secure use of internet safe hex l.
Skip this Video
Loading SlideShow in 5 Seconds..
Secure Use of Internet “Safe Hex” PowerPoint Presentation
Download Presentation
Secure Use of Internet “Safe Hex”

Loading in 2 Seconds...

play fullscreen
1 / 44

Secure Use of Internet “Safe Hex” - PowerPoint PPT Presentation

  • Uploaded on

Secure Use of Internet “Safe Hex” Presentation by Vlad Olchanski, PhD VCU Department of Internal Medicine at the Virginia Heart Institute February 17, 2006 (804) 828-5384 Computers & Communications

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Secure Use of Internet “Safe Hex”' - ostinmannual

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
secure use of internet safe hex

Secure Use of Internet“Safe Hex”

Presentation by Vlad Olchanski, PhD

VCU Department of Internal Medicine

at the Virginia Heart Institute

February 17, 2006

(804) 828-5384

computers communications
Computers & Communications

Computers started as something

highly professional

and for use of professionals

Now computers are a major means of

communications and information retrieval

The number

of users of Internet is ONE BILLION

supercomputer world domination
Supercomputer World Domination

a nightmare of 1950-1960s –

fortunately unimplemented!

actual distributed network
Actual Distributed Network

All computers are equaleven pigs are equally equal ;-)

evolution of connectivity
Evolution of Connectivity
  • Local Area Network
  • Internet



  • Prodigy
  • AOL
  • Compuserv
  • MSN
  • etc.





wild users

  • Regular Virusescrash OS, delete files, slow down
  • Worms, Trojanswait for event (time, command), steal address book, open backdoor, same as viruses
  • Spying – info from computer, your interests
  • Phishing – conning you to disclose your info
specific dangers
Specific Dangers







Bogus programs

Direct intrusion



Open ports

Running services

Remote access


to network

cure hygiene
Cure: Hygiene!
  • Dr. Wenzel, Chair of MCV Internal Medicine emphasizes the importance of Dr. Semmelweiss’ SHOCKING (?!) discovery of more than 100 ago:PHYSICIANS MUST WASH HANDS!

“One of the behavioral issues that plague hospitals and especially the infection control team is how to improve handwashing compliance, how to achieve a plateau above the usual threshold of 40% observed in modern ICUs. This is not a new story.” – read his latest book!

Same with COMPUTERS!

workstation security
Workstation Security

Windows Setup & Update Firewall

Antivirus Antispy


Web Browsers Email Programs

Pop-up BlockersSpam Filtering

windows setup
Windows Setup



Control PanelFolder Options


Microsoft Office files

DOC, XLS, PPT are also executables

and may be infected!

Make file extensions visible

so that you may easily detect

executable files

EXE, SCR, BAT, VBS, etc.

that may be infected:

windows setup security center
Windows Setup: Security Center

Control Panel -> Security Center

Windows Update -> Automatic

Firewall -> On or Firewall of your choice

Virus Protection -> On or Antivirus of your . choice

windows update
Windows Update
  • Windows has many security holes. Practically every week a new one is discovered. Microsoft releases security patches.
  • Windows Update should be run automatically and check should be done manually at least weekly.
  • It is recommended to update your XP installation to Service Pack 2 (SP2)
  • Windows Update function -> START button and shows there in the upper part of the menu.



your computer



legit application





maliciousoutgoing attempt




windows firewall
Windows Firewall
  • Win-XP/SP2 has basic firewall for intrusion protection.
  • Free firewall ZoneAlarm additionally prevents the viruses that may reside on your computer from sending offensive packets outside of your computer. ZoneAlarm also protects against viruses in email attachments.
  • Instructions on ZoneAlarm installation
  • If you install ZoneAlarm, you MUST turn off Windows Firewall in Win-XP/SP2 Security Center in Control Panel.
virus protection
Virus Protection
  • Symantec (Norton) Antivirus
  • MacAfee Antivirus
  • F-Prot (made in Iceland) – most lite-weight
  • AVG – free, not bad
  • Kaspersky – most thorough
  • Sophos – both antivirus and antispy

Do not forget to update virus signatures weekly, do not trust automatic update!

