Safe Computing

Tom Kelliher, CS 102

Sept. 17, 2003

Administrivia

Announcements

PowerPoint assignment due Friday. E-mail attachment before class.

Assignment

Read 2.6--2.10. Questions on pp. 93--94: 13, 14, 17, and 18.

From Last Time

PowerPoint lab.

Outline

1. Introduction to safe computing.

Coming Up

Lab.

Introduction to Safe Computing

1. Important to control our cyber-selves and secure our PCs.
   1. Identity theft.

   2. SPAM.

   3. Loss of data through hacking.

   4. Responsibility to secure PCs. Incrimination?

2. History of hacking. In the beginning, hacking was a good thing.

   Mentality of hackers.

3. Acceptable Use Policies/Terms of Service
   1. No spam.

   2. No commercial use.

   3. No illegal activity.

   4. No excessive use of resources.

   5. No damage.

   6. Right to cut you off.

   7. No re-selling of service.

   8. Limit on number of nodes in a home network.

   Goucher AUP.

4. Passwords
   1. Never reveal.

   2. Choose good passwords. How to choose?

   3. How many to use? How often to change? Why?

5. Anonymizers and throw-away e-mail addresses as tools.

6. Social engineering as a hacker's tool.

7. Safe computing:
   1. Viruses, trojans, worms; what are they?

      (Come as disguised executables in e-mail, DOS attacks via ``drones,'' SQL Slammer: three minutes after release was scanning 55 million hosts per sec. Worldwide damage within 10 minutes.)

      Macro viruses, script viruses.

   2. Prevention: virus scanning software:
      1. Config to check everything.

      2. Auto-download updates.

      3. Be paranoid.

   3. More prevention: firewall:
      1. Types of protection: inbound blocking, outbound monitoring.

      2. Basics of networks: workstations, routers, DNS/IP, ports.

      3. How they work.

      4. Spyware. In KaZaA.

      5. Is ICF enough?

      6. Free firewall: Zone Alarm.

         Symantec has Norton Personal Firewall.