Secure Use of Internet Safe Hex

1
Secure Use of Internet Safe Hex

• Presentation by Vlad Olchanski, PhD
• VCU Department of Internal Medicine
• at the Virginia Heart Institute
• February 17, 2006
• http//www.intmed.vcu.edu/inm/infotech.shtml
• http//www.medinf.vcu.edu
• volchans_at_vcu.edu
• (804) 828-5384

2
Computers Communications
Computers started as something highly
professional and for use of professionals Now
computers are a major means of communications and
information retrieval The number of users of
Internet is ONE BILLION
3
Supercomputer World Domination
a nightmare of 1950-1960s fortunately
unimplemented!
4
Actual Distributed Network

• All computers are equaleven pigs are equally
  equal -)

5
Evolution of Connectivity

• Local Area Network
• BITNET
• Internet

professional users

• Prodigy
• AOL
• Compuserv
• MSN
• etc.

general public
Internet Commercialization wild users
6
Dangers

• Regular Virusescrash OS, delete files, slow down
• Worms, Trojanswait for event (time, command),
  steal address book, open backdoor, same as
  viruses
• Spying info from computer, your interests
• Phishing conning you to disclose your info

7
Specific Dangers
Attachments Javascript, etc.
ActiveX Cookies Javascript Bogus programs Direct
intrusion
Email
Websites
Open ports Running services Remote access
Connection to network
8
Cure Hygiene!

• Dr. Wenzel, Chair of MCV Internal Medicine
  emphasizes the importance of Dr. Semmelweiss
  SHOCKING (?!) discovery of more than 100
  agoPHYSICIANS MUST WASH HANDS!
• One of the behavioral issues that plague
  hospitals and especially the infection control
  team is how to improve handwashing compliance,
  how to achieve a plateau above the usual
  threshold of 40 observed in modern ICUs. This is
  not a new story.http//stalkingmicrobes.org
  read his latest book!
• Same with COMPUTERS!

9
Workstation Security
Windows Setup Update
Firewall Antivirus Antispy Protection
Web Browsers Email Programs
Pop-up Blockers Spam
Filtering
10
Windows Setup Update
11
Windows Setup
Start Settings Control PanelFolder
Options View Microsoft Office files DOC, XLS,
PPT are also executables and may be infected!
Make file extensions visible so that you
may easily detect executable files EXE, SCR,
BAT, VBS, etc. that may be infected
12
Windows Setup Security Center

• Control Panel - Security Center
• Windows Update - Automatic
• Firewall - On or Firewall of your choice
• Virus Protection - On or Antivirus of your
  .
  choice

13
Windows Update

• Windows has many security holes. Practically
  every week a new one is discovered. Microsoft
  releases security patches.
• Windows Update should be run automatically and
  check should be done manually at least weekly.
• It is recommended to update your XP installation
  to Service Pack 2 (SP2)
• Windows Update function - START button and shows
  there in the upper part of the menu.

14
Firewall
outside world
your computer
intrusion attempt
legit application
legit communication
open ports
maliciousoutgoing attempt
intrusion attempt
worm
15
Windows Firewall

• Win-XP/SP2 has basic firewall for intrusion
  protection.
• Free firewall ZoneAlarm additionally prevents the
  viruses that may reside on your computer from
  sending offensive packets outside of your
  computer. ZoneAlarm also protects against viruses
  in email attachments.
• Instructions on ZoneAlarm installation
  http//markusjansson.net/eza.html
• If you install ZoneAlarm, you MUST turn off
  Windows Firewall in Win-XP/SP2 Security Center in
  Control Panel.

16
Virus Protection

• Symantec (Norton) Antivirus
• MacAfee Antivirus
• F-Prot (made in Iceland) most lite-weight
• AVG free, not bad
• Kaspersky most thorough
• Sophos both antivirus and antispy
• Do not forget to update virus signatures
  weekly, do not trust automatic update!
• Do not run several real-time virus protectors
  in the same time.

