The ITS Event 2004 Viruses, Worms, and Hackers: Protect Your Personal Computer

1
The ITS Event 2004Viruses, Worms, and Hackers
Protect Your Personal Computer

• Laurie Walters
• lwalters_at_psu.edu
• Security Operations and Services
• ITS_at_PennState

2
Presentation Available At

• http//sos.its.psu.edu
• Look in the left column, under The ITS Event
• For Securing Your Home Computer

3
Just Minutes to the Internet

• The iMac is the quickest way to get on the
  Internet. Its so easy to set up and use, youll
  be online and surfing the web in minutes
• -http//www.apple.com/imac/

4
The Problem.

• There is a tradeoff between ease of use and
  security for computers
• To sell more products, companies have to make
  computers easy to use.
• However, todays powerful computers plugged into
  the internet shouldnt be treated like any other
  new household appliance.

5
The Even Greater Problem

• The Internet is being scanned constantly by
  self-replicating worms and deliberate attacks.
• Hackers want to exploit computers with lax
  security to take advantage of hard drive space
  and relatively fast connections.

6
Common Security Problems for Home Machines

• May include
• privacy invasions
• backdoor/trojan infections where an unauthorized
  person remotely has complete control of your
  computer.
• virus and worm infections,
• spyware
• warez (file-trading) servers installed,
• your computer is used to attack other computers
• destruction of files (data, operating system,
  etc)

7
Am I at Risk at home? Why?

• Cable modems / DSL have a fast, always on
  connection that hackers can return to again and
  again. This atmosphere also provides a good
  breeding ground for self-replicating worms.
• Camping out on a PSU modem keeping the same IP
  address allows hackers to scan your system and
  return at a later date to infect it.
• Short dial up modem sessions Occasionally,
  security incidents occur on dial-up machines with
  both worms and hacking incidents.

8
How to Make Your Home Machine As Secure As at Work

• Make sure your computer has good passwords
• Patch your machine regularly
• Install an anti-spyware product
• Use an anti-virus product and update it regularly
• Use a router-based firewall or install a personal
  firewall
• Use a VPN to connect to PSU resources
• Know what is running on your system
• Use good internet hygiene

9
Make Sure Your Machine Has Good Passwords

• Most operating systems require a password to
  protect your computer from unauthorized access.
• Passwords should not be dictionary words and
  should consist of 7 characters of mixed case
  including numbers, letters, and symbols.
• Some guidelines for selecting and remembering
  a strong password can be found at
• http//www.alw.nih.gov/Security/Docs/passwd.html

10
Operating System Password Requirements

• Windows
• Passwords required for Windows XP Pro and Home
  versions, Windows 2000, and Windows NT.
• Note With Windows XP Home edition you may have
  to boot into Safe mode to assign an
  administrator password
• Passwords not necessary for Windows 95, 98, or
  ME.
• Linux / Unix
• Passwords required for all flavors.
• Macintosh
• Passwords required

11
Patch Your Machine Regularly

• Computer software vendors provide regular updates
  for their products that can protect against known
  security vulnerabilities. These updates are
  called patches.
• Use automatic updates where possible (e.g.
  Windows Update) or download updates from vendors.
  Try to download major / critical patches to
  removable media such as CD and install them
  before putting your computer on the Internet for
  the first time.
• When you hear of a new major vulnerability or
  patch, try to install it as soon as possible.

12
Automatic Updates of MS Windows Operating Systems

• All Windows OS patches can be accessed here
• http//v4.windowsupdate.microsoft.com/en/default.a
  sp
• You can set up your Microsoft operating system to
  check for updates automatically
• Using Windows 2000 and Windows XP
• Click on the Start button gt Control Panel gt
  System
• Using Windows 98 and Me
• Click on Start gt Control Panel gt Automatic
  Updates

13
The Windows ME Control Panel with Automatic
Updates highlighted
14
Automatic Updates of MS Windows Operating Systems

• Using Windows 2000
• or XP, select System
• then click on the
• Automatic Updates tab
• Be sure the check box
• near the top is checked,
• then select the radio button
• which suits you.
• Using Windows 98 or Me
• select the Automatic Updates
• icon (this next screen
• will differ slightly)

15
Protect Your Machine From Spyware (Adware)

• Spyware software that is installed on a
  computer without the users knowledge which
  monitors user activity and transmits it to
  another computer.
• Many spyware programs are set to monitor what web
  sites you visit and how long you visit them for,
  generally for advertising / marketing purposes
  (adware).

