Professional Documents
Culture Documents
Internet Security: M.Jayakumar CT230 Internet Technology Individual Assignment 1
Internet Security: M.Jayakumar CT230 Internet Technology Individual Assignment 1
Security
M.Jayakumar
CT230 Internet Technology
Individual Assignment 1
Virus
s
n
a
j
o
r
T
Worms
r
o
o
d
k
c
a
B
t
i
k
t
o
o
R
g
n
i
h
s
i
Ph
Bots
Hackers
e
r
a
w
y
p
S
Scams
The threats
many of us are
aware of.
The threats
most people
are not aware
of.
E-mail scams
Identity theft
Damage, repairs & replacements
Productivity loss
2007
Tracking Cookies
Flash Cookies
Adware
Hoaxes
Scams
Phishing
Vishing
Malware
Backdoor
Keyloggers
Viruses & Worms
Worms
Trojans
Spyware
Rootkits
Bots
Tracking Cookies
Not malware
Tag containing info,
sometimes useful
to you
No personal info
unless offered
Cookie storage can
be limited
May expire
Easy to remove
Flash Cookies
Largely unknown,
widely used
Installed by a
Flash plugin
Never expire
More cumbersome
to remove
Can send info w/o
user permission
Adobe
Flash
logo
Flash Cookies
Widely
used
including
in Extension
Adware
Free software that
plays, displays or
downloads advertising
May be toolbars,
search boxes, games,
utilities
Mostly safe but some is
spyware
Read privacy policies
Social Engineering
Means:
Manipulating
people to do
things or to
divulge
confidential
information
Phishing
Aim is to steal
valuable information
such as credit cards,
social security
numbers, user IDs
and passwords
Usually done by email
Social engineering
Phishing
Often masquerades as legitimate
person or business, even government
Often contains a threat or consequence
E-mail may look genuine, trustworthy
Always points to different website than
it appears to come from.
Legitimate organizations never ask for
sensitive information through e-mail
Pharming
Intent is to redirect a
legitimate website's
traffic to another,
nearly identical but
bogus website for
the purpose of
stealing sensitive
information.
Scams
Based on social
engineering
Often appeal to
compassion or
greed
Disasters typically
generate large
numbers of scams
Appear legitimate
Scams
Dont click on links
in these e-mails
Typically offer
something of value,
ask for money in advance
Nearly impossible to track the
monetary transactions
Scammers are accomplished social
engineers
Scams
Nigerian money fraud scams began in
1997 or before by fax!
These scams have spread
to 80 countries or more.
U.S. and U.K. are major
targets
Scam Targets
Dating sites - exploit
the victims desire for
a companionship
Religious sites - seek
donations from their
victims for worthy
cause
Social websites exploit personal info
Scams
Estimated annual losses
US - $1-$2 billion
UK 150 million
pounds
Australia - $36
million AUD
Trojans
Programs that
masquerade as
good programs
Can spy, steal
information, log
keystrokes,
download other
malware
Open backdoors,
over write data
Trojans
Cannot
reproduce
Must be spread
by user
interaction
Many different
types of trojans
Virus
Can create files,
move files, erase files
Can consume
memory and cause
computer problems
Can replicate
Can attach to other
programs
Can travel across
networks
Worms
A special type of virus
Can replicate itself and use
memory
Reproduce so fast they
overload and shut down
entire systems
Cannot attach itself to other
programs.
Spreads mostly by e-mail
Backdoor
Malware that
allows access to a
computer without
knowledge of the
users password
and user name.
Allows attackers
easy remote
access
Spyware
Purpose is to
capture information
Email, usernames,
passwords, credit
card info, etc.
Can transmit this
information
Rootkit
Help intruders gain
access to systems
Avoid detection
Subversion &
evasion
May avoid antivirus or antispyware scan
Bots or Zombies
A computer infected with
malware, controlled
remotely without the
knowledge of the user
Combined into networks
called botnets
Rented or sold to
criminal interests
Bots or Zombies
Can be used to propagate malware or
for cyber attacks
Botnets may consist of thousands of
machines worldwide
Used to send about 80% of all spam
and to attack commercial websites
and other systems
Bot Network
Intermission
When we return
how do we protect our
computers and our data?
