Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computer Security What to Know and What to Do Presented to CUGG 10/2005 2/2012 Jamie Leben IT-Works Computer Services www.i-t-w.comwww.i-t-w.com 970-405-4399.

Published byKendal Slaydon Modified over 10 years ago

Similar presentations

Presentation on theme: "Computer Security What to Know and What to Do Presented to CUGG 10/2005 2/2012 Jamie Leben IT-Works Computer Services www.i-t-w.comwww.i-t-w.com 970-405-4399."— Presentation transcript:

1 Computer Security What to Know and What to Do Presented to CUGG 10/2005 2/2012 Jamie Leben IT-Works Computer Services www.i-t-w.comwww.i-t-w.com 970-405-4399 www.i-t-w.com Copyright 2005

2 What to Know?

3 What to Know Consumers Union, the organization that publishes Consumer Reports, estimates there's a 1-in-3 chance this year that computer users at home will have their identity stolen or their computer damaged from the proliferation of malicious programs

4 What to Know Resources en.wikipedia.org - online encyclopedia, use to research unfamiliar computer terms en.wikipedia.org - online encyclopedia, use to research unfamiliar computer terms www.staysafeonline.org - National Cyber Security Alliance Home Page www.staysafeonline.org - National Cyber Security Alliance Home Page

5 What to Know Terminology ActiveX Controls (malicious): ActiveX is a Microsoft platform for software componentry. It is used to enable cross-application communication and dynamic object creation in any programming language that supports the technology. The embedding of COM into the Internet Explorer web browser (under the name of ActiveX) created a combination of problems that has led to an explosion of computer virus, trojan and spyware infections. These malware attacks mostly depend on ActiveX for their activation and propagation to other computers. ActiveX Controls (malicious): ActiveX is a Microsoft platform for software componentry. It is used to enable cross-application communication and dynamic object creation in any programming language that supports the technology. The embedding of COM into the Internet Explorer web browser (under the name of ActiveX) created a combination of problems that has led to an explosion of computer virus, trojan and spyware infections. These malware attacks mostly depend on ActiveX for their activation and propagation to other computers.

6 What to Know Terminology Botnet: Botnet is a jargon term for a collection of software robots, or bots, which run autonomously. A botnet's originator can control the group remotely, usually through a means such as IRC, and usually for nefarious purposes. A botnet can comprise a collection of cracked machines running programs (usually referred to as worms, Trojan horses, or backdoors) under a common command and control infrastructure. Botnets serve various purposes, including Denial-of-service attacks, creation or misuse of SMTP mail relays for spam, click fraud, and the theft of application serial numbers, login IDs, and financial information such as credit card numbers. Botnet: Botnet is a jargon term for a collection of software robots, or bots, which run autonomously. A botnet's originator can control the group remotely, usually through a means such as IRC, and usually for nefarious purposes. A botnet can comprise a collection of cracked machines running programs (usually referred to as worms, Trojan horses, or backdoors) under a common command and control infrastructure. Botnets serve various purposes, including Denial-of-service attacks, creation or misuse of SMTP mail relays for spam, click fraud, and the theft of application serial numbers, login IDs, and financial information such as credit card numbers.

7 What to Know Terminology Firewall: In computing, a firewall is a piece of hardware and/or software which functions in a networked environment to prevent some communications forbidden by the security policy, analogous to the function of firewalls in building construction. Firewall: In computing, a firewall is a piece of hardware and/or software which functions in a networked environment to prevent some communications forbidden by the security policy, analogous to the function of firewalls in building construction.

8 What to Know Terminology Malware: Malware (a portmanteau of "malicious software") is software program designed to fulfill any purpose contrary to the interests of the person running it. Examples of malware include viruses and trojan horses. Malware: Malware (a portmanteau of "malicious software") is software program designed to fulfill any purpose contrary to the interests of the person running it. Examples of malware include viruses and trojan horses.

