Fyvqr Ahzore Bar

1
Fyvqr Ahzore Bar

• Slide Number One
• (ROT13 obfustucated)
• GT Ruocco (10/2006)

2
Chapter 11 - Internet Security
Ye Olde Information
3
Internet Worms

• Apache log story
• p636, the book mentions 12 major worms between
  1999 and 2004.
• Melissa, Sadmind, Sonic, Bugbear, Code Red,
  Nimda, Spida, Slammer, Slapper, Blaster, Witty,
  and Sasser
• Slapper targeted an OpenSSL buffer overflow on
  Apache under Linux.
• 11 of the 12 mentioned targeted unpatched
  vulnerabilities in software products made by
  Microsoft.
• What does that say about Microsofts security
  track record?

4
Good Firewalls

• 2001 Tested the top 5 or 6 firewalls.
• Kerio, Sygate used to be cool. BlackICE.
• Symantec bought out Sygate, took it off the
  market.
• Kerio (related to Tiny Personal Firewall) might
  be a good choice nowadays.
• ZoneAlarm? Insecurity of outbound firewalls.

5
Bad Firewalls

• Windows Firewall
• Norton Internet Security

6
Symantec

• Norton Anti-Virus
• Norton Internet Security
• Many of the criticisms leveled at Norton
  AntiVirus, including being slow, inefficient and
  difficult to uninstall, can also be leveled at
  Norton Internet Security due to its inclusion of
  Norton Antivirus. In September 2006 thepcspy.com
  did several tests to find out what programs
  slowed down Microsoft Windows the most.
• Number one cause of a slow PC? Norton Internet
  Security 2006.
• Number three cause of a slow PC? Norton Internet
  Security 2007.
• I suspect the number two cause is Norton
  AntiVirus.
• Good products Ghost GoBack.

7
Need AV?

• p661 lists some anti-virus software, but is
  suspiciously lacking the freeware AVs.
• AVG Free.
• Avast.
• Commercial Kaspersky

8
p662 Eliminating Spam

• If you want to play games, get a Hotmail or Yahoo
  account.
• Gmail.com (web-based email w/POP).

9
p663 - Stopping pop-up ads

• Use any browser not named Microsoft Internet
  Explorer
• Mozilla Firefox
• Opera

10
Viruses not the current top threat

• Old Viruses, worms, trojans.
• New Internet Explorer, spyware, and trojans.

11
p665 Removing Spyware

• Treat the problem, not the symptom.
• Its not bad sites that infect you with
  spyware, its bad software. --Myself
• Removing spyware is pointless if you dont stop
  using IE as your browser.
• One of the best programs for removing spyware is
  called Spybot Search and Destroy. --Book
• Useless now Ad-aware / Spybot Search and
  Destroy.

12
Spyware Browser Security

• US-CERT Vulnerability Alert ( 6/9/2004)
• Use a different web browser
• There are a number of significant vulnerabilities
  in technologies related to the IE domain/zone
  security model, trust in and access to the local
  file system (Local Machine Zone), the Dynamic
  HTML (DHTML) document object model (in
  particular, proprietary DHTML features), the HTML
  Help system, MIME type determination, the
  graphical user interface (GUI), and ActiveX.
  These technologies are implemented as operating
  system components that are used by IE and many
  other programs to provide web browser
  functionality. These components are integrated
  into Windows to such an extent that
  vulnerabilities in IE frequently provide an
  attacker significant access to the operating
  system.It is possible to reduce exposure to
  these vulnerabilities by using a different web
  browser, especially when viewing untrusted HTML
  documents (e.g., web sites, HTML email messages).
  Such a decision may, however, reduce the
  functionality of sites that require IE-specific
  features such as proprietary DHTML, VBScript, and
  ActiveX. Note that using a different web browser
  will not remove IE from a Windows system, and
  other programs may invoke IE, the WebBrowser
  ActiveX control (WebOC), or the HTML rendering
  engine (MSHTML).

13
IE As Secure As An Open Door

• Microsoft IE 6.x vulnerability report
• 106 Secunia Advisories!
• 19 unpatched holes, the worst are rated
  Extremely critical

14
Mozilla Firefox

• Mozilla Firefox v1.5 vulnerability report
• 36 Secunia Advisories.
• Only 3 unpatched holes. The worst of the three
  is Less Critical

15
IE Bad for the Web and Bad for web-designers

• CSS 2.1 support
• IE 6 52
• IE 7 54
• Firefox 1.5 93
• Opera 8.5 93 Opera 9 96
• Users hold back the web by using an outdated
  browser.
• Source http//tinyurl.com/eptvq

16
Disk and File Encryption
17
So much more I can say, but alas
Source http//tinyurl.com/uhtb9