Home Computer Security

Part 1 – Keeping your computer safe
• Bad software and what it does
• Bad guys and what they do
• Protecting your computer
• What to do when something bad happens
Bio and Disclaimer
• Opinions of Kevin Bong
[email protected], not those of Johnson
Financial Group.
• Software and website recommendations are my
experience, your mileage may vary.
Kevin Bong is the Director of Security for Johnson Financial
Group. Kevin has a BS in Physics and Computer Science from
Carroll University, an MS in Information Security Engineering
from the SANS Institute, and has earned multiple computer
security certifications including the GIAC GSE. Kevin is also
an amateur astronomer, beekeeper, a SANS author and
community instructor, and a pretty neat Dad.
How the Bad Software Gets In
• SPAM/Phishing emails
• Software downloads
• Operating system and web browser bugs
• Third party software bugs (Flash, Adobe,
• Media downloads (music, PDF document, video)
Identifying Phishing Email
• Phish IQ test http://www.sonicwall.com/phishing/
– 14% of phishing emails are identified as legitimate
– Only 7.4% of quiz takers get 100%
• Protect yourself
– Do not disclose or change account info as a result of
an email received
– Never use a form within an email
– Don’t use the links in a suspect email
– Don’t open attachments in unsolicited or suspicious
What the Bad Software Does
• Key Logger
• Remote Video/Keyboard/Mouse/Mic/Speaker
• Document search and download
• Send/relay spam
• Tries to infect other computers
• Performs denial of service attacks
Protecting Your Computer - Antivirus
• Antivirus software looks for files that match a known virus
“signature” – like matching the virus’s fingerprint.
• Only works if up-to-date, new viruses come out daily.
• The Antivirus that came with your PC is probably no
longer up-to-date.
• Use a reputable vendor, read reviews.
• http://www.pcworld.com/article/124475/top_antivirus_software.html
• http://www.avcomparatives.org/images/stories/test/ondret/avc_report21.pdf
DEMO: Antivirus update check
Protecting Your Computer – Anti-Spam
• A lot of attacks are originated by email.
• If you read your email online, look into the virus
and Spam controls of your email provider.
• If you download your email to Windows Mail, etc.,
make sure your antivirus scans it.
• Always be suspicious of strange and unsolicited
Protecting Your Computer - Firewall
• A firewall is a device that sits between your computer and the
“hostile” internet.
• Allows outbound traffic, blocks inbound traffic unless it’s a
response to your outbound traffic.
• Example: Request a web page (outbound), web page sent
back to display in your browser (inbound).
• Great protection from bugs in software that listens for inbound
Blocked inbound
Your Computer
Allowed outbound traffic
The Internet
Choosing a Firewall
• Hardware firewall – functionality built into a
cable/dsl router.
– Pros: Easy to setup and use
– Cons: Doesn’t protect laptop when you travel
• Software firewall – program you install on your
computer to block traffic
– Pros: Many free options, protects while you
travel, may alert you to an infection
– Cons: More “annoying”, prompts to allow or
block traffic or programs, virus may break
More About Routers
• Added Bonus – the Router lets you share
your connection with other computers.
• Encryption/Secure connections- use WPA2
when you can
• Wifi Hotspots
– Assume all the other
computers there will attack
you – update AV, Software
Firewall, etc.
Bugs and Patches
• Apply vendor patches for operating systems
and browsers
– Windowsupdate.microsoft.com for most of you
– Configure and use automatic updates
• Patch third party software
– Especially programs that talk to the Internet or
open files/media downloaded from the Internet
– Adobe acrobat reader, Flash, Shockwave,
Software Downloads
• Download software from a reputable source.
• Use file sharing technology with caution.
– Attackers often incorporate viruses into the files on
P2P file sharing networks.
– You may expose documents or other info on your
– Creates new communication channels that open
your computer up for attack.
– File sharing networks have large amounts of pirated
software, copyrighted material and pornography.
• Viruses guess your password using a dictionary
of common passwords, then infect.
– That’s why it needs to be complex
• Fraudsters trick you into disclosing your
– Be smart, don’t fall for phishing, “pretending to be the
help desk” and other tricks
– Use different passwords for different things
• Fraudsters key log them on an infected machine
– Think about how much you trust the computer before
you type your password
• Needed for virus infection, theft, failure,
breakage, accidental deletion
• Consider storage “location” before the
how/which product
• “Built-in” backup software in Windows XP,
Vista. Also many third party options.
• Original restore media that came with your PC
Backup Options
– Recordable CDs or DVDs
• + Large Volume of data and Versioning
• - Manual process, takes time
– Flash Drives or USB hard drives
• + Small to large volume of data
• - Drive storage and drive failure
– Online services – idrive, adrive, Mozy, Dropbox,
Skydrive, Syncplicity
• + Offsite
• - Privacy concerns?, limited Space
Signs you may be infected
• Antivirus alerts, software firewall alerts
• Pop up advertisements when you launch your
browser, or “all the time”
• Can’t get into control panels or other config
• Can’t get antivirus to run
• Computer running slowly
• Unexpected new toolbars in your browser
• Exceedingly high amount of network traffic
(activity light on your modem/router)
What to do if you may be infected
• Update your antivirus
• Unplug from the Internet and run a full scan
• If Clean
– Download and run an adware/spyware program
• If infected
– Try to clean with Antivirus
– Microsoft malicious software removal tool
– Windows System Restore Tool
– In many cases, you’ll have to backup your files
and rebuild the computer
Checklist for When You Get Home
• Antivirus running and up-to-date
• Patches up to date – operating system,
browser, and any other Internet apps
• Firewall enabled
• Run a backup – start the habit today
Thank You

similar documents