Security Awareness: Security Tips for Protecting Ourselves Online Friday, May 20, 2011 Brian Allen,...
-
Upload
mary-flynn -
Category
Documents
-
view
214 -
download
0
Transcript of Security Awareness: Security Tips for Protecting Ourselves Online Friday, May 20, 2011 Brian Allen,...
Security Awareness:Security Tips for Protecting Ourselves Online
Friday, May 20, 2011
Brian Allen, [email protected]
Network Security AnalystWashington University in St. Louis
http://nso.wustl.edu/presentations/
Let’s Talk About…• Facebook/Social Networking• Password Security• AV Products• Home Wireless Router Security• Laptop Security• Safe Web Browsing• Phishing Examples• Online Banking• Virus Example and Case Study
Parents’ Password Cracked On First Try The Onion News Feb 27, 2002
• REDONDO BEACH, CA – Nick Berrigan, 14, successfully hacked into his parents’ AOL account on the first try Tuesday, correctly guessing that “Digby” was their password.
• “They actually used the dog’s name,” said Berrigan, deactivating the parental controls on his AOL account.
Free Password Managers
1. KeePass – I use this one2. Password Safe
– Bruce Schneier’s Project3. PassPack
– An online password manager
Commercial Password Manager:4. 1Password
-”Works great on iPhone and OS X”
Antivirus
• I look for:– the fastest– update themselves automatically– have an easy to use interface
• AVG = http://free.avg.com• AntiVir = http://www.free-av.com• Avast = http://www.avast.com
From CNET.com Editor ReviewsAVG Popularity: * Total downloads 227,792,675 Avira AntiVir Popularity: * Total downloads 61,994,231 Avast Popularity: * Total downloads 60,978,532
Home Wireless Router Tips
• Change Default Password• Firewall is on by Default• WPA2, not WPA or WEP• MAC Address Filtering• Leave SSID on• No personal info in SSID like Smith_Family
Home Wireless Router Tips
• Change Default Password• Firewall is on by Default• WPA2, not WPA or WEP• MAC Address Filtering• Leave SSID on• No personal info in SSID like Smith_Family
Key Questions to Consider
• How hard is it to disable or remove the software?• Who will have access to the collected data?• How many laptops are lost or stolen every year?
LoJack Pros
• Very difficult to disable• The company, only with the user’s permission,
can log in to:– Take pictures– Erase the hard drive
• Will work with police to recover the laptop
LoJack Bios Compatibility
AsusDellGammatechGetacGatewayGeneral
Dynamics
HPFujitsuLenovo (IBM
Thinkpad)Motion ComputingPanasonicToshiba
LoJack Cons
• Bios compatibility does not include Macintosh– 40% student machines are Macs
• Most Expensive - $49 per laptop• The company can get access into laptops,
although it is only to be initiated by the owner after it is reported stolen
Laptop/USB Encryption
• USB Hardware Encryption – IronKey $$$
• Laptop/USB Encryption – TrueCrypt (Free!)
Four OS Security Tips
• Make sure the operating system has:– Update automatically– Firewall turned on– All accounts have strong passwords– Up-to-date Anti-virus tool
Link Security Tips
• Don’t click links or open attachments in emails.• If you have any doubt, get confirmation directly
from the sender.• Be wary of messages that include attractive
offers or urgent requests.• Watch out for links that require you to
immediately provide a login and password.• Type the URL directly into Google.
Browser Security Tips
• I use Firefox as my regular browser.• Firefox will automatically update itself.• Firefox 3 and 4 have Phishing and Malware
Protection on by default. • Use the Add Block Plus Firefox Addon.
Important Online Banking Tip
• Never type your bank url into a browserOr click on a url that looks like your bank
• Always let Google find it for you– Should be the first link
First: Different Types of Infections
• Viruses – Rely on users to spread: email attachments, links in an email
• Worms – can spread on their own• Trojans – A malicious file that appears to be
legitimate• Bots – A worm that phones home to a
Command & Controller so the attacker can give it instructions
What Do The Infections Do?
• Send Spam• Attack other machines• Set up a Phishing site• Act as a proxy for other malicious traffic• Download spyware/adware to the machine• Run a keylogger
Koobface Botnet
• Koobface made an estimated $2m since July 2009• It makes money by selling scareware (fake anti-
virus), doing click fraud and other scams.• Koobface targets Facebook and other sites.• 400,000+ bots; 20,000+ fake Facebook accounts• Tricks users to execute malware disguised as Flash
updates needed to view shocking content.• The malware turns PCs into zombie drones under
the control of hackers.• http://www.theregister.co.uk/2010/11/15/koobface_take_down/
KoobFace Botnet
• How it works in one example:• Koobface is a Russian based botnet• The threat arrives as a Facebook private
message that contains a supposed link to a youtube video
Koobface Example Continued
• Users who are tricked into clicking the link are redirected to other pages until they finally end up at a spoofed YouTube site called YuoTube
How KoobFace works
• It navigates through users’ FB pages to search for their friends.
• It phones home to get the actual message that the worm will then spread to your friends.
• McAfee says it is not unusual to see 10,000 Koobface variants in one month.
• http://blogs.mcafee.com/mcafee-labs/malware-at-midyear-a-summary
• TrendLabs considers Zeus and Koobface to be the most prolific malware families
• http://us.trendmicro.com/imperia/md/content/us/trendwatch/researchandanalysis/tm101hthreat_report.pdf
Koobface Targets MacOSX
• A new version of Koobface attacks Mac OSX spreads through Facebook.
• Security company Intego says this version uses a malicious Java applet to attack users.
• http://krebsonsecurity.com/2010/10/koobface-worm-targets-java-on-mac-os-x/
Password Managers:KeePass: http://keepass.infoPassword Safe: http://schneier.com/passsafe.htmlPassPack: http://www.passpack.com1Password ($): http://agilebits.com/onepassword Antivirus:AVG: http://free.avg.comAntiVir: http://www.free-av.comAvast : http://www.avast.com Laptop Tracking:LoJack($): http://www.absolute.com/en/lojackforlaptops/home.aspx USB/Laptop Encryption:Ironkey($): https://www.ironkey.comTrueCrypt: http://www.truecrypt.org Firefox Ad Blocker:AdBlock Plus https://addons.mozilla.org/en-US/firefox/addon/adblock-plus
Brian Allen [email protected]