november 2005hal stepp/melbourne hs. november 2005hal stepp/melbourne hs nets-t standards addressed...
TRANSCRIPT
![Page 1: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/1.jpg)
November 2005 Hal Stepp/Melbourne HS
![Page 2: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/2.jpg)
November 2005 Hal Stepp/Melbourne HS
NETS-T Standards AddressedI. Teachers demonstrate a sound understanding of technology operations
and concepts. Teachers: (A) demonstrate introductory knowledge, skills, and understanding of concepts related to technology (as described in the ISTE National Educational Technology Standards for Students); (B) demonstrate continual growth in technology knowledge and skills to stay abreast of current and emerging technologies.
V. Teachers use technology to enhance their productivity and professional practice. Teachers: (A) use technology resources to engage in ongoing professional development and lifelong learning; (B) continually evaluate and reflect on professional practice to make informed decisions regarding the use of technology in support of student learning; (C) apply technology to increase productivity;
VI. Teachers understand the social, ethical, legal, and human issues surrounding the use of technology in PK–12 schools and apply that understanding in practice. Teachers: (A) model and teach legal and ethical practice related to technology use; (D) promote safe and healthy use of technology resources; (E) facilitate equitable access to technology resources for all students.
![Page 3: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/3.jpg)
November 2005 Hal Stepp/Melbourne HS
Objectives• You will understand that computer security
is important, especially for teachers!
• You will learn how to create and safeguard effective passwords.
• You will learn how to detect and counter “social engineering” attacks.
• You will learn how to defend against malicious software attacks.
![Page 4: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/4.jpg)
November 2005 Hal Stepp/Melbourne HS
Overview• Is Security an Issue?• Physical Security
– Esp. Passwords!
• Behavioral Security– Social Engineering
• System Security– “Malware”
• Review• Resources
![Page 5: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/5.jpg)
November 2005 Hal Stepp/Melbourne HS
The Problem in a Nutshell
• Computers don’t LOOK like a threat, so people don’t associate them with danger.
![Page 6: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/6.jpg)
November 2005 Hal Stepp/Melbourne HS
An Idea to Ponder
• If your computer links you to the world…
• …then it also links the world to YOU!
![Page 7: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/7.jpg)
November 2005 Hal Stepp/Melbourne HS
A Sample of What’s in Computers “Out There”
![Page 8: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/8.jpg)
November 2005 Hal Stepp/Melbourne HS
And, the Holy Grail of Personal Info:
![Page 9: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/9.jpg)
November 2005 Hal Stepp/Melbourne HS
The Real Lesson from Katrina
• People are unwilling to spend money or worry about “possible” threats
• Most real protective actions are only taken AFTER a major catastrophe has occurred… …when it’s TOO
LATE!!! AP Photo
![Page 10: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/10.jpg)
November 2005 Hal Stepp/Melbourne HS
That’s where we are with computers…
• We are still in the early years of the Info Age
• The perceived threat is LOW
• The actual threat is VERY, VERY HIGH
![Page 11: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/11.jpg)
November 2005 Hal Stepp/Melbourne HS
Symptoms of a Serious Problem
http://www.informationweek.com/story/showArticle.jhtml?articleID=60402074
![Page 12: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/12.jpg)
November 2005 Hal Stepp/Melbourne HS
Symptoms of a Serious Problem
http://www.informationweek.com/showArticle.jhtml;jsessionid=QQXYNNLZFDL1IQSNDBCSKH0CJUMEKJVN?articleID=57702643
![Page 13: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/13.jpg)
November 2005 Hal Stepp/Melbourne HS
Symptoms of a Serious Problem
http://www.informationweek.com/story/showArticle.jhtml?articleID=60401873
![Page 14: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/14.jpg)
November 2005 Hal Stepp/Melbourne HS
Symptoms of a Serious Problem
http://www.informationweek.com/story/showArticle.jhtml;jsessionid=1WJUEBQ0ZLCUWQSNDBCSKHSCJUMEKJVN?articleID=60402295
![Page 15: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/15.jpg)
November 2005 Hal Stepp/Melbourne HS
What’s Happened in 2005?
http://www.privacyrights.org/ar/ChronDataBreaches.htm
![Page 16: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/16.jpg)
November 2005 Hal Stepp/Melbourne HS
What’s Happened in 2005?
http://www.privacyrights.org/ar/ChronDataBreaches.htm
![Page 17: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/17.jpg)
November 2005 Hal Stepp/Melbourne HS
“There is no such thing as ‘paranoia’ in a combat zone, only a heightened state of awareness.”
