TI LIU HNG DN S DNG AN TON HM TH IN T CNG V Phin bn 1.0
H Ni, 10/2013
Hng dn s dng an ton hm th in t cng v
Trung tm ng cu khn cp my tnh Vit Nam - VNCERT 2 MC LC Danh mc thut ng v t vit tt................................................................... 3 I. t vn .................................................................................................. 4 II. Nguyn tc chung s dng th in t an ton ...................................... 5 III. Thit lp mi trng an ton .................................................................. 6 III.1 H iu hnh ............................................................................................ 6 III.2 Ci t phn mm pht hin v dit m c, tng la. ............................ 6 III.3 m bo an ton khi truy cp hm th in t bng trnh duyt web ....... 6 A. Truy cp bng cc giao thc an ton ................................................................ 6 B. Cu hnh an ton cho trnh duyt web ............................................................... 6 III.4 m bo an ton khi truy cp hm th in t bng Mail client .............. 7 A. Cu hnh truy cp my ch an ton .................................................................. 7 B. Cu hnh cc tnh nng bo mt ca Mail client ............................................... 7 IV. Hng dn s dng th in t trong mi trng km an ton .......... 8 IV.1 S dng th in t trong mi trng mng km an ton ......................... 8 IV.2 S dng th in t trn my tnh km an ton ......................................... 8 IV.3 S dng th in t cng v khi i cng tc nc ngoi:.......................... 9 Ph lc A: Hng dn cu hnh bo mt cho trnh duyt Web. ................. 11 Ph lc B: Hng dn cu hnh an ton cho ng dng Mail Client ........... 15 Ph lc C: Hng dn kim tra chng ch s ca my ch th .................. 22 Ph lc D: Hng dn bt bn phm o trn cc h iu hnh ................... 28 Ph lc E: Hng dn s dng trnh duyt ch private ...................... 30
Hng dn s dng an ton hm th in t cng v
Trung tm ng cu khn cp my tnh Vit Nam - VNCERT 3 Danh mc thut ng v t vit tt
STT Thut ng v t vit tt Gii thch t ng 1 Email Hm th in t 2 Email Spam Th rc l th in t, tin nhn c gi n ngi nhn m ngi nhn khng mong mun hoc khng c trch nhim phi tip nhn theo quy nh ca php lut. 3 Security An ton thng tin 4 Mail Client Vit tt ca t Mail Client Softwware, l phn mm s dng duyt th in t nh: Outlook Express; Thunder Bird; Ms Office Outlook; Zimbra Desktop; IncrediMail v.v 5 Operation system (OS) H iu hnh 6 Access point (AP) im truy cp mng khng dy 7 VNCERT Trung tm ng cu khn cp my tnh Vit Nam 8 Hm th in t cng v (TT CV) Hm th in t do c quan nh nc cp cho cc c nhn phc v cho vic trao i cng vic c giao. 9 CQNN C quan nh nc
Hng dn s dng an ton hm th in t cng v
Trung tm ng cu khn cp my tnh Vit Nam - VNCERT 4 I. t vn Trong thi gian gn y, th in t tr thnh mt cng c hu hiu trong vic trao i thng tin, gp phn quan trng vo nng cao hiu qu cng vic, nng sut lao ng, gim thi gian thc hin v chi ph hot ng. Tuy nhin th in t cng xut hin nhiu vn lin quan n an ton thng tin nh: - L lt thng tin b mt, nhy cm; - Pht tn th gi mo, c ni dung la o hoc qung co khng ph hp; - Pht tn, ly lan m c, phn mm qung co tri php v.v - Chim quyn s dng tri php; - B li dng phc v cho mc ch xu. Vn trn gy nh hng xu ti vic s dng th in t trong hot ng qun l v trao i thng tin. Hng dn di y s a ra mt s nguyn tc c bn m ngi s dng h thng th in t trong c quan nh nc cn ch s dng an ton, hiu qu hm th in t c cp, trnh b mt thng tin hoc b chim quyn s dng, li dng cho mc ch khc.
