Title: Home Computer Security: How to Make Your Home Machine More Secure
1Home Computer Security How to Make Your Home
Machine More Secure
- Laurie Walters
- lwalters_at_psu.edu
- Security Operations and Services
- ITS_at_PennState
2Just Minutes to the Internet
- The iMac is the quickest way to get on the
Internet. Its so easy to set up and use, youll
be online and surfing the web in minutes - -http//www.apple.com/imac/
3The Problem.
- There is a tradeoff between ease of use and
security for computers - To sell more products, companies have to make
computers easy to use. - However, todays powerful computers plugged into
the internet shouldnt be treated like any other
new household appliance.
4The Even Greater Problem
- Internet being scanned constantly by
self-replicating worms and deliberate attacks. - Hackers want to exploit computers with lax
security to take advantage of hard drive space
and relatively fast connections.
5Common Security Problems for Home Machines
- May include
- virus infections,
- backdoor/trojan infections where an unauthorized
person remotely has complete control of your
computer. - privacy invasions
- warez (file-trading) servers installed,
- your computer is used to attack other computers
- destruction of files (data, operating system,
etc)
6Am I at Risk at home? Why?
- Cable modems / DSL have a fast, always on
connection that hackers can return to again and
again. This atmosphere also provides a good
breeding ground for self-replicating worms. - Camping out on a PSU modem keeping the same IP
address allows hackers to scan your system and
return at a later date to infect it. - Short dial up modem sessions Occasionally,
security incidents occur on dial-up machines with
both worms and hacking incidents.
7How to Make Your Home Machine As Secure As at Work
- Make sure your machine has good passwords
- Patch your machine regularly
- Use an anti-virus product
- Use a router-based firewall or install a personal
firewall - Use a VPN to connect to PSU resources
- Know what is running on your system
- Use good internet hygiene
8Make Sure Your Machine Has Good Passwords
- Most operating systems require a password to
protect your computer from unauthorized access. - Passwords should not be dictionary words and
should consist of 7 characters of mixed case
including numbers, letters, and symbols. - http//www.alw.nih.gov/Security/Docs/passwd.html
9Operating System Password Requirements
- Windows
- Passwords required for Windows XP Pro and Home
versions, Windows 2000, and Windows NT. - Note With Windows XP Home edition you may have
to boot into Safe mode to assign an
administrator password - Passwords not necessary for Windows 95, 98, or
ME. - Linux / Unix
- Passwords required for all flavors.
- Macintosh
- Passwords required
10Patch Your Machine Regularly
- Computer vendors provide regular updates for
their products that can protect against known
security vulnerabilities. - Use automatic updates where possible (e.g.
Windows update) or download updates from vendors.
Try to download major / critical patches to
removable media such as cd and install them
before putting computer on the internet for the
first time. - When you hear of a new major vulnerability or
patch, try to install it as soon as possible.
11Install an Anti-virus Product
- PSU has purchased a site license for Symantecs
Norton Antivirus Corporate Edition - Consulting and Support Services (CSS) provides
user support for product - Norton can be downloaded at http//computerstore.
psu.edu/ - Update virus definitions weekly or more often if
you hear of a new virus - Set virus protection to automatically download
virus definition updates if possible. - Perform full Scan system at least monthly (if not
more often)
12Install a Personal Firewall
- A personal firewall is a software-based filter
between your computer and the outside world that
is installed on your computer to protect it from
unauthorized access by other external users. - Personal firewalls are configurable to specify
which incoming and outgoing programs, ports, and
IP addresses can be accessed. - Recommended personal firewalls that are free for
personal use - Zonealarm
- http//www.zonealarm.com
- Tiny Personal Firewall
- http//www.tinysoftware.com
13Inexpensive Routers with Built-In Firewalls
- A firewall that is firmware or hardware based is
a separate device that physically sits between
your computer and internet connection. - This type of firewall is generally more secure
than a personal firewall and saves processing
time on the computer that the personal firewall
would otherwise be using. - Router-based firewalls can range in price from
relatively inexpensive (60) to thousands of
dollars. - This type of firewall device is highly
recommended for home use and can protect many
types of connections including dialup modem,
cable modem, DSL, etc.
14Two Inexpensive Router-based Firewalls
- (Recommended by Skip Knoble hdk at psu dot edu).
Thank you Skip! - Linksys Cable/DSL Router at Micro Warehouse (60)
- http//www2.warehouse.com/product.asp?pf_idDEB27
30blindviewcatpcThis is for Cable/DSL and
quite usable for home use (1 to 4 ports). - SMC 7004ABR (80)
- http//www.smc.com/index.cfm?actionproducts_show
_descriptionproductCodeSMC7004ABR from
http//www2.warehouse.com/product.asp?pf5FidDEB3
144catpcblindThis is for Cable/DSL and also
has an RS-232 port (for Internet connection via
modem).
15Use a VPN to Connect to PSU Resources
- A Virtual Private Network (VPN) is an encrypted
tunnel between your computer and a remote
machine. - There are several benefits to using a VPN,
including encryption, authorization, and privacy
(e.g. data between your home machine and PSU
cannot be intercepted). - The PSU VPN service enables your remote computer
to appear to be a part of the psu.edu domain.
16Installing the Penn State Anywhere Virtual
Private Network (VPN)
- VPN is provided free of charge to anyone with a
valid PSU access account. - A simple download and configuration of the VPN
client software is required in order to use the
service. - See http//aset.psu.edu/vpn/index.html
17Know What Is On Your System
- You should periodically determine what all of
your running processes are on your computer, and
if they are valid. - You can analyze what processes are on your
Windows system by downloading a tool such as
TCPView, Fport, Inzider, or Active Ports. They
can be downloaded from the links at
http//www.personal.psu.edu/lxm30/windows/utils.ht
ml - On a unix system, you can analyze running
processes by typing the command lsof.
18Use Good Computer Hygiene
- Dont create non-password protected file shares
- Think before you click
- Be careful with e-mail attachments
- Be careful about what web sites you go to.
- Be careful when prompted to download software
- Use good passwords and change them periodically
for both machine and web sites you visit! - Look for padlock at bottom of web pages when
submitting sensitive information. - Install minimal applications and services
- Backup data frequently
- Remove internet access when it is not needed
19Presentation Available At
- http//www.personal.psu.edu/lxm30/windows/windows.
html
20Questions?