9 What to Know Terminology Peer to Peer (P2P): A peer-to-peer (or P2P) computer network is a network that relies on the computing power and bandwidth of the participants in the network rather than concentrating it in a relatively few servers. P2P networks are typically used for connecting nodes via largely ad hoc connections. Such networks are useful for many purposes. Sharing content files (see file sharing) containing audio, video, data or anything in digital format is very common, and realtime data, such as telephony traffic, is also passed using P2P technology. Peer to Peer (P2P): A peer-to-peer (or P2P) computer network is a network that relies on the computing power and bandwidth of the participants in the network rather than concentrating it in a relatively few servers. P2P networks are typically used for connecting nodes via largely ad hoc connections. Such networks are useful for many purposes. Sharing content files (see file sharing) containing audio, video, data or anything in digital format is very common, and realtime data, such as telephony traffic, is also passed using P2P technology.

10 What to Know Terminology Pharming: Pharming is the exploitation of a vulnerability in the DNS server software that allows a cracker to acquire the Domain Name for a site, and to redirect that website's traffic to another web site. DNS servers are the machines responsible for resolving internet names into their real addresses the "signposts" of the internet. Pharming: Pharming is the exploitation of a vulnerability in the DNS server software that allows a cracker to acquire the Domain Name for a site, and to redirect that website's traffic to another web site. DNS servers are the machines responsible for resolving internet names into their real addresses the "signposts" of the internet.

11 What to Know Terminology Spyware: Spyware is a broad category of malicious software intended to intercept or take partial control of a computer's operation without the user's informed consent. Spyware: Spyware is a broad category of malicious software intended to intercept or take partial control of a computer's operation without the user's informed consent.

12 What to Know Terminology SSL security certificate: SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use, only the server is authenticated (i.e. its identity is ensured) while the client remains unauthenticated. SSL security certificate: SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use, only the server is authenticated (i.e. its identity is ensured) while the client remains unauthenticated.

13 What to Know Terminology Phishing: In computing, phishing (also known as carding and spoofing) is a form of social engineering, characterised by attempts to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an apparently official electronic communication, such as an email or an instant message. The term phishing arises from the use of increasingly sophisticated lures to "fish" for users' financial information and passwords. Phishing: In computing, phishing (also known as carding and spoofing) is a form of social engineering, characterised by attempts to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an apparently official electronic communication, such as an email or an instant message. The term phishing arises from the use of increasingly sophisticated lures to "fish" for users' financial information and passwords.

14 What to Know Terminology Trojan: A trojan horse program has a useful and desired function, or at least it has the appearance of having such. Secretly the program performs other, undesired functions. The useful, or seemingly useful, functions serve as camouflage for these undesired functions. The kind of undesired functions are not part of the definition of a Trojan Horse; they can be of any kind. They relied on fooling people to allow the program to perform actions that they would otherwise not have voluntarily performed. Trojans of recent times also contain functions and strategies that enable their spreading. This moves them closer to the definition of computer viruses, and it becomes difficult to clearly distinguish such mixed programs between Trojan horses and viruses. Trojan: A trojan horse program has a useful and desired function, or at least it has the appearance of having such. Secretly the program performs other, undesired functions. The useful, or seemingly useful, functions serve as camouflage for these undesired functions. The kind of undesired functions are not part of the definition of a Trojan Horse; they can be of any kind. They relied on fooling people to allow the program to perform actions that they would otherwise not have voluntarily performed. Trojans of recent times also contain functions and strategies that enable their spreading. This moves them closer to the definition of computer viruses, and it becomes difficult to clearly distinguish such mixed programs between Trojan horses and viruses.

15 What to Know Terminology Virus: In computer security technology, a virus is a self-replicating program that spreads by inserting copies of itself into other executable code or documents. Virus: In computer security technology, a virus is a self-replicating program that spreads by inserting copies of itself into other executable code or documents.

