Home Computer Security and Privacy: Part One - PowerPoint PPT Presentation

Loading...

PPT – Home Computer Security and Privacy: Part One PowerPoint presentation | free to download - id: 533705-NWVhN



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

Home Computer Security and Privacy: Part One

Description:

Home Computer Security and Privacy: Part One a presentation by Patrick Douglas Crispen Faculty Development Center California State University, Fullerton – PowerPoint PPT presentation

Number of Views:133
Avg rating:3.0/5.0
Slides: 93
Provided by: PatrickDo
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Home Computer Security and Privacy: Part One


1
Home Computer Security and Privacy Part One
  • a presentation by Patrick Douglas Crispen
  • Faculty Development Center
  • California State University, Fullerton

2
Richards Law of Computer Security
  • Don't buy a computer.
  • If you do buy a computer, don't turn it on.
    Source http//virusbusters.itcs.umich.edu/um-reso
    urces/vb-interview.html
  • Clever, but false. The social engineer will
    talk someone into turning that computer on.
    Source Mitnick, p. 7

3
Truths about computer security
  • EVERY home computer and every operating system is
    vulnerable to attack.
  • In the early days of home computing, solitary
    equaled safe except from floppy viruses.
  • But the internet is a dark force multiplier.
  • When you connect your home computer to the
    internet, the internet connects to your home
    computer.

4
Tick tock
  • Once online, your computer is vulnerable to
    attack from viruses, worms, and even criminals.
  • How long do you have between connection and
    attack?
  • On average, 20 minutes.
  • And if you have a cable or DSL connection, you
    have less time than that.

Source http//isc.sans.org/survivalhistory.php
5
How long do I have, doc?
Source http//isc.sans.org/survivalhistory.php
6
Why me?
  • Why is your home computer attacked?
  • It is specifically targeted HIGHLY unlikely.
  • It is a target of opportunity using a known
    exploit.

7
Common types of home computer security breaches
  • Viruses, worms, and Trojan horses
  • Zombieing
  • Code exploits
  • Malware adware and spyware
  • Man in the middle
  • Combination attacks

8
Impact of home computer security breaches
  • Loss or compromise of your data
  • Identity theft
  • Loss of income
  • Legal consequences
  • Gloom, despair, and agony on me
  • Deep dark depression, excessive misery

9
Scared yet?
  • The internet can be a dangerous place for both
    computers and users.
  • Fortunately, there are some simple ways to
    protect both your computer and yourself.
  • Protection Prevention Detection Response

10
Prevention is the mother of safety
  • This workshop is about the first part of that
    equation Prevention.
  • We could spend weeks talking about detection and
    response.
  • In fact, your local college has semester-long
    courses on that very topic.
  • For home computer users, intrusion detection and
    response are just WAY too much work.
  • But prevention is a relative snap.

11
Our goals
  • Demonstrate why you need a firewall
  • Show you how to deal with computer exploits
  • Do all of this in ENGLISH!

12
Coming soon to a theatre near you
  • In part two of this workshop coming soon, we
  • Show you why an updated antivirus program is a
    necessity.
  • Talk about how to kill spyware and other malware.
  • Find out how to block pop-up ads.
  • Learn how to protect your privacy online.

13
Short attention span summary
  • To protect against worms and exploits which is
    what were going to spend this entire
    presentation talking about,
  • Use both a hardware and a software firewall.
  • Run Windows Update/Apple Software Update at least
    weekly.
  • Patch all of your software frequently.

14
Short attention span summary
  • To protect against viruses, worms, and Trojan
    Horses which well talk about in part two
  • Install the latest antivirus software.
  • Update your virus definitions several times a
    week.
  • Never double-click on files attached to email
    messages.
  • Turn off Windows file sharing.
  • GET RID OF YOUR FILE SHARING PROGRAM!

15
Short attention span summary
  • To protect against malware which well also talk
    about in in part two
  • Use a good anti-spyware program regularly.
  • Think about ditching Internet Explorer.
  • To protect your privacy also in part two
  • Disguise your data.
  • Encrypt your data and communications.
  • Erase your tracks.
  • Watch out for social engineering attacks.

