The CyberSecurity Problem

1

Getting Started with PC Security:

What Every Computer User

Should Know

Kennesaw State University

Center for Information Security Education KSU has been recognized by the United States National Security Agency a National Center for Academic Excellence in Information Assurance Education

The Committee on National Security Systems and the National Security Agency have RE-certified that Kennesaw State University offers a set of courseware that has been reviewed by National Level Information Assurance Subject Matter Experts and determined to meet National Training Standard for Information Systems Security Professionals (NSTISSI 4011, 4012, 4013, 4014).

October 2009

The CyberSecurity Problem…

… occurs across all information

technology areas – including:

Information Systems

Operating Systems

Programming Languages

Networks

Communications Devices & Networks

Entertainment Devices (Games)

Personal Communication Devices

October 2009 3

The Problem is…



Massive – it affects most technologic

systems in use today, from nuclear

power plants to your iPod



Challenging – the solutions we need to

put in place are not quick or easy



Long-term – we continue to make and

use insecure systems today

The Information Security

Landscape



Information Security is about:

Computers – Operating systems, file systems

Software – Even minimal good practices are seldom widely used

Networks – Protocols, hardware, infrastructure
Data – Confidentiality, Integrity and Availability
People – Trust is a requirement and challenging to

verify

Laws and Regulations – New requirements for all businesses, everywhere

October 2009 5

Information Security Careers



What kind of jobs exist

:

Network and System Administrators

Network Architects and Engineers to design secure networks

Programmers, Application Designers and

Development Managers able to create systems with security in mind

IT Managers in security areas

Penetration testers to keep systems secure

Information Warriors (see your US Armed Forces recruiter)

Forensic Examiners

Researchers – software, networks, cryptography and others

The Security Toolbox

 Good Computer Science:

Operating Systems knowledge and tools

Network knowledge and tools  Security Defensive tools:

Preventive tools like Firewalls and Cryptography

Intrusion Detection and prevention

More aggressive defense tools like honeypots and tarpits  Security Offensive tools:

Scanners

Sniffers

Fuzzers  Forensic tools:

Forensic imaging tools

October 2009 7

What’s KSU Up To?



Courses that include the security knowledge

that Computer Science and Information

Systems students need



A minor in Information Security and Assurance



A Bachelor of Science degree in Information

Security and Assurance



The National Collegiate CyberDefense Contest

– Southeast Region



Student Chapters of the Information Systems

Security Association (ISSA)

SECURITY TIPS #1



Use your PC’s Natural Defenses

Local firewall

Integrated tools (like Windows Defender)



Use the tools you have with security in

mind (like email and browsers)



Use value-added protection software and

keep it up to date

anti-virus

anti-spyware



Back up your data



Use strong passwords

October 2009 9

SECURITY TIPS #2



Use a Hardware Personal Firewall or disconnect

from the Internet when not in use



Regularly download security protection updates



Assess your own security on a regular basis



Don’t share your computer or allow file access

to it (unless you take needed precautions)



Share security tips with family members,

October 2009 11

Use Built-in Security Features



Newer systems have many built-in security

features



You should spend some time learning about

them and how to use them



For instance, Windows XP:

Built-in firewall

Add Windows Defender



Linux:

Built-in firewall



Macintosh:

Built-in firewall

Using Email Securely



If you don't know who is sending you an email,

be careful opening it and any file attached to it



Suspicious email should be deleted, including

attachment



Always exercise caution if the message is

strange and/or unexpected



Learn how to ‘read’ hyperlinks



Many emails with malicious intent are often

“spoofed”: appearing to come from an

authoritative source – this is called phishing



Ask the sender to verify

October 2009 13

Spam (and Bacn)



Unsolicited e-mail (or email you want but

do not have time for)



Spamming = the action of broadcasting

unsolicited advertising messages via e-mail



Takes up time and storage space



Check your ISP help areas to find out how

to report and/or control spam



It is associated with higher risk since

spammers are sometimes hackers

Browser Security Tips #1



Change to Firefox

Implement add-ons for:



