Title: The ITS Event 2004 Viruses, Worms, and Hackers: Protect Your Personal Computer
1The ITS Event 2004Viruses, Worms, and Hackers
Protect Your Personal Computer
- Laurie Walters
- lwalters_at_psu.edu
- Security Operations and Services
- ITS_at_PennState
2Presentation Available At
- http//sos.its.psu.edu
- Look in the left column, under The ITS Event
- For Securing Your Home Computer
3Just Minutes to the Internet
- The iMac is the quickest way to get on the
Internet. Its so easy to set up and use, youll
be online and surfing the web in minutes - -http//www.apple.com/imac/
4The Problem.
- There is a tradeoff between ease of use and
security for computers - To sell more products, companies have to make
computers easy to use. - However, todays powerful computers plugged into
the internet shouldnt be treated like any other
new household appliance.
5The Even Greater Problem
- The Internet is being scanned constantly by
self-replicating worms and deliberate attacks. - Hackers want to exploit computers with lax
security to take advantage of hard drive space
and relatively fast connections.
6Common Security Problems for Home Machines
- May include
- privacy invasions
- backdoor/trojan infections where an unauthorized
person remotely has complete control of your
computer. - virus and worm infections,
- spyware
- warez (file-trading) servers installed,
- your computer is used to attack other computers
- destruction of files (data, operating system,
etc)
7Am I at Risk at home? Why?
- Cable modems / DSL have a fast, always on
connection that hackers can return to again and
again. This atmosphere also provides a good
breeding ground for self-replicating worms. - Camping out on a PSU modem keeping the same IP
address allows hackers to scan your system and
return at a later date to infect it. - Short dial up modem sessions Occasionally,
security incidents occur on dial-up machines with
both worms and hacking incidents.
8How to Make Your Home Machine As Secure As at Work
- Make sure your computer has good passwords
- Patch your machine regularly
- Install an anti-spyware product
- Use an anti-virus product and update it regularly
- Use a router-based firewall or install a personal
firewall - Use a VPN to connect to PSU resources
- Know what is running on your system
- Use good internet hygiene
9Make Sure Your Machine Has Good Passwords
- Most operating systems require a password to
protect your computer from unauthorized access. - Passwords should not be dictionary words and
should consist of 7 characters of mixed case
including numbers, letters, and symbols. - Some guidelines for selecting and remembering
a strong password can be found at - http//www.alw.nih.gov/Security/Docs/passwd.html
10Operating System Password Requirements
- Windows
- Passwords required for Windows XP Pro and Home
versions, Windows 2000, and Windows NT. - Note With Windows XP Home edition you may have
to boot into Safe mode to assign an
administrator password - Passwords not necessary for Windows 95, 98, or
ME. - Linux / Unix
- Passwords required for all flavors.
- Macintosh
- Passwords required
11Patch Your Machine Regularly
- Computer software vendors provide regular updates
for their products that can protect against known
security vulnerabilities. These updates are
called patches. - Use automatic updates where possible (e.g.
Windows Update) or download updates from vendors.
Try to download major / critical patches to
removable media such as CD and install them
before putting your computer on the Internet for
the first time. - When you hear of a new major vulnerability or
patch, try to install it as soon as possible.
12Automatic Updates of MS Windows Operating Systems
- All Windows OS patches can be accessed here
- http//v4.windowsupdate.microsoft.com/en/default.a
sp - You can set up your Microsoft operating system to
check for updates automatically - Using Windows 2000 and Windows XP
- Click on the Start button gt Control Panel gt
System - Using Windows 98 and Me
- Click on Start gt Control Panel gt Automatic
Updates
13The Windows ME Control Panel with Automatic
Updates highlighted
14Automatic Updates of MS Windows Operating Systems
- Using Windows 2000
- or XP, select System
- then click on the
- Automatic Updates tab
- Be sure the check box
- near the top is checked,
- then select the radio button
- which suits you.
- Using Windows 98 or Me
- select the Automatic Updates
- icon (this next screen
- will differ slightly)
15Protect Your Machine From Spyware (Adware)
- Spyware software that is installed on a
computer without the users knowledge which
monitors user activity and transmits it to
another computer. - Many spyware programs are set to monitor what web
sites you visit and how long you visit them for,
generally for advertising / marketing purposes
(adware).
16How Would I Get Spyware Installed On My Machine?
- Spyware is usually bundled with other software
such as shareware or freeware programs (e.g.
Peer to Peer file-sharing programs, games, etc).
The disclosure for the spyware is usually in the
fine print of the licensing agreement. Who reads
these anyway? - Another way to get spyware on your machine is by
clicking on a deceptive pop-up message.
17Consequences of Spyware
- Spyware runs in the background, using your
computers system resources and memory to log
what you are doing. This could interfere with
other programs on your computer, and could even
cause your computer to frequently crash or lock
up. - Spyware also uses your internet connection to
send information about your activities to someone
else. This could cause your internet connection
to slow significantly.
18Malware, Viruses, and Worms
- Malware is software which has malicious intent
that is usually installed without the owners
knowledge. Malware may be disguised to look like
benevolent software.
19Malware, Viruses, and Worms
- Viruses are small programs which cause some
unexpected event on a computer and automatically
spread to other computers via e-mail, open file
shares, and programs installed on the computer
(e.g. Kazaa, AOL Instant Messenger, etc). - Worms are self-replicating viruses that are
loaded into computer memory rather than altering
files on the machine. A worms main goal in life
is to spread to as many other machines as
possible.
