1 / 18

My Computer Is Scaring Me To Death!

My Computer Is Scaring Me To Death!.  Mark Branom October 28, 2004. Topics. Computer Security Spam Pop-up Blockers Computer Viruses Spyware. Computer Security.

beth
Télécharger la présentation

My Computer Is Scaring Me To Death!

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. My Computer Is Scaring Me To Death! Mark Branom October 28, 2004

  2. Topics • Computer Security • Spam • Pop-up Blockers • Computer Viruses • Spyware

  3. Computer Security • Stanford primarily uses host-based security to protect the University network and computing systems. This means that every computer and system connected to the network needs to be protected against hackers and viruses. • Make sure your computer is patched against security holes. • Use the BigFix Patch Management Software:http://www.stanford.edu/services/bigfix/ • Alternatively, update your computer manually • Windows users: http://windowsupdate.microsoft.com • Mac users: http://www.apple.com/support/downloads • Secure Computing at Stanford:http://securecomputing.stanford.edu • Password Suggestions:http://www.stanford.edu/group/dcg/leland-docs/ passwords.html#rules

  4. Encrypting Passwords • Always use PC-Leland, MacLeland, SSL (Secure Socket Layers) or SSH (Secure SHell) whenever you are sending your password across the network. These tools encrypt your password and will help prevent its theft. • You can get PC-Leland and MacLeland from the Essential Stanford Software website: http://ess.stanford.edu

  5. Sniffer log: No encryption -- TCP/IP LOG -- TM: Mon Sep 6 00:01:16 -- PATH: elaine1.Stanford.EDU=> elaine2.stanford.edu DATA:(255)(253)^C(255)(251)^X(255)(251)^_(255)(251)!(255)(251)"(255)(251)'(255)(253)^E :VT100(255)(240)(255)(253)^A(255)^Amarkb : g(127) tGtBatU : logout SUNet ID password

  6. Sniffer log: Using PC-Leland TCP/IP LOG -- TM: Sun Sep 5 16:51:19 -- PATH: elaine1.Stanford.EDU=> elaine2.Stanford.EDU STAT: Sun Sep 5 16:51:26, 73 pkts, 128 bytes DATA: (255)(253)(159)(255)(251)^_(255)(253)^A(255)(253)^C(255) (251)%(255)(251)&(255)(250)^_ :P:^X(255)(240)(255)(250)%:(255)(240)(255)(253)&(255)(250)&^E(255)(240)(255)(250)&^A^A^B(255)(240) : Samson(255)(240)(255)(250)^X

  7. Protecting Against Viruses • Most people already have anti-virus software on their computers. Symantec AntiVirus is available at no additional cost to Stanford users at the Essential Stanford Software page, http://ess.stanford.edu/ • Note: your anti-virus program is only as good as the last time it was updated with the latest virus definitions. These definitions are needed to identify and screen for viruses. To update your virus definitions, run LiveUpdate.

  8. Using LiveUpdate on the Mac 1. Launch Symantec AntiVirus and click "LiveUpdate". 2. Click "Update Everything Now". LiveUpdate will download and install the latest virus definitions. You may need to restart your machine when it has finished.

  9. Using LiveUpdate on the PC 1. Launch Symantec AntiVirus. 2. Click "LiveUpdate". 3. Connect to the Internet and press "Next". 4. Follow the instructions to install any updates and virus definitions.

  10. Spam • Spam is any unsolicited email that you receive. • Tips for preventing spam: • Do not reply to spam! • Some junkmail messages urge you to send an "unsubscribe" reply to their service if you want to get off their list. This is a common ploy for harvesting email addresses; instead of getting off their lists, you'll be added to others (your email address may even be sold to other direct marketers), and you'll find yourself getting more spam than before. • Don’t use complete email address on web pages or newsgroup postings. markb@REMOVEMEstanford.edu markb<at>stanford<dot>edu <a href="http://stanfordwho.stanford.edu/lookup/?search=markb"> Contact Mark Branom </a>

  11. Stanford’s Anti-Spam Feature http://www.stanford.edu/services/email/antispam/ In the Fall of 2002, Stanford implemented a spam filtering system for @stanford email. The system works by scanning incoming email for spam before it gets delivered to your Inbox. When the system finds email that matches verifiable spam message patterns, it adds a key word to the Subject line indicating how certain it is that the message qualifies as spam; then delivers the email as usual. This lets you decide for yourself how to deal with spam.

  12. Filtering Spam Email that might be spam will have a [SPAM:# #] tag added to its subject line. For example: Before Subject: Get What You Want From: eDiets Motivation <motivation@EDIETS.COM> After Subject: [SPAM:####] Get What You Want From: eDiets Motivation <motivation@EDIETS.COM> The number of "#" signs (pound or number signs) after the word "Spam:" indicates how sure the system is that your email qualifies as spam. To get one "#", the system must be 50% certain that it has found spam. Each "#" after that is another 5%-10% of certainty. Set your email program to filter out email messages with the subject "[SPAM". See http://www.stanford.edu/services/email/antispam/ for instructions.

