How to stay safe on the Internet

advertisement
How to stay safe on the
Internet
Jaqui Lynch
Email – jaqui@circle4.com
January 2008
http://www.circle4.com/papers/awc-jan08.pdf
1
Agenda
• Computers
– Computer protection
– Personal protection
– Privacy
•
•
•
•
General Survival
Networking
Wireless
Questions
2
Computers
•
Windows
– Keep it patched
• windowsupdate.microsoft.com
– Run Antivirus and keep it up to date
– Get a bidirectional software firewall
– Ensure you are on at least Windows XP and it is up-to-date
• Linux is even better but I am biased!
–
–
–
–
Cleanse regularly
Upgrade software apps to latest versions
Turn off file sharing unless you know how to secure it
Try an alternate browser – 75% target IE
• Firefox
– Risks
•
•
•
•
•
Viruses
Cookies
Security holes
Javascript
Scrap files (.shs ….)
3
Cleansing
• Check out the following:
– http://www.webroot.com
• Spysweeper
• Window washer
– Create a hosts file
• http://www.mvps.org/winhelp2002/hosts.txt
• This file redirects adware to 127.0.0.1
– Secure your Internet Explorer
– Turn off javascript in your emails
– Use a different email client to Outlook
• Podcasts
– Check out “Security Now” on iTunes
4
Sample hosts file
There is no place like 127.0.0.1
This file lives in:
Windows XP = C:\WINDOWS\SYSTEM32\DRIVERS\ETC
Windows 2K = C:\WINNT\SYSTEM32\DRIVERS\ETC
Win 98/ME = C:\WINDOWS
The file is called hosts
127.0.0.1 localhost
#start of lines added by WinHelp2002
# [Misc A - Z]
127.0.0.1 phpadsnew.abac.com
127.0.0.1 a.abnad.net
127.0.0.1 b.abnad.net
127.0.0.1 c.abnad.net #[IE-SpyAd]
127.0.0.1 d.abnad.net
127.0.0.1 e.abnad.net
127.0.0.1 www.accoona.cn
and so on
5
Other cool software
• http://spywarewarrior.com/asw-test-guide.htm
– Above is an independent review site on Anti-spyware
• Spywareblaster
– http://www.javacoolsoftware.com/spywareblaster.html
• Spybot search and Destroy
– http://www.safer-networking.org/en/index.html
• Startup Inspector
– http://www.windowsstartup.com/
• Sunbelt’s Counterspy
– http://www.sunbelt-software.com/CounterSpy-Download.cfm
• GRC.com
– UPNP http://www.grc.com/unpnp/unpnp.htm
– DCOM http://www.grc.com/dcom/
– MSMSG http://www.grc.com/stm/shootthemessenger.htm
6
Test yourself
• www.grc.com
– ShieldsUp
• https://www.grc.com/x/ne.dll?bh0bkyd2
– Leaktest
• http://grc.com/lt/leaktest.htm
• Scan yourself across the network
–
–
–
–
–
security.symantec.com
www.pandasoftware.com/products/ActiveScan.htm
housecall.trendmicro.com/
www3.ca.com/virusinfo/virusscan.aspx
www.kaspersky.com/virusscanner
7
Email
• Treat it like a postcard
• One to one communications
• Spam
– Never reply as you confirm your address
• Use inbox protection (hotmail) or
filtering and/or blocking
• Never say anything that you wouldn’t
say in public
• Remember ISPs back this stuff up
• No visual or audio cues so people take
it literally
8
Email Abuse
•
•
•
•
•
•
•
•
•
•
•
Spam
Scams
Flaming
Harrassment and stalking
Spoofing
Mail bombs
Viruses
Chain letters
Pornography
Photos
Inline html and/or pdfs
9
Chat rooms
•
•
•
•
•
Let you talk to groups of people all around the world
This generations version of the phone
Public, private or IRC
Some have monitors, most do not – watch for computers
Most dangerous area of the net
–
–
–
–
•
•
•
•
•
You don’t know who is there (actively or lurking)
You establish a relationship and trust over time
Pedophiles use them to find victims
People lie
They often progress to IM and email where you are now one
on one
Watch out for rooms associated with sex, cults, ritual
Choose a vendor neutral screen name
Turn on logging
Web chat is still chat (yahoo & AOL teen chat)
10
Social Networking sites
• Public forums:
–
–
–
–
http://www.myspace.com
http://www.facebook.com
Linked In
Youtube
• Thing to remember
–
–
–
–
–
–
–
What you put up stays around (caching)
It is publically accessible and will be forwarded
Employers and universities search these sites
What do you want your online identity to be?
