Secure use of internet safe hex
Download
1 / 44

Secure Use of Internet “Safe Hex” - PowerPoint PPT Presentation


  • 329 Views
  • Updated On :

Secure Use of Internet “Safe Hex” Presentation by Vlad Olchanski, PhD VCU Department of Internal Medicine at the Virginia Heart Institute February 17, 2006 http://www.intmed.vcu.edu/inm/infotech.shtml http://www.medinf.vcu.edu [email protected] (804) 828-5384 Computers & Communications

Related searches for Secure Use of Internet “Safe Hex”

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Secure Use of Internet “Safe Hex”' - ostinmannual


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Secure use of internet safe hex l.jpg

Secure Use of Internet“Safe Hex”

Presentation by Vlad Olchanski, PhD

VCU Department of Internal Medicine

at the Virginia Heart Institute

February 17, 2006

http://www.intmed.vcu.edu/inm/infotech.shtml

http://www.medinf.vcu.edu

[email protected]

(804) 828-5384


Computers communications l.jpg
Computers & Communications

Computers started as something

highly professional

and for use of professionals

Now computers are a major means of

communications and information retrieval

The number

of users of Internet is ONE BILLION


Supercomputer world domination l.jpg
Supercomputer World Domination

a nightmare of 1950-1960s –

fortunately unimplemented!


Actual distributed network l.jpg
Actual Distributed Network

All computers are equaleven pigs are equally equal ;-)


Evolution of connectivity l.jpg
Evolution of Connectivity

  • Local Area Network

  • BITNET

  • Internet

professional

users

  • Prodigy

  • AOL

  • Compuserv

  • MSN

  • etc.

general

public

Internet

Commercialization

wild users


Dangers l.jpg
Dangers

  • Regular Virusescrash OS, delete files, slow down

  • Worms, Trojanswait for event (time, command), steal address book, open backdoor, same as viruses

  • Spying – info from computer, your interests

  • Phishing – conning you to disclose your info


Specific dangers l.jpg
Specific Dangers

Attachments

Javascript,

etc.

ActiveX

Cookies

Javascript

Bogus programs

Direct intrusion

Email

Websites

Open ports

Running services

Remote access

Connection

to network


Cure hygiene l.jpg
Cure: Hygiene!

  • Dr. Wenzel, Chair of MCV Internal Medicine emphasizes the importance of Dr. Semmelweiss’ SHOCKING (?!) discovery of more than 100 ago:PHYSICIANS MUST WASH HANDS!

    “One of the behavioral issues that plague hospitals and especially the infection control team is how to improve handwashing compliance, how to achieve a plateau above the usual threshold of 40% observed in modern ICUs. This is not a new story.”http://stalkingmicrobes.org – read his latest book!

    Same with COMPUTERS!


Workstation security l.jpg
Workstation Security

Windows Setup & Update Firewall

Antivirus Antispy

Protection

Web Browsers Email Programs

Pop-up BlockersSpam Filtering



Windows setup l.jpg
Windows Setup

Start

Settings

Control PanelFolder Options

View

Microsoft Office files

DOC, XLS, PPT are also executables

and may be infected!

Make file extensions visible

so that you may easily detect

executable files

EXE, SCR, BAT, VBS, etc.

that may be infected:


Windows setup security center l.jpg
Windows Setup: Security Center

Control Panel -> Security Center

Windows Update -> Automatic

Firewall -> On or Firewall of your choice

Virus Protection -> On or Antivirus of your . choice


Windows update l.jpg
Windows Update

  • Windows has many security holes. Practically every week a new one is discovered. Microsoft releases security patches.

  • Windows Update should be run automatically and check should be done manually at least weekly.

  • It is recommended to update your XP installation to Service Pack 2 (SP2)

  • Windows Update function -> START button and shows there in the upper part of the menu.


Firewall l.jpg
Firewall

outside

world

your computer

intrusion

attempt

legit application

legit

communication

open

ports

maliciousoutgoing attempt

intrusion

attempt

worm


Windows firewall l.jpg
Windows Firewall

  • Win-XP/SP2 has basic firewall for intrusion protection.

  • Free firewall ZoneAlarm additionally prevents the viruses that may reside on your computer from sending offensive packets outside of your computer. ZoneAlarm also protects against viruses in email attachments.

  • Instructions on ZoneAlarm installation http://markusjansson.net/eza.html

  • If you install ZoneAlarm, you MUST turn off Windows Firewall in Win-XP/SP2 Security Center in Control Panel.