16 What to Know Terminology Worm: A computer worm is a self-replicating computer program, similar to a computer virus. a worm is self-contained and does not need to be part of another program to propagate itself. Worm: A computer worm is a self-replicating computer program, similar to a computer virus. a worm is self-contained and does not need to be part of another program to propagate itself.

17 What to Know Terminology Rootkit: A rootkit is a stealthy type of malicious software (malware) designed to hide the existence of certain processes or programs from normal methods of detection and enables continued privileged access to a computer. Rootkit: A rootkit is a stealthy type of malicious software (malware) designed to hide the existence of certain processes or programs from normal methods of detection and enables continued privileged access to a computer.softwareprivileged accesssoftwareprivileged access http://en.wikipedia.org/wiki/Rootkit

18 What to Do?????

19 What to Do? Don't let the grandkids use the computer :) They are great for installing malicious ActiveX and javascript They are great for installing malicious ActiveX and javascript Many use P2P software- a haven for infected files Many use P2P software- a haven for infected files Will readily click the button labeled Will readily click the button labeled Click here to install junk on this machine Click here to install junk on this machine

20 What to Do? Antivirus software installed and up to date Microsoft Security Essentials Microsoft Security Essentials http://windows.microsoft.com/en-US/windows/products/security-essentials Free Avast antivirus Free Avast antivirus http://www.avast.com/free-antivirus-download Free AVG antivirus Free AVG antivirus http://free.avg.com/us-en/homepage I suggest 1 antivirus program, and 1 or more antispyware programs I suggest 1 antivirus program, and 1 or more antispyware programs

21 What to Do? Antispyware software installed and up to date Malwarebytes Malwarebytes http://www.malwarebytes.org Ad-Aware Ad-Aware http://www.lavasoft.com Spybot Search and Destroy Spybot Search and Destroy http://www.safer-networking.org/en/index.html

22 What to Do? Have an active Firewall External router is a good idea w/ high speed External router is a good idea w/ high speed Windows XP SP1 or greater includes a good firewall Windows XP SP1 or greater includes a good firewall Vista, 7, Mac OS X, and Linux include good firewall Vista, 7, Mac OS X, and Linux include good firewall

23 What to Do? Update operating system http://www.update.microsoft.com - free updates for windows http://www.update.microsoft.com - free updates for windows http://www.update.microsoft.com Keep automatic updates enabled, install updates when recommended Keep automatic updates enabled, install updates when recommended

24 What to Do? Use a (free) alternative browser- Chrome Chrome https://www.google.com/chrome Firefox Firefox http://www.getfirefox.com Opera Opera http://www.opera.com/ Safari Safari http://www.apple.com/safari/

25 What to Do? Don't trust emails claiming to be from banks, ebay, paypal Who can remember the term for these? Who can remember the term for these? Check www.snopes.com for accuracy. www.snopes.com

26 What to Do? Be extremely cautious of websites that produce (SSL) security certificate warnings May mean the website itself has been hijacked May mean the website itself has been hijacked Who recalls the term for this? Who recalls the term for this?

27 What to Do? Be cautious clicking pop up windows. Can link to trojans Can link to trojans

28 What to Do? Don't install ActiveX without verification Beware unsigned ActiveX control messages Beware unsigned ActiveX control messages

29 What to Do? Don't open email attachments without verifying with the sender first.

30 What to Do? Be wary of content on Peer to peer file sharing networks (don't share copyrighted material)

31 What to Do? Switch to Linux or Mac OS

32 Im infected, what now? System restore to a known good dateSystem restore to a known good date Start in safe mode with networkingStart in safe mode with networking Download:Download: Tdsskiller (antirootkit) http://support.kaspersky.com/faq/?qid=208280684 Tdsskiller (antirootkit) http://support.kaspersky.com/faq/?qid=208280684 http://support.kaspersky.com/faq/?qid=208280684 Combofix (antimalware) http://www.bleepingcomputer.com/download/anti- virus/combofix Combofix (antimalware) http://www.bleepingcomputer.com/download/anti- virus/combofix http://www.bleepingcomputer.com/download/anti- virus/combofix http://www.bleepingcomputer.com/download/anti- virus/combofix Malwarebytes (antimalware) http://www.malwarebytes.org Malwarebytes (antimalware) http://www.malwarebytes.org http://www.malwarebytes.org Run one at a time, in the order above, rebooting as the programs suggestRun one at a time, in the order above, rebooting as the programs suggest

