Home Security Tips & Tricks

Download Report

Transcript Home Security Tips & Tricks 

Nathan J. Gibson, CISSP-CISM-CCNA-MCSA






Virus
Trojans
Worms
Spyware
BotNets
Social Engineering
Thieves
 Hackers
 Sexual predators
 Harassers


Personal Data



Hard Drive Space




Pornography Storage
Hide stolen information
Distribute copyrighted material
CPU cycles



Identity Theft
Bank Account Information
Cracking code
Writing Software
Robot Computer


Attack other sites
Profit from large BotNet

E-mail




WebPages





Greeting Cards
Chain Letters
Hoax
Phishing
Blogs
CD’s, Jump Drives, Floppy Disk
Instant Messengers
PDA’s

Fake Greeting Cards




Appear to come from a friend
Links in e-mail point to malicious sites
Automatically Downloads malicious files
Chain Letters




“Bill Gates is tracking this e-mail”
Religious Emails
Sue needs your help emails
“Forward to Everyone you Know!!!!”

Hoax E-mails

“Diplomat Husband died and left me $100 Million
 $198.4 Million Lost in 2006 alone
 Date Line “ To catch an ID Thief”
 http://www.msnbc.msn.com/id/17805134/


Investment E-mails
Hoax Virus Alert E-mails
 Good Times Virus


Teenagers like to make friends
Messenger


Skilled in extracting information
Blogs

To much sensitive information
 MySpace - 500 people tested 80% release sensitive
information

Pictures reveal a lot of information and motivate
attackers







AntiVirus
AntiSpyware
Firewalls
Updates
Safe Browsing Habits
Common Sense and Knowledge
Rules

Antivirus

Free protection is available
 McAfee:
http://it.ouhsc.edu/services/desktopmgmnt/antivirussoftware.asp

 AVG: http://free.grisoft.com/
Install
 Scan Immediately

Configure
 Daily Automatic Updates
 At least Weekly Scans

Anti Spyware

Again Free Protection for all
 Spybot S & D:
 http://www.safer-networking.org/en/download/index.html

Configure
 Automatic Updates
 At least Weekly Scans

Firewall

Windows XP SP2 comes with a built in Firewall
 Turn on/Configure
 Don’t Ignore Warnings
 Periodically Check Exceptions

Updates



Configure to Automatically Update and Install
Check Software vendor sites for updates periodically
Don’t postpone/ignore computer notifications.

Safe Browsing Habits

Active X
 Set Internet Explorer Settings
 Think before clicking “Yes”


Java Prompts
Certificates
 Don’t except certificates from people you don’t trust
SSL/Https
 Internet Explorer Phishing Tools



Okay! Okay! I understand not to click on
everything. But my computer doesn’t give me
that prompt.
Configure your security level

Certificates – SSL – HTTPS



What is Phishing?


Secure & Confidential Internet
Requires a degree of Trust
www.bankofthewest.com vs.
www.bankofthevvest.com
How can I be sure the site I am browsing is
legit?
DOES THIS PROVE MY IDENTITY?
STATE LICENSE
HERE
-- This really proves
my Identity
Your in Luck, Built in Phishing Help!

Search Engine & Website Information

McAfee Site Advisor - Free
 Malicious Downloads
 Spam e-mail Site
 Phishing Sites
 Links to other known bad sites
http://www.siteadvisor.com/download/ie.html

Common Sense and Knowledge


If it is too good to be true…..
Research e-mails and websites
 www.snopes.com
 http://hoaxbusters.ciac.org/

Advise Family Members
 Block them if you have to

Criminal Act????

Mail Fraud(18 USC S1341)

How to keep your kids safe on the internet
Parenting
1.

Communicating
Technology
2.

Enforcing and Monitoring
Step 1:
 Establish a contract
Times that are allowed
 Activities that are allowed
 Punishment for rule violation


Computer should be in an open space and not
in their room
Step 2:
 Separate user accounts for you and your kids
You should have more rights than them to restrict
and monitor their activity
 Each child should have their own account and
password

 Trace unauthorized activity to a specific person
Step 3:
 Controlling Internet Activity


There are bad sites on the internet
Some legit and education sites can be flagged
because of certain content


Uninstall Chat programs you don’t want them
to use
Create an e-mail with your ISP for them
You can monitor and view e-mail
 Block other e-mail sites(e.g. hotmail, yahoo, etc.)


Key Loggers




Messengers
E-mail
Blogs
Browser History Programs

Configure your modems/routers to disable
internet activity during certain hours

Consult your ISP Technical support; they will gladly
help you
QUESTIONS/COMMENTS