- Murphy’s Laws of Combat
![Page 18: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/18.jpg)
November 2005 Hal Stepp/Melbourne HS
3 Levels of Security:
• In order of importance:PhysicalBehavioralSystem
![Page 19: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/19.jpg)
November 2005 Hal Stepp/Melbourne HS
PHYSICAL SECURITY
![Page 20: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/20.jpg)
November 2005 Hal Stepp/Melbourne HS
What’s on YOUR Desktop?
• Grades (GradeQuick)
• Access to Student Info (DSDS)
• Access to Student Records (AS400)
• Access to Employee Pay Info (AS400)
• Access to Your Email– And ability to send email in YOUR name!
• Access to ALL Brevard County Resources
![Page 21: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/21.jpg)
November 2005 Hal Stepp/Melbourne HS
What is Physical Security?• Denying an attacker
PHYSICAL ACCESS to your computer and/or network.
• This is the FIRST and MOST IMPORTANT line of defense!!!
![Page 22: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/22.jpg)
November 2005 Hal Stepp/Melbourne HS
Practicing Physical Security• Make your PC a “no
student zone”.• Arrange classroom so
that keyboard and screen aren’t visible to students.
• Get to know what’s “normal” on and around your computer.
![Page 23: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/23.jpg)
November 2005 Hal Stepp/Melbourne HS
A Physical Security Lapse…
![Page 24: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/24.jpg)
November 2005 Hal Stepp/Melbourne HS
How he did it…
![Page 25: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/25.jpg)
November 2005 Hal Stepp/Melbourne HS
“Worst Practice”• Logging in to your
computer and walking away from it.
• Like leaving your front door unlocked and open.– Not only is your computer at
risk, but you’ve allowed complete network access…
…in your name!
![Page 26: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/26.jpg)
November 2005 Hal Stepp/Melbourne HS
A “Best Practice”• Make a habit: lock the
computer when you’re away.– CTRL + ALT + DEL– “k”
• All programs will stay running.
• To use your computer, just log on the way you normally do.
![Page 27: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/27.jpg)
November 2005 Hal Stepp/Melbourne HS
Your Password• Part of physical
security• Only YOU are
authorized to know it!– Your “key” to the
school’s computer network.
– All transactions done using your username & password belong to YOU!
![Page 28: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/28.jpg)
November 2005 Hal Stepp/Melbourne HS
Password “Don’ts”• If you must write it down,
don’t keep it near, at, on, in, or around your desk.
• Don’t use “easy guess” items, such as:– Birthdays– Your name, or variations
on family names– English words
![Page 29: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/29.jpg)
November 2005 Hal Stepp/Melbourne HS
A VERY Easy Password• Your bank PIN =
4 digit number– 10X10X10X10 =
10,000 combinations– This can be
“cracked” almost instantaneously, if you have access to the right software!
![Page 30: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/30.jpg)
November 2005 Hal Stepp/Melbourne HS
Letters: A Little Harder• 4 letters yield:
– 26X26X26X26 = 456,976 combinations
– This is about 46 times more difficult, but still simple for today’s computers.
![Page 31: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/31.jpg)
November 2005 Hal Stepp/Melbourne HS
Letters: Making it Easier• Problem: Most people
use common English words – Much smaller subset:
20,000 commonly used*– Vulnerable to “Dictionary
Attack”– 23 times easier to crack!– Bottom line: using words
makes hacking easier!
*http://www.wordorigins.org/number.htm
![Page 32: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/32.jpg)
November 2005 Hal Stepp/Melbourne HS
Anatomy of a Good Password• At least 8 characters• Combination of
– Letters (upper AND lower case)
– Numbers– “Special Characters”
• NOT English words• Memorable
– So you won’t need to write it down!
