The ITS Event 2004Viruses, Worms, and Hackers: Protect Your Personal Computer Laurie Walters email@example.com Security Operations and Services ITS@PennState
Presentation Available At: • http://sos.its.psu.edu • Look in the left column, under “The ITS Event” For “Securing Your Home Computer”
“Just Minutes to the Internet” “The iMac is the quickest way to get on the Internet. It’s so easy to set up and use, you’ll be online and surfing the web in minutes…” -http://www.apple.com/imac/
The Problem…. • There is a tradeoff between ease of use and security for computers • To sell more products, companies have to make computers easy to use. • However, today’s powerful computers plugged into the internet shouldn’t be treated like any other new household appliance.
The Even Greater Problem… • The Internet is being scanned constantly by self-replicating worms and deliberate attacks. • Hackers want to exploit computers with lax security to take advantage of hard drive space and relatively fast connections.
Common Security Problems for Home Machines • May include: • privacy invasions • backdoor/trojan infections where an unauthorized person remotely has complete control of your computer. • virus and worm infections, • spyware • warez (file-trading) servers installed, • your computer is used to attack other computers • destruction of files (data, operating system, etc)
Am I at Risk at home? Why? • Cable modems / DSL: have a fast, always on connection that hackers can return to again and again. This atmosphere also provides a good breeding ground for self-replicating worms. • “Camping out” on a PSU modem: keeping the same IP address allows hackers to scan your system and return at a later date to infect it. • Short dial up modem sessions: Occasionally, security incidents occur on dial-up machines with both worms and “hacking” incidents.
How to Make Your Home Machine As Secure As at Work • Make sure your computer has good passwords • Patch your machine regularly • Install an anti-spyware product • Use an anti-virus product and update it regularly • Use a router-based firewall or install a personal firewall • Use a VPN to connect to PSU resources • Know what is running on your system • Use good internet hygiene
Make Sure Your Machine Has Good Passwords • Most operating systems require a password to protect your computer from unauthorized access. • Passwords should not be dictionary words and should consist of 7+ characters of mixed case including numbers, letters, and symbols. • Some guidelines for selecting – and remembering – a strong password can be found at: http://www.alw.nih.gov/Security/Docs/passwd.html
Operating System Password Requirements • Windows: • Passwords required for Windows XP Pro and Home versions, Windows 2000, and Windows NT. • Note: With Windows XP Home edition you may have to boot into “Safe mode” to assign an administrator password • Passwords not necessary for Windows 95, 98, or ME. • Linux / Unix: • Passwords required for all flavors. • Macintosh: • Passwords required
Patch Your Machine Regularly • Computer software vendors provide regular updates for their products that can protect against known security vulnerabilities. These updates are called patches. • Use automatic updates where possible (e.g. Windows Update) or download updates from vendors. Try to download major / “critical” patches to removable media such as CD and install them before putting your computer on the Internet for the first time. • When you hear of a new major vulnerability or patch, try to install it as soon as possible.
Automatic Updates of MS Windows Operating Systems • All Windows OS patches can be accessed here: http://v4.windowsupdate.microsoft.com/en/default.asp • You can set up your Microsoft operating system to check for updates automatically • Using Windows 2000 and Windows XP: Click on the Start button > Control Panel > System • Using Windows 98 and Me: Click on Start > Control Panel > Automatic Updates
Automatic Updates of MS Windows Operating Systems • Using Windows 2000 or XP, select System then click on the Automatic Updates tab • Be sure the check box near the top is checked, then select the radio button which suits you. • Using Windows 98 or Me select the Automatic Updates icon (this next screen will differ slightly)
Protect Your Machine From Spyware (Adware) • Spyware: software that is installed on a computer without the user’s knowledge which monitors user activity and transmits it to another computer. • Many spyware programs are set to monitor what web sites you visit and how long you visit them for, generally for advertising / marketing purposes (adware).
How Would I Get Spyware Installed On My Machine? • Spyware is usually bundled with other software such as shareware or freeware programs (e.g. Peer to Peer file-sharing programs, games, etc). The disclosure for the spyware is usually in the fine print of the licensing agreement. Who reads these anyway? • Another way to get spyware on your machine is by clicking on a deceptive pop-up message.
Consequences of Spyware • Spyware runs in the background, using your computer’s system resources and memory to log what you are doing. This could interfere with other programs on your computer, and could even cause your computer to frequently crash or lock up. • Spyware also uses your internet connection to send information about your activities to someone else. This could cause your internet connection to slow significantly.
Malware, Viruses, and Worms • Malware is software which has malicious intent that is usually installed without the owner’s knowledge. Malware may be disguised to look like benevolent software.
Malware, Viruses, and Worms • Viruses are small programs which cause some unexpected event on a computer and automatically spread to other computers via e-mail, open file shares, and programs installed on the computer (e.g. Kazaa, AOL Instant Messenger, etc). • Worms are self-replicating viruses that are loaded into computer memory rather than altering files on the machine. A worm’s main goal in life is to spread to as many other machines as possible.
