personal security l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Personal Security PowerPoint Presentation
Download Presentation
Personal Security

Loading in 2 Seconds...

play fullscreen
1 / 52

Personal Security - PowerPoint PPT Presentation


  • 457 Views
  • Uploaded on

Personal Security Security Tips for Home Internet Users Securing your home computer Accessing the Internet from home Convenient Abundance of information Exposes your computer Can be costly or damaging Overview Internet access Why Should I be concerned with Security

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Personal Security' - liam


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
personal security

Personal Security

Security Tips for Home Internet Users

securing your home computer
Securing your home computer
  • Accessing the Internet from home
    • Convenient
    • Abundance of information
    • Exposes your computer
    • Can be costly or damaging
overview
Overview
  • Internet access
  • Why Should I be concerned with Security
  • What are the most common vulnerabilities
  • What security tools are available
  • Where can I find more information
internet
Internet
  • Complex system of attached networks
  • Designed to distribute data geographically at high speeds in a short period of time
  • Data is distributed in a variety of formats
    • Examples: PDF, JPEG, MOV, MP3, Text
  • Information is stored or viewed locally on your computer
broadband
Broadband
  • High speed access to the home user
  • Types
    • DSL
    • Cable Modem
slide6
DSL
  • Digital Subscriber Line
  • Typically ADSL
    • Asymmetric Digital Subscriber Line
  • Offers dedicated bandwidth
  • Speed
    • 384 kbps downstream
    • 128 kbps upstream
    • Up to 1.5 Mbps down 800 kbps up
    • Varies depending on service level and distance from CO (Central Office)
    • Maximum distance varies 14000 – 17500 ft
dsl configuration
DSL Configuration
  • DSL Modem
  • DSL Splitter and Filters
  • DSLAM
    • Digital Subscriber Line Access Multiplexer
  • ISP
    • Internet Service Provider
cable modem
Cable Modem
  • Shared bandwidth
  • Speed per channel
    • 27 Mbps shared download
    • 10 Mbps Upload
  • Connects to CMTS (Cable Modem Transmission System) at cable company
    • Provides packet filtering, and traffic shaping
what about security
What about security?
  • Why should I be concerned?
  • What are the vulnerabilities?
  • What can I do to protect myself?
  • How do I recover from an attack?
why should i be concerned
Why should I be Concerned
  • You lose crucial data
  • You spend time and money on recovery
  • You feel violated, helpless and foolish
  • You risk propagating the attack to your peers and others
  • Your peers and others know how foolish you are
vulnerabilities
Vulnerabilities
  • Viruses
  • Hacks
  • Data Capturing
  • Lack of contingency planning
virus
Virus
  • 60,000 Variations in circulation
  • Types of Viruses
  • Antivirus Software
  • Best Practices
types of viruses
Types of Viruses
  • Viruses are Segments of code or complete programs that can damage your system or degrade system performance.
    • Trojan Horse
    • Worm
    • Hoax
trojan horses
Trojan Horses
  • A program disguised as having a desired purpose while subversively performing an unwanted action on your system.
  • Often open backdoor access to your system
  • Notorious Trojan Horses
    • Simpson's
    • Backdoor
    • Sub7
    • BackOrafice
    • NetBus
slide15
Worm
  • Self Propagating independent program that adversely affects your computer performance or damages your computer
  • Hall of fame
    • Melissa
    • Nimda
    • LoveLetter
    • Anna Kournikova
    • CodeRed
    • SirCam
slide16
Hoax
  • An unsubstantiated virus alert intended to cause panic
  • Typically warning of the most damaging or dangerous virus
  • Examples
    • BudweiserFrogs
    • A virtual card for you
    • !0000 – Stop mass mailings
    • Wobbler
    • Win a holiday
best practice virus prevention
Best Practice: Virus prevention
  • Always verify your antivirus software is running and Update your antivirus software
best practice virus prevention 2