Do not run several real-time virus protectors in the same time.

spyware 1
Spyware - 1

Websites or email messages may plant on your computer spyware -- programs that are watching and reporting what you are doing on your computer, what websites you visit, what files you have on computer, what music you play.

They even may highjack your commands to the web browser and display for you websites you never intended to visit. This all compromises the confidentiality of information on your computer and slows down its operation.

spyware 2
Spyware -2
  • Turn off spying features built in Win-XP. Use XP-Antispy program, select “Windows update” profile.

  • Set Safe Settings for Windows XP Services:
spyware 3
Spyware - 3

Install one or more spyware scanners that operate similar to the virus scanners.

- Adaware SE Personal download free from

- SpyBot Search and Destroy free from

spyware 4
Spyware - 4
  • These 2 programs are recommended to be installed on your computer.
  • Microsoft Windows Defender may be run to automatically self-update and in real time check for attempts to plant spies on your computer. Spy Bot S&D is not recommended for real time protection.
  • Please be careful in using antispy programs. They may give false positive results marking some of your useful applications as spyware. In such cases uncheck the programs you are sure are not planted spies and do not delete them.
  • You will be amazed how many spies you will find on your computer after the first scan! Their number will be between a hundred and several thousand.
  • Please do not forget to update and run antispy scans at least once in a week!
spyware 5
Spyware - 5
  • Avoid pseudo-freebies commercial programs:media players (Real, QuickTime, MS Windows Media Player, etc.), weather bars, search bars, instant messengers (AIM, MSN, ICQ)USE INSTEAD:
  • Truly free and versatile Media Player Classic
  • Miranda instant messenger (ICQ, AIM, MSN, and more)
  • Weather and search extensions to Firefox browser
  • Completely uninstall Windows Messenger service
web browsers23
Web Browsers
  • Internet Explorer – obsolete and deprecated
  • Firefox – the tool of choice
  • Mozilla – father of Firefox
  • Netscape – granddad of Firefox
  • Opera – the best but a bit Nordically strict, not to say Teutonic (made in Norway).
internet explorer
Internet Explorer
  • Won in unfair fight with old Netscape, became eventually monopolist
  • Has many security holes
  • Is the target of BAD GUYS
  • Not recommended by the US Department of Homeland Security (DHS).
  • Uses ActiveX that plants viruses on computer
  • Switching to Firefox browser is like starting free walking after a year in wheelchair
firefox browser
Firefox Browser
  • Provides for Tabbed Browsing loading pages in background (wheel-click or CTRL-click)
  • Has “extensions” to restore last session, to restore closed pages, to manage tabs, acceleration, scrapbook, pop-up blocker, unwanted picture removal, weather forecast and more…
  • Cookies control and Password management
  • Has Internet Explorer in a tab window with one click for dealing with badly designed websites
  • Secure!
pop up blockers
Pop-up Blockers
  • Special applications exist
  • Firefox does a good job, particularly with Adblock extensions
  • Internet Explorer has a basic blocker
  • Firefox removes selected pictures_____________________________________
  • It is not desirable to have several different pop-up blockers in different applications because this may lead to breaking navigation and display of some websites
using email 1
Using Email - 1

You read and send email with Email Client

There are so many different Email Client programs --

make your own choice


some of Email Clients

and some of Email USERS

go outside of Internet Standards

- incompatibility of messages

- errors in transmission and reception

using email 2
Using Email - 2

POP server delivers all messages to your computer --good when you are on a fast connection

IMAP server delivers only message headers and messages on demand -- good when you are on a dial-upYet you will not have all messages on your computer

