Title: Defensive Computing avoiding dangerous computing practices
1Defensive Computingavoiding dangerous
computing practices
- Wichita Public Library
- Rex Cornelius Electronic Resources
- Webliography online at
- http//www.wichita.lib.ks.us/Researchers/Defensive
Computing.htm
2Computer Viruses and Worms
- Programs designed to infect other computers.
3Malware
- software designed to infiltrate or damage a
computer system without the owner's informed
consent. - Computer viruses, Worms, Trojan horses,
- Rootkits, Spyware, Hijackers, dishonest Adware,
Crimeware.
4Remote Administration Programs
- Back Doors
- Rootkits
- allow other people to access and
- control your computer
5Distributed Denial of Service
- Being an intermediary for an attack on another
computer.
6You can be a spammer!
- Some Trojans function as a mail forwarder, and
allow the attacker to transmit spam through the
infected system.
7Holding the bag
- A remote administrator can use your computer to
store illegal materials.
8Keyloggers
- Capture and record user keystrokes to obtain
passwords or encryption keys
9AdWare, SpyWare, Browser Hijacking
- Adware - Software that supports itself or another
program by displaying ads. - Spyware - Software that gathers and transmits
information without your knowledge. - Hijacking software - Advertising software
programs that change the settings of your browser
without your knowledge.
10AdWare, SpyWare, MalWare, ScumWare.
- Currently the biggest threat to personal
computing. - Virus-like symptoms.
- Earthlink 29 million spyware-related files on
the 1 million computers - Microsoft 50 of computer crashes
- Google 450,000 sites that install malicious code
11Who is in charge!?!
You
12Patches
- Keep all applications patched to the most recent
level - Operating system
- Internet Browsers
- Email programs
- Word Processors
- Spreadsheets
- All Microsoft Products!
13Use Virus Protection Software
- Use anti-virus software on all Internet-connected
computers. - Be sure to keep your anti-virus software
up-to-date. - Use automatic updates of virus definitions when
available.
14Unprotected File Shares
- can be exploited by intruders
15Running Programs
- Dont run a program unless you know its from a
trusted source. - Never run programs of unknown origin
- Never transfer programs of unknown origin
16Remove AdWare
- Scan with a removal tool often.
- Ad Aware
- Spybot
- MS Malicious Software Removal Tool
17Use a Firewallor Router
- Network device
- Linksys, Netgear, etc.
- Personal firewall software
- ZoneAlarm
- Outpost Firewall Pro
- Windows Firewall
-
18Social Engineering
- techniques used to manipulate people into
performing actions or divulging confidential
information.
19Email Spoofing
- An e-mail message can appear to come from one
source when it was sent from another.
20Email Attachments
- Never open unknown e-mail attachments. Know the
source. - Before opening any e-mail attachments, be sure
your virus definitions are up-to-date - You can save the file to your disk and scan the
file using your antivirus software
21Phishing
- Messages designed to gather confidential
information.
22Requests for Info
Never send confidential information by
e-mail Credit card numbersPasswords Never trust
links sent by e-mail. Service Providers will
never ask for your username or password.
23Hidden File Extensions
- Disguise malicious programs
- LOVE-LETTER-FOR-YOU.TXT.vbs
- AnnaKournikova.jpg.pif
24Cybersquatting
Using a domain name with bad faith intent to
profit from the goodwill of a trademark belonging
to someone else.
Typosquatting
A form of cybersquatting which relies on mistakes
such as typographical errors made by Internet
users when inputting a website address into a web
browser.
25Drive-by-Downloads
Download of spyware, a computer virus or any kind
of malware that happens without knowledge of the
user. Drive-by downloads may happen by visiting a
website, viewing an e-mail message or by clicking
on a deceptive popup window.
26securitycartoon.com
27New Tools
- Windows Firewall
- Malicious Software Removal Tool
- Google Warnings (StopBadware.org)
- McAfee SiteAdvisor - Free plug-in
28Warnings at Google
from StopBadware.org
29 30Online Shopping
- ShopSafe is a free service that allows you to
create a temporary card number each time you make
an online purchase. This number links directly to
your credit card account number but keeps your
card number private and protected.
31Consider Alternatives
- Choose another Web Browser
- Firefox, Opera
- Choose another e-Mail program
- Eudora, Thunderbird
- Use a Web Mail service
- gmail.com, mail.com, everyone.net
32Turn off your Computer!
- Disconnect from any network when its not in use
33Have a Plan!
- Make regular backups of critical data
- Flash Drive, Floppy Disk
- External Hard Drive
- Another Hard Drive or Partition
- CD-R / CD-RW
- Another PC on a network
34Plan for the worst!
- Create an emergency boot disk.
- Remember, before you have a security event.
- Save all program media.
35Hope for the Best!
- The Internet is still a wonderful information
resource. - Take precautions, but use and enjoy Internet
access!
Links are online athttp//www.wichita.lib.ks.us/
Researchers/DefensiveComputing.htm