With freedom comes responsibility
Respect both your own and others privacy
Same rules apply in virtual worlds
• Second life
• Runescape, etc
11
Instant Messaging
•
•
•
•
•
Unique identifier associated with profile
Real time – more IM than email
Blend of email and chat
ICQ was the forefather to IM
Runs in background and notifies you when
there is a message
• Buddy list – a notify list of friends
• Skype and Video conferences/cameras
12
The Dark Side of IM
• Protect your buddy list - set it so you have to
approve the addition of anyone to it
• People can add you to their buddy list and then
keep track of when you are online
• Set your options so others can’t add you to their
buddy list
• Predators love buddy lists
• They also love being able to search profiles and
membership directories
13
Profiles & Directories
• At yahoo you can search the directory by:
–
–
–
–
Keyword
Gender
Age
Interests
• Requesting profiles with pictures
• Asking whether they are online now
• Regularly use Google and Yahoo to search on
yourself
• Never fill these out truthfully
• Predators use these to determine victims
14
Personal Firewalls
• Do a search on the web for “personal firewall”
• Critical if you are using DSL or Cable Networking but it
does happen to people dialed in
• Blackice Defender
– www.networkice.com
• Zone Alarm
– www.zonelabs.com
• Norton Personal Security
– www.symantec.com & security2.symantec.com
– Scan yourself with their security scanner on the web
• McAfee Personal Firewall
– www.mcafee.com
15
Privacy
• Know how information is being shared
–
–
–
–
–
–
–
–
Registration information for products such as MS Word
Opt out versus opt in
Win ME – control panel – automatic updates
Realplayer
Winamp
Media Player
Napster
3D Frog Frenzy and many more
• Have a yahoo or other email address just for
registrations, etc
16
Tips to staying safe
• Keep your identity private
–
–
–
–
–
Never give out name, address, phone ….
Don’t mention your city or school & never provide photos
Lie in your online profile
Use a gender neutral screen name
Don’t reveal anything about your friends either
• Never get together with someone you meet online
– Online dating – meet in a public place and take a friend
• Never respond to email, chat, messages that are hostile,
inappropriate or make you feel uncomfortable
• Never give out your password and don’t let others post
from your account/computer EVER
• Be extremely careful with video cameras
17
Tips to staying safe
•
•
•
•
•
•
•
•
Don’t list yourself in the members directory at your ISP or
yahoo, ICQ, IM ….
Keep an eye on your IM buddy list – secure it
Email yourself and check the headers – what did you give
away
Be careful what you put in the registration files for things
like Office – they get embedded in any documents
If email needs to be confidential use PGP and encrypt it
Regularly search on yourself at the social networking sites
and on google
If putting up pictures use small ones that are a little fuzzy
Never put children’s photos up without password protection
18
Common Sense
• Have one credit card that you use online
• Check that card statement regularly
• Never give your credit card number to
someone who calls you
• No-one legitimate will ask you for your
username and pin by phone or email
• Teach your kids and others never to
download things
– I.e. don’t accept gifts from strangers
19
Online Shopping
•
•
•
•
Be as careful as you would be in a store
Make sure it is https, not http
Look for https and the lock at the bottom right
Hover over a URL in an email and make sure it really is
the site you think it is supposed to be
• NEVER put your credit card into a site that uses ip
numbers in the URL
• Print a copy of the online order
• Use only one card for all online purchases
• Check out new companies with the Better Business
Bureau
• If an offer looks too good to be true then guess what
20
Extras
•
•
•
Be careful on social networking sites
Check how much you are revealing over time
NEVER meet anyone in real life that you met on the internet
without taking steps to protect yourself
– Bring a friend
– Meet in a public place
– Have a getaway plan
•
•
Human friends are better than computers and healthier
If you post pictures on publically accessible sites
– Be prepared for someone to paste your head on someone else’s
body or vice versa
•
Don’t post pictures of kids anywhere on the web
– They will turn up in kiddy porn later
– If you must post them do it in groups with no names or addresses
– Make sure the school isn’t putting up photos of your child with
identifying information
– Watch out for those “build an autobiographical website” projects at
school
21
Networking
Internet
Users
Router
or HUB
Cable/DSL
Modem
22
Wired Routers
• Buy one with enough ports and a firewall
• Try to keep all network equipment the
same brand
• Using Linksys as an example
– Set time and IP address ranges correctly
– Set password for admin to something other
than admin
– Turn off remote administration
23
Firewall
24
Password
1. Set the password
2. Also set logging
to be enabled
3. Turn off remote
Administration
4. Disable snmp
5. Disable UPNP
25
Check your DHCP clients
26
DHCP Clients
27
Wireless
• Same basics as wired plus:
• Change default SSID to something
meaningless
• Cloak it (do not broadcast SSID)
• Turn off remote Administration
• Turn on WEP 128 and use a good
passphrase
• Turn on and use MAC filtering
28
Setting the SSID
29
WEP and Passphrase
30
MAC Filtering
31
MAC Filter
32
Firewall
33
Summary
• Good article on social networking sites
– http://www.ben.edu/it/docs/Thoughts%20on%20Social%20Networking.
pdf
• Remember that the Cyberworld poses the same risks as the
real world – never do something on the net that you wouldn’t
do normally
• Common sense is worth more than banning use
• If you get stuck – ask a 12 year old for help
• Other information is at:
– http://www.haltabuse.org/
– http://www.wiredsafety.org
• Check out the Naperville Police booklet at:
– http://www.naperville.il.us/emplibrary/pdskworkbook.pdf
• Have a family agreement about internet use
– www.wiredkids.org/documents/safesurf_agreement.html
34
Questions
35
jaqui@circle4.com
Download