1 / 68

Computer Security

Computer Security. CPEs for CPAs Program Georgia Perimeter College December 9, 2005. Today’s Topics. The Need for Computer Security Setting Up a Secure Computer System Using Your Computer Securely Special Concerns for Wireless Networks. Today’s Topics. Focus on Quality and effectiveness

aminia
Télécharger la présentation

Computer Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Computer Security CPEs for CPAs Program Georgia Perimeter College December 9, 2005

  2. Today’s Topics • The Need for Computer Security • Setting Up a Secure Computer System • Using Your Computer Securely • Special Concerns for Wireless Networks

  3. Today’s Topics • Focus on • Quality and effectiveness • Free or low-cost solutions • Ease of use

  4. The Need for Computer Security • Computers face a wide variety of threats • Intrusions • Privacy invasions • Hijackings • Data corruption • Viruses • And more

  5. The Need for Computer Security (cont.) • Threats come from many sources • Physical access • Network access • Use of removable media • Use of common programs • http://media.trendmicro.com/product/general/malware.html

  6. How to Keep a System Perfectly Secure • Don’t connect it to any type of network • Don’t use email • Don’t have Internet access • Don’t shop online • Don’t bank online • Don’t share files with other users

  7. How to Keep a System Perfectly Secure (cont.) • Don’t use any removable media • Floppy disks • CDs/DVDs • Flash Drives/USB devices • Exception: New, unused CDs for backup of data

  8. How to Keep a System Perfectly Secure (cont.) • Don’t let anyone but yourself ever use the computer • Permanently secure it to the building structure

  9. Okay, this may not be feasible! So what do we do?

  10. What about security for the REST of us?

  11. Setting Up a Secure System • Three Critical Steps • Access Control / Password Protection • Hardware Solutions • Software Solutions

  12. Access Control • Simple solution to some problems • No cost involved • Only handles some problems

  13. Password Protection • Set up login password on ALL computers • Handled in operating system • Do not allow a “guest” account on computers • With Windows, accounts can be bypassed • Never allow automatic login

  14. Password Protection (cont.) • Extra protection desirable for laptops • Set up BIOS password • Power on • Hit designated key when prompt appears (must do quickly) • Locate password option on BIOS screen • Caution: if you forget this password, NO ONE can get into your computer

  15. Hardware Solutions • Acts as “first line of defense” by controlling network access • Only protects from external threats • Does not protect against invasion from within network itself • Does not protect against threats hidden inside legitimate data

  16. Hardware Firewall • Monitors network data transfers • LANs • Internet • Blocks unauthorized traffic while allowing legitimate traffic • May also perform additional security functions

  17. Hardware Firewall (cont.) • Any computer connected to Internet needs a firewall • Broadband connections are more vulnerable • Even dial-up users can be attacked from outside

  18. Hardware Firewall (cont.) • Makes your computer “invisible” from outside the local network • Often found as part of network routing device • Invaders “see” the router, not computers behind it

  19. Hardware Firewall (cont.) • Install between computers and modem in a local network Internet Connection Modem Router Computer Computer Computer

  20. Hardware Firewall (cont.) • Setup and configuration depends on specific device • Follow directions given by manufacturer

  21. Hardware Firewall (cont.) • Solution for the truly paranoid, or the truly geeky • Bare-bones machine running Linux instead of Windows, combined with switch to connect machines

  22. Hardware Firewall (cont.) • Most hacking attacks target Windows features • Using Linux machine instead of router prevents these attacks • For information and instructions: • Router Design Project, http://www.routerdesign.com • Coyote Linux Project, http://www.coyotelinux.com

  23. Software Solutions • Software firewalls • Anti-virus software • Anti-malware software • Alternatives to common programs • Fixes for common programs

  24. Software Firewalls • Not a replacement for hardware firewalls • Protect individual computers within a network • Hardware firewall protects entire network • Protect portable machines which may not always use a hardware firewall

  25. Software Firewalls (cont.) • Analyze incoming data from network • Block undesirable data • Better programs block undesirable outgoing data as well

  26. Software Firewalls (cont.) • Windows XP Internet Connection Firewall (ICF) • Monitors/blocks incoming traffic only • Will NOT block hijack attempts • Better than nothing but not an optimal solution

  27. Software Firewalls (cont.) • ZoneAlarm – top choice • Monitors traffic in both directions • Helps prevent hijacking of your computer • Basic free version is adequate for most users