16
Part One Firewalls
  • What they are and why you absolutely need one
    well, actually, two before you even THINK about
    connecting your computer to the internet.

17
Mmm worms and crackers.
  • Connect to the internet and two things will
    quickly target and attack your computer Worms
    and crackers.
  • Worms are a type of computer virus that, using
    automatic file sending and receiving features
    built into most computers, tries to infect other
    computers including yours over a network.
  • Many worms include backdoors that give crackers a
    way to easily break into your computer at a later
    date.
  • And if the worms dont get you, the crackers will.

18
The cracker shibboleth
  • People who know nothing about computers use the
    word hacker as a pejorative to describe a
    person who uses his skill with computers to try
    to gain unauthorized access to computer files or
    networks. Source Oxford English Dictionary
  • Cute, but wrong.
  • Inside the computing world, however, the term
    hacker is highly complimentary, respectfully used
    to describe a person with an enthusiasm for
    programming or using computers as an end in
    itself. Source Oxford English Dictionary

19
Hackers v. crackers
  • In the computer world
  • A "hacker" is a brilliant and respected computer
    programmer or technical expert.
  • A "cracker" is someone who tries to break into
    your computer or files without your knowledge
    and/or permission.
  • A large portion of the cracker community is made
    up of script kiddies, people who
  • Use security-breaking scripts and programs
    developed by others.
  • In general do not have the ability to these
    scripts and programs on their own. Source
    Wikipedia

20
How crackers find you
  • How do worms and crackers find your computer in
    the first place?
  • Worms automatically/randomly search the internet
    looking for every unprotected computer they can
    find.
  • Every semi-competent cracker and script kiddie
    has software that
  • Scans thousands of internet connections looking
    for Windows file and printer shares.
  • Scans for known vulnerabilities, holes, and
    unsecured services in Windows, Mac OS, Linux,
    Apache, VM-CMS, etc.
  • Exploits those known vulnerabilities.
  • Cracks Windows passwords.
  • And so on.

21
Two types of attacks
  • Most home computer attacks/intrusions are either
  • Coordinated Your computer is specifically
    targeted by a skilled cracker.
  • Opportunistic A worm or cracker finds your
    computer during a random scan of thousands of
    other computers.
  • Unless someone is after you, you dont have to
    worry about coordinated attacks.
  • For home computer users, theyre few and far
    between.
  • Besides, you cant really stop a coordinated
    attack. You can only delay it.

22
Protecting your computer
  • To protect your computer from opportunistic
    attacksbesides being vigilant with patch
    managementhide your computer from the
    internet.
  • If the worms and crackers cant see your
    computer, they hopefully wont attack you.
  • How do you hide your computer? Use a firewall.

23
What is a firewall?
  • A firewall is either hardware or software that
    stands between your computer or home network
    and its internet connection and provides access
    controlit determines what can and cannot pass.
  • Its just like the firewall in your car.
  • Your cars firewall keeps the bad stuff from your
    engine like heat and exhaust out of your
    passenger cabin.
  • But it isnt impervious. It has holes in it to
    let the good stuff like the steering column and
    the brakes through.

24
What is a firewall?
  • A good firewall, like your cars firewall, keeps
    the bad stuff out and lets the good stuff
    through.
  • How? Well most consumer firewallsthe hardware
    firewalls well, actually theyre routers you
    can buy at Wal-Mart or Target or the software
    firewalls you can downloadoffer a combination of
  • Computer stealththey hide your computer from the
    worms and crackers scans.
  • Intrusion blockingthey make it harder but not
    impossible for worms and crackers to break in.

25
IP addresses
  • When you connect your home computer to the
    internet, the internet connects to your computer.
  • Every computer connected to the internet has its
    own, unique internet address like 137.151.128.96
    or 130.160.4.4
  • Your ISP automatically assigns the internet
    address to your computer from a pool of addresses
    the ISP maintains.
  • When you disconnect or at some regular interval
    with cable modem and DSL connections, that
    address goes back into the ISPs pool of
    addresses and is given to someone else.

