slide1 n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Ernest Staats erstaats@gcasda.org Technology Director MS Information Assurance, CISSP, CEH, CWNA, Security+, MCSE, CNA, PowerPoint Presentation
Download Presentation
Ernest Staats erstaats@gcasda.org Technology Director MS Information Assurance, CISSP, CEH, CWNA, Security+, MCSE, CNA,

Loading in 2 Seconds...

  share
play fullscreen
1 / 39
saskia

Ernest Staats erstaats@gcasda.org Technology Director MS Information Assurance, CISSP, CEH, CWNA, Security+, MCSE, CNA, - PowerPoint PPT Presentation

119 Views
Download Presentation
Ernest Staats erstaats@gcasda.org Technology Director MS Information Assurance, CISSP, CEH, CWNA, Security+, MCSE, CNA,
An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Resources available @ www.es-es.net/2.html Ernest Staatserstaats@gcasda.org Technology Director MS Information Assurance, CISSP, CEH, CWNA, Security+, MCSE, CNA, I-Net+, Network+, Server+, A+

  2. Social Media is #1

  3. Youth vs Adult Reality • Parents feel better informed about teens’ online activity than teens think parents are (29 point Gap) • How closely do your parents follow or monitor what you do online or on a cell phone? (45 point Gap ) • Social networking sites like Facebook (18 point Gap) • Twitter (24 point Gap) • Email, Youtube, Instagram (10 point Gap) • Two in five teens admit to having posted something online that they later regretted

  4. Ensure Your Loved Ones Are Protected From Ongoing Threats By: (1) Educating Yourself(2) Setting Guidelines &(3) Installing Parental Control Software

  5. Communicate Monitor Report COMMUNICATION

  6. Establish rules for online life

  7. Golden Rules to Teach Rules from “real” life apply: courtesy, kindness, modesty, dignity, respect for law and others, etc. Don’t talk/txt / MMS strangers Keep personal information private (No cell # on FB) Anything posted on the internet or sent via txt is not private and lasts forever (including photos, videos, etc.) Communicate if you encounter something uncomfortable

  8. Anti-virus softwareFiltering programs eMonitoring software Parental supervision Parental supervision

  9. Mobile Technologies

  10. Gaming http://support.xbox.com/en-US/billing-and-subscriptions/parental-controls/xbox-live-parental-control

  11. What does Your Phone Know? • Text messages, even deleted ones • Words in your personal dictionary • Facebook contacts • Tens of thousands of locationpings • Every website ever visited • What locations you have mapped • (SwiftKey - Personalization) • Emails going back a month • Your photos with geolocation data attached – even if deleted • How many times you have checked your email • Any application ever installed on your device • Just for Fun : Can they get into your VM or fake the caller ID http://www.telespoof.com/freecall/agi

  12. Teaching safety

  13. Phone controls 4G/ WIFI • NetNanny Parental Controls • Go to NetNanny's Software Site • SMobile Parental Controls • Go to Smobile's Software Site • Verizon Parental Controls • Go to Verizon's Parental Control Center • Vendor Specific options • AT&T Smart Limits (English) • AT&T Smart Limits (Spanish) • Go to AT&T's Site • Microsoft Family PACT • Go to Microsoft's Xbox Safety Site • MySpace Safety Tips • Go to MySpace's Safety Center

  14. Bypass Controls • Cell Controls do not work on WIFI • TXT control doesn’t work on email I can email a mobile account and chat via email • Factory resetting device • Use other devices-- iPod touch, Kindle, or other’s device • Proxies

  15. Counter Bypass • Use filter on the router and Open DNS • Step by step guide on es-es.org/2.html • Control internet access time and locations and application install • Use an MDM that alerts you when your secure profile is altered is Factory resetting device http://www.meraki.com/products/systems-manager/ • Knowing about other devices helps--- • Set filter to stop bypass proxies both on the router and on Open DNS

  16. Filtering Software • Vendor Specific options • AT&T Smart Limits (English)

  17. Portable Apps to discover passwords and histories • Demo portable apps to find history and passwords

  18. Meta Data Images Hands on Go to Jeffrey's Exif Viewer http://regex.info/exif.cgi Photo 1http://es-es.org/resources/cm2011/photo.JPG Where was the photo taken of the Police office was the photographer on the sidewalk or somewhere else what kind of device was used to take the photo Second photo http://es-es.org/resources/cm2011/cropped.jpg Who is in the photo besides the kids? What device was used to take the photo

  19. Teens Report Risky Behaviors • Nearly half of teens say they have done each of these things online with someone they don’t know personally: • •Friended them on a social networking site (49%) • •Shared movie/TV/game recommendations (49%) • •Chatted online (44%) • Half have shared at least one of the following types of personal information online with someone they don’t know: • •The city/town where they live (35%) • •Their first and last names (31%) • •The school they attend (25%) • •Their phone number (21%)

