Safe Computing

Tom Kelliher, CS 102

Sept. 15, 2006

Administrivia

Announcements

Assignment

Read 2.6-2.10. Questions on pp. 93-94: 13, 14, 17, and 18.

From Last Time

PowerPoint lab.

Outline

  1. Introduction to safe computing.

Coming Up

Lab.

Introduction to Safe Computing

  1. Important to control our cyber-selves and secure our PCs.
    1. Identity theft.

    2. SPAM. Phishing. (See example.)

    3. Loss of data through hacking.

    4. Responsibility to secure PCs. Incrimination?

    5. On the horizon: RFID technology.

  2. History of hacking. In the beginning, hacking was a good thing.

    Mentality of hackers.

  3. Acceptable Use Policies/Terms of Service
    1. No spam.

    2. No commercial use.

    3. No illegal activity.

    4. No excessive use of resources.

    5. No damage.

    6. Right to cut you off.

    7. No re-selling of service.

    8. Limit on number of nodes in a home network.

    Goucher AUP.

  4. Passwords
    1. Never reveal.

    2. Choose good passwords. How to choose?

    3. How many to use? How often to change? Why?

  5. Anonymizers and throw-away e-mail addresses as tools.

  6. Social engineering as a hacker's tool.

  7. Safe computing:
    1. Viruses, trojans, worms; what are they?

      (Come as disguised executables in e-mail, DOS attacks via ``drones,'' SQL Slammer: three minutes after release was scanning 55 million hosts per sec. Worldwide damage within 10 minutes.)

      Macro viruses, script viruses.

    2. Prevention: virus scanning software:
      1. Config to check everything.

      2. Auto-download updates.

      3. Be paranoid.

    3. More prevention: firewall:
      1. Types of protection: inbound blocking, outbound monitoring.

      2. Basics of networks: workstations, routers, DNS/IP, ports.

      3. How they work.

      4. Is ICF enough? Is the XP SP2 firewall (Windows Firewall) enough?

        ICF is off by default. Windows Firewall is on by default.

      5. Windows Security Center with SP2: Internet Options (pop-up blocking, etc.), Automatic Updates, Windows Firewall, all in one place. Also, check virus scanner for up-to-date signatures.

      6. Free firewall: Zone Alarm.

        Symantec has Norton Personal Firewall.

    4. Even more prevention: spyware detection:
      1. What is it?

      2. Where can it be found -- KaZaA.

      3. Not yet well understood -- some legitimate software could be classified as spyware.

      4. Free, good spyware detection packages: Ad-aware, Spybot, Microsoft Antispyware.


Thomas P. Kelliher 2006-09-12
Tom Kelliher