26
If a cracker knows your internet address, he can
probe your computer for vulnerabilities.
27
NAT
  • Hardware firewalls use something called Network
    Address Translation or NAT to hide your
    computer from the worms and crackers.
  • You physically connect your home computers to
    the firewall and connect the firewall to the
    internet.
  • The firewallnot your home computerconnects to
    the internet and is assigned a publicly-visible
    internet address by your ISP.

28
Hiding behind a wall of fire
  • Your firewall automatically assigns your
    computer a private internet addresses.
  • Only your firewall knows what your computers
    private address is.
  • The private address is not visible to anyone on
    the Internet nor is it directly accessible from
    the internet.
  • Since the worms and crackers cant see your
    computers address, it is harder for the worms
    and crackers to scan your computer for
    vulnerabilities.
  • So, hopefully, the worms and crackers move on to
    someone elses computer.

29
Communicating with the Internet
  • Your firewall becomes your computers
    intermediary on the internet. All traffic must
    go through it.
  • When you request something from the internet, the
    firewall pretends that it made the request, not
    your computer.

30
Keeping worms and crackers out
  • Since the internet never even sees your computer,
    theres nothing for the worms or crackers to
    probe or attack other than your firewall.
  • And your firewall is just a dumb box.

31
Stateful packet inspection
  • In addition to using NAT to hide your computer,
    a firewall also uses stateful packet inspection
    or SPI to block intruders.
  • It only allows connections that you originate.
  • All other connections are automatically blocked
    at the firewall.

32
Why firewalls ROCK!
  • IF YOU DONT HAVE A FIREWALL, YOUR COMPUTER WILL
    BE ATTACKED AND/OR COMPROMISED USUALLY WITHIN
    20 MINUTES OF YOUR CONNECTING TO THE INTERNET.
  • Firewalls protect your home computer from worms
    and crackers through a combination of
  • Computer stealth using NAT.
  • Intrusion blocking using stateful packet
    inspection.
  • Gosh, is there anything firewalls cant do?

33
What a firewall cant do
  • Well, actually, a consumer firewall cant
  • Fix operating system or software vulnerabilities
  • A firewall may block some exploits coming in from
    the internet, but the vulnerabilities will still
    be there
  • Thats why patch management is so important
  • Protect your computer from viruses
  • A firewall may block internet worms, but it wont
    block viruses attached to emails, hidden in files
    you download from the internet or Kazaa, etc.
  • Virus protection is a job for your antivirus
    program, not a firewall.

34
Theres more
  • A consumer firewall also cant
  • Protect your computer from spyware.
  • Block pop-up ads.
  • Block spam.
  • Completely keep crackers out.
  • Protect you from doing stupid stuff to your
    computer.

35
But, if you are looking for simple computer
stealth and basic intrusion blockingand trust
me, you areyou need a firewall.
36
Dont I already have a firewall?
  • How can you tell if you have a firewall and/or if
    it is working properly?
  • Go to grc.com and run Shields Up.
  • This is a free, online tool from security guru
    Steve Gibson.
  • Shields Up checks file sharing, common ports, all
    service ports, messenger spam, and browser
    headers.
  • If Shields Up can see you, so can the crackers.
  • You either dont have a firewall or it isnt
    configured properly.

37
Which one?
  • Should you get a hardware firewall or a software
    firewall?
  • Yes.
  • If you have a cable modem, satellite, or DSL
    connection, you need both a hardware firewall and
    a software firewall.
  • If you have a dial-up connection, you only need a
    software firewall.

38
Why both?
  • Hardware firewalls have an Achilles heel they
    for the most part assume that ALL internet
    traffic originating from your computer is safe.
  • But, if you accidentally double-click on a
    virus-infected file,
  • Your computer will be infected with that virus.
    Remember, hardware firewalls cant protect you
    from either viruses or doing stupid stuff.
  • That virus is more than likely going to try to
    use your computer and your internet connection to
    infect other computers.

39
With their tanks, and their bombs, and their
bombs, and their guns
  • So your computer is now a virus-spewing zombie.
  • BUT, remember, your hardware firewall still
    trusts your computer.
  • Your computer is flooding the internet with
    thousands of viruses, worms, or spams, and your
    hardware firewall doesnt notice, care, or even
    bother to tell you.