![Page 33: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/33.jpg)
November 2005 Hal Stepp/Melbourne HS
Notice the Improvement• 26+26+10+33 = 95 possible
characters per position.• 95X95X95X95X95X95X95X95=
6,634,204,312,890,625
possible combinations! • Goal: Make it complicated
enough to send would-be hackers on to easier targets!
![Page 34: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/34.jpg)
November 2005 Hal Stepp/Melbourne HS
Make it Memorable!
![Page 35: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/35.jpg)
November 2005 Hal Stepp/Melbourne HS
• Every 90 days– New BCPS requirement!
• In case of possible compromise– Whenever someone
watched with interest as you logged in.
• At the end of each school year.
When to Change Your Password
![Page 36: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/36.jpg)
November 2005 Hal Stepp/Melbourne HS
BEHAVIORAL SECURITY
![Page 37: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/37.jpg)
November 2005 Hal Stepp/Melbourne HS
What is “Social Engineering”?
• The use of psychology to gain unauthorized access to information, a computer, or a computer network.
![Page 38: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/38.jpg)
November 2005 Hal Stepp/Melbourne HS
The Problem• Most people tend
to be:
– Honest
– Law-abiding
– Trusting
– Sympathetic
– Unsuspecting
![Page 39: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/39.jpg)
November 2005 Hal Stepp/Melbourne HS
In Other Words…
![Page 40: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/40.jpg)
November 2005 Hal Stepp/Melbourne HS
Common Features of SE• Refusal to give contact information.• Rushing (“hurry or miss the deal”)• Name-dropping or intimidation• In email: misspellings, grammatical
errors, odd questions.• Appealing to GREED. • Requesting forbidden information. “Look for things that don’t quite
add up.” http://www.securityfocus.com/infocus/1533http://www.securityfocus.com/infocus/1533
![Page 41: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/41.jpg)
November 2005 Hal Stepp/Melbourne HS
Handling SE Attacks in Person…
“Just say no!”http://www.reaganranch.org/RR_denim.jpg
![Page 42: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/42.jpg)
November 2005 Hal Stepp/Melbourne HS
Handling SE Attacks in Person…
“Just say no!”http://www.reaganranch.org/RR_denim.jpg
![Page 43: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/43.jpg)
November 2005 Hal Stepp/Melbourne HS
A Common “SE” Attack• Ever get one of
these?• This is called a
“phishing” attack…
• Legitimate businesses NEVER do this!
![Page 44: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/44.jpg)
November 2005 Hal Stepp/Melbourne HS
Variation on a “Classic”
http://www.informationweek.com/story/showArticle.jhtml?articleID=60402243
![Page 45: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/45.jpg)
November 2005 Hal Stepp/Melbourne HS
Most Phishing is Foreign…
![Page 46: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/46.jpg)
November 2005 Hal Stepp/Melbourne HS
Shopping/Banking Online…NEVER transmit personal information by non-encrypted means!!!
-Look for https:// in the navigational window.
- There must also be a “lock” symbol in the bottom right hand corner of the screen.
![Page 47: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/47.jpg)
November 2005 Hal Stepp/Melbourne HS
IMPORTANT NOTE!
• An encrypted page does NOT guarantee a legitimate business on the other end, BUT
• …a legitimate business will always have an encrypted page when sensitive information is being handled!
![Page 48: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/48.jpg)
November 2005 Hal Stepp/Melbourne HS
System Security
![Page 49: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/49.jpg)
November 2005 Hal Stepp/Melbourne HS
System Security• Hardware / software
defenses.• You have little to do
with this at work, but it is VERY important at home!!!
• Includes firewalls, antivirus software, and system updates.
![Page 50: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/50.jpg)
November 2005 Hal Stepp/Melbourne HS
Biggest Threat: “Malware”• Malicious Code• Designed to perform
functions that are detrimental you, your computer, your network, or to someone else’s using your computer as the offensive agent.
![Page 51: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/51.jpg)
November 2005 Hal Stepp/Melbourne HS
Types of Malware
• Viruses
• Worms
• Trojan Horses
• Blended Threats
• Adware/Spyware
• Spam
![Page 52: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/52.jpg)
November 2005 Hal Stepp/Melbourne HS
Types of Malware
• Virus– A piece of code
that replicates itself by attaching to another object.