Hng dn s dng an ton hm th in t cng v
Trung tm ng cu khn cp my tnh Vit Nam - VNCERT 5 II. Nguyn tc chung s dng th in t an ton Khi s dng hm th in t cng v (TT CV) do c quan nh nc (CNNN) cp, ngi s dng cn ch tun th y nguyn tc c bn sau: - Hn ch ti a vic truy cp hm th in t bng my tnh khng m bo an ton hoc mng my tnh khng an ton. - Hn ch ti a vic s dng my tnh c nhn truy cp hm th in t cng v thng qua mng Internet khng an ton nh: truy cp mng Internet thng qua im truy cp khng dy ti qun n, gii kht, khng r ngun gc v.v - Khng s dng hm th in t cng v do c quan cp cho mc ch c nhn nh: ng k dch v thng mi, dch v trao i chia s thng tin c nhn. - Khng t ch chuyn th t ng t hm th in t cng v c cp ti hm th khc khng phi do cc c quan nh nc cp. - Hn ch s dng ng dng duyt th in t c sn trn cc thit b di ng nh Smart phone hoc my tnh bng truy cp vo hm th in t cng v c cp. - Ch cnh gic vi nhng th in t c ni dung, ngun gc kh nghi v tin hnh kim tra v x l th gi mo theo hng dn kim tra th gi mo ca Trung tm VNCERT. - nh du Spam ngay khi nhn c cc th rc. - Khi nhn c th in t gi km tp tin m khng pht hin ra nghi ng th thc hin cc bc sau: 1) Ti tp tin v cng (tuyt i khng m hoc kch hot tp tin ngay); 2) Dng phn mm dit m c qut, kim tra tp tin va ti v (nu cn c th lin lc li vi ngi gi th xc nhn tp tin nhn c). Ch m tp tin nu khng pht hin ra m c; 3) Nu pht hin ra m c, gi th in t di dng file nh km cho qun tr h thng v a ch antoanthudientu@report.vncert.vn x l. - Khng gi, nhn tp tin thc thi qua h thng th in t v hn ch vic dng tp tin nn c m ha. - Khuyn khch s dng ch k s k xc nhn trn th in t gi i v kim tra ngun gc th in t khi tip nhn bng ch k s nu th c k bng ch k s ca ngi gi. - Xa th khi khng cn cn thit trnh b mt mt thng tin nu ti khon b l. - S dng v qun l mt khu theo hng dn s dng mt khu an ton do Trung tm VNCERT cung cp.
Hng dn s dng an ton hm th in t cng v
Trung tm ng cu khn cp my tnh Vit Nam - VNCERT 6 III. Thit lp mi trng an ton III.1 H iu hnh Ngi s dng thc hin theo nguyn tc sau m bo an ton cho my tnh: - Lin tc cp nht bn v bo mt cho h iu hnh. - Cu hnh h iu hnh cho php ch ti khon ngi dng c php truy cp th mc lu tr tin nhn v tp tin cu hnh. - Xo b chc nng cho php thc thi kch bn trn Windows nu khng thc s cn thit. - Hin th y phn m rng ca tp tin khng kch hot nhm tp tin thc thi. - Ch ci t v s dng phn mm cng nh h iu hnh c bn quyn. - Khng chy ng dng di quyn qun tr (Administrator). - S dng chc nng m ho d liu phng trng hp b nh cp. III.2 Ci t phn mm pht hin v dit m c, tng la - Ci t ng dng pht hin v dit m c, thc hin kim tra ton b th in t v tp tin nh km ngay khi c ti v. - Ci t tng la c nhn ngn chn my tnh khi cc truy cp khng hp php. III.3 m bo an ton khi truy cp hm th in t bng trnh duyt web A. Truy cp bng giao thc an ton Trong trng hp h thng th in t cung cp truy cp th in t bng hai giao thc HTTPS v HTTP, ngi s dng cn s dng giao thc HTTPS thay cho giao thc HTTP. B. Cu hnh an ton cho trnh duyt web Khi truy cp hm th in t bng trnh duyt web ngi dng cn thc hin cc nguyn tc sau: - Tt mi trng chy ng dng java cho trnh duyt web (J RE) - Cm popup, flash. - V hiu ho ActiveX - Khng chy ni dung ng trong email. - Khng t ng ti nh hay thng tin t xa khi m email.