40
How software firewalls work
  • Software firewalls actually, personal software
    firewalls
  • Constantly run in the background.
  • Block bad stuff from the internet the stuff that
    somehow magically makes it past the hardware
    firewall.
  • Warn you when a program on your computer tries to
    access the internet.
  • You decide whether or not that program will be
    allowed to access the internet.

41
So in our zombie example, the software
firewallNOT the hardware firewallwould catch
the flood of viruses before they even left your
computer.
42
In the simplest grossly oversimplified terms
  • Hardware firewalls protect your computer from the
    internet.
  • Software firewalls
  • Are a second layer of defense behind your
    hardware firewall.
  • Protect both your computer from the internet AND
    the internet from your computer.
  • Warn you when something fishy is happening on
    your computer.
  • So now can you see why I recommend running both a
    hardware AND a software firewall?

43
Hardware firewalls
  • Now for the bad news Hardware firewallsstand-alo
    ne boxes that do nothing but block intrudersare
    both complicated and expensive.
  • Ciscos cheapest firewall the PIX 501 is
    approximately US400 Source pricewatch.com
  • But two important features of hardware
    firewallsNAT and SPIare built into most
    hardware routers which are a LOT cheaper.
  • Linksys Instant Broadband EtherFast Cable/DSL
    Firewall Router with 4-Port Switch/VPN Endpoint
    BEFSX41 is approximately US70 Source
    pricewatch.com

44
Over the router and through the woods
  • My suggestion?
  • Before you connect your computer to the Internet,
    go to your nearest technology store or big box
    retailer.
  • Buy a cable/DSL router from Linksys my
    favorite, D-Link, Netgear, Belkin, or SMC for
    US50-75.

Image courtesy Linksys.com
45
uadmin padmin?
  • Read the instructions that come with your router
    and CHANGE YOUR ROUTERS DEFAULT ADMIN USERID AND
    PASSWORD!
  • Crackers know the default administrators userid
    and password for every router and firewall and
    server and operating system and... ever made.
  • Check out http//www.phenoelit.de/dpl/dpl.html if
    you dont believe me.

46
Software firewalls
  • Now that I spent US50 of your hard-earned money
    on a router, let me save you some money.
  • The four best software firewalls in my humble
    opinion are absolutely free.
  • ZoneAlarm http//www.zonelabs.com/
  • Sygate Personal Firewall http//smb.sygate.com/pr
    oducts/spf_standard.htm
  • Windows XP Service Pack 2 Internet Connection
    Firewall built into Windows XP SP2 but NOT into
    previous versions of XP
  • Mac OS X Firewall built into Mac OS X

47
Training your firewall
  • You need to train the free version of ZoneAlarm
    and other software firewalls.
  • By default, ZoneAlarm blocks everything on your
    computer from accessing the internet.
  • You have to manually tell ZoneAlarm which
    programs to let through.
  • Fortunately, this is really simple to do Just
    check out http//www.tinyurl.com/27wcz for
    instructions on how to install and train
    ZoneAlarm.

48
XP Firewall
  • Windows XP comes with its own firewall, so we XP
    users can breathe easy, right?
  • WRONG!
  • If you have Windows XP Home or Professional, your
    built-in software firewall is both horrible and
    most likely disabled.

49
XP Firewall
  • BUT, if you download and install Windows XP
    service pack 2 from Windows Update, your new
    built-in software firewall is both good and ON!
  • Oh, and Windows 95, 98, 98SE, ME, 2000 do NOT
    come with a built-in software firewall.
  • You need to download ZoneAlarm or Sygate Personal
    Firewall.

50
To turn on XPs built-in firewall
  • Go to Start gt Control Panel
  • Click on Network and Internet Connections or
    double-click on Network Connections.
  • Right-click on your local area network and choose
    Properties.
  • Click on the Advanced tab.
  • Check Protect my computer and network by limiting
    or preventing access to this computer from the
    Internet.
  • Click on OK.