33 Im infected, what now? Scan twice with combofix- once in safe mode, reboot into regular mode, scan againScan twice with combofix- once in safe mode, reboot into regular mode, scan again Repeat full scans with malwarebytes until the scans come clean, or your are on your third scan, with infections remaining- youll probably need to back up and reinstall.Repeat full scans with malwarebytes until the scans come clean, or your are on your third scan, with infections remaining- youll probably need to back up and reinstall.

34 Questions?

Download ppt "Computer Security What to Know and What to Do Presented to CUGG 10/2005 2/2012 Jamie Leben IT-Works Computer Services www.i-t-w.comwww.i-t-w.com 970-405-4399."

Similar presentations

Copyright, 1995-2006 1 The Malware Menagerie Roger Clarke, Xamax Consultancy, Canberra Visiting Professor in Cyberspace Law & Policy at U.N.S.W., eCommerce.

Copyright, The Malware Menagerie Roger Clarke, Xamax Consultancy, Canberra Visiting Professor in Cyberspace Law & Policy at U.N.S.W., eCommerce.
Viruses & Spyware A Module of the CYC Course – Computer Security 8-28-10.

Viruses & Spyware A Module of the CYC Course – Computer Security
Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Presented by Jamie Leben IT-Works Computer Services

Presented by Jamie Leben IT-Works Computer Services
Wichita Public Library Rex Cornelius Electronic Resources Webliography online at:

Wichita Public Library Rex Cornelius Electronic Resources Webliography online at:
Let’s Talk About Cyber Security

Let’s Talk About Cyber Security
Computer Security What to Know and What to Do Presented to CUGG 10-9-2005 Jamie Leben IT-Works Computer Services www.i-t-w.comwww.i-t-w.com 970-405-4399.

Computer Security What to Know and What to Do Presented to CUGG Jamie Leben IT-Works Computer Services
Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Phishing and Pharming New Identity Theft Threats Presentation by Jason Guthrie.

Phishing and Pharming New Identity Theft Threats Presentation by Jason Guthrie.
Computer Viruses.

Computer Viruses.
Malicious Attacks By Chris Berg-Jones, Ethan Ungchusri, and Angela Wang.

Malicious Attacks By Chris Berg-Jones, Ethan Ungchusri, and Angela Wang.
Content  Overview of Computer Networks (Wireless and Wired)  IP Address, MAC Address and Workgroups  LAN Setup and Creating Workgroup  Concept on.

Content  Overview of Computer Networks (Wireless and Wired)  IP Address, MAC Address and Workgroups  LAN Setup and Creating Workgroup  Concept on.
Threats To A Computer Network

Threats To A Computer Network
Nasca 2007 100 200 300 400 500 Internet Networking and Security viruses.

Nasca Internet Networking and Security viruses.
Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.

Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.
What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:

What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:
Spring 2008 www.umsl.edu/~iclabs. Definitions  Virus  A virus is a piece of computer code that attaches itself to a program or file so it can spread.

Spring Definitions  Virus  A virus is a piece of computer code that attaches itself to a program or file so it can spread.
FIRST COURSE Computer Concepts Internet and Email Microsoft Office Get to Know Your Computer.

FIRST COURSE Computer Concepts Internet and Microsoft Office Get to Know Your Computer.
Internet Safety for Students Malicious Programs By: Mr. Bradshaw Scott City R-1 Schools.

Internet Safety for Students Malicious Programs By: Mr. Bradshaw Scott City R-1 Schools.

Similar presentations

Ads by Google