20Examples of Malware
- One example would be a virus that has a
backdoor installed. This means that someone at
a remote location has total control of your
computer. That person can modify or add files to
your computer, install programs, add user
accounts, or even delete all of your files! - Another example is a keylogger, which records
every stroke you enter into your keyboard. The
keylogger may record a wealth of information
credit card information, passwords, chat room
transcripts, private e-mail messages, etc
21Scared Yet? Protect Your Privacy!
- Install software to detect and remove spyware,
adware, and malware - Adaware
- http//www.lavasoftusa.com/software/adaware/
- Spybot SD
- http//www.safer-networking.org/index.php?pagedow
nload
22Install an Anti-virus Product
- Penn State has purchased a site license for
Symantecs Norton Antivirus Corporate Edition - Consulting and Support Services (CSS) provides
user support for product - Norton AV Corporate Edition can be downloaded at
https//downloadsym.cac.psu.edu (note its 33MB) - The PAC-ITS CD-ROM with Norton AV is available at
the ITS Helpdesks and at all ResCom locations.
23Keep Your Anti-virus Program Up to Date
- Update virus definitions weekly, or more often if
you hear of a new virus - Set virus protection to automatically download
virus definition updates if possible. - Perform a full virus scan of your hard drive(s)
at least monthly (if not more often)
24Install a Personal Firewall
- A personal firewall is a software-based filter
between your computer and the outside world that
is installed on your computer to protect it from
unauthorized access by other external users. - Personal firewalls are configurable to specify
which incoming and outgoing programs, ports, and
IP addresses can be accessed. - Recommended personal firewalls that are free for
personal use - Zonealarm
- http//www.zonealarm.com
- Tiny Personal Firewall
- http//www.tinysoftware.com
25Inexpensive Routers with Built-In Firewalls
- A firmware or hardware based firewall is a
separate device that physically sits between your
computer and internet connection. - This type of firewall is generally more secure
than a personal firewall and saves processing
time on the computer that the personal firewall
would otherwise be using. - Router-based firewalls can range in price from
relatively inexpensive (60) to thousands of
dollars. - This type of firewall device is highly
recommended for home use and can protect many
types of connections including dialup modem,
cable modem, DSL, etc.
26Two Inexpensive Router-based Firewalls
- (Recommended by Skip Knoble hdk at psu dot edu).
Thank you Skip! - Linksys Cable/DSL Router at Micro Warehouse (60)
- http//www2.warehouse.com/product.asp?pf_idDEB27
30blindviewcatpcThis is for Cable/DSL and
quite usable for home use (1 to 4 ports). - SMC 7004ABR (80)
- http//www.smc.com/index.cfm?actionproducts_show
_descriptionproductCodeSMC7004ABR from
http//www2.warehouse.com/product.asp?pf5FidDEB3
144catpcblindThis is for Cable/DSL and also
has an RS-232 port (for Internet connection via
modem).
27Use a VPN to Connect to PSU Resources
- A Virtual Private Network (VPN) is an encrypted
tunnel between your computer and a remote
machine. - There are several benefits to using a VPN,
including encryption, authorization, and privacy
(e.g. data between your home machine and PSU
cannot be intercepted). - The PSU VPN service enables your remote computer
to appear to be a part of the psu.edu domain.
28Installing the Penn State Anywhere Virtual
Private Network (VPN)
- VPN is provided free of charge to anyone with a
valid PSU access account. - A simple download and configuration of the VPN
client software is required in order to use the
service. - See http//aset.psu.edu/vpn/index.html for
further information
29Know What Is On Your System
- You should periodically determine what all of
your running processes are on your computer, and
if they are valid. - You can analyze what processes are on your
Windows system by downloading a tool such as
TCPView, Fport, Inzider, or Active Ports. They
can be downloaded from the links at
http//www.personal.psu.edu/lxm30/windows/utils.ht
ml - On a unix system, you can analyze running
processes by typing the command lsof.
30Prevent Identity Theft When Making Online
Purchases
- Look for a padlock at the bottom of web pages,
indicating that the site is secured by encrypting
data when submitting sensitive information such
as credit card numbers or a SSN. - A secure site means that your data is encrypted
during transmission. Keep in mind that it says
NOTHING about how secure the data is once it is
stored on a remote computer.
31Prevent Identity Theft When Making Online
Purchases
- Purchase from well-known companies (Dont buy
from mass e-mail solicitation) - Realize that reputable web sites will never
e-mail request for any personal information such
as SSN, password, credit card or bank acct.
number, etc.
32Use Good Computer Hygiene
- Think before you click
- Be careful with e-mail attachments call or
write back to confirm before opening - Be careful about what web sites you go to.
- Be careful when prompted to download software
- Use good passwords and change them periodically
for both machine and web sites you visit! - Dont create non-password protected file shares
- Backup data frequently
- Remove internet access when it is not needed
- Install minimal applications and services
33To Review.
- There are a lot of simple steps you can take to
keep your computer secure and free of intruders.
These include - Using good passwords
- Patching your computer
- Installing anti-virus, anti-spyware, and firewall
products - Using a VPN to encrypt network traffic to Penn
State - Knowing what is running on your computer and
turning off unnecessary software - Using good internet hygiene and purchasing habits
- Remember, it is a lot easier to be proactive than
to attempt to clean up later.
34Personal Computer Security Checklist
- A step-by-step checklist, written by a computer
security expert, for securing your personal
computer can be found at -
- http//securityfocus.com/columnists/220
- We encourage that you reference the above
checklist, as well as follow recommended steps in
this presentation.
35For Review, and Access to the URLs in This
Presentation, Please Visit
- http//sos.its.psu.edu
- Look in the left column, under The ITS Event
- For Securing Your Home Computer
36Questions?