Safe Computing

Tom Kelliher, CS 102

Feb. 5,2003

Administrivia

Announcements

No online quiz.

Sample quiz. Username/password required.

Assignment

Study for quiz.

From Last Time

``Buying spree.''

Outline

1. Question and answer period.

2. Introduction to safe computing.

Coming Up

Hands-on work and quiz.

Questions and Answers

Preparation for Friday's quiz.

Introduction to Safe Computing

1. Important to control our cyber-selves and secure our PCs.
   1. Identity theft.

   2. SPAM.

   3. Loss of data through hacking.

   4. Responsibility to secure PCs. Incrimination?

2. History of hacking. In the beginning, hacking was a good thing.

   Mentality of hackers.

3. Acceptable Use Policies/Terms of Service
   1. No spam.

   2. No commercial use.

   3. No illegal activity.

   4. No excessive use of resources.

   5. No damage.

   6. Right to cut you off.

   7. No re-selling of service.

   8. Limit on number of nodes in a home network.

   Goucher AUP.

4. Passwords
   1. Never reveal.

   2. Choose good passwords. How to choose?

   3. How many to use? How often to change? Why?

5. Anonymizers and throw-away e-mail addresses as tools.

6. Social engineering as a hacker's tool.

7. Safe computing:
   1. Viruses, trojans, worms; what are they?

      (Come as disguised executables in e-mail, DOS attacks via ``drones,'' SQL Slammer: three minutes after release was scanning 55 million hosts per sec. Worldwide damage within 10 minutes.)

      Macro viruses, script viruses.

   2. Prevention: virus scanning software:
      1. Config to check everything.

      2. Auto-download updates.

      3. Be paranoid.

   3. More prevention: firewall:
      1. Types of protection: inbound blocking, outbound monitoring.

      2. Basics of networks: workstations, routers, DNS/IP, ports.

      3. How they work.

      4. Spyware. In KaZaA.

      5. Is ICF enough?

      6. Free firewall: Zone Alarm.

         Symantec has Norton Personal Firewall.