How to stay safe on the Internet Jaqui Lynch Email – jaqui@circle4.com January 2008 http://www.circle4.com/papers/awc-jan08.pdf 1 Agenda • Computers – Computer protection – Personal protection – Privacy • • • • General Survival Networking Wireless Questions 2 Computers • Windows – Keep it patched • windowsupdate.microsoft.com – Run Antivirus and keep it up to date – Get a bidirectional software firewall – Ensure you are on at least Windows XP and it is up-to-date • Linux is even better but I am biased! – – – – Cleanse regularly Upgrade software apps to latest versions Turn off file sharing unless you know how to secure it Try an alternate browser – 75% target IE • Firefox – Risks • • • • • Viruses Cookies Security holes Javascript Scrap files (.shs ….) 3 Cleansing • Check out the following: – http://www.webroot.com • Spysweeper • Window washer – Create a hosts file • http://www.mvps.org/winhelp2002/hosts.txt • This file redirects adware to 127.0.0.1 – Secure your Internet Explorer – Turn off javascript in your emails – Use a different email client to Outlook • Podcasts – Check out “Security Now” on iTunes 4 Sample hosts file There is no place like 127.0.0.1 This file lives in: Windows XP = C:\WINDOWS\SYSTEM32\DRIVERS\ETC Windows 2K = C:\WINNT\SYSTEM32\DRIVERS\ETC Win 98/ME = C:\WINDOWS The file is called hosts 127.0.0.1 localhost #start of lines added by WinHelp2002 # [Misc A - Z] 127.0.0.1 phpadsnew.abac.com 127.0.0.1 a.abnad.net 127.0.0.1 b.abnad.net 127.0.0.1 c.abnad.net #[IE-SpyAd] 127.0.0.1 d.abnad.net 127.0.0.1 e.abnad.net 127.0.0.1 www.accoona.cn and so on 5 Other cool software • http://spywarewarrior.com/asw-test-guide.htm – Above is an independent review site on Anti-spyware • Spywareblaster – http://www.javacoolsoftware.com/spywareblaster.html • Spybot search and Destroy – http://www.safer-networking.org/en/index.html • Startup Inspector – http://www.windowsstartup.com/ • Sunbelt’s Counterspy – http://www.sunbelt-software.com/CounterSpy-Download.cfm • GRC.com – UPNP http://www.grc.com/unpnp/unpnp.htm – DCOM http://www.grc.com/dcom/ – MSMSG http://www.grc.com/stm/shootthemessenger.htm 6 Test yourself • www.grc.com – ShieldsUp • https://www.grc.com/x/ne.dll?bh0bkyd2 – Leaktest • http://grc.com/lt/leaktest.htm • Scan yourself across the network – – – – – security.symantec.com www.pandasoftware.com/products/ActiveScan.htm housecall.trendmicro.com/ www3.ca.com/virusinfo/virusscan.aspx www.kaspersky.com/virusscanner 7 Email • Treat it like a postcard • One to one communications • Spam – Never reply as you confirm your address • Use inbox protection (hotmail) or filtering and/or blocking • Never say anything that you wouldn’t say in public • Remember ISPs back this stuff up • No visual or audio cues so people take it literally 8 Email Abuse • • • • • • • • • • • Spam Scams Flaming Harrassment and stalking Spoofing Mail bombs Viruses Chain letters Pornography Photos Inline html and/or pdfs 9 Chat rooms • • • • • Let you talk to groups of people all around the world This generations version of the phone Public, private or IRC Some have monitors, most do not – watch for computers Most dangerous area of the net – – – – • • • • • You don’t know who is there (actively or lurking) You establish a relationship and trust over time Pedophiles use them to find victims People lie They often progress to IM and email where you are now one on one Watch out for rooms associated with sex, cults, ritual Choose a vendor neutral screen name Turn on logging Web chat is still chat (yahoo & AOL teen chat) 10 Social Networking sites • Public forums: – – – – http://www.myspace.com http://www.facebook.com Linked In Youtube • Thing to remember – – – – – – – What you put up stays around (caching) It is publically accessible and will be forwarded Employers and universities search these sites What do you want your online identity to be? With freedom comes responsibility Respect both your own and others privacy Same rules apply in virtual worlds • Second life • Runescape, etc 11 Instant Messaging • • • • • Unique identifier associated with profile Real time – more IM than email Blend of email and chat ICQ was the forefather to IM Runs in background and notifies you when there is a message • Buddy list – a notify list of friends • Skype and Video conferences/cameras 12 The Dark Side of IM • Protect your buddy list - set it so you have to approve the addition of anyone to it • People can add you to their buddy list and then keep track of when you are online • Set your options so others can’t add you to their buddy list • Predators love buddy lists • They also love being able to search profiles and membership directories 13 Profiles & Directories • At yahoo you can search the directory by: – – – – Keyword Gender Age Interests • Requesting profiles with pictures • Asking whether they are online now • Regularly use Google and Yahoo to search on yourself • Never fill these out truthfully • Predators use these to determine victims 14 Personal Firewalls • Do a