1 / 172

Internet Security & Personal Privacy

Internet Security & Personal Privacy. Presented by. John Bondon. Office: Walnut Creek. Phone: 925-210-2242. Threats to your Online Privacy. Learn …. The Truth About Cookies. Ways Your Browser Squeals on You. Why Hackers love your Home PC . What is Malware?.

gusty
Télécharger la présentation

Internet Security & Personal Privacy

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Internet Security & Personal Privacy Presented by John Bondon Office: Walnut Creek Phone: 925-210-2242

  2. Threats to your Online Privacy Learn … • The Truth About Cookies • Ways Your Browser Squeals on You • Why Hackers love your Home PC • What is Malware? • The Importance of Strong Passwords

  3. Today’s Agenda • Threats to Personal Privacy on the Internet • The Blaster & Nachi Worms • Why BC Got Hit? How to Protect Yourself? • Why The Internet Went Down in WC • How to Protect your Computer Home • The Truth About Cookies • What You Should Know About FTP

  4. Fighting Back … Best Practices to Secure your Home PC • Personal Firewall vs Internet Gateway • To Patch or Not To Patch? • Simple vs Complex Passwords • Donating your PC to Charity...Securely

  5. Data Security Concerns @ BC • Social Engineering: Convenience vs Security • The Risks of FTP, POP3, and SMTP • The Risks & Abuses of an Anonymous FTP site • Why never use FTP for ‘confidential’ documents. • How secure is a ‘private’ FTP site? • The Truth About Password Protection

  6. Why Talk About Security? • On the Need to Educate Users The art of war is of vital importance to the State. It is a matter of life and death, a road either to safety or to ruin. Hence it is a subject of inquiry which can on no account be neglected.

  7. Why Talk About Security? In this day and age when everyone and everything has to be connected to the Internet for some reason or another, there comes a point when there is more technology than people that truly understand it. When few people truly understand what they are defending, your defenses wear thin, and it only takes a small few who understand what they're attacking to defeat the plans of many.

  8. Blaster / Lovsan • Infected 500,000+ computers globally • One of the most widespread of 2003 • Exploits to Remote Procedure Call (RPC) Vulnerabilities in Windows • MS03-026 • Attacks ports 135, 139, 445, or 593 • MS03-039 • Send malformed message to create Buffer Overflow in RPCSS service • Does Not Delete Data, but Can Bring Down Entire Network

  9. Nachi / MSBLAST • Removes Blaster • Scans for other infectedmachines to fix via ICMP • Applies an appropriate patchto each infected computer it finds. • The worm is designed to retire January 1, 2004. • ONE Nachi infected machine connected via VPN was all it took to bring down our entire Walnut Creek Internet circuit!

  10. How to Prevent Blaster & Nachi from Infecting YOU • Use a Firewall • Keep your Windows OS Up-To-Date • Keep you Anti-Virus Software Up-to-Date

  11. The Truth About Hackers • Why Hackers Hack • How Hackers Hack • Why Home PCs are More Interesting Targets • The Real Threat to the Corporate Network

  12. Has Brown & Caldwell Even Been Hacked? • YES!  • Anonymous FTP Site • Targeted Weekly • Files Have Been Deleted by Upset Hackers • Typically Used for File Swapping • At Least 3 DMZ Web Servers • Compromised Over 2 Years Ago • Someone Had Full Admin Rights Remotely

  13. What is a Firewall?

  14. Firewall for Protection • Protocol Inspection • UDP, TCP, or ICMP? • Port Blocking: 80 http/web 443 SSL/https 25 SMTP/email 110 POP3/email 20-21 FTP 135–139 NetBios/RPC

  15. Software Based Firewalls:Personal Firewalls • Provides added application level protection • Can block trojans talking outbound • Requires Technical Knowledge of Firewall and TCP/IP concepts, & OS applications • Creating wrong rule could easily break functionality! • Can be difficult for average user to troubleshoot

  16. Hardware Based Firewalls:Internet Gateways & Routers • Easy to Setup – virtually Plug & Play! • Will protect several machines at once • Can not block at application level • Does NOT protect against malware • Wireless models often don’t provide Firewall protection on wireless side  • Beware the DMZ Zone!