Virus protection l.jpg
Virus Protection

  • Symantec (Norton) Antivirus

  • MacAfee Antivirus

  • F-Prot (made in Iceland) – most lite-weight

  • AVG – free, not bad

  • Kaspersky – most thorough

  • Sophos – both antivirus and antispy

    Do not forget to update virus signatures weekly, do not trust automatic update!

    Do not run several real-time virus protectors in the same time.


Spyware 1 l.jpg
Spyware - 1

Websites or email messages may plant on your computer spyware -- programs that are watching and reporting what you are doing on your computer, what websites you visit, what files you have on computer, what music you play.

They even may highjack your commands to the web browser and display for you websites you never intended to visit. This all compromises the confidentiality of information on your computer and slows down its operation.


Spyware 2 l.jpg
Spyware -2

  • Turn off spying features built in Win-XP. Use XP-Antispy program, select “Windows update” profile.

    http://www.xp-antispy.org/

  • Set Safe Settings for Windows XP Services: http://www.intmed.vcu.edu/inm/WindowsServices.shtml


Spyware 3 l.jpg
Spyware - 3

Install one or more spyware scanners that operate similar to the virus scanners.

- Adaware SE Personal download free from http://www.lavasoft.de

- SpyBot Search and Destroy free from http://www.safer-networking.org/en/download/index.html


Spyware 4 l.jpg
Spyware - 4

  • These 2 programs are recommended to be installed on your computer.

  • Microsoft Windows Defender may be run to automatically self-update and in real time check for attempts to plant spies on your computer. Spy Bot S&D is not recommended for real time protection.

  • Please be careful in using antispy programs. They may give false positive results marking some of your useful applications as spyware. In such cases uncheck the programs you are sure are not planted spies and do not delete them.

  • You will be amazed how many spies you will find on your computer after the first scan! Their number will be between a hundred and several thousand.

  • Please do not forget to update and run antispy scans at least once in a week!


Spyware 5 l.jpg
Spyware - 5

  • Avoid pseudo-freebies commercial programs:media players (Real, QuickTime, MS Windows Media Player, etc.), weather bars, search bars, instant messengers (AIM, MSN, ICQ)USE INSTEAD:

  • Truly free and versatile Media Player Classichttp://www.free-codecs.com/download/Media_Player_Classic.htm

  • Miranda instant messenger (ICQ, AIM, MSN, and more) http://www.miranda-im.org/

  • Weather and search extensions to Firefox browser

  • Completely uninstall Windows Messenger service



Web browsers23 l.jpg
Web Browsers

  • Internet Explorer – obsolete and deprecated

  • Firefox – the tool of choice

  • Mozilla – father of Firefox

  • Netscape – granddad of Firefox

  • Opera – the best but a bit Nordically strict, not to say Teutonic (made in Norway).


Internet explorer l.jpg
Internet Explorer

  • Won in unfair fight with old Netscape, became eventually monopolist

  • Has many security holes

  • Is the target of BAD GUYS

  • Not recommended by the US Department of Homeland Security (DHS).

  • Uses ActiveX that plants viruses on computer

  • Switching to Firefox browser is like starting free walking after a year in wheelchair


Firefox browser l.jpg
Firefox Browser

  • Provides for Tabbed Browsing loading pages in background (wheel-click or CTRL-click)

  • Has “extensions” to restore last session, to restore closed pages, to manage tabs, acceleration, scrapbook, pop-up blocker, unwanted picture removal, weather forecast and more…

  • Cookies control and Password management

  • Has Internet Explorer in a tab window with one click for dealing with badly designed websites

  • Secure!


Pop up blockers l.jpg
Pop-up Blockers

  • Special applications exist

  • Firefox does a good job, particularly with Adblock extensions

  • Internet Explorer has a basic blocker

  • Firefox removes selected pictures_____________________________________

  • It is not desirable to have several different pop-up blockers in different applications because this may lead to breaking navigation and display of some websites



Using email 1 l.jpg
Using Email - 1

You read and send email with Email Client

There are so many different Email Client programs --

make your own choice

BUT

some of Email Clients

and some of Email USERS

go outside of Internet Standards

- incompatibility of messages

- errors in transmission and reception


Using email 2 l.jpg
Using Email - 2

POP server delivers all messages to your computer --good when you are on a fast connection

IMAP server delivers only message headers and messages on demand -- good when you are on a dial-upYet you will not have all messages on your computer

Thunderbird, Eudora, TheBat! support multiple email accounts

Webmail allows to use email with your browser --good when you are on the go

For non professional use: Hotmail, Yahoo, etc. --but it is not a true email


Email programs outlook l.jpg
Email Programs: Outlook

  • The use of Outlook and Outlook Express is discouraged although by now Microsoft plugged many of the security holes in them.

  • These email programs are the targets of virus and malware mongers, which may lead to big problems in your computer.