17
Spyware - 1

• Websites or email messages may plant on your
  computer spyware -- programs that are watching
  and reporting what you are doing on your
  computer, what websites you visit, what files you
  have on computer, what music you play.
• They even may highjack your commands to the
  web browser and display for you websites you
  never intended to visit. This all compromises the
  confidentiality of information on your computer
  and slows down its operation.

18
Spyware -2

• Turn off spying features built in Win-XP. Use
  XP-Antispy program, select Windows update
  profile.
• http//www.xp-antispy.org/
• Set Safe Settings for Windows XP Services
  http//www.intmed.vcu.edu/inm/WindowsServices.shtm
  l

19
Spyware - 3

• Install one or more spyware scanners that
  operate similar to the virus scanners.
• - Adaware SE Personal download free from
  http//www.lavasoft.de
• - SpyBot Search and Destroy free from
  http//www.safer-networking.org/en/download/index.
  html

20
Spyware - 4

• These 2 programs are recommended to be installed
  on your computer.
• Microsoft Windows Defender may be run to
  automatically self-update and in real time check
  for attempts to plant spies on your computer. Spy
  Bot SD is not recommended for real time
  protection.
• Please be careful in using antispy programs. They
  may give false positive results marking some of
  your useful applications as spyware. In such
  cases uncheck the programs you are sure are not
  planted spies and do not delete them.
• You will be amazed how many spies you will find
  on your computer after the first scan! Their
  number will be between a hundred and several
  thousand.
• Please do not forget to update and run antispy
  scans at least once in a week!

21
Spyware - 5

• Avoid pseudo-freebies commercial programsmedia
  players (Real, QuickTime, MS Windows Media
  Player, etc.), weather bars, search bars, instant
  messengers (AIM, MSN, ICQ)
  USE INSTEAD
• Truly free and versatile Media Player
  Classichttp//www.free-codecs.com/download/Media_
  Player_Classic.htm
• Miranda instant messenger (ICQ, AIM, MSN, and
  more) http//www.miranda-im.org/
• Weather and search extensions to Firefox browser
• Completely uninstall Windows Messenger service

22
Web Browsers
23
Web Browsers

• Internet Explorer obsolete and deprecated
• Firefox the tool of choice
• Mozilla father of Firefox
• Netscape granddad of Firefox
• Opera the best but a bit Nordically strict, not
  to say Teutonic (made in Norway).

24
Internet Explorer

• Won in unfair fight with old Netscape, became
  eventually monopolist
• Has many security holes
• Is the target of BAD GUYS
• Not recommended by the US Department of Homeland
  Security (DHS).
• Uses ActiveX that plants viruses on computer
• Switching to Firefox browser is like starting
  free walking after a year in wheelchair

25
Firefox Browser

• Provides for Tabbed Browsing loading pages in
  background (wheel-click or CTRL-click)
• Has extensions to restore last session, to
  restore closed pages, to manage tabs,
  acceleration, scrapbook, pop-up blocker, unwanted
  picture removal, weather forecast and more
• Cookies control and Password management
• Has Internet Explorer in a tab window with one
  click for dealing with badly designed websites
• Secure!

26
Pop-up Blockers

• Special applications exist
• Firefox does a good job, particularly with
  Adblock extensions
• Internet Explorer has a basic blocker
• Firefox removes selected pictures________________
  _____________________
• It is not desirable to have several different
  pop-up blockers in different applications because
  this may lead to breaking navigation and display
  of some websites