  17. Software Firewall Examples • Windows XP ICF (inbound ONLY) • ZoneAlarm (recommended) • Tiny Personal Firewall (recommended) • Sygate Personal Firewall • Most Anti-Virus software now includes a personal firewall built-in as well • Use GRC.COM’s “Leak Test” to test your Personal Firewall

  18. Hardware Firewall Examples • Linksys BEFSR41 or BEFSX41 • Linksys Wireless-G VPN Broadband Router • DLINK DI-804HV w/VPN • DLINK DI-624 Xtreme Wireless

  19. Tips for Wireless Routers • Typically Not Protected by Firewall • Enable 128-bit WEP Encryption • Require WEP Connections • Change Default Configuration Settings • ESSID • WEP key • Administrator password • Channel

  20. DEMO: Port Scans How Hackers Really Hack

  21. TRY THIS AT HOME:How Secure Are You? • The Shields-UP! Test • Symantec Security Check

  22. Windows Messenger Service • NetBIOS / RPC • Latest Threat • MS03-043

  23. Ways to get into your PC • Windows OS (Operating System) • Port Vulnerabilities • HTML (email/web) • Direct X • Windows Media Player • Active X • Java or VB scripting • MS Virtual Machine (VM) • MS Office (macros/VBA scripting) • Application Software (PCA, Netscape, etc)

  24. A Word Regarding Viruses, Trojans, and Worms • Viruses vs Worms vs Trojans • Cell Phone Viruses – They DO Exist! • Proper Configuration • Files Types • Joke Programs • Keeping Up-to-date • Scan Engine • Virus Definitions

  25. Windows Configuration Tips • Show Hidden Files • Don’t Hide Known File Extensions • Turn Off File & Print Sharing • Disable port 445 by disabling Netbt

  26. To Patch or Not to Patch? • Why Patch? How Frequent? • The Risks of Patching • Passing the Buck: Who’s Fault Is It? • Where Obtain Updates? • Windows Update Service • Microsoft Critical Update Notification • The Promise of SUS

  27. Internet Security & Personal Privacy: Part Two Presented by John Bondon Office: Walnut Creek Phone: 925-210-2242

  28. What We Covered In Part One (November 2003) • Personal Firewalls: Software vs. Hardware • Windows Configuration Tips • Viruses, Trojans, & Worms • To Patch or Not to Patch? • The Truth About How Hackers Hack • Ways Your Machine Can Be Compromised • A Review of the Blaster & Nachi Worms Replay available at: http://www.bc.com/Security/

  29. Today’s Agenda • How to Protect Yourself from Identity Theft • The Risks of Spyware, Adware, & Dialers • How Marketers Track you Online • The Truth about Privacy Seals

  30. Ways to get into your PC • Windows OS (Operating System) • Port Vulnerabilities • HTML (email/web) • Direct X • Windows Media Player • Active X • Java or VB scripting • MS Virtual Machine (VM) • MS Office (macros/VBA scripting) • Application Software (PCA, Netscape, etc)

  31. GreyMagic Security Advisory GM#001-IE • Execute commands without Active Scripting or ActiveX • Object runs in the “My Computer” Zone • Any application that hosts the WebBrowser control (5.5+) if affected: • Microsoft Internet Explorer • Microsoft Outlook • Microsoft Outlook Express • Patched by MS02-047 (August 22, 2002)

  32. Browser Vulnerabilities • http://browsercheck.qualys.com/ Cookie Discosure Clipboard Reading Program Execution File Execution Web Page Spoofing Security Zone Spoofing Hard Drive Access

  33. Your Privacy At Risk • Email & Web Scams • Real Viruses • Phony Hoaxes • Spyware • Dialers • Default PC Configuration • NetBIOS enabled on a Broadband connection • Other services running w/o your knowledge? • Identity Theft

  34. Your Privacy At Risk Privacy activist Richard Smith has discovered a web bug embedded in the page on which surfers land when they mis-type a web address. This web bug, set by internet advertising company Overture, sets a cookie and can be used to track surfers for five years before it expires.

  35. The Gator Corporation Products: Gator / Offer Companion / Trickler / GAIN Threat: Adware & Spyware Upon visit of some Gator related pages, it tries to download and install.

