Presentation on theme: "Acceptable Use Policy –The Acceptable Use Policy defines the rules of the machine and internet connection you are on. –Specific policies differ by machine."— Presentation transcript:
Acceptable Use Policy –The Acceptable Use Policy defines the rules of the machine and internet connection you are on. –Specific policies differ by machine owner. –Most companies and universities require some form to be signed stating that the machines will be used acceptably. –Most service providers require some acknowledgment that you are aware of and will abide by a set of rules. –They typically require that you will not run your own business, violate copyrights, perform illegal or harassing activities, or view pornographic material.
Internet Privacy –There is no privacy on the Internet – yet. –Passwords - The basic defensive measure. –Hackers use machines to rapidly try combinations of passwords. –Phishing attacks attempt to fool you into giving away your password or other account information. –Use more than 6 characters and special characters (!@#$%) to increase combinations possible. –Protecting Files –Access to files is typically given to user, group, and world. More complex schemes can be incorporated within software. –Keep truly sensitive files disconnected from the internet. –Firewalls –Attempts to control your machines access to the internet –Attempts to block unwanted access to your machine
Internet Attacks, General –All software must be executed or run before it can do anything –How does the software get on your machine? –Through an infected file. –By downloading unsafe software deliberately designed to contain the harmful software. –Email attachments. –HTML links running scripts. –Placed there by software. –Placed there by hackers. –Protection –Virus scanning software with constant updates. –Firewall to limit access to your machine. –Good policies: –Don’t automatically open email –Don’t use program until scanned –Update scanner frequently (to get the latest viruses)
Internet Attacks, Viruses –Viruses –Act like biological viruses in that they attach themselves to a host program or email. –Viruses cannot infect the machine until the host is executed. –Viruses propagate by moving the infected file from one machine to another. –Can be harmless or very harmful –Tend to affect MS products as MS is so popular.
Internet Attacks –Trojan Horses –Are embedded within useful software. –Performs a secondary function while the software is in operation. –Worms –Standalone software that propagates through the internet –Tries to find a host machine on which to run without the owners knowledge.
Internet Attacks –Email Attacks –These viruses, etc, use the email system to propagate. –They all need your help – be careful opening attachments. –They use your address book to forward themselves to others. –Denial of Service Attacks –Floods a server with requests using multiple “robots” on multiple machines. –Currently popular form of attack –Robots can be set up over time and instructed to “attack” at once. –Protection is very difficult right now – multiple servers.
Hoaxes and Scams –Hoaxes and scams use human gullibility to achieve their aims. –Hoaxes –Designed to use up internet resources (bandwidth and your time) –Hoaxes use humans to propagate. –Recognizing them: –“Send this to everyone you know!” is a big tip off. –Typically has good sounding jargon that is really meaningless. –Typically references some authority (often non-existent) –What to do? –If suspicious, don’t send it out. –Check with web sites like http://hoaxbusters.ciac.org
Hoaxes and Scams –Scams –Designed to separate you from your money –May try to get information from you (passwords, account numbers). –Online auctions – caveat emptor! –Recognizing them: –Unwanted solicitation –Request for instant cash (credit card # or faxing a check) –No real way to get in touch with a human (street address, phone) –What to do? –Be suspicious! Ignore un-asked for solicitations. –Check with web sites like http://www.scambusters.comhttp://www.scambusters.com –Online Auctions –Caveat Emptor: check out the seller’s history.
Internet Privacy –Identity Theft occurs when somebody uses your personal identification to obtain loans and services (ref http://www.identitytheft.org and www.privacyrights.org) –Protection (before) –Do not keep personal information on a web-accessible machine –Do not transmit personal information unless from an encrypted web site ( https:// ) –Read through a companies security/privacy policies to be sure. –Protection (after) –Contact all known sources of credit –Obtain a record of your credit status –Consider changing SSN and driver license