Backup
Router w/
hardware firewall
Data
ZoneAlarm
software firewall
Data
Spybot w/ tea
timer
Super Anti
Spyware
Use
Best
Practices
Anti virus
software
Best Practices
Best Practices
Use a hardware firewall
Use a software firewall
Use and update security products ie: antispyware, anti-virus, etc.
Clean the system regularly
Backup system regularly (after cleaning)
Suggest using FireFox w/ security
plugins
Legal Agreements
A software license
agreement is a legal
contract between a
producer and a
purchaser of computer
software.
Called End User
Licensing Agreements
(EULA) or Terms of Use
(TOU)
Privacy Agreements
RoboForm
KeePass
Password generator
Master password
Encrypted database of passwords
Desktop, portable, Web-based
USB Malware
Flash drives
banned by US
Army in 2008 due
to malware and
security concerns.
An estimated 10%
of malware was
written to move on
a flash drive.
Upgrade vs Update
An upgrade from v2.5
to v2.6 for example is
simply a major update
Upgrading is taking
your vitamins; fixing a
hack is open-heart
surgery. Matt
Mullenweg, founding
developer of WordPress
Update
Your
Operating
System
Set auto
updates to
download
but not
install
unless you
approve
Backup
Router w/
hardware firewall
Data
ZoneAlarm
software firewall
Data
Spybot w/ tea
timer
Super Anti
Spyware
Use
Best
Practices
Anti virus
software
Firewall Technology
Firewall Technology
A company will have hundreds of computers that all have
network cards connecting them together. One or more
computer will have connections to the Internet. Without a
firewall in place, all of those hundreds of computers are
directly accessible to anyone on the Internet.
Out of the 500 computers inside this company, only one
of them is permitted to receive public FTP traffic. Allow
FTP connections only to that one computer and prevent
them on all others.
Company can control how employees connect to Web
sites, whether files are allowed to leave the company
over the network
Firewall Technology
Firewalls use one or more of three methods to control
traffic flowing in and out of the network:
Packet filtering
Proxy service
Stateful inspection
Software Firewall
Protects against
intrusion
scanning or
attacks
Protects against
outbound
communication
by malware
Outbound
Communication
Software Firewall
Use the pre-installed Windows
firewall only if you have no other
options.
Turn it off before installing a better
product.
If you have the XP operating system
you MUST obtain a software firewall
DO NOT use XPs firewall.
Software Firewall
Install firewall first,
then install other
security software
antivirus, antispy
Do not install multiple
software firewalls
ZoneAlarm Pro is
adequate - $40
Does require system
resources
Backup
Wireless Router w/
hardware firewall
Data
ZoneAlarm
software firewall
Data
Spybot w/ tea
timer
Super Anti
Spyware
Use
Best
Practices
Anti virus
software
Antivirus Software
Many software
options
Many are free,
or free trial
Antivirus Software
Worries for all computer users is the threat of viruses entering their systems
Fight against all kinds of malicious attacks and prevent adware, spyware,
Trojans and worms from entering into the computer
System for analyzing information and then, if it finds that something is infected,
it disinfects it
Antivirus software acts basically in two ways
- Scanning files
- Heuristic Approach.
Counter most virus threats if the software is regularly updated and correctly
maintained
Antivirus Software
Scanning Files
Employs a database of familiar virus code and
applies it to compare the files with the known
malicious code
Database of the antivirus updated so that it can
prevent the malicious attacks which are being
crafted each and every day.
After the match have been detected, Antivirus will
take action in three different forms:
- Quarantine the file
- Repair the infected files
- Remove the file
Antivirus Software
The Heuristic Approach
Keeps track of the type of the programs that are
executable on a computer
Doubtful behavior is identified then a prescheduled
range of responses are activated
The response can start from asking the owner of the
PC how execute the process of deleting the
malicious code automatically
Protects against latest malware threats that are yet
to be identified or registered in the
antivirus database.
Security Policy
Security policies are rules that are electronically
programmed and stored within security equipment
to control such areas as access privileges
The policies that are implemented should control
who has access to which areas of the network and
how unauthorized users are going to be prevented
from entering restricted areas
The security policy management function should be
assigned to people who are extremely trustworthy
and have the technical competence required.
In the future, some passwords may be replaced by biometrics, which is technology that identifies users based on physical characteristics, such as fing
Security Policy
Implementation
Security Policy
Security policy
Digital Certificate
Security Policy
Digital Certificate
Digital certificates are issued by an independent,
recognized and mutually trusted third party that
guarantees that the website operating is who it claims
to be. This third party is known as a Certification
Authority (CA).