– Chief objective: self-replication on host computer.
Bott & Siechert, 295
![Page 53: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/53.jpg)
November 2005 Hal Stepp/Melbourne HS
Types of Malware
• Worm– Independent
program that copies itself to other computers.
– Often spread by bogus email attachments.
Bott & Siechert, 295
![Page 54: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/54.jpg)
November 2005 Hal Stepp/Melbourne HS
Types of Malware
• Trojan Horse– “Back door”
program that allows someone to remotely examine or control your computer.
Bott & Siechert, 296
![Page 55: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/55.jpg)
November 2005 Hal Stepp/Melbourne HS
Blended Threats• A “working
combination” of virus, worm and/or Trojan Horse code.
• Some of these can be VERY, VERY BAD!
Bott & Siechert, 296
![Page 56: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/56.jpg)
November 2005 Hal Stepp/Melbourne HS
Blended Threat: MyDoom WormMyDoom.as/au/bb has common characteristics with other
members of the family, including posing as an e-mail system error message, disguising the payload in a variety of file formats (including .zip), and most damaging, depositing a backdoor on the infected PC.
"The variant knocking at the front door is familiar, but it's leaving the backdoor open to something much more sinister," said CA's Curry. "It's creating a zombie network."
The backdoor Trojan, opens port 1034 and listens for commands from the controlling hacker.
"This is typical of worms and viruses," said Cluley. "Hackers try to download a backdoor component which they can then use to upload other programs to conduct spam or denial-of-service attacks."
http://www.informationweek.com/story/showArticle.jhtml?articleID=60401800
![Page 57: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/57.jpg)
November 2005 Hal Stepp/Melbourne HS
Adware/Spyware• Technically not
“malware,” but can have the same effect.
• Generally loaded on your computer when you visit certain websites, or click on “pop-up” windows.
• MANY unresolved privacy issues!
![Page 58: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/58.jpg)
November 2005 Hal Stepp/Melbourne HS
“Spam”• Mass-distributed “junk” email• Appeared when Monty Python
“spam” skit was popular.• Malware is frequently
distributed by spam!• NEVER OPEN spam!• NEVER CLICK links in spam!• If possible, use rules or a
spam filter to auto-delete.Picture: http://media.hormel.com/images/refimages/museum%20press%20kit/spam%20hero%20web%20ready.jpg
![Page 59: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/59.jpg)
November 2005 Hal Stepp/Melbourne HS
Fighting Back!
USAF Photo
![Page 60: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/60.jpg)
November 2005 Hal Stepp/Melbourne HS
#1 – Keep Windows UPDATED
• Weaknesses are continually being discovered in Windows and Internet Explorer.
• Failure to download “patches” = invitation to exploitation.
![Page 61: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/61.jpg)
November 2005 Hal Stepp/Melbourne HS
#2 Make Updates AUTOMATIC
• Set your computer so that updates are automatically downloaded.
• Start-Control Panel-Automatic Update
• Your school computer does this at night.– Leave it running!
![Page 62: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/62.jpg)
November 2005 Hal Stepp/Melbourne HS
#3 Use an Antivirus Program• On campus, we use
McAfee Enterprise.• If you can see the two
“shield” icons in the lower right corner, it’s running.
• Updates are automatic, and slow your computer down a lot when running!
![Page 63: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/63.jpg)
November 2005 Hal Stepp/Melbourne HS
Antivirus Software – At Home• NEVER operate a
computer online without an antivirus (AV) program!
• Make sure that automatic update is enabled.
• AV software is useless without constant updates!
![Page 64: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/64.jpg)
November 2005 Hal Stepp/Melbourne HS
Why Do You Need a Firewall? • AV software only
watches what comes INTO the computer.– Firewalls also monitor
what goes OUT.– A firewall is the only
defense against Trojan Horse programs.
![Page 65: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/65.jpg)
November 2005 Hal Stepp/Melbourne HS
Handling Adware/Spyware• There are several free
anti-spyware programs available.