Thunderbird, Eudora, TheBat! support multiple email accounts

Webmail allows to use email with your browser --good when you are on the go

For non professional use: Hotmail, Yahoo, etc. --but it is not a true email

email programs outlook
Email Programs: Outlook
  • The use of Outlook and Outlook Express is discouraged although by now Microsoft plugged many of the security holes in them.
  • These email programs are the targets of virus and malware mongers, which may lead to big problems in your computer.
  • If you still intend to use this program, please check regularly that its capability to execute malicious code in messages is still turned off -- it has a tendency to occasionally turn itself on.
  • Thunderbird Email Program easily imports all Outlooks settings and archived messages
email programs thunderbird
Email Programs: Thunderbird
  • Modern program for email much similar to old Netscape 4
  • Powerful message filtering in specified topic folders
  • Has an inbuilt self-learning spam filter that is very efficient and excludes the need of an external spam blocker
  • May operate several different email accounts
  • Turn off writing in HTML in option settings!
  • Thunderbird easily imports settings and messages from major email programs
email programs lotusnotes
Email Programs: LotusNotes
  • Turn off the capability to execute malicious code that may be included in email messages.
  • Change the default for calling browser when clicking on the link embedded in a message. This default needs to be replaced with the installed default browser -- Firefox or Opera. Calling Internet Explorer is dangerous!
using email 9 basic rules of nice conduct
Using Email - 9 Basic Rules of Nice Conduct

1. Never consider email as confidential

2. Email should best be a simple message

3. Do not send messages formatted with HTML --

not all email clients can deal with them in the same way,

opening HTML message confirms a hit for spammers

(impossible in AOL email program )

4. Avoid sending binary attachments

these may come corrupted and can carry viruses

How to avoid binary attachments in Email, see

5. Do not open “strange” messages

internet s most intimate secret
Internet’s Most Intimate Secret

Like Wine Dichotomy in Russia

- Vodka, Moonshine, Brandy

are considered

White wine

- all the rest are

Red wines

internet s most intimate secret35
Internet’s Most Intimate Secret

Data Dichotomy in Internet

- Text files: Plain English text: A-Z, a-z, 0-9

- Binary files: all the rest

internet s most intimate secret36
Internet’s Most Intimate Secret

The Revelation

Only text files can go through Internet Binary files will come corrupted

To send a binary, it must be converted to

a text file (encoded) and on the receiving end

the encoded file must be decoded.

In Email, binary files go as attachments.

Different email programs treat attachments differently, which may lead to confusion and errors

professional communications medical and confidential
Professional Communicationsmedical and confidential
  • Communications with patients should be authenticated to avoid forgeries and trolling
  • Cryptographic signature/certificate
  • Watch for SECURE CONNECTION “lock” icon in the browser when submitting confidential data!
  • Beware of the bogus phishing websites!
phishing in email
Phishing in Email

O Bad guys try to obtain info on your

financial data and other confidentials

O Banks and real traders never ask you

about such with emails – NEVER.

O Bad guys create fake websites looking like

real ones, say Amazon and steal your data.

O Always check if your data will be sent to the

right destination by analyzing the links!

security communications
Security: Communications

Cryptonomicon by Neal Stephenson

80% adventures and fiction, 5% pearls

recommendations 1
Recommendations - 1
  • Avoid mainstream programs like Microsoft’s, AOL’s, etc. – use existing alternatives
  • Use Firefox for web browser
  • Use Thunderbird for email
  • Update Windows and verify that update completed – weekly
  • Never connect to Internet without running virus protection
recommendations 2
Recommendations - 2
  • Install a firewall – ZoneAlarm
  • Turn off Windows spying features and unneeded services
  • Make file extensions visible
  • Install, update and run weekly several Antispy programs – Adaware, Spybot, MSAntispy
  • Use anti-spam filters in email
  • Do not open strange email messages – trash them
recommendations 3
Recommendations - 3
  • Do not emulate spammers: do not write messages formatted in HTML
  • Avoid sending binary attachments.Never send EXE and ZIP files
  • Never open attachments in unsolicited emails
  • Be cautious opening attachments even from your known partners. They may be infected
recommendations 4
Recommendations - 4
  • Install extensions in Firefox browser to expand its functionality
  • Before clicking on any link, verify where this link actually leads you
  • Set up your browser to delete cookies when you close browser
  • Set up your email program not to execute javascript embedded in messages
  • Beware of phishing
secure use of internet safe hex44

Secure Use of Internet“Safe Hex”

Presentation by Vlad Olchanski, PhD

VCU Department of Internal Medicine

at the Virginia Heart Institute

February 17, 2006

(804) 828-5384