Digital certificate contains an entity's name, address,
serial number, public key, expiration date and digital
signature, among other information.
When a Web browser like Firefox, Netscape or Internet
Explorer makes a secure connection, the digital
certificate is automatically turned over for review..
Security Policy
Digital Certificate
The browser checks it for anomalies or problems,
and pops up an alert if any are found.
When digital certificates are in order, the browser
completes secure connections without interruption
Digital certificates play an integral role in keeping
online commerce safe. If your browser alerts you to
a problem with a digital certificate, you are welladvised not to click through. Instead, call the
business using a telephone number from your
statements or phone book, and inquire as to the
problem.
Security Policy
Digital Certificate
Access Control
Encryption
Encryption technology ensures that messages
cannot be intercepted or read by anyone other than
the authorized recipient
Encryption is usually deployed to protect data that is
transported over a public network and uses
advanced mathematical algorithms to scramble
messages and their attachments.
All VPN hardware and software devices support
advanced encryption technology to provide the
utmost protection for the data that they transport.
Encryption
Intrusion Detection
A network-based intrusion detection system (IDS)
provides around-the-clock network surveillance
An IDS analyzes packet data streams within a
network, searching for unauthorized activity, such as
attacks by hackers, and enabling users to respond to
security breaches before systems are compromised
When unauthorized activity is detected, the IDS can
send alarms to a management console with details
of the activity and can often order other systems,
such as routers, to cut off the unauthorized
sessions.
Intrusion Detection
Network Scanning
Network scanners conduct detailed analyses of
networked systems to compile an electronic
inventory of the assets and detect vulnerabilities
that could result in a security compromise
Allows network managers to identify and fix security
weaknesses before intruders can exploit them
- Free
- Real-time protection
Eliminates
adware,
spyware,
Trojans,
keyloggers,
dialers
Super AntiSpyware
- Free
- Real-time protection
- Can be scheduled
Removes
spyware,
Adware
Trojans,
Dialers,
Worms,
HiJackers,
KeyLoggers,
Parasites,
Rootkits
MalwareBytes
Free version
Full version (one
time fee of $24.95)
includes real-time
protection.
Backup
Wireless Router w/
hardware firewall
Data
ZoneAlarm
software firewall
Data
Spybot w/ tea
timer
Super Anti
Spyware
Use
Best
Practices
Anti virus
software
Data-Only Backup
Back2Zip
free software
Dozens of software
choices for every
budget & free
Backs up selected files
Typically uses
proprietary
compression
SyncToy Free MS
program no
compression
Whole-System Backup
Takes an image of
the whole system not
each file individually
Several choices
including Acronis,
Norton Ghost, others
Backup in 15-20 min,
restore - 30 min to 1 hr
Advantages
Low one-time cost
Multi-purpose
Easily accessible
Disadvantage
Risks similar to
original data
Note keep unit
unplugged unless in use
External
Hard Drive
Virtual PC Products
These programs create a virtual PC
within your real PC.
When programs run in the virtual PC,
they cant make changes to the real PC
Requires some technical knowledge
Requires extra processing power
Extremely safe if the Virtual PC gets
infected, simply delete it and create a
new one.
Virtual PC Software
Sandboxie
Creates a small virtual space inside
your computer called a sandbox.
Can run a program or browser inside
the sandbox.
Smaller learning
curve than a
Virtual PC
Less processing power needed
than a Virtual PC
Commercial
Repair
CompUSA
Geek
Squad
Local
repair
shop
You
Local PC
Users Groups
Etc.
Friends & family
PC Users Groups
50+ organized groups around the
state. Dues avg $25-$35/yr
FACUG Fla Assn of Computer
User Groups is the umbrella
organization - list is at
http://www.facug.org/
Members help members w/
problems
Attend meetings occasionally
build relationships
Disclaimers
Information presented here is based on
currently available information.
This information changes frequently. No
guarantee of accuracy is possible.
Hardware, software, companies and techniques
discussed are options, not recommendations.
You alone are responsible for software and /or
hardware choices and use of any techniques.
Please read all legal agreements, instructions,
user agreements and privacy terms associated
with any hardware, software or websites.
Thanks You