protect your computer protect your work computing & communications
Post on 21-Dec-2015
216 views
TRANSCRIPT
We Are All Networked Now!
We connect to networks to do our work. Read email Use administrative applications Browse Web sites
Standalone (not networked) computers are rare.
Networked Computers are Vulnerable
Physical locks and a password-protected screensaver are not enough.
Attacks happen through the network: Through operating system weaknesses In email attachments Through shares and peer-to-peer programs
Attacked If You Do…
Open an unknown email attachment Believe everything your read, such as messages that
promise wealth if you open an attachment Believe that your bank account was compromised
because an email “from your bank” said so Download an unknown program from the Web (such
as a free screensaver) Trade lots of unknown files, such as with peer-to-peer
programs like Kazaa Share your password with others
Attacked If You Don’t…
Run an anti-virus program Keep up with anti-virus data updates Keep up with operating system updates (patches) Change default passwords (such as password for the
administrator account) Run a firewall either on your computer or on your
network
Once Infected, Your Computer is Dangerous
Your computer... Could be used to attack and infect other computers Could be used to send out thousands of spam email
messages in your name Could burden or disrupt campus networks with high
volumes of messages Could cause all of the University’s email to be
blocked by major service providers (AOL, Yahoo, Hotmail etc.)
Infected Computers May Be Blocked
C&C watches UW networks for infected computers If infected computers are not cleaned up promptly,
their network access may be blocked to protect other UW computers
When the computer is cleaned up, you can request that your network access be unblocked
What C&C Is Doing
Scanning UW email for viruses Removes around 1.6 million viruses a month from
UW email But not all email goes through C&C central
systems Limiting network access or disabling the network wall
ports of infected computers Working with support staff to respond to attacks
Who Manages Your Computer?
Generally, people are in one of three situations: Network-managed workstations Supported workstations Do-it-yourself
What you do depends on which situation you are in.
Network-Managed Workstations
Software is installed and operating system updates are done through the network.
Example: Nebula (http://www.washington.edu/nebula/) Your role
Do not install or change anything without explicit permission. Do not change computer settings, such as turning the
firewall on or off. Do not shut down the computer. Log out instead so that
updates can be done while you are gone.
Supported Workstations
A specific person comes and does software installs and OS updates
Your role Discuss with your support person what you should
do and what you should not do. Should you run a firewall? When are operating system and anti-virus data
updated and how are the updates initiated (automatic, manual, etc.)?
Do-It-Yourself
You have no assigned support person. You and your friends must do it on your own.
In case of Windows XP, Service Pack 2 (SP2) is your friend. Use the new “Security Center”
Security management is your responsibility Operating system updates Software updates Anti-virus program (get it from the UWICK) Firewall Anti-spyware program
Which Situation Are You In?
Your situation Your Role
Network-Managed Workstations
Do not change anything without explicit permission
Supported Workstations Talk to your support person about what your role is
Do-it-Yourself Get patches from OS Vendor
Managing a Computer
Every computer needs management! BEFORE YOU CONNECT – Things to do before you
connect a new or rebuilt computer to UW Networks HAVE PROTECTION – Establish a security routine BE PREPARED – Be prepared for possible trouble BE SKEPTICAL – Don’t be fooled into helping
attackers
BEFORE YOU CONNECT
BEFORE connecting to any network, take the following steps:
Apply operating system updates Install anti-virus program Reset default passwords Turn off file sharing Turn on a firewall
The UWICK the anti-virus program.
HAVE PROTECTION
Establish a security routine. Automate your operating system updates Automate your anti-virus updates Use the XP SP2 Security Center to manage your
security settings Regularly do software updates Regularly run an anti-spyware program Run a firewall Do not use accounts with administrator rights to do
your daily work
BE PREPARED
Be ready for failures and infections. Backup your files regularly Be prepared to rebuild
Have installation CDs and software Have a plan for getting OS updates
In case of infection Obtain the most recent anti-virus updates Run scan/reboot/scan/reboot… until fixed You may have to rebuild your system
Plan for upgrading Support is fading for Win98 and MacOS8, Win2K or XP
without any service packs
BE SKEPTICAL
Do not open unexpected attachments Do not download unknown programs from the Web
(such as free screensavers) Do not trade lots of unknown files, such as with peer-
to-peer programs like Kazaa Do not share your password with anyone Do not “shoot the cockroach to get a free iPod” – do
not click on pop-up “free offers” Do not believe in amazing offers and unlikely stories
Which Situation Are You In?
Your situation Your Role
Network-Managed Workstations
Do not change anything without explicit permission
Supported Workstations Talk to your support person about what your role is
Do-it-Yourself Get patches from OS Vendor
Again...
Our Greatest Vulnerabilities
Unmanaged computers Spyware, “Spam-Bots” and Viruses Social Engineering Visitors Computers Donated, unsupported software
Unmanaged Computers
Computers that are not receiving regular, systematic care
Personal computers Home computers Older computers kept around “for whoever needs
them” The UWICK has anti-virus software
Spyware, “Spam-Bots” and Viruses
Spyware can disclose personal information such as passwords, credit card numbers, SSN, or PHI to third parties
“Spam-Bots” infect computers and relay thousands of spam emails through them, causing all of UW to become “blacklisted” by other email providers
Viruses can destroy data, open computers to outside control and cause network outages
Social Engineering
Attackers try to tempt or fool users into running malicious programs on their computer
Opening an infected attachment will run the file it contains Do not download and install unknown software
Cute screensavers can bring along nasty viruses and spyware
Looking authentic is not the same as being authentic Microsoft never sends out fixes by email Banks never send out email asking you to verify your
account data online Be suspicious of anyone who asks for your credit card
number, Social Security number, or PIN number C&C consultants never ask for your password
Visitors’ Computers
Visitors’ infected computers will try to attack other computers once they connect to our networks
Salesmen Visiting professors or speakers Visitors often not aware of security issues You are responsible if you help them connect
Is their operating system up-to-date? Are they running anti-virus software? Is their computer behaving oddly
Donated and Unsupported Software
Distributing software without good information on how to properly manage it is dangerous
If you provide software for students or staff, you are responsible for security issues May require updates after installation to be secure Example: SQL Server 2000 is susceptible to the Slammer
worm unless it is updated (patched) Do not recommend software you have not carefully evaluated
Much shareware comes with hidden spyware or viruses
Summary
Every computer connecting to UW networks should be managed
Be cautious Be suspicious Work together
A Well Managed ComputerIs a Secure Computer
C&C Security Team
http://www.washington.edu/computing/security