27
Email Programs
28
Using Email - 1
You read and send email with Email Client There
are so many different Email Client programs
-- make your own choice BUT some of Email
Clients and some of Email USERS go outside
of Internet Standards - incompatibility of
messages - errors in transmission and reception
29
Using Email - 2
POP server delivers all messages to your computer
-- good when you are on a fast connection IMAP
server delivers only message headers and
messages on demand -- good when you are on a
dial-up Yet you will not have all messages on
your computer Thunderbird, Eudora, TheBat!
support multiple email accounts Webmail allows
to use email with your browser -- good when you
are on the go For non professional use Hotmail,
Yahoo, etc. -- but it is not a true email
30
Email Programs Outlook

• The use of Outlook and Outlook Express is
  discouraged although by now Microsoft plugged
  many of the security holes in them.
• These email programs are the targets of virus and
  malware mongers, which may lead to big problems
  in your computer.
• If you still intend to use this program, please
  check regularly that its capability to execute
  malicious code in messages is still turned off --
  it has a tendency to occasionally turn itself on.
• Thunderbird Email Program easily imports all
  Outlooks settings and archived messages

31
Email Programs Thunderbird

• Modern program for email much similar to old
  Netscape 4
• Powerful message filtering in specified topic
  folders
• Has an inbuilt self-learning spam filter that is
  very efficient and excludes the need of an
  external spam blocker
• May operate several different email accounts
• Turn off writing in HTML in option settings!
• Thunderbird easily imports settings and messages
  from major email programs

32
Email Programs LotusNotes

• Turn off the capability to execute malicious code
  that may be included in email messages.
• Change the default for calling browser when
  clicking on the link embedded in a message. This
  default needs to be replaced with the installed
  default browser -- Firefox or Opera. Calling
  Internet Explorer is dangerous!

33
Email Spam Filters

• Spam filtering by your Internet Provider90 of
  incoming messages in VCU are filtered out as spam
  some messages may be lost! I receive ONE
  Megabyte of spam a day.
• Email programs internal self-learning filter
• SpamPal Spam Eliminator uses blacklists
  --http//www.spampal.org/
• EXE and ZIP files are banned and killed!
• Always take measures to ascertain that your
  CRITICAL email has been received at the other end

34
Using Email - 1
Email is very much like Regular Mailsending
mail and receiving are done quite differently!
To send mail, you may to drop it in any mail drop
box in the street. To send email, you may
connect and use any SMTP serverin the world. It
is for public convenience.
SMTP server sends email
35
Using Email - 2
You send a letter thru a Mail Drop Box
You may use any one you find in the street
36
Using Email - 3
You send an email thru a SMTP server
access controlled
access controlled
access controlled
access controlled
access controlled
access controlled
open for all
You may use any one you find on the Internet
37
Using Email - 4
Email is very much like Regular Mailsending
mail and receiving are done quite differently!
To receive mail, you must have either your own
mailbox or rent a box at any Post Office. To
receive email, you must have an account with any
POP3 server. It will be your private possession.
You may have as many as you may wish.
POP3 server receives email
38
Using Email - 5
To receive a letter, you must have a homeor a
number in a US Post Office
39
Using Email - 6
To receive an email, you must have an accountat
a POP or IMAP mail server
you may have as many of these as you like
40
Using Email - 9 Basic Rules of Nice Conduct
1. Never consider email as confidential 2. Email
should best be a simple message 3. Do not send
messages formatted with HTML -- not all email
clients can deal with them in the same way,
opening HTML message confirms a hit for spammers
(impossible in AOL email program )
4. Avoid sending binary attachments these
may come corrupted and can carry viruses How
to avoid binary attachments in Email, see
http//www.intmed.vcu.edu/inm/advice.html 5. Do
not open strange messages
41
Internets Most Intimate Secret
Like Wine Dichotomy in Russia
- Vodka, Moonshine, Brandy are
considered White wine - all the
rest are Red wines
42
Internets Most Intimate Secret
Data Dichotomy in Internet
- Text files Plain English text A-Z, a-z,
0-9 - Binary files all the rest
43
Internets Most Intimate Secret
Symbols -- Bytes -- Octets
Secret 53 65 63 72 65 74
Bits
1010011 1100101 1100011 1110010 1100101 1110100
Sept bits fassent un octet! This is the ASCII
Standard. Yet --
Éç C9 E7 11001001 11100111
Now you see that the French have a reason to
call the byte not septet but octet! If you
strip the 8th bit then corruption occurs
É - 49 I and ç - 67 g
44
Internets Most Intimate Secret
The Revelation
Only text files can go through Internet Binary
files will come corrupted
To send a binary, it must be converted to a text
file (encoded) and on the receiving end the
encoded file must be decoded. In Email, binary
files go as attachments. Different email
programs treat attachments differently, which may
lead to confusion and errors
45
Professional Communicationsmedical and
confidential

