INTERNET SECURITY

1
INTERNET SECURITY

• Presented by Bob Cook, DOAI

2
WHAT IS MALWARE

• Malware is anything running on your computer that
  you want on your PC
• In most cases, you dont know it is there.
• (More on this later)

3
HOW DO I GET MALWARE?

• Download / Install programs from internet
• HTML email message
• Open attachments
• Visit shady web sites
• Visit good websites that have been compromised
• Google says that 10 of websites (not webpages)
  are compromised and you get infected just by
  visiting the site

4
BUT I AM SAFE BECAUSE

• I use an Internet Security Program..
• -the first thing that malware turns OFF!
• -No protection against rootkits
• -No protection against new malware (the bad
  guys test their malware against these products)
• -Little or no protection against app/driver
  attacks
• - Signature database / heuristics cannot keep
  up with malware explosion

5
A WORD ABOUT FIREWALLS

• What is a firewall and what does it do
• Hardware (router) vs Software firewall
• Need Inbound and Outbound protection
• Many firewalls are easily disabled
• Best free firewalls are Comodo and Online Armor
• Best for average user is Sunbelt Personal Firewall

6
SAFE COMPUTING RECOMMENDATIONS

• HIPS
• VIRTUALIZATION

7
HIPS

• Host Intrusion Prevention System
• Monitors internet and computer activity to
  stop malware before it can infect your computer
• I recommend eEye Blink (Personal or
  Professional)
• Eliminates need for AV and software firewall
  programs

8
VIRTUALIZATION

• What if you could have a second computer that
  could freely browse the web and all the malware
  goes away when you restart
• (Sandbox concept)
• GREAT! How do we do this?
• Hard way or the easy way? Lets do it the
• EASY WAY
  

9
EASY VIRTUALIZATION

• EASIEST WAY
• Use Google Chrome for your web browser
• each tab is a virtualized workspace close
  the tab when done browsing, everything goes away
• Great for web browsing, but your applications
  are not sandboxed

10
EASY VIRTUALIZATION

• EASY WAY
• Use Sandboxie or ReturnIL programs
• These program let you run your browser AND
  other apps (such as your email client) in the
  sandbox
• When you are connected to internet, run ALL
  open programs in the sandbox

11
SANDBOXIE NOTE

• Sandboxie, and most other virtualization
  programs, create the sandbox on the C\ drive.
• For best protection, change the top-level folder
  for your sandbox, from a default like
  thisC\Sandbox\USER\SANDBOXTo
  thisC\Temp\Sandbox\USER\SANDBOX

12
VIRTUALIZATION CAVEATS

• Empty that sandbox, everything you did goes away.
  This may include your email, bookmarks and your
  downloaded software and updates
• - Use a web-based email service
• - Use de.licio.us or other online bookmarking
  site
• - Sandboxie and ReturnIL allow you to save
  downloads outside the sandbox
• - Remember to turn these programs off when you
  update Windows or other programs/drivers

13
PRACTICE SAFE COMPUTING

• Never open email attachments. This means
  NOTHING!
• Disable HTML email
• Dont download programs unless you trust the
  source
• Dont visit file-sharing sites or shady sites
• Keep your OS and programs updated (Secunia PSI is
  a good program to find and manage program
  updates)
• Keep confidential data on external drive offline
  and/or encrypt the data

14
SAFE PRACTICES (contd)

• Turn off ActiveX scripting in MS IE
• Turn off Javascripting / only allow on trusted
  sites when needed
• Turn off unnecessary services (advanced users)
• Use a custom HOSTS file (intermediate users)
• Turn off file sharing
• Keep confidential data on (disconnected) external
  drive

15
QUICK NOTE ABOUT WIFI

• When using WIFI, access your email ONLY thru a
  secure connection, or your email login and
  password will be available for anyone to see.
  With that information, I can easily steal your
  identity because I have access to your email.
  With access to your email, I can log onto almost
  any website and ask them to email your login
  credentials, which I can then retrieve from your
  email account.

16
WHAT ABOUT SURFING?

• Whether using public LAN or WIFI, your data is
  easily intercepted.
• Most WIFI is either unencrypted or uses WEP
  (quickly broken)
• All non-https packets (IM, surfing) easily
  intercepted
• Turn OFF File Sharing! Better yet, keep your
  confidential files on an external drive that is
  NOT connected to your computer

17
ENSURING YOUR PRIVACY

• Two solutions
• - Use free IPIG software which encrypts your
  data from your PC to the IPIG servers
• http//www.iopus.com/iPig/
• Download free Hotspot Shield
• http//www.hotspotshield.com/
• (This is easiest and recommended, but it adds
  an advertisement banner at the top)

18
IF NOTHING ELSE

• Remember this
• Use Sandboxie
• Use secure email login / access

19
WHEN ALL ELSE FAILS

• Buy an external hard drive. Download free or
  purchase a disk imaging program. Keep an image
  of your OS partition on the external hard drive.
• Next time something breaks, restore your image
  from your external hard drive to your computer.
  It only takes about 20 minutes, and you will fix
  95 of your computer problems quickly, easily,
  and with no needed technical knowledge