Safe Computing

Tom Kelliher, CS 102

Sept. 17, 2004

Administrivia

Announcements

PowerPoint assignment due Monday. E-mail attachment before class.

Assignment

Read 2.6--2.10. Questions on pp. 93--94: 13, 14, 17, and 18.

From Last Time

PowerPoint lab.

Outline

  1. Introduction to safe computing.

Coming Up

Lab.

Introduction to Safe Computing

  1. Important to control our cyber-selves and secure our PCs.
    1. Identity theft.

    2. SPAM. Phishing.

    3. Loss of data through hacking.

    4. Responsibility to secure PCs. Incrimination?

    5. On the horizon: RFID technology.

  2. History of hacking. In the beginning, hacking was a good thing.

    Mentality of hackers.

  3. Acceptable Use Policies/Terms of Service
    1. No spam.

    2. No commercial use.

    3. No illegal activity.

    4. No excessive use of resources.

    5. No damage.

    6. Right to cut you off.

    7. No re-selling of service.

    8. Limit on number of nodes in a home network.

    Goucher AUP.

  4. Passwords
    1. Never reveal.

    2. Choose good passwords. How to choose?

    3. How many to use? How often to change? Why?

  5. Anonymizers and throw-away e-mail addresses as tools.

  6. Social engineering as a hacker's tool.

  7. Safe computing:
    1. Viruses, trojans, worms; what are they?

      (Come as disguised executables in e-mail, DOS attacks via ``drones,'' SQL Slammer: three minutes after release was scanning 55 million hosts per sec. Worldwide damage within 10 minutes.)

      Macro viruses, script viruses.

    2. Prevention: virus scanning software:
      1. Config to check everything.

      2. Auto-download updates.

      3. Be paranoid.

    3. More prevention: firewall:
      1. Types of protection: inbound blocking, outbound monitoring.

      2. Basics of networks: workstations, routers, DNS/IP, ports.

      3. How they work.

      4. Is ICF enough?

      5. Free firewall: Zone Alarm.

        Symantec has Norton Personal Firewall.

    4. Even more prevention: spyware detection:
      1. What is it?

      2. Where can it be found --- KaZaA.

      3. Not yet well understood --- some legitimate software could be classified as spyware.

      4. Free, good spyware detection packages: Ad-aware, Spybot.



Thomas P. Kelliher
Tue Sep 14 18:32:09 EDT 2004
Tom Kelliher