16
How Would I Get Spyware Installed On My Machine?

• Spyware is usually bundled with other software
  such as shareware or freeware programs (e.g.
  Peer to Peer file-sharing programs, games, etc).
  The disclosure for the spyware is usually in the
  fine print of the licensing agreement. Who reads
  these anyway?
• Another way to get spyware on your machine is by
  clicking on a deceptive pop-up message.

17
Consequences of Spyware

• Spyware runs in the background, using your
  computers system resources and memory to log
  what you are doing. This could interfere with
  other programs on your computer, and could even
  cause your computer to frequently crash or lock
  up.
• Spyware also uses your internet connection to
  send information about your activities to someone
  else. This could cause your internet connection
  to slow significantly.

18
Malware, Viruses, and Worms

• Malware is software which has malicious intent
  that is usually installed without the owners
  knowledge. Malware may be disguised to look like
  benevolent software.

19
Malware, Viruses, and Worms

• Viruses are small programs which cause some
  unexpected event on a computer and automatically
  spread to other computers via e-mail, open file
  shares, and programs installed on the computer
  (e.g. Kazaa, AOL Instant Messenger, etc).
• Worms are self-replicating viruses that are
  loaded into computer memory rather than altering
  files on the machine. A worms main goal in life
  is to spread to as many other machines as
  possible.

20
Examples of Malware

• One example would be a virus that has a
  backdoor installed. This means that someone at
  a remote location has total control of your
  computer. That person can modify or add files to
  your computer, install programs, add user
  accounts, or even delete all of your files!
• Another example is a keylogger, which records
  every stroke you enter into your keyboard. The
  keylogger may record a wealth of information
  credit card information, passwords, chat room
  transcripts, private e-mail messages, etc

21
Scared Yet? Protect Your Privacy!

• Install software to detect and remove spyware,
  adware, and malware
• Adaware
• http//www.lavasoftusa.com/software/adaware/
• Spybot SD
• http//www.safer-networking.org/index.php?pagedow
  nload

22
Install an Anti-virus Product

• Penn State has purchased a site license for
  Symantecs Norton Antivirus Corporate Edition
• Consulting and Support Services (CSS) provides
  user support for product
• Norton AV Corporate Edition can be downloaded at
  https//downloadsym.cac.psu.edu (note its 33MB)
• The PAC-ITS CD-ROM with Norton AV is available at
  the ITS Helpdesks and at all ResCom locations.

23
Keep Your Anti-virus Program Up to Date

• Update virus definitions weekly, or more often if
  you hear of a new virus
• Set virus protection to automatically download
  virus definition updates if possible.
• Perform a full virus scan of your hard drive(s)
  at least monthly (if not more often)

24
Install a Personal Firewall

• A personal firewall is a software-based filter
  between your computer and the outside world that
  is installed on your computer to protect it from
  unauthorized access by other external users.
• Personal firewalls are configurable to specify
  which incoming and outgoing programs, ports, and
  IP addresses can be accessed.
• Recommended personal firewalls that are free for
  personal use
• Zonealarm
• http//www.zonealarm.com
• Tiny Personal Firewall
• http//www.tinysoftware.com

25
Inexpensive Routers with Built-In Firewalls

• A firmware or hardware based firewall is a
  separate device that physically sits between your
  computer and internet connection.
• This type of firewall is generally more secure
  than a personal firewall and saves processing
  time on the computer that the personal firewall
  would otherwise be using.
• Router-based firewalls can range in price from
  relatively inexpensive (60) to thousands of
  dollars.
• This type of firewall device is highly
  recommended for home use and can protect many
  types of connections including dialup modem,
  cable modem, DSL, etc.