  20. Social Safety • Put everything behind password protected walls • Protect your password and know who someone is before you friends them • Don't post anything your parents, principal or a predator couldn't see • What you post online stays online - forever - so, ThinkB4uClick! • Don't so or say anything online you wouldn't say offline • Get friends okay before posting something about them or their pic online • Check what your friends are posting/saying about you • Be prepared to attach your Social Profile to your college, job, internship, scholarship or sports team application

  21. Facebook Security

  22. Security Issues • Inherent trust “It’s MY PHONE.” • Just going to a website one can steal all your info: • contacts, text messages, photos, videos, credit card information • PIN security – secure or easy to do 1 handed Camera and mic can be turned on Without permission • If an APP is free -- WHY?

  23. GEO Tagging • August of 2010, Adam Savage, of “MythBusters,” took a photo of his vehicle using his smartphone. He then posted the photo to his Twitter account including the phrase “off to work.” • The image contained metadata reveling the exact geographical location the photo. • Savage revealed the exact location of his home, the vehicle he drives and the time he leaves for work. Read the full story here: http://nyti.ms/917hRh

  24. Turn off GPS function on phones

  25. Cell Safety Tips • Text or cell calls can be intercepted easily • You never know who is calling you • Texting is viral—anything sent in a text can be easily forwarded and shared • Never to reveal cell phone numbers or passwords online • Sending sexually explicit or provocative images or text messages = You become a registered sex offender for life…. • If the cell phone is on it can be triangulated even if the location services are off • Any web site or app can get your IP address then it can do a lookup to find where are located and they can also pull a lot of information as well….

  26. Social / Mobile Exposure Demo

  27. Facebook Images 275469_100001925656445_30740_n.jpg inurl:100001925656445

  28. Scrubbing Meta Data • Software • Jpg and PNG metadata striper http://www.steelbytes.com/?mid=30 • BatchPurifier LITE • http://www.digitalconfidence.com/downloads.html • Doc Scrubber • http://www.javacoolsoftware.com/dsdownload.html • Website • http://regex.info/exif.cgi

  29. Demo U R Being Watched

  30. Geolocation tools • http://www.bing.com/maps • http://twittermap.appspot.com • http://www.fourwhere.com/ • http://icanstalku.com • http://ip2geolocation.com • Cree.pyGreat tool for geolocating/tracking Twitter/Foursquare users. Not only pulls coordinates from the posts directly, but can grab them from the EXIF data in pictures they link to.http://ilektrojohn.github.com/creepy/

  31. Safe Posting Tips: • Use nickname only • Change the zip code • Use cartoons, drawings, or avatars • Make the profile private • Ask permission to add a friend

  32. Sexting • 22 % girls/18 % boys have electronically sent or posted nude or semi-nude images • 1/3 boys ¼ girls have had nude or semi-nude images shared with them • 40 percent report posting sexually suggestive messages • ½ receive sexually suggestive messages http://voices.washingtonpost.com/parenting/2008/12/sexting.html

  33. Do: Understand the Risks Associated with Geotagging Location/GPS data attached to photos Feature in Smartphones and digital cameras Lat/Long Device details “Check-in” feature Facebook Places Google Latitude Foursquare Gowalla “Do’s”

  34. Do: Assume the Internet is FOREVER There is no true delete on the internet WWW means World Wide Web Every Picture Every Post Every Detail “Do’s”

  35. Don’t: Grant the Same Access to Everyone Don’t treat all Friends equally Control & customize individual access Do create groups Tractor club Family Set permissions for everything: Your status Photos Postings “Don’ts”

  36. Don’t: Depend on SNS’s Security Settings But it’s set to private … right? Hackers Incorrect or incomplete settings They Sell YOU!! Upgrades/site changes “Risks inherent in sharing information” “USE AT YOUR OWN RISK. We do not guarantee that only authorized persons will view your information.” “Don’ts”

  37. Don’t: Trust Add-On’s or Applications Plugins, Games, Applications Third Party Software Applications designed to collect data Malicious code Separate terms of use & privacy “We are not responsible for third party circumvention of any privacy settings or security measures.” “Don’ts”

  38. Tips for Social Networking Safety Evaluate your settings to restrict access. Do not allow social networking sites to scan your email address book. Directly enter the address of your social networking site into your browser. Be careful when using extras on your site. Use strong passwords. Check privacy policies and choose carefully. Stay abreast of the latest tricks, scams, and hoaxes. • http://mashable.com/ - The Social Media Guide • http://www.hoax-slayer.com/ - debunking email hoaxes and Internet scams • http://garwarner.blogspot.com/ - UABs Gary Warner blogs on cyber crime

  39. Set A Standard • Psalm 101:3 • I will refuse to look at anything vile and vulgar...