  • If you still intend to use this program, please check regularly that its capability to execute malicious code in messages is still turned off -- it has a tendency to occasionally turn itself on.

  • Thunderbird Email Program easily imports all Outlooks settings and archived messages


Email programs thunderbird l.jpg
Email Programs: Thunderbird

  • Modern program for email much similar to old Netscape 4

  • Powerful message filtering in specified topic folders

  • Has an inbuilt self-learning spam filter that is very efficient and excludes the need of an external spam blocker

  • May operate several different email accounts

  • Turn off writing in HTML in option settings!

  • Thunderbird easily imports settings and messages from major email programs


Email programs lotusnotes l.jpg
Email Programs: LotusNotes

  • Turn off the capability to execute malicious code that may be included in email messages.

  • Change the default for calling browser when clicking on the link embedded in a message. This default needs to be replaced with the installed default browser -- Firefox or Opera. Calling Internet Explorer is dangerous!


Using email 9 basic rules of nice conduct l.jpg
Using Email - 9 Basic Rules of Nice Conduct

1. Never consider email as confidential

2. Email should best be a simple message

3. Do not send messages formatted with HTML --

not all email clients can deal with them in the same way,

opening HTML message confirms a hit for spammers

(impossible in AOL email program )

4. Avoid sending binary attachments

these may come corrupted and can carry viruses

How to avoid binary attachments in Email, see

http://www.intmed.vcu.edu/inm/advice.html

5. Do not open “strange” messages


Internet s most intimate secret l.jpg
Internet’s Most Intimate Secret

Like Wine Dichotomy in Russia

- Vodka, Moonshine, Brandy

are considered

White wine

- all the rest are

Red wines


Internet s most intimate secret35 l.jpg
Internet’s Most Intimate Secret

Data Dichotomy in Internet

- Text files: Plain English text: A-Z, a-z, 0-9

- Binary files: all the rest


Internet s most intimate secret36 l.jpg
Internet’s Most Intimate Secret

The Revelation

Only text files can go through Internet Binary files will come corrupted

To send a binary, it must be converted to

a text file (encoded) and on the receiving end

the encoded file must be decoded.

In Email, binary files go as attachments.

Different email programs treat attachments differently, which may lead to confusion and errors


Professional communications medical and confidential l.jpg
Professional Communicationsmedical and confidential

  • Communications with patients should be authenticated to avoid forgeries and trolling

  • Cryptographic signature/certificate

  • Watch for SECURE CONNECTION “lock” icon in the browser when submitting confidential data!

  • Beware of the bogus phishing websites!


Phishing in email l.jpg
Phishing in Email

O Bad guys try to obtain info on your

financial data and other confidentials

O Banks and real traders never ask you

about such with emails – NEVER.

O Bad guys create fake websites looking like

real ones, say Amazon and steal your data.

O Always check if your data will be sent to the

right destination by analyzing the links!


Security communications l.jpg
Security: Communications

Cryptonomicon by Neal Stephenson

80% adventures and fiction, 5% pearls


Recommendations 1 l.jpg
Recommendations - 1

  • Avoid mainstream programs like Microsoft’s, AOL’s, etc. – use existing alternatives

  • Use Firefox for web browser

  • Use Thunderbird for email

  • Update Windows and verify that update completed – weekly

  • Never connect to Internet without running virus protection


Recommendations 2 l.jpg
Recommendations - 2

  • Install a firewall – ZoneAlarm

  • Turn off Windows spying features and unneeded services

  • Make file extensions visible

  • Install, update and run weekly several Antispy programs – Adaware, Spybot, MSAntispy

  • Use anti-spam filters in email

  • Do not open strange email messages – trash them


Recommendations 3 l.jpg
Recommendations - 3

  • Do not emulate spammers: do not write messages formatted in HTML

  • Avoid sending binary attachments.Never send EXE and ZIP files

  • Never open attachments in unsolicited emails

  • Be cautious opening attachments even from your known partners. They may be infected


Recommendations 4 l.jpg
Recommendations - 4

  • Install extensions in Firefox browser to expand its functionality

  • Before clicking on any link, verify where this link actually leads you

  • Set up your browser to delete cookies when you close browser

  • Set up your email program not to execute javascript embedded in messages

  • Beware of phishing


Secure use of internet safe hex44 l.jpg

Secure Use of Internet“Safe Hex”

Presentation by Vlad Olchanski, PhD

VCU Department of Internal Medicine

at the Virginia Heart Institute

February 17, 2006

http://www.intmed.vcu.edu/inm/infotech.shtml

http://www.medinf.vcu.edu

[email protected]

(804) 828-5384


ad