• Communications with patients should be
  authenticated to avoid forgeries and trolling
• Cryptographic signature/certificate
• Watch for SECURE CONNECTION lock icon in
  the browser when submitting confidential data!
• Beware of the bogus phishing websites!

46
Phishing in Email
O Bad guys try to obtain info on your
financial data and other confidentials O Banks
and real traders never ask you about such
with emails NEVER. O Bad guys create fake
websites looking like real ones, say Amazon
and steal your data. O Always check if your data
will be sent to the right destination by
analyzing the links!
47
Security Cryptography - 1
Encryption with a keyword this is plaintext ,
the key is key (add codes) keykeykeykeykeyke
Encrypted text dxkfpsnputmsodjss Decryption
with a keyword -- the key must be sent to the
recipient this is the weakest
point Encrypted text dxkfpsnputmsodjss , the
key is key - (subtract codes) keykeykeykeykeyke
Decrypted text this is plaintext
Plain book, a simple but efficient tool
One-time pad
48
Security Cryptography - 2
My secret private key
PGP Pretty Good Protection
Freds public key
My public key stored on my website and in public
depositories
My key ring of public keys of my correspondents.
See Freds key?
49
Security Cryptography - 3
Fred reads my message
I send message to Fred
Dear Fred, bla-bla...
Dear Fred, bla-bla...
hk_at_s2kdMs0fHquja...
Freds public key
Freds private key
I read Freds answer
Fred answers my message
My public key
My private key
Dear Vlad, bla-bla...
Dear Vlad, bla-bla...
Msios\iqN7dkoZnu...
50
Security Cryptography - 5
51
Security Communications
Cryptonomicon by Neal Stephenson
80 adventures and fiction, 5 pearls
52
Recommendations - 1

• Avoid mainstream programs like Microsofts,
  AOLs, etc. use existing alternatives
• Use Firefox for web browser
• Use Thunderbird for email
• Update Windows and verify that update completed
  weekly
• Never connect to Internet without running virus
  protection

53
Recommendations - 2

• Install a firewall ZoneAlarm
• Turn off Windows spying features and unneeded
  services
• Make file extensions visible
• Install, update and run weekly several Antispy
  programs Adaware, Spybot, MSAntispy
• Use anti-spam filters in email
• Do not open strange email messages trash them

54
Recommendations - 3

• Do not emulate spammers do not write messages
  formatted in HTML
• Avoid sending binary attachments.Never send EXE
  and ZIP files
• Never open attachments in unsolicited emails
• Be cautious opening attachments even from your
  known partners. They may be infected

55
Recommendations - 4

• Install extensions in Firefox browser to expand
  its functionality
• Before clicking on any link, verify where this
  link actually leads you
• Set up your browser to delete cookies when you
  close browser
• Set up your email program not to execute
  javascript embedded in messages
• Beware of phishing

56
Secure Use of Internet Safe Hex

• Presentation by Vlad Olchanski, PhD
• VCU Department of Internal Medicine
• at the Virginia Heart Institute
• February 17, 2006
• http//www.intmed.vcu.edu/inm/infotech.shtml
• http//www.medinf.vcu.edu
• volchans_at_vcu.edu
• (804) 828-5384