  28. Software Firewalls (cont.) • Download from http://www.zonealarm.com/ • Install via wizard • Configuration • Done through normal computer usage • Does take time

  29. Anti-Virus/Anti-Spyware Software • Viruses and spyware are two different problems • Both technologies can cause problems • Require two different solutions

  30. Anti-Virus Software • Virus -- n : a software program capable of reproducing itself and usually capable of causing great harm to files or other programs on the same computer; "a true virus cannot spread to another computer without human assistance" -- dictionary.com

  31. Anti-Virus Software (cont.) • AVG AntiVirus • Free for personal use • May not provide quality of protection of a commercial program

  32. Anti-Virus Software (cont.) • Trend MicroSystems PC-Cillin • Top-rated choice • Very effective • Norton Anti-Virus • Not my favorite – I’ve had problems • McAfee Anti-Virus

  33. Anti-Virus Software (cont.) • Wizards handle installation seamlessly • Configure automatic email/file attachment scans • Need to upgrade virus signature subscription yearly if you don’t upgrade program

  34. Anti-Malware Software • Malware is catchall term for spyware and adware-type programs • Adware • Software that, without your consent, tracks and reports your web usage to another entity without reporting personally identifying information

  35. Anti-Malware Software (cont.) • Spyware • Software whose purpose is to collect personally identifying demographic and usage information from your computer, usually for advertising purposes • Software that 'sneaks' onto the system or performs other activities hidden to the user.--http://cexx.org

  36. Anti-Malware Software • No one program today catches all spyware – multiple programs needed • SpyBot Search and Destroy • http://www.safer-networking.org • AdAware • http://www.lavasoft.com • Trend MicroSystems Anti-Spyware • Web-based scan • http://www.trendmicro.com

  37. Software Alternatives • Microsoft products are favorite targets of crackers • Widespread use (80%+ of PCs use these) • Easily exploitable security holes • Particularly vulnerable • Internet Explorer – web browser • Outlook – email client

  38. Software Alternatives (cont.) • Web Browsers • Mozilla Firefox • Opera • Email Clients • Mozilla Thunderbird • Eudora • Office Software • OpenOffice

  39. Alternatives to Internet Explorer • Mozilla Firefox • Tutorial: http://opensourcearticles.com/articles/firefox_15/english/part_01 • Opera

  40. Alternatives to Outlook • Email is most vulnerable feature of Outlook • Most alternatives only deal with email • Scheduling, memo, other features not provided

  41. Eudora • Download from http://www.eudora.com • Available in free, ad-supported, or paid versions • Supports multiple email accounts, folders, junk email filtering

  42. Mozilla Thunderbird • Imports existing email and contact information • Similar look & feel to Outlook • Handles multiple email accounts • Provides adaptive junk email filtering • Automatically blocks scripts • Deters spread of viruses

  43. Mozilla Thunderbird (cont.) • Download from http://www.mozilla.com/ • Excellent tutorial: http://opensourcearticles.com/articles/thunderbird_15/english/part_01

  44. Mozilla Thunderbird (cont.) • Installation • Wizard handles all work • Configuration • Set up account(s) • Import existing email/contact info • Set up spam filtering

  45. Office Software • Open Office • Alternative to Microsoft Office • Mostly, but not fully, compatible • Available from http://www.openoffice.org/

  46. Other Software • Windows Media Player • Potential for privacy invasion through “supercookie” • Disable with following step: • Tools->Options->Player • Uncheck box beside “Allow Internet sites to uniquely identify your Player.”

  47. Other Software (cont.) • Windows Messenger • Allows pop-ups without an active browser • Not to be confused with MSN Messenger! • To stop, disable the service • Start->Run, type services.msc & click OK • Double-click the Messenger entry • Choose Stop • Choose Disabled from the StartUpType list

  48. Using Your Computer Securely • Monitor your computer’s behavior • Schedule maintenance tasks • Use hard-to-break passwords • Protect your data files • Take precautions with Internet data • Be extra careful with wireless networks

  49. Monitor Your Computer • Watch for unusual activity • Signs of problems: • Excessive hard disk access • Slow operation • Pop-up windows

  50. Schedule Maintenance Tasks • Running tasks automatically ensures they are actually run! • Many programs let you schedule them from the program itself • Other programs can be scheduled from Control Panel • Start->Settings->Control Panel-> Scheduled Tasks

More Related