130 likes | 474 Views
Information Security Session October 24, 2005. Bill Eaheart Network Security Coordinator DePaul University. Top Ten List. Install Operating system Updates and Patches Install Anti-Virus and Spyware Protection Use a Host Based Firewall Create a strong password
E N D
Information Security SessionOctober 24, 2005 Bill Eaheart Network Security Coordinator DePaul University
Top Ten List • Install Operating system Updates and Patches • Install Anti-Virus and Spyware Protection • Use a Host Based Firewall • Create a strong password • Use caution when opening email attachments • Never share personal information • Do not respond to Spam • Back up Files • Do not Share Folders • Use a Spyware program Information Security
Securing Windows Basic Steps to Secure your Machine: Step One: Enable a personal firewall Step Two: Download & Install AntiVirus Step Three: Run Windows Update Step Four: Configure Windows for Automatic Updates Step Five: Secure Your Accounts and Passwords Step Six: Run a Weekly Virus Scans of your Entire Computer Step Seven: Run and Update a Spyware Removal Program Step Eight: Disable or Set password for File Shares Step Nine: Run Microsoft Baseline Security Analyzer Information Security
Personal Firewalls • A personal firewall is a software-based filter between your computer and the outside world that is installed on your computer to protect it from unauthorized access by other external users. • Personal firewalls are configurable to specify which incoming and outgoing programs, ports, and IP addresses can be accessed. • Windows XP • Internet Connection Firewall (ICF) • http://www.microsoft.com/windowsxp/using/security/internet/sp2_wfintro.mspx • Inspects only incoming traffic • Commercial/Free Products • Sygate Personal Firewall • ZoneAlarm • Tiny Personal Firewall • Norton Personal Firewall • BlackIce PC Protection Information Security
How does a firewall work? • Each machine on the Internet is assigned a unique address called an IP address. • Computers have addresses referred to as IP addresses • Allows computers to talk to each other • Tells your computer where you want to send traffic • Example: 140.192.65.25 • Ports – A server machine makes its services available to the Internet using numbered ports • Tells your computer what service you want • Web Server: Port 80 • Internet Communication • Similar to postal envelopes • Instead of postal address and zip codes IP addresses and Port number • Connecting to a web server • Where do I want to go www.cnn.com (DNS – easy for people to remember) • What is the IP Address 64.236.16.20 • What service do I want Port 80 (web server) • What your computer sees • Source: 140.192.79.91:4628 Destination: 64.236.16.20:80 Information Security
How does a firewall work? • Computers have services running – even your work or home PC • A firewall inspects all traffic coming or leaving your computer • Use a set of rules to determine if it should allow the traffic to pass • In many cases you just need to install or enable the firewall application Information Security
Why is a firewall important? Scanning logs Wed Mar 19 00:15:23 CST 2005Number of scans: 523,264 Destination Ports Total Port====== ======198602 445 Windows 112389 139 Windows 88258 1433 MS-SQL - slammer worm 82404 80 Web Server 18390 135 Windows Information Security
What a Firewall Can Do • A firewall can be selective about what it lets through and what it blocks. • The firewall inspects all incoming traffic – and on some firewall applications it can inspect outgoing traffic as well • Based on the setup and rules the firewall determines if the packet should be blocked or transmitted • Some applications send notifications to the user with options • Denying the program or traffic • Allowing it just this one time. You will be asked again the next time it wants to use the network. • Allowing it forever more. You will not be asked again the next time it wants to use the network. • What do you do if you received a notification that traffic has been blocked • Firewall has blocked the harmful traffic Information Security
What a Firewall Cannot Do • Be aware of a false sense of security • Firewalls are limited in protecting your computer • Do Firewalls Prevent Viruses, Worms or Malware? • NO!! • Some firewalls can prevent malware from accessing the internet if your computer is infected your • Majority of all malware is received through e-mail, file sharing (like Kazaa or Gnutella) or through direct download of a malicious program • Firewalls can't prevent this • Common Sense and Caution • Operating System patches and security fixes • Anti-Virus software • Spyware software Information Security
Windows Update • Microsoft provides security patches and updates • Check for updates at least once per month • Security fixes released on the second Tuesday of each month • Manual Update • Open Internet Explorer http://windowsupdate.microsoft.com • Windows Automatic Updates makes this easy • Start Control Panel Automatic Updates • DePaul makes it even easier • Software Update Services (SUS) server Information Security
Automatic Windows Update Information Security
Microsoft Security Analyzer • Microsoft Baseline Security Analyzer • http://www.microsoft.com/technet/security/tools/mbsahome.mspx • Free, vulnerability assessment tool for the Microsoft platform • Download Software • Installation Wizard • Scan your computer Information Security
The End! Thank you Any questions weaheart@depaul.edu Information Security