600 likes | 1.38k Vues
Personal Security Security Tips for Home Internet Users Securing your home computer Accessing the Internet from home Convenient Abundance of information Exposes your computer Can be costly or damaging Overview Internet access Why Should I be concerned with Security
E N D
Personal Security Security Tips for Home Internet Users
Securing your home computer • Accessing the Internet from home • Convenient • Abundance of information • Exposes your computer • Can be costly or damaging
Overview • Internet access • Why Should I be concerned with Security • What are the most common vulnerabilities • What security tools are available • Where can I find more information
Internet • Complex system of attached networks • Designed to distribute data geographically at high speeds in a short period of time • Data is distributed in a variety of formats • Examples: PDF, JPEG, MOV, MP3, Text • Information is stored or viewed locally on your computer
Broadband • High speed access to the home user • Types • DSL • Cable Modem
DSL • Digital Subscriber Line • Typically ADSL • Asymmetric Digital Subscriber Line • Offers dedicated bandwidth • Speed • 384 kbps downstream • 128 kbps upstream • Up to 1.5 Mbps down 800 kbps up • Varies depending on service level and distance from CO (Central Office) • Maximum distance varies 14000 – 17500 ft
DSL Configuration • DSL Modem • DSL Splitter and Filters • DSLAM • Digital Subscriber Line Access Multiplexer • ISP • Internet Service Provider
Cable Modem • Shared bandwidth • Speed per channel • 27 Mbps shared download • 10 Mbps Upload • Connects to CMTS (Cable Modem Transmission System) at cable company • Provides packet filtering, and traffic shaping
What about security? • Why should I be concerned? • What are the vulnerabilities? • What can I do to protect myself? • How do I recover from an attack?
Why should I be Concerned • You lose crucial data • You spend time and money on recovery • You feel violated, helpless and foolish • You risk propagating the attack to your peers and others • Your peers and others know how foolish you are
Vulnerabilities • Viruses • Hacks • Data Capturing • Lack of contingency planning
Virus • 60,000 Variations in circulation • Types of Viruses • Antivirus Software • Best Practices
Types of Viruses • Viruses are Segments of code or complete programs that can damage your system or degrade system performance. • Trojan Horse • Worm • Hoax
Trojan Horses • A program disguised as having a desired purpose while subversively performing an unwanted action on your system. • Often open backdoor access to your system • Notorious Trojan Horses • Simpson's • Backdoor • Sub7 • BackOrafice • NetBus
Worm • Self Propagating independent program that adversely affects your computer performance or damages your computer • Hall of fame • Melissa • Nimda • LoveLetter • Anna Kournikova • CodeRed • SirCam
Hoax • An unsubstantiated virus alert intended to cause panic • Typically warning of the most damaging or dangerous virus • Examples • BudweiserFrogs • A virtual card for you • !0000 – Stop mass mailings • Wobbler • Win a holiday
Best Practice: Virus prevention • Always verify your antivirus software is running and Update your antivirus software
Best Practice: Virus prevention 2 • When receiving email do not open attachments unless you are expecting them • Take virus alerts seriously • Sources of alerts • Institutional Notification • News Media alerts • Word of mouth
Virus recovery • Use antivirus software and tools to clean system • http://www.mcafee.com • http://www.symantec.com • Find manual steps for virus removal • Reinstall your system from scratch
Hacks • Hacking • What is hacking • How does hacking happen • Types of attacks • Prevention methods
Hacking • Gaining unauthorized access to computer systems for malicious purposes
How Hacking Happens • System information is collected • Footprinting • Scanning • Probing • Enumeration • Software vulnerabilities are exploited • System passwords are guessed or not employed
Types of Attacks • Interference • Interception • Impersonation
Interference • Attacks that render objects or services unusable • Denial of service • Distributed Denial of service • System alteration
Interception • Captures Data through monitoring or redirection • Monitoring • Wire taps • Network Monitoring • Redirection • Alteration of DNS servers • Man in the middle
Impersonation • When the attacker assumes the identity of a trusted source • Spoof attacks • Using the IP source address of a trusted source computer • Password attacks • Password enumeration
Prevention Methods • Know your system • Tools to help protect your system • Watch for and apply security patches • Contingency planning
