330 likes | 480 Views
Home PC Security & Internet Browser Tips. Todd W. Jorns Senior Director for Educational Technology Illinois Community College Board. Topics. User Accounts Passwords Windows Updates Anti-Virus Software Anti-Spyware Software Email Browsers. Logging On to Windows.
E N D
Home PC Security & Internet Browser Tips Todd W. Jorns Senior Director for Educational Technology Illinois Community College Board
Topics • User Accounts • Passwords • Windows Updates • Anti-Virus Software • Anti-Spyware Software • Email • Browsers
Logging On to Windows • Do not run Windows as an Administrator • Increases vulnerabilities • Trojan Horse: a program that does something else than it appears to do • May reformat your hard drive, delete files, create another user with administrative control • Instead: • Create a User Account
Passwords • Pick a good password for all accounts—it’s your first and sometimes only defense • Password dangers: • Cracking • Social Engineering
Passwords:Good Characteristics • Length • Number of characters • Longer is better and harder to guess • Width • Types of characters • Should include at least three of • Uppercase letters • Lowercase letters • Numbers • Special characters (e.g. ? ! @ #) • Depth • Challenging meaning • Phonetic: Imukat2 for I’m a cat, too • Mnemonic: FM2tM for Fly Me to the Moon
Update Windows: Early & Often • Updates close known vulnerabilities that are targeted by hackers • Options for updates: • Automatically download and install • Manually download and install • To configure: • Control Panel | System | Automatic Updates
Check Office Updates • MS makes updates available on its web page • Users should check here at least once per month: • http://office.microsoft.com/en-us/officeupdate/default.aspx
Anti-Virus Software • A virus is: • Program or programming code that replicates; • Transmitted as attachments to an e-mail note or in a downloaded file, or may be present on a diskette, CD, or thumb drive. • A virus might: • Immediately affect you or lie dormant; • Be benign and playful or devastatingly harmful.
Anti-Virus Software: Key issues • Most AV software can be configured to automatically update itself • Daily is best if possible • After expiration, no updates will occur • Why? New viruses every day! • Scan your computer automatically • Configure the software to run at a time when no one will be on the computer • At least once a week • If you use IM, try to find software that scans for IM viruses
Anti-Virus: Free software • Online: • Housecall - http://housecall.trendmicro.com/ • Panda ActiveScan -http://www.pandasoftware.com/activescan/ • Downloadable: • AVG Free - http://free.grisoft.com/doc/2/lng/us/tpl/v5 • avast! Home Edition - http://www.avast.com/eng/down_home.html
Spyware: What is it? • Strictly defined, spyware consists of computer software that gathers and reports information about a computer user without the user's knowledge orconsent. • From Wikipedia, the free encyclopedia
Spyware: Problems • Installs without user’s informed consent • Invades privacy and steals bandwidth • Often causes system instability • Crashes • Hanging • Slowing • May modify shared files • Causing other applications to fail • Making spyware difficult to remove • Interrupting Internet connectivity
Spyware: Remedies • Numerous Anti-spyware programs and removal tools • Spybot Search and Destroy: • http://www.safer-networking.org/en/index.html • Adaware: • http://www.lavasoftusa.com/software/adaware/ • MS Anti-Spyware: • http://www.microsoft.com/athome/security/spyware/software/default.mspx • Various Anti-Virus programs
Spyware: Prevention • Spyblaster: • http://www.javacoolsoftware.com/spywareblaster.html • Disabling Active-X • Using only reputable sources for software • Updating Software to fix known vulnerabilities • Windows operating systems • Browser software
E-mail • Most frequently used tool • One of the most vulnerable tools “out of the box” • Issues • HTML • Attachments
E-mail: Attachments • Never open any unsolicited attachments • Do not trust attachments from known parties • Scan all attachments • Executable code • Macros • Never open attachments that are programs (.bat, .chm, .cmd, .com, .exe, .hta, .ocx, .pif, .scr, .shs, .vbe, .vbs, or .wsf).
How to see file extensions • In ME, 2000, and XP: • Open My Computer • Choose Tools | Folder Options • Choose the View Tab • Uncheck: Hide file extensions for known file types • Click OK
Email: Spam • Never respond to spam • Signals a “live” e-mail address • May be added to list and sold • Consequence: MORE spam!
E-mail: Phishing • The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identify theft • Microsoft, your bank, AOL, PayPal will never send you announcements about updates---and neither will most businesses. If unsure, use the telephone!
Web: The World Wide Web • World Wide Web brought color, pictures, and motion to the Internet • Browser: Software application used to access the World Wide Web • Internet Explorer • Firefox • Opera • Popularity of WWW means that it’s a favorite for malicious activities
Web: Making it safer • Consider disabling AutoComplete • anyone at your computer will be able to easily see where you've been on the Web • worse yet, anyone at your computer will be able to easily impersonate you at Web sites that require you to input information • In IE • Select Tools and choose "Internet Options ..." • Click the "Advanced" tab. • Scroll down and uncheck the box next to "Use inline AutoComplete for Web addresses".
Web: Signals of secure site • Look for a site that uses a secure channel for transmission of credit card information • Key clues: • https • Locked padlock
Test Browser Security • Jason’s Toolbox: • Online test of browser security • Leads you through each step • http://www.jasons-toolbox.com/BrowserSecurity/
The Internet: A huge network • When you connect to the Internet, your computer is connected to all the other computers---and the good and bad users behind them • Understanding a little about that communication will help you to understand the need for something called a Firewall
IP Addresses • IP or Internet addresses are like addresses for buildings • If you know the address of a building, you can locate it and send it information • If you know the address for a computer, you can send it information • Fortunately, we don’t have to remember the numbers because of an Internet service called Domain Name System which translates for us!
Firewalls: Filters for packets • A firewall is a piece of software or hardware, which stands between two networks or computers and controls access between them • Controls the traffic flow in and out of networks or computers based on IP Addresses and Port numbers
Router (Hardware ) • Hides your computer from the Internet • Internet address is given to your router • Computer receives a private Internet address • The harder you are to find, the harder it will be for someone—or something—to hurt you! • A must for broadband (cable/dsl) Internet connections • Key: Change the default password!
Personal Firewalls (software) • Watches information going in and out of the computer – but you decide • Will allow you to monitor programs • Allow only programs of which you are sure • Watch for outgoing programs (e.g.,spyware) • Know how to shutdown Internet connectivity
Personal Firewalls - Software • Zone Alarm • http://www.zonelabs.com/store/content/company/products/znalm/freeDownload.jsp • Sygate Personal Firewall • http://smb.sygate.com/products/spf_standard.htm
Test Your System • HackerWacker: • http://hackerwhacker.com:4000/freetools.php • ShieldsUp: • http://www.grc.com/default.htm
Online Resource • www.iccb.org/pchelp
Questions Todd W. Jorns (217) 785-0144 Todd.Jorns@illinois.gov