51
To turn on OS-Xs built-in firewall
  • Go to Apple menu gt System Preferences.
  • In Internet Network, click on the Sharing
    folder icon.
  • Click on the Firewall tab.
  • Uncheck any of the services you dont understand
    or want to run all the time.
  • Then click on the Start button.

52
Remember
  • If you have a cable modem, DSL, or satellite
    connection, you need both a hardware firewall in
    the form of a router and a software firewall.
  • If you have a dial-up connection, you only need a
    software firewall.

53
Done?
  • Once youve installed a hardware and/or software
    firewall youre in the clear, right?
  • Not exactly. Youre SIGNIFICANTLY better
    protected from exploits and network intrusions
    than most people, but theres still more you need
    to do.

54
Part Two Exploits
  • What they are, where they come from, and how to
    manage them

55
What is an exploit?
  • Until machines start taking over for humans,
    software bugs and glitches caused by simple human
    error will be the norm.
  • Windows XP contains over 40 million lines of
    source code. Source Wikipedia
  • Could YOU write that many lines of code and not
    make a mistake?
  • An exploit is a program or technique used by a
    cracker to take advantage of software bugs or
    glitches in order to circumvent your computers
    security, often without your knowledge.

56
Mmm freedom bread.
  • A firewalled computer is a little like a loaf of
    French bread crunchy on the outside and chewy on
    the inside.
  • Firewalls protect your computer from worms and
    crackers, but not from all exploits.
  • And EVERY operating system is vulnerable to
    exploits.

57
Some questionable stats from Secunia
  • XP Professional
  • 46 security advisories issued in 2003-2004
  • 48 involved some sort of remote online attack.
  • 46 involved granting system access to a cracker.
  • Mac OS X
  • 36 security advisories issued in 2003-2004
  • 61 involved some sort of remote attack.
  • 32 involved granting system access to a cracker.

Source Secunia as posted in http//slashdot.org
/comments.pl?sid113493cid9613964
58
XP v. Mac OS X
  • So Windows is safer, and Mac OS X is less safe,
    than most people imagined, right?
  • Not exactly.
  • This is kind of like trying to scientifically
    measure which parent loves you more.

59
Why you should question Secunias and everyone
elses numbers
  • Different suppliers report vulnerabilities
    differently.
  • A system which includes more software may have
    more advisories, even though most advisories do
    not affect most computers running that system.
  • Unpatched vulnerabilities may go for months
    without the release of an official advisory.

Source http//slashdot.org/comments.pl?sid113493
cid9613823
60
Why you should question Secunias and everyone
elses numbers
  • Systems which have better default system-wide
    security settings (e.g. packet filtering,
    services turned off by default) may have all
    kinds of "vulnerabilities" that can't actually be
    exploited.
  • Leaving it up to the supplier to decide if
    something is a "vulnerability" or a "feature"
    leads to underreporting.
  • Some of the most common attackssuch as
    virusesrely on social engineering, and on
    "features" that are not classed as
    "vulnerabilities".

Source http//slashdot.org/comments.pl?sid113493
cid9613823
61
The truth of the matter
  • Computer security isnt just a PC- or Mac-only
    problem.
  • EVERY operating system and EVERY software
    application has vulnerabilities, especially
    online.
  • Crackers can use these vulnerabilities to
  • Read or even delete every file on your computer
  • Infect your computer with a virus
  • Use your computer to attack another computer or
  • Do a whole bunch of other nasty things.

62
But there are some simple ways to keep the
crackers especially the script kiddies at bay.
63
Signs your computer MAY have been exploited
  • Spontaneous reboots
  • Failed services, virus scanner disabled
  • Sluggish behavior, poor performance, slow logins
  • Excessive disk or network activity (HD LED,
    Switch LED)
  • Unknown user accounts
  • Application and service errors
  • Low disk space
  • Subpoenas and search warrants
  • Your computer insists on playing global
    thermonuclear war.