NoScript



AdBlock Plus



McAfee Site Advisor



RefreshBlocker

Keep all Javascripts OFF until you need them

October 2009 15

Browser Security Tips #2



Stick with Internet Explorer

Learn to use security ‘zones’ to control script

execution

Implement add-ons for:



Pop-up control



McAfee Site Advisor



Blocking auto refresh

Keep all sites in UNTRUSTED zone until you

need access

Don’t browse to ‘bad’ sites

Implement Anti-Virus Software



Install anti-virus software on your computer to

protect you and your computer against known

viruses



KSU provides Symantec Antivirus to you for no

additional cost:

go to http//its.kennesaw.edu for your download(s)



New viruses emerging constantly, so, anti-virus

programs need regular updates, like annual flu

shots, to recognize these new viruses



Be sure to update your anti-virus software

October 2009 17

Back Up Your Data

 Businesses and experienced computer users know that there are two types of people:

Those who have already lost data and

Those who are going to experience the pain of losing data in the future

 That’s why serious computer users back up all data – Usinf some form of backup media:

Online backup services

Writeable removable media attached locally such as CD-R, flash drives, external USB hard drives

Another hard drive or a place on a local network

 Recommended that you make backups of all important data at least once per week and test recovery procedures at least once per year

 Make sure you have your original software start-up disks handy and available in the event your computer system files get damaged

 Be prepared!

Passwords



Passwords will only keep outsiders out if they are

difficult to guess



Don't use the same password in more than one place



The golden rules of passwords are:

Minimum of 8 characters,

Meaningless as possible to others

Mixture of uppercase letters, lowercase letters, numbers and special characters

Do not give out your password to anyone, at any time, for any reason

Change passwords regularly (or not)



It is not wrong to write down strong passwords, just

protect them when you do so

October 2009 19

Password Memory Tricks

 Pick a sentence that reminds you of the password. For example:

if my car makes it through 2 semesters, I'll be lucky (imcmit2s,Ibl)

only Bill Gates could afford this $70.00 textbook (oBGcat$7t)

What time is my accounting class in Showker 240? (WtimaciS2?)

 Spice up everyday compound words with numbers and special characters and misspell one or both of the words and you'll get a great password:

Friendship = Fr13nd+sh1p

Lifelong = L!f3l0ng

Teddybear = T3ddy^BaRe



Use a Password Generator (like at pctools.com)

Safeguard Your Strong

Password

Be careful about typing your password into a

strange computer



Is the owner trustworthy or are they perhaps

running a keyboard logger recording your

keystrokes? (It has happened)



Who was the last person to use it and what did

they run on it?



Are you at a public computer? Who knows

what’s running on it?

October 2009 21

Use a Personal Firewall

 Equip your computer with a firewall – preferably a hardware firewall

 Firewalls create a protective wall between your computer and the outside world

 They come in two forms:

software firewalls that run on your personal computer and

hardware firewalls that protect a number of computers at the same time

 They work by filtering out unauthorized or potentially dangerous types of data from the Internet, while still allowing other (good) data to reach your computer

 Firewalls also ensure that unauthorized persons can't gain access to your computer while you're connected to the Internet

Do Firewalls Prevent Viruses and

Trojans?

 NO!! A firewall can only prevent a virus or Trojan from accessing the internet while on your machine

 95% of all viruses and trojans are received via e-mail, through file sharing (like Kazaa or Gnucleus) or through direct download of a malicious program

 Firewalls can't prevent this – only good email habits, safe browsing habits and a good anti-virus software program can

 Once installed on your PC, many viruses and Trojans "call home" using the internet to the hacker that designed it  This lets the hacker activate the Trojan and he/she can

now use your PC for his/her own purposes

October 2009 23

Disconnect



Unless you have a reliable hardware firewall,

always disconnect your PC form the Internet

when you are not using it



Remember that the Digital Highway is a

two-way street



If you haven't kept your anti-virus software

up-to-date, or don't have a firewall in place,

someone could infect your computer or use it

to harm someone else on the Internet



Be safe and disconnect!