• Example: Spybot Search and Destroy– Free for download at home!– Updated frequently.– “Immunizes” your computer
against repeat infection.
• Whatever you choose, use it at least weekly!
http://www.spybot.info/en/index.html
![Page 66: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/66.jpg)
November 2005 Hal Stepp/Melbourne HS
Some General “Best Practices”• Be VERY careful
about visiting Internet sites.
• Never click “popup” windows, use the “ _ ” to close them.
• NEVER open attachments or hyperlinks in email from unknown senders.
![Page 67: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/67.jpg)
November 2005 Hal Stepp/Melbourne HS
One More Thing to Think About…
• Hackers seem to HATE Bill Gates and Microsoft products.
• Most attacks exploit weaknesses in Windows, Internet Explorer and Outlook/Outlook Express.
www.microsoft.com/billgates/bio.asp
![Page 68: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/68.jpg)
November 2005 Hal Stepp/Melbourne HS
Get Out of the Bulls-eye!• Alternative Internet
and email programs• Example:
www.mozilla.org• Firefox 1.0
– “Safer” web browser– Good pop-up blocking
• Thunderbird 1.0– Email program– Excellent spam filter
![Page 69: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/69.jpg)
November 2005 Hal Stepp/Melbourne HS
Review• Physical security
– The MOST IMPORTANT level of defense!– Make your computer a “no student” zone.– Arrange your screen and keyboard so that
they can’t be directly observed.– Lock your computer when it is unattended,
even for just a few minutes.– Get used to what’s “normal” in/around area.– Use good passwords:
• At least 8 mixed characters, not English words, memorable
• Change regularly or when compromise likely
![Page 70: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/70.jpg)
November 2005 Hal Stepp/Melbourne HS
Review• Behavioral Security:
– “Social Engineering” is a psychological attack on you!.
– Goal is to gain unauthorized access to:• Information and/or• A computer and/or • A computer network.
– Look for: • Requests for forbidden information• Things which “don’t quite add up”
![Page 71: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/71.jpg)
November 2005 Hal Stepp/Melbourne HS
Review• System Security:
Keep Windows current with automatic updates! ALWAYS use antivirus software and a firewall
Use the automatic update feature Yes, you need to renew the subscription!
Find an adware/spyware program you like These also requires regular updates Use frequently as part of your maintenance program
Consider non-Microsoft browser & email programs
![Page 72: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/72.jpg)
November 2005 Hal Stepp/Melbourne HS
Review
• “Best Practices” Be VERY careful about the
sites you visit on the Internet. NEVER open email
attachments from unknown senders.
DON’T click on links in email from unknown senders.
![Page 73: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/73.jpg)
November 2005 Hal Stepp/Melbourne HS
If You’d Like to Learn More…
http://melbourne.hs.brevard.k12.fl.us/SteppH/tutorials/security/index.htm
![Page 74: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/74.jpg)
November 2005 Hal Stepp/Melbourne HS
![Page 75: November 2005Hal Stepp/Melbourne HS. November 2005Hal Stepp/Melbourne HS NETS-T Standards Addressed I. Teachers demonstrate a sound understanding of technology](https://reader030.vdocuments.us/reader030/viewer/2022032313/56649e715503460f94b6fba3/html5/thumbnails/75.jpg)
November 2005 Hal Stepp/Melbourne HS
Bibliography/ResourcesBott, Ed, and Siechert, Carl. Microsoft Windows Security for
Windows XP and Windows 2000 INSIDE OUT. Redmond: Microsoft Press, 2003.
Granger, Sarah. "Social Engineering Fundamentals, Part I: Hacker Tactics." Security Focus. http://www.securityfocus.com/infocus/1527: 18 Dec 2001.
Granger, Sarah. "Social Engineering Fundamentals, Part II: Combat Strategies." Security Focus. http://www.securityfocus.com/infocus/1533: 9 Jan 2002.
Identity Theft Resource Center. http://www.idtheftcenter.org/index.shtml
Privacy Rights Clearing House. http://www.privacyrights.org/Spring, Tom. "Spam Wars Rage." PC World (April 2004): 24-25.