Examples of Malware • One example would be a virus that has a “backdoor” installed. This means that someone at a remote location has total control of your computer. That person can modify or add files to your computer, install programs, add user accounts, or even delete all of your files! • Another example is a “keylogger”, which records every stroke you enter into your keyboard. The keylogger may record a wealth of information: credit card information, passwords, chat room transcripts, private e-mail messages, etc
Scared Yet? Protect Your Privacy! • Install software to detect and remove spyware, adware, and malware • Adaware • http://www.lavasoftusa.com/software/adaware/ • Spybot S&D • http://www.safer-networking.org/index.php?page=download
Install an Anti-virus Product • Penn State has purchased a site license for Symantec’s Norton Antivirus Corporate Edition • Consulting and Support Services (CSS) provides user support for product • Norton AV Corporate Edition can be downloaded at: https://downloadsym.cac.psu.edu (note: it’s 33MB) • The PAC-ITS CD-ROM with Norton AV is available at the ITS Helpdesks and at all ResCom locations.
Keep Your Anti-virus Program Up to Date • Update virus definitions weekly, or more often if you hear of a new virus • Set virus protection to automatically download virus definition updates if possible. • Perform a full virus scan of your hard drive(s) at least monthly (if not more often)
Install a Personal Firewall • A personal firewall is a software-based filter between your computer and the outside world that is installed on your computer to protect it from unauthorized access by other external users. • Personal firewalls are configurable to specify which incoming and outgoing programs, ports, and IP addresses can be accessed. • Recommended personal firewalls that are free for personal use: • Zonealarm • http://www.zonealarm.com • Tiny Personal Firewall • http://www.tinysoftware.com
Inexpensive Routers with Built-In Firewalls • A firmware or hardware based firewall is a separate device that physically sits between your computer and internet connection. • This type of firewall is generally more secure than a personal firewall and saves processing time on the computer that the personal firewall would otherwise be using. • Router-based firewalls can range in price from relatively inexpensive ($60) to thousands of dollars. • This type of firewall device is highly recommended for home use and can protect many types of connections including dialup modem, cable modem, DSL, etc.
Two Inexpensive Router-based Firewalls • (Recommended by Skip Knoble: hdk at psu dot edu). Thank you Skip! • Linksys Cable/DSL Router at Micro Warehouse ($60) http://www2.warehouse.com/product.asp?pf_id=DEB2730&blind=&view=&cat=pcThis is for Cable/DSL and quite usable for home use (1 to 4 ports). • SMC 7004ABR ($80): http://www.smc.com/index.cfm?action=products_show_description&productCode=SMC7004ABR from http://www2.warehouse.com/product.asp?pf%5Fid=DEB3144&cat=pc&blind=This is for Cable/DSL and also has an RS-232 port (for Internet connection via modem).
Use a VPN to Connect to PSU Resources • A Virtual Private Network (VPN) is an encrypted tunnel between your computer and a remote machine. • There are several benefits to using a VPN, including encryption, authorization, and privacy (e.g. data between your home machine and PSU cannot be intercepted). • The PSU VPN service enables your remote computer to appear to be a part of the psu.edu domain.
Installing the Penn State Anywhere Virtual Private Network (VPN) • VPN is provided free of charge to anyone with a valid PSU access account. • A simple download and configuration of the VPN client software is required in order to use the service. • See: http://aset.psu.edu/vpn/index.html for further information
Know What Is On Your System • You should periodically determine what all of your running processes are on your computer, and if they are valid. • You can analyze what processes are on your Windows system by downloading a tool such as TCPView, Fport, Inzider, or Active Ports. They can be downloaded from the links at: http://www.personal.psu.edu/lxm30/windows/utils.html • On a unix system, you can analyze running processes by typing the command “lsof”.
Prevent Identity Theft When Making Online Purchases • Look for a padlock at the bottom of web pages, indicating that the site is secured by encrypting data when submitting sensitive information such as credit card numbers or a SSN. • A secure site means that your data is encrypted during transmission. Keep in mind that it says NOTHING about how secure the data is once it is stored on a remote computer.
Prevent Identity Theft When Making Online Purchases • Purchase from well-known companies (Don’t buy from mass e-mail solicitation) • Realize that reputable web sites will never e-mail request for any personal information such as SSN, password, credit card or bank acct. number, etc.
Use Good Computer Hygiene • “Think before you click” • Be careful with e-mail attachments – call or write back to confirm before opening • Be careful about what web sites you go to. • Be careful when prompted to download software • Use good passwords and change them periodically for both machine and web sites you visit! • Don’t create non-password protected file shares • Backup data frequently • Remove internet access when it is not needed • Install minimal applications and services
To Review…. • There are a lot of simple steps you can take to keep your computer secure and free of intruders. These include: • Using “good” passwords • Patching your computer • Installing anti-virus, anti-spyware, and firewall products • Using a VPN to encrypt network traffic to Penn State • Knowing what is running on your computer and turning off unnecessary software • Using good internet hygiene and purchasing habits • Remember, it is a lot easier to be proactive than to attempt to “clean up” later.
Personal Computer Security Checklist • A step-by-step checklist, written by a computer security expert, for securing your personal computer can be found at: http://securityfocus.com/columnists/220 • We encourage that you reference the above checklist, as well as follow recommended steps in this presentation.
For Review, and Access to the URLs in This Presentation, Please Visit: • http://sos.its.psu.edu • Look in the left column, under “The ITS Event” For “Securing Your Home Computer”