  13. Banner ads and Pop Up ads • Banner ads have become universal as a form of advertising on the Web. These are usually narrow graphics, sometimes logos, sometimes animated signboards, about an inch and a half high and about 4 inches long. • Pop Up ads are usually small windows that pop up either when a link or linked item is clicked, or by some automatic stimulus. Pop Up ads can appear either on top of or behind open browser windows. • Pop Up and Banner Ad Blockers (warning -- these can cause trouble with some web-based applications such as Kronos or ReportMart): • Webwasher (blocks both Pop Up and Banner ads): http://www.webwasher.com (Windows only) • AdSubtract (blocks both Pop Up and Banner ads): http://www.adsubtract.com (Windows only) • Google toolbar (blocks Pop Up ads): http://toolbar.google.com/ (Windows only) • Safari (blocks Pop Up ads): http://www.apple.com/safari/ (Apple OS X only) • Netscape 7 (blocks Pop Up ads): http://www.netscape.com (Mac/Windows)

  14. Spyware / Adware • Spyware is any technology or programming on your computer that covertly gathers information; the data can then sold to advertisers or to other interested parties. • The type of information harvested from your computer differs. Some spyware tracks your system information only—such as your type of Internet connection and type of operating system. Other spyware collects personal information—such as detailed tracking of your Internet surfing habits, or worse, harvesting of your personal files. • Spyware is installed without the user's consent (if you give consent for a company to collect your data this is no longer considered spying, so read online data disclosure statements carefully before consenting). • Some people don’t object to general spying that tracks Internet and software trends as long as personal identifying information is not included; others object to any information being taken from their computer without their consent. Either way, the software or device that gathers the information is called spyware. • Adware is any software that contains advertisements. Some adware includes code that tracks user’s personal information and passes it onto third parties, thus making it spyware.

  15. How do you get spyware? • Spyware applications can sneak onto your machine when you: • open spam email (even by simply viewing it!) • visit a website • click a pop-up window • use a file-sharing service • download "free" utilities, games, toolbars, media players, etc. • The download process is often unannounced so that you will remain unaware that your computer has accepted spyware. This deceptive method of filling your computer with tracking software you didn’t request is called a drive-by download. • Depending on the degree of aggressiveness, spyware programs can steal your privacy or even your identity. • Some common spyware offenders: • Gator (http://www.gator.com) -- will try to trick you into installing the spyware programs; if you say “no”, it asks “are you sure?” • CometCursor (http://www.cometcursor.com) -- installs a cute cursor, but then tracks your computer information and sends it to the company • Connect2Party and TheDialer -- silently disconnects your modem, then reconnects using an international long-distance number or 900 number.

  16. Some Signs of Spyware • Your phone bill includes expensive calls to 900 numbers you never made. • Your search tool changes unexpectedly. • Your antispyware or antivirus software stops working correctly. • New items appear in your Favorites or Bookmarks. • Your system runs slower than it used to. • Pop up advertisements appear when your browser is not running. • Your browser’s home page changes to something unwanted.

  17. Tips to avoid spyware • Use antispyware applications. ITSS is currently investigating several of these applications and is negotiating a site license. Check the Essential Stanford Software by Fall. In the meantime, the following seem to be the best: • SpySweeper (http://webroot.com) • SpyBot (http://www.safer-networking.org) • Ad-Aware (http://www.lavasoft.com) • Ad-Aware is only legal to use on home machines; do not use it on work computers • Avoid peer-to-peer file sharing services. • Do not open spam email. Web bugs can be embedded in contaminated HTML email, and if you open a contaminated email message, the bug is launched. It is no longer safe to open unsolicited email. • Don’t install anything without understanding EXACTLY what it is. Read the end-user license agreement carefully. • Make sure your browser settings are stringent enough to protect the computer. In Internet Explorer, set the Internet Zone to at least Medium. Deny the browser permission to install ActiveX controls.

  18. Resources • Stanford-licensed software: http://ess.stanford.edu • Computer Security: • BigFix Patch Management: http://www.stanford.edu/services/bigfix/ • http://windowsupdate.microsoft.com • http://www.apple.com/support/downloads • http://securecomputing.stanford.edu • http://www.stanford.edu/group/dcg/leland-docs/passwords.html#rules • Email / Spam • http://www.stanford.edu/services/email/antispam/ • http://email.stanford.edu • Pop Up and Banner Ad Blockers: • Webwasher (blocks both Pop Up and Banner ads): http://www.webwasher.com (Windows only) • AdSubtract (blocks both Pop Up and Banner ads): http://www.adsubtract.com (Windows only) • Google toolbar (blocks Pop Up ads): http://toolbar.google.com/ (Windows only) • Safari (blocks Pop Up ads): http://www.apple.com/safari/ (Apple OS X only) • Netscape 7 (blocks Pop Up ads): http://www.netscape.com (Mac/Windows) • Spyware Software: • SpySweeper: http://webroot.com (also at http://ess.stanford.edu) • SpyBot: http://www.safer-networking.org • Ad-Aware: http://www.lavasoft.com (only for home machines, not work computers)

More Related