Hng dn s dng an ton hm th in t cng v
Trung tm ng cu khn cp my tnh Vit Nam - VNCERT 7 - Qut virus ngay khi ti tp tin nh km v my tnh. - Ngn chn vic chy javascript nu khng cn thit. - Khng s dng ch t ng lu tr mt khu. Xem chi tit hng dn cc bc ti Ph lc A: Hng dn cu hnh bo mt cho trnh duyt Web. III.4 m bo an ton khi truy cp hm th in t bng Mail Client A. Cu hnh truy cp my ch an ton truy cp th mc email trn my ch th in t an ton, ngi s dng cn thit lp s dng cc giao thc bo mt SMTPS, POP3S hoc IMAPS thay th cho cc giao thc SMTP, POP3 hoc IMAPS nu my ch th in t c h tr. B. Cu hnh cc tnh nng bo mt ca Mail client Ngi dng cn cu hnh cho Mail Client cc tnh nng sau nng cao mc an ton theo hng dn chi tit trong Ph lc B ca hng dn, v c bn bao gm cc ni dung sau: - Hn ch s dng ch t ng lu tr mt khu. - Cu hnh s dng giao thc m ho truy cp mailbox. - T ng ti v v cp nht bn v cho phn mm v plugins. - Cm t ng hin th ni dung v ti hnh nh t xa. - Cm thc thi ni dung ng (nh hin th HTML) trong email. - Kch hot tnh nng cnh bo email la o. - T ng pht hin v tiu dit phn mm c hi trong th n, trc khi chng c lu vo my. - Chuyn th rc vo hp th rc v t ng xo sau 14 ngy.
Hng dn s dng an ton hm th in t cng v
Trung tm ng cu khn cp my tnh Vit Nam - VNCERT 8 IV. Hng dn s dng th in t trong mt s mi trng km an ton IV.1 S dng th in t trong mi trng mng km an ton Khi ngi dng s dng my tnh c nhn ca mnh ti a im cng cng hoc mi trng mng khng tin tng, khng c kh nng kim sot an ton th s c nguy c sau: - B nghe ln trn ng truyn dn n mt thng tin ng nhp, ni dung email. - B gi mo my ch th in t hoc chuyn hng n cc trang web gi mo dn n mt thng tin quan trng nu ngi dng nhp vo. Trong trng hp cn thit phi truy cp hp th in t bng mi trng mng km an ton, ngi dng phi tuyt i tun theo cc nguyn tc sau m bo an ton: - Ngi dng khi truy cp hp th in t cn s dng mng ring o (VPN) ca c quan cung cp m bo an ton. - Trong trng hp khng c VPN th ngi dng phi s dng ng truyn c m ho SSL/TLS, v d nh truy cp web mail s dng HTTPS, nhn th s dng POP3S, IMAPS, gi th s dng SMTPS. - Khi s dng m ho SSL/TLS phi ch kim tra ch k in t ca my ch th in t trong trng hp cc ch k b cnh bo trnh b gi mo ch k in t. Ph lc C hng dn kim tra ch k in t ca my ch th in t. - Trong trng hp my ch th in t khng cung cp m ho ng truyn, ngi s dng phi s dng phng php truy cp khc gin tip m an ton nh vic truy cp an ton n my tnh c nhn c quan hoc nh. Sau t my tnh ny truy cp n my ch th in t s dng email. Nu ngi dng khng tun theo cc quy tc trn th vic mt mt thng tin email s dn n nhiu hu qu nghim trng cho c nhn v h thng th in t. IV.2 S dng th in t trn my tnh dng chung Vic s dng th in t ti my tnh dng chung s dn n nguy c sau: - Mc phi nguy c tng t nh vic s dng th in t ti mi trng mng km an ton trong mc IV.1.