Source Alex Keller, SFSU
64
Symptoms v. the disease
  • Just because your computer has one or more of
    these symptoms doesnt necessarily mean it has
    been exploited, though.
  • Examples
  • Your computer suddenly reboots during a
    thunderstorm.
  • Your network activity light goes supernova while
    you are illegally downloading the latest DiVX
    movie.
  • Your computer becomes sentient after you spill a
    Pepsi on the keyboard.

65
Call my attorney! Ive been EXPLOITED!
  • But if computer has been exploited, you need to
  • Stop cussing.
  • Immediately disconnect your computer from the
    internet.
  • Identify the exploit.
  • Close the hole.
  • Fix the damage.

66
I feel so dirty.
  • To identify the exploit
  • Reconnect to the internet, update your antivirus
    definitions, disconnect, and scan your entire
    hard drive.
  • Reconnect to the internet, update your
    antispyware definitions, disconnect, and scan
    your entire hard drive.
  • Write down the symptoms reconnect to the
    internet search Google, Symantec, or the
    Microsoft Knowledge Base disconnect.
  • To close the hole, download and apply the
    appropriate patch from the manufacturers web
    site.

67
Repairing the damage
  • Repairing the damage from an exploit could be as
    simple as deleting or replacing corrupt data or
    as complicated as a deep-level format of your
    hard drive.
  • The repair path depends on the exploit.
  • This may be a job for a professional repair
    technician.
  • The BEST way to repair the damage caused by an
    exploit is to close the holes before they are
    exploited.

68
Closing the holes
  • When a vulnerability is found, operating system
    and software manufacturers eventually/hopefully
    release something called a patch.
  • A patch is simply a software update meant to fix
    problems, bugs, or the usability of a previous
    version of an application. Source Wikipedia
  • Download and install the patch and your computer
    is hopefully no longer susceptible to that
    particular vulnerability.

69
Why are patches so important?
  • When a new patch is released, an unintended
    consequence is that the bulletin announcing the
    patch also announces the vulnerability to
    crackers.
  • Crackers count on the fact that you wont get the
    patchyour computer will continue to be
    vulnerable.
  • And the time between bulletin and exploit is
    shrinking.

70
MS02-039
MS Security Bulletin MS02-039 Buffer Overruns in SQL Server 2000 Resolution Service Could Enable Code Execution (Q323875)
Originally Posted July 24, 2002
Exploit W32.SQLExp.Worm a.k.a., SQL Slammer Worm
Exploit Discovered by Symantec on January 24, 2003
Elapsed Time from Bulletin to Exploit 184 days
71
MS04-011
MS Security Bulletin MS04-011 Security Update for Microsoft Windows (835732)
Originally Posted April 13, 2004
Exploit W32.Sasser.Worm
Exploit Discovered by Symantec on April 30, 2004
Elapsed Time from Bulletin to Exploit 17 days
72
Patch or DIE!
  • Notice a trend?
  • Can you see why patch management is so important?
  • The time between bulletin and exploit is
    shrinking!

73
She watch, she watch, she watch channel ZERO!
  • In fact, zero-day exploitsexploits that take
    advantage of unknown operating system or software
    application vulnerabilitiesalready exist and
    more are coming.
  • Crackers keep these zero-day exploits to
    themselves, using them to gain access or escalate
    privileges on a small number of target systems.
  • No one has released a Blaster- or Sasser-like
    zero-day exploit into the wildyet.

74
You cant completely protect your computer from
every exploit, but you can keep the exploits at
bay by practicing simple patch management.
75
Patch management
  • Where do you start?
  • Make a simple, estimated time sheet showing the
    programs you use each week and how much time you
    use each program.
  • List EVERYTHING!
  • Email client(s)
  • Web browsers
  • Word processors
  • Chat programs
  • Media players
  • Games

76
Patch management
  • Dont forget to include your operating system and
    antivirus which hopefully are always running.
  • Add those to the top of your list
  • Sort your list by hours of use
  • Thats your patch list, in order.