Best Practice: Virus prevention 2
  • When receiving email do not open attachments unless you are expecting them
  • Take virus alerts seriously
  • Sources of alerts
    • Institutional Notification
    • News Media alerts
    • Word of mouth
virus recovery
Virus recovery
  • Use antivirus software and tools to clean system
    • http://www.mcafee.com
    • http://www.symantec.com
  • Find manual steps for virus removal
  • Reinstall your system from scratch
hacks
Hacks
  • Hacking
    • What is hacking
    • How does hacking happen
  • Types of attacks
  • Prevention methods
hacking
Hacking
  • Gaining unauthorized access to computer systems for malicious purposes
how hacking happens
How Hacking Happens
  • System information is collected
    • Footprinting
    • Scanning
    • Probing
    • Enumeration
  • Software vulnerabilities are exploited
  • System passwords are guessed or not employed
types of attacks
Types of Attacks
  • Interference
  • Interception
  • Impersonation
interference
Interference
  • Attacks that render objects or services unusable
    • Denial of service
    • Distributed Denial of service
    • System alteration
interception
Interception
  • Captures Data through monitoring or redirection
    • Monitoring
      • Wire taps
      • Network Monitoring
    • Redirection
      • Alteration of DNS servers
      • Man in the middle
impersonation
Impersonation
  • When the attacker assumes the identity of a trusted source
    • Spoof attacks
      • Using the IP source address of a trusted source computer
    • Password attacks
      • Password enumeration
prevention methods
Prevention Methods
  • Know your system
  • Tools to help protect your system
  • Watch for and apply security patches
  • Contingency planning
know your system
Know your system
  • Inventory your system
  • Baseline system and network performance
  • Identify vulnerabilities
inventory your system
Inventory your system
  • Software Inventory
    • Running Software
    • File and printer sharing
    • Startup Software
    • Installed Software
    • Software Keys
    • Software Licensing
  • Hardware
    • Installed components
    • Vendor specific device drivers
inventory tools
Inventory Tools
  • Microsoft
    • System Information 98
    • Manage Computer System summary
    • Windows NT Diagnostics
inventory tools 2
Inventory Tools 2
  • Belarc Advisor
system baseline
System Baseline
  • Task manager
    • Memory Utilization
    • Process Utilization
  • Performance monitor
    • Log low use system state
    • Log high use system state
network baseline
Network Baseline
  • Check Internet Bandwidth speed
    • McAfee Speedometer
      • http://promos.mcafee.com/speedometer/test_0150.asp
    • Ftp Large Files
      • Hash
      • Download Statistics
network baseline 2
Network Baseline 2
  • Use traceroute
    • Check TTL stats
  • Use performance monitor to check utilization
    • Network Utilization
identify vulnerablilities
Identify Vulnerablilities
  • Filesharing
    • Opens access to your files remotely
    • Should be turned off if not used
    • Protected with security device and used with complex passwords
  • Web Browsing
    • Personal information is accessible via cookie files
    • ActiveX components can launch Visual Basic Application components included in Microsoft Office
    • Disable ActiveX components unless necessary
security boundries
Security Boundries
  • Personal Computer
  • Local Network Security
  • Internet Security
internet protocol ip
Internet Protocol (IP)
  • Address your computer on the network and where your computer can be reached
  • 32 Bit numeric device address.
  • Dotted Decimal Notation
    • Ex: 192.168.99.32
  • Consists of network and host address.
  • Determined by subnet mask
    • 255.255.255.0
    • Network 192.168.99.0
    • Host 0.0.0.32
network security
Network Security
  • Dynamic Addressing
    • IP address changes over scheduled time
  • Private Addressing
    • Reserved address range by IANA
    • 10.0.0.0
    • 192.168.0.0
    • 172.16.0.0
  • Encryption
encryption
Encryption
  • Method of repackaging data into cyphertext in order to keep observers from viewing data and preserve data integrity
