on Threats. If you want an introduction how
Spybot-S&D works, please read the tutorial. If you fear incompatibility with other
software you are using, we can assure you that will not be the case. Still, we have
created a compatibility overview listing some software that compatibility has been
asked for before.
•
Spybot-S&D can also clean usage tracks, an interesting function if you share your
computer with other users and don't want them to see what you worked on. And for
professional users, it allows to fix some registry inconsistencies and extended
reports. A list of features is available if you click on features.
AdWare
http://www.lavasoftusa.com/
•
Very elegant interface that rapidly looks at every file on your computer,
identifies adware, and allows you to delete it. Ad-Watch is a real-time
monitor included in the Ad-Aware SE Plus, Professional and Enterprise
packages. Sharing the definition file with Ad-Aware SE, Ad-Watch adds
another layer of protection on top of Ad-Aware SE’s scanning and removal
capability. It accomplishes this by running silently in the background and
watching memory for suspicious processes. While Ad-Aware SE is able to
detect and clean your system from known malware and adware, Ad-Watch
is able to go a step further and catch these programs before they have a
chance to integrate into your system.
The end result
• There is something surprisingly satisfying
about taking back control of your computer
from outside forces.
• Prodigious improvement in performance of
individual computers is regularly seen
• Let your Internet Service Provider know if
they fail to filter for you. You can always
protest with your wallet.
Heal and Innoculate your PC
5 Minute Fixes
• Get rid of Bloatware
• Keep it out…
– Windows Defender (included Vista)
• http://tinyurl.com/47cus
• Tells you what starts at startup
– Scan for Scoundrels
•
•
•
•
Windows Defender
SpyBot (www.safernetworking.com)
AdAdware (http://www.lavasoftusa.com)
A-Squared (http://tinyurl/2gb93)
• Vaccinate
– PandaSecurity AV – web based (www.pandasecurity.com/usa)
• Perform a Root(Kit) Canal
– Blacklight (www.f-secure.com/blacklight)
– AVG (www.grissoft.com)