  36. According to Tribune Media Services "Gator tracks the sites that users visit and forwards that data back to the company's servers.Gator sells the use of this information to advertisers who can purchase the opportunity to make ads pop up at certain moments, such as when specific words appear on a screen.It also lets companies launch a pop-up ad when users visit a competitor's Web site."

  37. Privacy Statement • Some information we may collect, use, and associate with your Anonymous ID includes: • which web pages your computer views • how much time is spent at those sites • Your response to the ads we display • Standard web log information • System settings • What software is on your computer

  38. Privacy Statement (continued) • Some information we may collect, use, and associate with your Anonymous ID includes: • Your first name • Country • Five digit ZIP code • Your GAINware usage characteristics and preferences

  39. Information associated with your Anonymous ID is used in any of three ways: • to offer assistance (e.g. knowing when to offer help filling in a form or adjust your computer's clock), • b) to select and deliver installation files for optional new GAINware and/or third party software applications, and • c) to deliver advertisements and information to you on behalf of our advertisers who are often competitors of the web sites you are viewing.

  40. Your Privacy At Risk • Email & Web Scams: phishing • Incidents Increasing • Internet Scam Artists claim as many as 1 in 10 recipients will fill out the forms! • Look Like the Real Thing! • from real companies like eBay, Citibank or America Online • Ask for credit card numbers, Social Security numbers, and other critical personal data.

  41. Web Page Spoofing (URL Phishing) • Bug in Windows Internet Explorer (does not affect Mac versions of IE) • No Patch or fix currently available! • Can’t Trust the address listed in URL! • DEMO PAGE: http://i.dslr.net/symantec/worse2.html

  42. Protecting Yourself from Web Page Spoofing/Phishing • Never enter sensitive data into a form that you were directed to from an email message, or that you are not 100% sure is safe • No Patch or fix currently available! • Can’t Trust the address listed in URL!

  43. Common PayPal Email Scam • Asks for your Personal Information • Creates Urgency (Do it TODAY!) • Looks Official (same look as website)

  44. PayPal Email Scam Dear PayPal member, We regret to inform you that your account is about to be expired in next five business days. To avoid suspension of your account you have to reactivate it by providing us with your personal information.

  45. PayPal Email Scam To update your personal profile and continue using PayPal services you have to run the attached application to this email. Just run it and follow the instructions. IMPORTANT! If you ignore this alert, your account will be suspended in next five business days and you will not be able to use PayPal anymore.

  46. August 29, 2003 Example • e-mail message allegedly sent by security@microsoft.com • subject line or heading containing the words "Use This Patch Immediately" (or similar). • File Attachment labeled PATCH.EXE. • Typically the body of these deceptive messages includes text similar to the following: Dear Friend, use this Internet Explorer patch now!There are dangerous viruses on the Internet now!More than 500,000 already infected!

  47. August 29, 2003 Example • Content of that attachment is not a Windows patch, but the "Dumaru" internet worm.  • Dumaru is a mass-mailing worm that uses the e-mail addresses in your address book to distribute itself to other computers via the internet. • This worm could be used to send SPAM from your e-mail accounts, or to spoof your e-mail addresses so that SPAM appears to be coming from your accounts when in fact it is not. • Microsoft never e-mails patches or Windows updates to users of its software, so you should immediately delete such e-mail messages.

  48. Your Privacy At Risk • Dialers • Aka “modem hijacking” • Alyon Technologies • Porn dialer • Installed without users permission or knowledge • Dials expensive porn sites, charges appear on long distance phone bill. (@4.99/min!) • FBI warns can lead to identity theft

  49. Your Privacy At Risk • Adware • Could be the Cause of those Annoying Pop-Up/Under Ads on your Computer • Way More Common Than You Think! • Spyware • More Common Than You Think! • Tracks Your Internet Behavior • Most Anti-Spyware is Trojan-ware! • Trusted: Ad-Aware or Spy-Bot

  50. List of Software Containing Spyware • Search Google for Spyware Infested Software http://virgolamobile.50megs.com/spyware/spyware.htm Spybot Search & Destroy “Threats” page

More Related