Hng dn s dng an ton hm th in t cng v
Trung tm ng cu khn cp my tnh Vit Nam - VNCERT 9 - Nguy c b cm, ci phn mm c hi trong my tnh nh phn mm ghi li thao tc bn phm, phn mm chp nh mn hnh hay phn mm nh cp d liu... - Nguy c b t ng lu tr mt khu v d liu trn my tnh, vic ny d dng b khai thc bi ngi dng chung khc. Trong mi trng km an ton, ngi dng phi hn ch ti a s dng th in t. Trong trng hp bt buc phi s dng, ngi dng c th dng bin php sau hn ch ti thiu thit hi : - Ngi dng c th dng bin php trong mc V.1 m bo an ton cho mi trng mng. - Tin hnh kim tra my tnh khng an ton bng cch s dng phin bn rt gn mi nht ca phn mm dit virus. Hin nay, nhiu phn mm dit virus min ph nh Avira, Avast... c cung cp trn mng internet. - Ngi dng c th s dng bn phm o trnh keylogger nh cp mt khu. Nhng vic ny b v hiu nu my tnh cng b ci phn mm chp nh mn hnh. Vic kt hp s dng bn phm vt l v bn phm o, m ho ng truyn s hn ch vic b nh cp mt khu trong mi trng khng an ton. Ph lc D hng dn bt bn phm o ca h iu hnh. - Tuyt i khng lu tr mt khu trong trnh duyt hay phn mm trn my tnh cng cng. Nn s dng ch private browser ca trnh duyt khng lu li cc thng tin v d liu truy cp c nhn. Ph lc E hng dn s dng trnh duyt ch private. Ch : Cc bin php nu trn ch hn ch nguy c khi s dng th in t trong mi trng km an ton ch khng th hon ton m bo an ton cho ngi dng. IV.3 S dng th in t cng v khi i cng tc nc ngoi i vi cn b i cng tc nc ngoi th cn c bit ch mt s im hn ch mt mt thng tin cng nh b ly nhim m c nh sau: - Nn s dng my tnh dnh ring cho mc ch i cng tc trnh b nh cp thng tin v khi v c th giao cho b phn k thut kim tra m c hoc phn mm gin ip. - Yu cu nhn vin k thut cung cp dch v VPN kt ni bo mt v n v, t kt ni ra internet trnh b theo di ni dung lm vic. - S dng ti khon th in t tm thi trong thi gian i cng tc v khng s dng th in t cng v cho cc mc ch c nhn.
Hng dn s dng an ton hm th in t cng v
Trung tm ng cu khn cp my tnh Vit Nam - VNCERT 10 - Thay i ton b mt khu ca cc ti khon s dng khi i cng tc v mt khu ca cc ti khon khng s dng nhng trng vi cc mt khu s dng. - Khi truy cp internet t cc im cng cng (nh sn bay, nh ga...) m khng phi khai bo danh tnh s t nguy c b theo di hn l khi truy cp t phng ring khch sn hay nhng ni phi khai bo danh tnh. Tuy nhin nguy c ly nhim m c th khng gim. Ngoi ra, cn b i cng tc cn ch thc hin theo mc IV.1, IV.2 m bo khng b nghe ln hoc gi mo my ch th in t.
