home pc security & internet browser tips
DESCRIPTION
Home PC Security & Internet Browser Tips. Todd W. Jorns Senior Director for Educational Technology Illinois Community College Board. Topics. User Accounts Passwords Windows Updates Anti-Virus Software Anti-Spyware Software Email Browsers. Logging On to Windows. - PowerPoint PPT PresentationTRANSCRIPT
Home PC Security & Internet Browser Tips
Todd W. JornsSenior Director for Educational TechnologyIllinois Community College Board
Topics
User AccountsPasswordsWindows UpdatesAnti-Virus SoftwareAnti-Spyware SoftwareEmailBrowsers
Logging On to Windows
Do not run Windows as an Administrator Increases vulnerabilities
Trojan Horse: a program that does something else than it appears to do
May reformat your hard drive, delete files, create another user with administrative control
Instead:Create a User Account
Creating a User
Passwords
Pick a good password for all accounts—it’s your first and sometimes only defense
Password dangers:CrackingSocial Engineering
Passwords: Good Characteristics
Length Number of characters Longer is better and harder to guess
Width Types of characters Should include at least three of
Uppercase letters Lowercase letters Numbers Special characters (e.g. ? ! @ #)
Depth Challenging meaning
Phonetic: Imukat2 for I’m a cat, too Mnemonic: FM2tM for Fly Me to the Moon
Update Windows: Early & Often
Updates close known vulnerabilities that are targeted by hackers
Options for updates:Automatically download and install
Manually download and install
To configure:Control Panel | System | Automatic Updates
Check Office Updates
MS makes updates available on its web page
Users should check here at least once per month: http://office.microsoft.com/en-us/officeupdate/default.aspx
Anti-Virus Software
A virus is: Program or programming code that replicates;
Transmitted as attachments to an e-mail note or in a downloaded file, or may be present on a diskette, CD, or thumb drive.
A virus might: Immediately affect you or lie dormant;
Be benign and playful or devastatingly harmful.
Anti-Virus Software: Key issues
Most AV software can be configured to automatically update itself
Daily is best if possible After expiration, no updates will occur Why? New viruses every day!
Scan your computer automatically Configure the software to run at a time when no one
will be on the computer At least once a week
If you use IM, try to find software that scans for IM viruses
Anti-Virus: Free software
Online: Housecall - http://housecall.trendmicro.com/
Panda ActiveScan -http://www.pandasoftware.com/activescan/
Downloadable: AVG Free - http://free.grisoft.com/doc/2/lng/us/tpl/v5
avast! Home Edition - http://www.avast.com/eng/down_home.html
Spyware: What is it?
Strictly defined, spyware consists of computer software that gathers and reports information about a computer user without the user's knowledge or consent.
From Wikipedia, the free encyclopedia
Spyware: Problems
Installs without user’s informed consent Invades privacy and steals bandwidthOften causes system instability
Crashes Hanging Slowing
May modify shared files Causing other applications to fail Making spyware difficult to remove Interrupting Internet connectivity
Spyware: Remedies
Numerous Anti-spyware programs and removal tools Spybot Search and Destroy:
http://www.safer-networking.org/en/index.html Adaware:
http://www.lavasoftusa.com/software/adaware/ MS Anti-Spyware:
http://www.microsoft.com/athome/security/spyware/software/default.mspx
Various Anti-Virus programs
Spyware: Prevention
Spyblaster: http://www.javacoolsoftware.com/spywareblaster.html
Disabling Active-X
Using only reputable sources for software
Updating Software to fix known vulnerabilities Windows operating systems
Browser software
Most frequently used tool
One of the most vulnerable tools “out of the box”
IssuesHTML
Attachments
E-mail: Attachments
Never open any unsolicited attachmentsDo not trust attachments from known
parties Scan all attachments
Executable code Macros
Never open attachments that are programs (.bat, .chm, .cmd, .com, .exe, .hta, .ocx, .pif, .scr, .shs, .vbe, .vbs, or .wsf).
How to see file extensions
In ME, 2000, and XP:Open My Computer
Choose Tools | Folder Options
Choose the View Tab
Uncheck: Hide file extensions for known file types
Click OK
Email: Spam
Never respond to spam
Signals a “live” e-mail address
May be added to list and sold
Consequence: MORE spam!
E-mail: Phishing
The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identify theft
Microsoft, your bank, AOL, PayPal will never send you announcements about updates---and neither will most businesses. If unsure, use the telephone!
Web: The World Wide Web
World Wide Web brought color, pictures, and motion to the Internet
Browser: Software application used to access the World Wide Web Internet ExplorerFirefoxOpera
Popularity of WWW means that it’s a favorite for malicious activities
Web: Making it safer
Consider disabling AutoComplete anyone at your computer will be able to easily see
where you've been on the Web worse yet, anyone at your computer will be able to
easily impersonate you at Web sites that require you to input information
In IE Select Tools and choose "Internet Options ..." Click the "Advanced" tab. Scroll down and uncheck the box next to "Use inline
AutoComplete for Web addresses".
Web: Signals of secure site
Look for a site that uses a secure channel for transmission of credit card information
Key clues:https
Locked padlock
Test Browser Security
Jason’s Toolbox:
Online test of browser security
Leads you through each step
http://www.jasons-toolbox.com/BrowserSecurity/
The Internet: A huge network
When you connect to the Internet, your computer is connected to all the other computers---and the good and bad users behind them
Understanding a little about that communication will help you to understand the need for something called a Firewall
IP Addresses
IP or Internet addresses are like addresses for buildings If you know the address of a building, you can
locate it and send it information If you know the address for a computer, you can
send it information
Fortunately, we don’t have to remember the numbers because of an Internet service called Domain Name System which translates for us!
Firewalls: Filters for packets
A firewall is a piece of software or hardware, which stands between two networks or computers and controls access between them
Controls the traffic flow in and out of networks or computers based on IP Addresses and Port numbers
Router (Hardware )
Hides your computer from the Internet Internet address is given to your router
Computer receives a private Internet address
The harder you are to find, the harder it will be for someone—or something—to hurt you!
A must for broadband (cable/dsl) Internet connections
Key: Change the default password!
Personal Firewalls (software)
Watches information going in and out of the computer – but you decide
Will allow you to monitor programsAllow only programs of which you are sure
Watch for outgoing programs (e.g.,spyware)
Know how to shutdown Internet connectivity
Personal Firewalls - Software
Zone Alarm http://www.zonelabs.com/store/content/company/
products/znalm/freeDownload.jsp
Sygate Personal Firewall http://smb.sygate.com/products/spf_standard.htm
Test Your System
HackerWacker:
http://hackerwhacker.com:4000/freetools.php
ShieldsUp:
http://www.grc.com/default.htm
Online Resource
www.iccb.org/pchelp