77
How I use my home computer
Program Estimated Hours Per Week I Use That Program
Microsoft Windows XP Pro SP 1 45 Hours
Norton Antivirus 2004 45 Hours
Eudora Pro 6.1 30 Hours
Microsoft Internet Explorer 6 SP 1 25 Hours
Microsoft Word 2003 15 Hours
Microsoft PowerPoint 2003 10 Hours
Trillian 0.74 10 Hours
Macromedia Dreamweaver MX 2004 10 Hours
Mozilla Firebadger 0.9 5 Hours

78
My patch list
  • So my patch list, in order, would be
  • Microsoft Windows XP SP 1
  • Norton Antivirus 2004
  • Eudora Pro 6.1
  • Microsoft Internet Explorer 6 SP1

79
How to patch Windows
  • When Microsoft finds a security hole in Windows
    or Internet Explorer, they usually/eventually
    release a patch called a Critical Update.
  • In Internet Explorer, go to Tools gt Windows
    Update.
  • Click on Scan for updates.

80
How to patch Windows
  • Download and install only the Critical Updates
    and Service packs.
  • Ignore the other updates.
  • Keep running Windows Update until it tells you to
    go away.
  • To see a complete catalog of all Microsoft
    Critical Updates for Windows 9X and NT, go to
    http//v4.windowsupdate.microsoft.com/catalog

81
The NEW Windows Update
  • There are now two Windows Updates
  • Version 4 for Windows 95, 98, 98SE, ME, and NT
  • Version 5 for Windows XP and 2000
  • When you run Windows Update, Microsoft sniffs
    your computer and automatically redirects you to
    the correct version.

82
Mambo Number 5
  • When you run Windows Update v.5 on XP or 2000 for
    the first time, choose Express Install.
  • This only gives you the critical updates and
    security updates.
  • By default, Automatic Updates are turned on.

83
How to patch the Apple OS
  • Apple menu gt Software Update
  • To get updates immediately
  • Choose System Preferences from the Apple menu.
  • Choose Software Update from the View menu.
  • Click Update Now.
  • In the Software Update window, select the items
    you want to install, then click Install.

Image courtesy Apple.com
84
Manually run Windows Update or Apple Software
Update at least once a week.
  • Your computer should, by default, automatically
    check for updates. Thats cool, but also run the
    update manually just to be safe.

85
To patch Microsoft Office
  • In Windows XP or 2000, just run the new Windows
    Update.
  • In older versions of Windows, go to
    officeupdate.microsoft.com and click on Check
    for Updates
  • Mac users need to go to http//www.microsoft.com/m
    ac/downloads.aspx
  • Have your Office installation disk nearby in case
    the update needs to sniff the disk.

86
Patching other programs through Check for
Updates
  • Open the program you want to patch and, under the
    Help menu, look for Check for Updates,
    Updates, Check for Upgrade, or something
    similar.
  • This will either
  • Automatically check for and install any software
    patches you are missing
  • Take you to a web site where you can download the
    necessary patches.

87
Manually patching your software
  • If the Help menu doesnt have a built-in update
    feature, choose About the name of the program
    in the Help menu and write down the exact version
    number of the program.
  • Usually its an integer and a combination of
    decimals like 7.0.1
  • Go to the software manufacturers web site and
    look for Downloads, Upgrades, Support, or
    something similar.

88
Manually patching your software
  • Compare your softwares version number to the
    version number available online.
  • If the decimals of the online version number are
    larger than yours, download and install the
    appropriate patch.
  • If the integer is larger, youll need to buy a
    new version of the program.

89
Done?
  • Once youve installed a hardware and/or software
    firewall and regularly patched your operating
    system and programs youre in the clear, right?
  • Not exactly. Youre certainly better protected
    from exploits than most people, but theres still
    more you need to do.

90
Coming soon to a theatre near you
  • In part two of this workshop coming soon, we
  • Show you why an updated antivirus program is a
    necessity.
  • Talk about how to kill spyware and other malware.
  • Find out how to block pop-up ads.
  • Learn how to protect your privacy online.

91
Our goals
  • Demonstrate why you need a firewall
  • Show you how to deal with computer exploits
  • Do all of this in ENGLISH!

92
Home Computer Security and Privacy Part One
  • a presentation by Patrick Douglas Crispen
  • California State University, Fullerton
  • Faculty Development Center
About PowerShow.com