Stay Patched

 Most major software and hardware companies release updates and patches every so often

 Sometimes bugs are discovered in a program that may allow an attack

 When these bugs are discovered, the vendors create patches that they post on their web sites

 You need to be sure you download and install the patches!  Check your software vendors' web sites on a regular basis

for new security patches or use the new automated patching features that some companies offer

October 2009 25

Check-ups



You should evaluate your computer security at

least twice a year -- do it when you change the

clocks for daylight-savings!



Look at the settings on applications that you

have on your computer:

Verify your browser settings
Check the OS firewall

Validate your anti-virus and anti-spyware tools
Run an online self-check such as SheildsUP! at

http://www.grc.com

Don't Share Access

 Your computer operating system may allow other

computers on a network, including the Internet, to access the hard-drive of your computer in order to "share files“  This ability to share files can be used to infect your

computer with a virus or look at the files on your computer if you don't pay close attention

 So, unless you really need this ability, make sure you turn off file-sharing

 Check your operating system and your other program help files to learn how to disable file sharing

October 2009 27

Scams



Stakes are higher as they've got easy access to

millions of people on the internet



Email

May contain a hyperlink to a web site that asks you for personal information, including your password (phishing)

May contain a solicitation for your credit card information in the guise of a billing request

Watch out for ‘investment opportunities’ that sound too good to be true (Nigerian 419 scam)

see http://home.rica.net/alphae/419coal/

Share Knowledge



It's important that everyone who uses a

computer be aware of proper security

practices



People should know how to update virus

protection software, how to download

security patches from software vendors

and how to create a proper password

October 2009 29

Recommended Tools

 KSU ITS has software tools you have already paid for

its.kennesaw.edu

 Spybot Search and Destroy

www.safer-networking.org/

 Ad-Aware (from Lavasoft)

http://www.lavasoft.de/software/adaware/

 Windows Defender

www.microsoft.com

 Sheilds Up!

www.grc.com

 Security Now! Podcasts at http://www.grc.com/securitynow.htm

Conclusion



Common sense, some simple rules and a

few tools can help protect you and your

computer systems



Remember that by protecting your own

computer system, you're also doing your

part to protect computers everywhere

October 2009 31

Questions

Quiz Question 1



Who is the social engineer that was the

subject of the Tom Hanks movie

Quiz Question 1

October 2009 33



Who is the social engineer that was the

subject of the Tom Hanks movie

Catch Me If you Can?



It was Frank Abagnale Jr.

Quiz Question 2



What was the ‘handle’ of the Canadian

hacker who brought down Yahoo!,

Amazon.com, Dell, Inc., E*TRADE, eBay,

and CNN in 2000?

Quiz Question 2

October 2009 35



What was the Internet alias of the

Canadian hacker who brought down

Yahoo!, Amazon.com, Dell, Inc.,

E*TRADE, eBay, and CNN in 2000?



It was mafiaboy. His real name is Mike

Calce, a

high school student from the

upscale area of the West Island in

Montreal, Canada

Quiz Question 3



When using an intrusion detection

system

, what is the correct name for an

event that looks like an intrusion but is

actually just routine activity?

Quiz Question 3

October 2009 37



When using an intrusion detection

system

, what is the correct name for an

event that looks like an intrusion but is

actually just routine activity?



It is called a False Positive.

Quiz Question 4



What TCP/IP port is most often used

(the default) when a browser uses SSL

to connect to a web server using a

secured connection?

Quiz Question 4

October 2009 39



What TCP/IP port is most often used

(the default) when a browser uses SSL

to connect to a web server using a

secured connection?



TCP/IP port 443 is used for SSL

connections by default.