Hng dn s dng an ton hm th in t cng v
Trung tm ng cu khn cp my tnh Vit Nam - VNCERT 11 Ph lc A Hng dn cu hnh bo mt cho trnh duyt Web A.1 Internet Explorer cu hnh cc thng tin bo mt cho Internet Explorer cn thc hin cc bc sau: Bc 1. Truy cp vo bng Internet Options (Tools -> Internet Options), chn tab Security -> Custom level:
Bc 2. V hiu ho ActiveX bng cch l chn Disable trong mc "Allow previously unused ActiveX control to run without promt" v "Allow Scriptlets":
Hng dn s dng an ton hm th in t cng v
Trung tm ng cu khn cp my tnh Vit Nam - VNCERT 12 Bc 3. Kch hot tnh nng filter XSS trong mc Enable XSS filter:
Bc 4. Ngi s dng c th kch hot tnh nng chn Pop-up bng cch tch vo Enable trong mc Use Pop-up Blocker nh sau:
Bc 5. Tch vo "Prompt" trong mc "Active scripting" yu cu hi khi chy cc kch bn ng:
A.2 Mozilla/Firefox Tng t nh IE, i vi Firefox, ngi dng cng thit lp mt s tnh nng bng cch truy cp vo Tools -> Options: Bc 1. Kch hot tnh nng chn pop-up v v hiu ho vic ti hnh nh t ng (tch vo Block Pop-up window).
Hng dn s dng an ton hm th in t cng v
Trung tm ng cu khn cp my tnh Vit Nam - VNCERT 13
Bc 2. B thit lp lu mt khu trn trnh duyt bng cch b du tch "Remember passwords for sites" tab Security:
Bc 3. Ngi dng cn vo mc Firefox -> Add-ons ci t hoc qun l add-ons. Thc hin ci add-ons "NoScript" ngn chn thc thi script ngm m ngi dng khng bit:
Bc 4. Ci add-ons Flashblock ngn chn vic chy ngm cc flash hoc cc qung co khng mong mun:
Hng dn s dng an ton hm th in t cng v
Trung tm ng cu khn cp my tnh Vit Nam - VNCERT 14 A.3 Google Chrome Chrome cng tng t nh Firefox, ngoi cc cu hnh thit lp ta c th ci t tin ch m rng nng cao bo mt. Truy cp link: "chrome://settings/content" cu hnh bo mt cho Chrome. Cu hnh ngn chn vic chy t ng cc flash v bt pop-up y (chn Click to play yu cu hi mi khi chy flash. iu ny gip ngi dng trnh khi nhng flash ngoi mun):
Ngoi ra ngi dng cng c th ci t thm tnh nng m rng tng t Firefox nh Script Blocker, Flash Control.
Hng dn s dng an ton hm th in t cng v
Trung tm ng cu khn cp my tnh Vit Nam - VNCERT 15 Ph lc B Hng dn cu hnh an ton cho ng dng Mail Client B.1 ng dng Mozilla/Thunderbird Bc 1. thm ti khon email vo ng dng email client ngi dng cn cu hnh thng s truy cp my ch th in t. Khi cu hnh cn la chn phng thc truy cp my ch th m ho. Trong thit lp ti khon ngi s dng in thng tin s dng m ho SSL/TLS trong SSL cho c th n v th i nh trong hnh:
Bc 2. thit lp cc cu hnh khc ngi dng vo phn Tools -> Options -> Security (Cng c ->Tu chn ->Bo Mt). Thit lp t ng kim tra phin bn mi ca Thunderbird v cc tin ch cn c la chn trong tab Advance -> General (Nng cao->Tng qut)
Hng dn s dng an ton hm th in t cng v
Trung tm ng cu khn cp my tnh Vit Nam - VNCERT 16 Bc 3. La chn thit lp dit virus cho th in t gi n trc khi lu tr vo h thng bng cch la chn trong tab Bo mt -> Dit virut.