Know your system • Inventory your system • Baseline system and network performance • Identify vulnerabilities
Inventory your system • Software Inventory • Running Software • File and printer sharing • Startup Software • Installed Software • Software Keys • Software Licensing • Hardware • Installed components • Vendor specific device drivers
Inventory Tools • Microsoft • System Information 98 • Manage Computer System summary • Windows NT Diagnostics
Inventory Tools 2 • Belarc Advisor
System Baseline • Task manager • Memory Utilization • Process Utilization • Performance monitor • Log low use system state • Log high use system state
Network Baseline • Check Internet Bandwidth speed • McAfee Speedometer • http://promos.mcafee.com/speedometer/test_0150.asp • Ftp Large Files • Hash • Download Statistics
Network Baseline 2 • Use traceroute • Check TTL stats • Use performance monitor to check utilization • Network Utilization
Identify Vulnerablilities • Filesharing • Opens access to your files remotely • Should be turned off if not used • Protected with security device and used with complex passwords • Web Browsing • Personal information is accessible via cookie files • ActiveX components can launch Visual Basic Application components included in Microsoft Office • Disable ActiveX components unless necessary
Security Boundries • Personal Computer • Local Network Security • Internet Security
Internet Protocol (IP) • Address your computer on the network and where your computer can be reached • 32 Bit numeric device address. • Dotted Decimal Notation • Ex: 192.168.99.32 • Consists of network and host address. • Determined by subnet mask • 255.255.255.0 • Network 192.168.99.0 • Host 0.0.0.32
Network Security • Dynamic Addressing • IP address changes over scheduled time • Private Addressing • Reserved address range by IANA • 10.0.0.0 • 192.168.0.0 • 172.16.0.0 • Encryption
Encryption • Method of repackaging data into cyphertext in order to keep observers from viewing data and preserve data integrity • SSL – Secure Sockets Layer • Encrypts Communication between web browsers and web servers over the internet • Uses Public and private key exchange • VPN – Virtual Private Networking • Secure Tunnel • Key Encryption • Symmetric • Asymmetric • Encryption Algorithms • SHA – Secure Hashing Algorithm • DES – Data Encryption Standard
What your ISP does for you • Private addressing • Dynamic addressing • Email virus scanning • Abuse@isp.com
Security Tools • Routers • Proxy Servers • Firewalls • Application • Circuit Switching • Scanners
Routers • ACL Filter packets • Deny or Allow • Destination or Source • Separate Networks • Gateway • Private Network
Proxy Server • Resides between web sites and web browser • Takes Request from client • Issues request to web server • Caches web content locally • Improves network performance
Firewalls • Separates untrusted external network with trusted internal network. • Types of Firewalling • Personal Firewall • Network Firewall
Types of Firewalling • ACL – Access Control Lists • Filters Packets • Application Firewalling • Verifies command legitimacy • Can be performance intensive • Proxying • Circuit Switching • Allows data sessions by request
Personal Firewall • Installed on local Computer • Rules Based • Alerts to system intrusion • Accounting Logs events for network forensics • Risky can affect stability of your computer • Personal firewalls replace operating system kernel components and can conflict with other applications • Vendors • Sygate Personal Firewall – http://www.sygate.com • Black Ice Defender – http://www.networkice.com • McAfee Personal Firewall – http://www.mcafee.com • Norton Personal Firewall – http://www.symantec.com • Zone Alarm – http://www.zonelabs.com
Network Firewalls • DSL Cable Routers • Filter Packets • Separates Network • Uses Private Addressing • Vendors • Linksys DSL/Cable Router • http://www.linksys.com • Dlink Home Gateway Internet Sharing and Firewall • http://www.dlink.com • Proxim – Netline Gateway • http://www.proxim.com • SMC Barricade • http://www.smc.com
Port Scanners • Scans IP Port numbers for available services • Gibson Research Center • http://www.grc.com
Contingency • Backup your data • Often • Use Rotation schedule • Store software, license and key information in a safe convenient place. • Software includes device drivers, application software, and operating system
Who can I turn to? • Abuse@yourisp.com • System Administration Networking Security • http://www.sans.org • Carnegie Mellon - Computer Emergency Response Center • http://www.cert.org • FBI – Internet Fraud Complaint Center • http://www.fbi.gov/interagency/ifcc/filingcomplaint.htm