search on the web for “personal firewall” • Critical if you are using DSL or Cable Networking but it does happen to people dialed in • Blackice Defender – www.networkice.com • Zone Alarm – www.zonelabs.com • Norton Personal Security – www.symantec.com & security2.symantec.com – Scan yourself with their security scanner on the web • McAfee Personal Firewall – www.mcafee.com 15 Privacy • Know how information is being shared – – – – – – – – Registration information for products such as MS Word Opt out versus opt in Win ME – control panel – automatic updates Realplayer Winamp Media Player Napster 3D Frog Frenzy and many more • Have a yahoo or other email address just for registrations, etc 16 Tips to staying safe • Keep your identity private – – – – – Never give out name, address, phone …. Don’t mention your city or school & never provide photos Lie in your online profile Use a gender neutral screen name Don’t reveal anything about your friends either • Never get together with someone you meet online – Online dating – meet in a public place and take a friend • Never respond to email, chat, messages that are hostile, inappropriate or make you feel uncomfortable • Never give out your password and don’t let others post from your account/computer EVER • Be extremely careful with video cameras 17 Tips to staying safe • • • • • • • • Don’t list yourself in the members directory at your ISP or yahoo, ICQ, IM …. Keep an eye on your IM buddy list – secure it Email yourself and check the headers – what did you give away Be careful what you put in the registration files for things like Office – they get embedded in any documents If email needs to be confidential use PGP and encrypt it Regularly search on yourself at the social networking sites and on google If putting up pictures use small ones that are a little fuzzy Never put children’s photos up without password protection 18 Common Sense • Have one credit card that you use online • Check that card statement regularly • Never give your credit card number to someone who calls you • No-one legitimate will ask you for your username and pin by phone or email • Teach your kids and others never to download things – I.e. don’t accept gifts from strangers 19 Online Shopping • • • • Be as careful as you would be in a store Make sure it is https, not http Look for https and the lock at the bottom right Hover over a URL in an email and make sure it really is the site you think it is supposed to be • NEVER put your credit card into a site that uses ip numbers in the URL • Print a copy of the online order • Use only one card for all online purchases • Check out new companies with the Better Business Bureau • If an offer looks too good to be true then guess what 20 Extras • • • Be careful on social networking sites Check how much you are revealing over time NEVER meet anyone in real life that you met on the internet without taking steps to protect yourself – Bring a friend – Meet in a public place – Have a getaway plan • • Human friends are better than computers and healthier If you post pictures on publically accessible sites – Be prepared for someone to paste your head on someone else’s body or vice versa • Don’t post pictures of kids anywhere on the web – They will turn up in kiddy porn later – If you must post them do it in groups with no names or addresses – Make sure the school isn’t putting up photos of your child with identifying information – Watch out for those “build an autobiographical website” projects at school 21 Networking Internet Users Router or HUB Cable/DSL Modem 22 Wired Routers • Buy one with enough ports and a firewall • Try to keep all network equipment the same brand • Using Linksys as an example – Set time and IP address ranges correctly – Set password for admin to something other than admin – Turn off remote administration 23 Firewall 24 Password 1. Set the password 2. Also set logging to be enabled 3. Turn off remote Administration 4. Disable snmp 5. Disable UPNP 25 Check your DHCP clients 26 DHCP Clients 27 Wireless • Same basics as wired plus: • Change default SSID to something meaningless • Cloak it (do not broadcast SSID) • Turn off remote Administration • Turn on WEP 128 and use a good passphrase • Turn on and use MAC filtering 28 Setting the SSID 29 WEP and Passphrase 30 MAC Filtering 31 MAC Filter 32 Firewall 33 Summary • Good article on social networking sites – http://www.ben.edu/it/docs/Thoughts%20on%20Social%20Networking. pdf • Remember that the Cyberworld poses the same risks as the real world – never do something on the net that you wouldn’t do normally • Common sense is worth more than banning use • If you get stuck – ask a 12 year old for help • Other information is at: – http://www.haltabuse.org/ – http://www.wiredsafety.org • Check out the Naperville Police booklet at: – http://www.naperville.il.us/emplibrary/pdskworkbook.pdf • Have a family agreement about internet use – www.wiredkids.org/documents/safesurf_agreement.html 34 Questions 35 jaqui@circle4.com