Bc 4. Thit lp tnh nng cnh bo email xu nu bin nghi ng trong tab "Bo mt -> La o Email"
Hng dn s dng an ton hm th in t cng v
Trung tm ng cu khn cp my tnh Vit Nam - VNCERT 17 Bc 5. Kch hot tnh nng nh u v lc th rc trong tab "Bo mt -> Th rc":
Bc 6. Mt s tnh nng nng cao khc yu cu ngi dng truy cp vo tab Nng cao -> Chnh sa cu hnh: Tm kim cc cu hnh "mailnews.message_display" ta s thy tnh nng "mailnews.message_display.disable_remote_image". Ngi dng cn thit lp gi tr true.
Hng dn s dng an ton hm th in t cng v
Trung tm ng cu khn cp my tnh Vit Nam - VNCERT 18 Tm kim t kho "javascript.enacled" sau la trn gi tr false trong bin "javascript.enabled":
Bc 7. Ngi dng vo phn "Cng c -> Thit lp ti khon -> Th mc ni b -> Thit lp Th rc". Ti y ngi dng kch hot tnh nng chuyn th rc vo th mc ni b v t ng xo sau 14 ngy t ng xo b cc th rc.
B.2 ng dng Microsoft Outlook 2010 Bc 1. Ngi s dng cn thit lp kt ni an ton n my ch th in t bng vic la chn phng thc truy cp c m ha SSL nh SMTPS, POP3S, IMAPS. Trong thit lp ti khon mi cho ng dng Outlook, ngi dng la chn cc thng s kt ni cho ti khon trong thit lp Internet Email Settings. Trong tab "Advanced" ngi dng la chn giao thc gi th i l
Hng dn s dng an ton hm th in t cng v
Trung tm ng cu khn cp my tnh Vit Nam - VNCERT 19 SMTPS c m ho SSL cng 465 hoc 587, giao thc nhn th l IMAP hoc POP3 s dng m ho SSL cng 993 hoc 995.
Bc 2. cu hnh cc tnh nng bo mt cho Outlook ngi dng truy cp vo menu: Files-> Options -> Trus Center.-> Trust Center Settings
Trong ca s Trust Center ta cu hnh tnh nng ngn chn thc thi d liu: DEP Settings -> Data Execution Prevention: Tch vo "Enable Data Execution Prevention mode"
Hng dn s dng an ton hm th in t cng v
Trung tm ng cu khn cp my tnh Vit Nam - VNCERT 20 Bc 3. Tip theo l tnh nng t ng cp nht, pht hin cc ng dng Office v cc phn mm lin quan mi ci t trong tab Privacy Options. La chn cc mc "Connect to Ofice.com for updated...." v "Automatically detect installed..." .
Bc 4. m bo an ton v ni dung cng nh tnh chnh xc ca ngi gi ta c th cu hnh m ha ni dung email hoc k ch k in t ln email trong tab E-mail Security (la chn tnh nng "Encrypt contents and attachments..." v "Add digital signature..." trong tab E-mail Security):
Bc 5. Mt phn rt quan trng trong cc email client l vic cu hnh t ng hin th ni dung ng hoc ti hnh nh. Cu hnh khng cho php t ng thc hin cc vic m phi hi kin ngi dng. thun tin ta c th t ng vi mt s a ch tin cy c nhp vo Trusted zone hoc Safe Senders:
Hng dn s dng an ton hm th in t cng v
Trung tm ng cu khn cp my tnh Vit Nam - VNCERT 21 La chn tnh nng "Don't download pictures automatically in HTML e- mail messages or RSS items" trong tab "Automatic Download". Cc la chn khc thm tnh c ng trong s dng. Ngi dng c th la chn hoc khng.
Bc 6. Thit lp cnh bo khi c cc macros. c ch bo mt cao th ngi dng cn thit lp cnh bo vi tt c cc macros c ch k v v hiu ha cc macros khc: La chn mc "Notification for digitally signed macros, all other macros disabled" trong tab Macro Settings.