26
Two Inexpensive Router-based Firewalls

• (Recommended by Skip Knoble hdk at psu dot edu).
  Thank you Skip!
• Linksys Cable/DSL Router at Micro Warehouse (60)
• http//www2.warehouse.com/product.asp?pf_idDEB27
  30blindviewcatpcThis is for Cable/DSL and
  quite usable for home use (1 to 4 ports).
• SMC 7004ABR (80)
• http//www.smc.com/index.cfm?actionproducts_show
  _descriptionproductCodeSMC7004ABR from
  http//www2.warehouse.com/product.asp?pf5FidDEB3
  144catpcblindThis is for Cable/DSL and also
  has an RS-232 port (for Internet connection via
  modem).

27
Use a VPN to Connect to PSU Resources

• A Virtual Private Network (VPN) is an encrypted
  tunnel between your computer and a remote
  machine.
• There are several benefits to using a VPN,
  including encryption, authorization, and privacy
  (e.g. data between your home machine and PSU
  cannot be intercepted).
• The PSU VPN service enables your remote computer
  to appear to be a part of the psu.edu domain.

28
Installing the Penn State Anywhere Virtual
Private Network (VPN)

• VPN is provided free of charge to anyone with a
  valid PSU access account.
• A simple download and configuration of the VPN
  client software is required in order to use the
  service.
• See http//aset.psu.edu/vpn/index.html for
  further information

29
Know What Is On Your System

• You should periodically determine what all of
  your running processes are on your computer, and
  if they are valid.
• You can analyze what processes are on your
  Windows system by downloading a tool such as
  TCPView, Fport, Inzider, or Active Ports. They
  can be downloaded from the links at
  http//www.personal.psu.edu/lxm30/windows/utils.ht
  ml
• On a unix system, you can analyze running
  processes by typing the command lsof.

30
Prevent Identity Theft When Making Online
Purchases

• Look for a padlock at the bottom of web pages,
  indicating that the site is secured by encrypting
  data when submitting sensitive information such
  as credit card numbers or a SSN.
• A secure site means that your data is encrypted
  during transmission. Keep in mind that it says
  NOTHING about how secure the data is once it is
  stored on a remote computer.

31
Prevent Identity Theft When Making Online
Purchases

• Purchase from well-known companies (Dont buy
  from mass e-mail solicitation)
• Realize that reputable web sites will never
  e-mail request for any personal information such
  as SSN, password, credit card or bank acct.
  number, etc.

32
Use Good Computer Hygiene

• Think before you click
• Be careful with e-mail attachments call or
  write back to confirm before opening
• Be careful about what web sites you go to.
• Be careful when prompted to download software
• Use good passwords and change them periodically
  for both machine and web sites you visit!
• Dont create non-password protected file shares
• Backup data frequently
• Remove internet access when it is not needed
• Install minimal applications and services

33
To Review.

• There are a lot of simple steps you can take to
  keep your computer secure and free of intruders.
  These include
• Using good passwords
• Patching your computer
• Installing anti-virus, anti-spyware, and firewall
  products
• Using a VPN to encrypt network traffic to Penn
  State
• Knowing what is running on your computer and
  turning off unnecessary software
• Using good internet hygiene and purchasing habits
• Remember, it is a lot easier to be proactive than
  to attempt to clean up later.

34
Personal Computer Security Checklist

• A step-by-step checklist, written by a computer
  security expert, for securing your personal
  computer can be found at
• http//securityfocus.com/columnists/220
• We encourage that you reference the above
  checklist, as well as follow recommended steps in
  this presentation.

35
For Review, and Access to the URLs in This
Presentation, Please Visit

• http//sos.its.psu.edu
• Look in the left column, under The ITS Event
• For Securing Your Home Computer

36
Questions?