  • SSL – Secure Sockets Layer
    • Encrypts Communication between web browsers and web servers over the internet
    • Uses Public and private key exchange
  • VPN – Virtual Private Networking
    • Secure Tunnel
    • Key Encryption
      • Symmetric
      • Asymmetric
    • Encryption Algorithms
      • SHA – Secure Hashing Algorithm
      • DES – Data Encryption Standard
what your isp does for you
What your ISP does for you
  • Private addressing
  • Dynamic addressing
  • Email virus scanning
  • Abuse@isp.com
security tools
Security Tools
  • Routers
  • Proxy Servers
  • Firewalls
    • Application
    • Circuit Switching
  • Scanners
routers
Routers
  • ACL Filter packets
    • Deny or Allow
    • Destination or Source
  • Separate Networks
    • Gateway
    • Private Network
proxy server
Proxy Server
  • Resides between web sites and web browser
  • Takes Request from client
  • Issues request to web server
  • Caches web content locally
    • Improves network performance
firewalls
Firewalls
  • Separates untrusted external network with trusted internal network.
  • Types of Firewalling
  • Personal Firewall
  • Network Firewall
types of firewalling
Types of Firewalling
  • ACL – Access Control Lists
    • Filters Packets
  • Application Firewalling
    • Verifies command legitimacy
    • Can be performance intensive
  • Proxying
  • Circuit Switching
    • Allows data sessions by request
personal firewall
Personal Firewall
  • Installed on local Computer
  • Rules Based
  • Alerts to system intrusion
  • Accounting Logs events for network forensics
  • Risky can affect stability of your computer
    • Personal firewalls replace operating system kernel components and can conflict with other applications
  • Vendors
    • Sygate Personal Firewall – http://www.sygate.com
    • Black Ice Defender – http://www.networkice.com
    • McAfee Personal Firewall – http://www.mcafee.com
    • Norton Personal Firewall – http://www.symantec.com
    • Zone Alarm – http://www.zonelabs.com
network firewalls
Network Firewalls
  • DSL Cable Routers
    • Filter Packets
    • Separates Network
      • Uses Private Addressing
  • Vendors
  • Linksys DSL/Cable Router
    • http://www.linksys.com
  • Dlink Home Gateway Internet Sharing and Firewall
    • http://www.dlink.com
  • Proxim – Netline Gateway
    • http://www.proxim.com
  • SMC Barricade
    • http://www.smc.com
port scanners
Port Scanners
  • Scans IP Port numbers for available services
  • Gibson Research Center
    • http://www.grc.com
contingency
Contingency
  • Backup your data
  • Often
  • Use Rotation schedule
  • Store software, license and key information in a safe convenient place.
  • Software includes device drivers, application software, and operating system
who can i turn to
Who can I turn to?
  • Abuse@yourisp.com
  • System Administration Networking Security
    • http://www.sans.org
  • Carnegie Mellon - Computer Emergency Response Center
    • http://www.cert.org
  • FBI – Internet Fraud Complaint Center
    • http://www.fbi.gov/interagency/ifcc/filingcomplaint.htm
links
Links
  • Broadband
    • http://www.cable-modem.net/gc/questions.html
    • http://www.dslreports.com/
  • Antivirus
    • http://www.mcafeeb2b.com/naicommon/avert/avert-research-center/default.asp
    • http://www.symantec.com/avcenter/index.html
  • System Inventory
    • http://www.belarc.comPersonal Firewalls
    • http://www.zonelabs.com
    • http://www.symantec.com
    • http://www.mcafee.com
    • http://www.networkice.com
    • http://www.sygate.com
links 2
Links 2
  • Network Firewalls/Routers
    • http://www.linksys.com
    • http://www.dlink.com
    • http://www.proxim.com
    • http://www.smc.com
  • System and Port Scanners
    • http://www.grc.com
    • http://security1.norton.com/us/home.asp
    • http://www.mcafee.com/support/system_req/browser_test.asp
    • http://www.microsoft.com/technet/mpsa/start.asp
  • Agencies
    • http://www.ciac.org/ciac/
    • http://www.sans.org
    • http://www.fbi.gov/interagency/ifcc/filingcomplaint.htm
    • Report abuse to any ISP. Ex abuse@yourisp.com
  • This Presentation
    • http://homepage.smc.edu/rojas_dan