Bc 7. Cui cng, ngi dng cn thit lp lun cnh bo cch hot ng ng ng mc "Always warn me about suspicious activity" tab "Programmatic Access":
Hng dn s dng an ton hm th in t cng v
Trung tm ng cu khn cp my tnh Vit Nam - VNCERT 22 Ph lc C Hng dn kim tra chng ch s ca my ch th i vi mt s trang web s dng kt ni m ho SSL/TLS m khng c cc t chc cp pht v qun l chng ch s quc t cng nhn chng ch s th ngi dng phi t kim tra th cng bng cch sau: Bc 1. Xc nhn m MD5 hoc SHA1 ca chng ch s t qun tr h thng. y l m bm ca chng ch s v l duy nht. Lu m MD5 v SHA1 li tin theo di v sau. Bc 2. Khi truy cp my ch th in t s dng kt ni SSL/TLS, v chng ch s khng c t chc cp pht v qun l chng ch s quc t cng nhn nn s c cc cnh bo nh sau:
Giao din cnh bo chng ch s khng c xc thc trn Chrome.
Giao din cnh bo chng ch s khng c xc thc trn FireFox.
Hng dn s dng an ton hm th in t cng v
Trung tm ng cu khn cp my tnh Vit Nam - VNCERT 23 Ngi s dng s nhn c cc cnh bo trn khi truy cp webmail bng HTTPS ln u tin hoc khi my ch th in t b thay i ch k. Trong trng hp ny, ngi dng cn phi kim tra bng cch xc nhn m MD5 hoc SHA1 ca chng ch s vi m bm nhn c t qun tr h thng. Cch kim tra m bm ca chng ch s c thc hin nh bc 3: Bc 3. Xem v kim tra tnh hp l ca chng ch 3.1 i vi trnh duyt Chrome: Nhn tri vo biu tng kho c du gch x gc trn bn tri trnh duyt. Chn tab Connection:
Chn link Certification Information s hin th bng thng tin chng ch:
Hng dn s dng an ton hm th in t cng v
Trung tm ng cu khn cp my tnh Vit Nam - VNCERT 24 Ko thanh trt ca bng thng tin xung di cng ngi dng s thy thng tin m bm SHA1 v MD5 ca chng ch s. So snh 2 m ny vi thng tin t qun tr h thng. Nu 2 m ny trng nhau th chng ch l hp l cn khng th chng ch b gi mo hoc b thay i.
Trong trng hp chng ch s khng hp l ngi dng khng c truy cp vo my ch trnh b gio mo chng ch v nh cp thng tin. Trong trng hp chng ch s hp l, ngi dng nhn OK v chn "Proceed anyway" ci t chng ch vo h thng v s dng ng truyn m ho truy cp:
Hng dn s dng an ton hm th in t cng v
Trung tm ng cu khn cp my tnh Vit Nam - VNCERT 25 Khi ngi dng chp nhn chng ch th chng ch s c tnh l hp l v hin th mu xanh. 3.2 i vi trnh duyt FireFox: Tng t trnh duyt Chrome, ngi dng chn "I Understand the Risk" - > "Add Exception...".
Mt bng thng tin v chng ch s c hin ln, ngi dng cn chn "View" kim tra thng tin chng ch:
Hng dn s dng an ton hm th in t cng v
Trung tm ng cu khn cp my tnh Vit Nam - VNCERT 26 Sau khi chn "View", thng tin v chng ch s c hin ra. Ngi dng so snh m bm ly t qun tr h thng vi m bm ca chng ch. Nu hai gi tr ny trng nhau th chng ch l hp l, cn khng th chng ch b gi mo hoc b thay i. Ngi dng cn dng truy cp trnh b nh cp thng tin ng nhp v ni dung email.
Trong trng hp cc gi tr l trng nhau th ngi dng chn "Close" v xc nhn "Confirm Security Exception". Chng ch s s c ci t vo h thng v du hiu gch s mt:
Hng dn s dng an ton hm th in t cng v
Trung tm ng cu khn cp my tnh Vit Nam - VNCERT 27 i vi cc ng dng Email client cng tng t. Khi c chng ch mi t pha server cc ng dng s hi ngi dng c s dng chng ch khng. Trong trng hp so snh gi tr bm khng trng nhau, ngi dng cn xc nhn li vi qun tr h thng v vn c thay i chng ch s hay khng. Nu khng c thay i g t pha my ch th chc chn l ng truyn b nghe ln hoc gi mo chng ch s. Ngi dng cn phi dng truy cp ngay lp tc v khng xc nhn chng ch s . Di y l v d xc thc chng ch trn Thunderbird (tng t FireFox):
Hng dn s dng an ton hm th in t cng v
Trung tm ng cu khn cp my tnh Vit Nam - VNCERT 28 Ph lc D Hng dn bt bn phm o trn cc h iu hnh D.1 Microsoft Windows - Cch 1: Dng phm Start -> All Programs -> Accessories -> Accessibility v chn On-Screen Keyboard.
- Cch 2: Dng phm Start -> Run v g "osk"
D.2 Mac OS X - M System Preferences vo Keyboard, tch vo la chn Show keyboard & Character Viewier in menu bar
Hng dn s dng an ton hm th in t cng v
Trung tm ng cu khn cp my tnh Vit Nam - VNCERT 29 - Ngoi mn hnh nn, m thanh cng c Keyboard v chn Show Keyboard Viewer
S hin ra bn phm o nh sau:
Hng dn s dng an ton hm th in t cng v
Trung tm ng cu khn cp my tnh Vit Nam - VNCERT 30 Ph lc E Hng dn s dng trnh duyt ch private browser Cc trnh duyt cung cp sn ch private cho ngi s dng. Khi dng ch ny th history v cache s c xo ngay khi ngi dng thot ra. Vic truy cp th in t ti cc my tnh cng cng hay khng phi my tnh c nhn c thc hin bng trnh duyt web. Di y s l hng n cch s dng ch private browser cho ngi dng: E.1 Trnh duyt Chrome: Ngi dng nhn vo biu tng "Customize and control Google Chrome" pha trn bn phi trnh duyt v la chn "New Incognito Windows"( M ca s n danh mi):
Hoc ngi dng c th nhn t hp phm " Command +Shift +N" trn MacOS hoc "Ctrl +Shift +N" trn Windows. Trnh duyt n danh s c hin th v ngi dng c th thao tc thoi mi y m khng lo b lu tr lch s truy cp:
Hng dn s dng an ton hm th in t cng v
Trung tm ng cu khn cp my tnh Vit Nam - VNCERT 31 E.2 Trnh duyt FireFox: Ngi dng m FireFox v la chn "File -> New Private Windows" hoc "Command + Shift + P" vi MacOS:
V la chn "Firefox -> New Private Window" hoc "Ctrl + Shift + P" i vi Windows.
Khi trnh duyt private browsing ca Firefox s c hin th:
Hng dn s dng an ton hm th in t cng v
Trung tm ng cu khn cp my tnh Vit Nam - VNCERT 32 E.3 Trnh duyt Internet Explorer: Ngi dng IE c th m trnh duyt private bng cch chn "Safety -> InPrivate Browsing" hoc t hp phm "Ctrl + Shift + P":
E.4 Trnh duyt Safari: Ngi dng khi ng Private Browsing bng cch la chn "Safari -> Private Browsing":
Nh vy ngi dng c th s dng trnh duyt ti cc my tnh cng cng m khng lo b lu tr thng tin truy cp trn history hoc cache ca trnh duyt.
Hng dn s dng an ton hm th in t cng v
Trung tm ng cu khn cp my tnh Vit Nam - VNCERT 33 Ti liu tham kho
1. Hng dn pht hin th gi mo, Vncert - https://www.vncert.gov.vn 2. NIST SP 800-45 Version 2, Guidelines on Electronic Mail Security - http://www.nist.gov 3. Tiu chun TCVN ISO/IEC 27001:2009 v H thng qun l an ton thng tin - ISMS