Securing Your Home ComputerPresenter: Donnie Green

Date: February 11, 2009

National Aeronautics and Space Administration

www.nasa.gov

2

Outline• Background• The Need For Protection• Ten Things To Secure Your

ComputerFirewallsUser AccountPasswordsAntivirus SoftwareSystem Scans

Software UpdatesSafe BrowsingFreewareEmail Security WiFi Security

• Links

3

Background• Every system connected to the Internet is susceptible to a wide array of

threats. These threats include:

– Viruses/Worms/Trojans

– Spyware/Malware

– Denial of Service attacks

– Unauthorized access

– Phishing

– SPAM

• Each year security professionals see an increase in the complexity of attacks and the cost (time and money) to recover from a successful compromise

4

The Need For ProtectionSo how do you protect yourself from hackers and their attempts to compromise your

system and steal your information?

We have come up with 10 things you can do to protect yourself from most Internet

threats.

Deceptive Dialogs

Fake Antivirus

Ebay Phishing Scam

Fake Windows security alert

Valentine’s Day virus

5

Ten Things To Secure Your Computer• Firewalls

• User Accounts

• Passwords

• Antivirus software

• System Scans

• Software Updates

• Safe Browsing

• Freeware

• Email Security

• WiFi Security

6

Firewalls• Ensure your system is equipped with a personal firewall

– Windows XP/VISTA operating system firewall

– Third party personal firewalls (e.g., ZoneAlarm, Norton, BitDefender)

• Keep third party personal firewalls subscriptions current and configure them to receive

updates automatically.

• Also, enable firewalls embedded in your network router and wireless router.

– Enabling the router firewall adds another level of protection

– Be mindful of how you configure it because it can add complexity

7

User Accounts• Create a Limited (XP)/Standard (VISTA) user account with limited privileges

• The Limited/Standard account

– Limits installation of programs and modification of security settings; those that can be install

are installed in the user context

» Reduces the risk of a threat installing malicious programs on your system

– Limits one user from doing anything that can affect other users of the computer

• The Administrator account is the first account configured when installing Windows XP/Vista

– This account has privileges to install and modify anything on your system

– Should only be used to install/remove programs, modify settings, and troubleshoot problems

– A HIGH security risk if your computer is compromised when you are logged in with this

account

8

Passwords• Passwords are the keys to the city and should be strong

• A Strong Password contains

– 12+ characters

– At least one special character

– At least one character from each of the other three character sets: uppercase,

lowercase, numerals

• Passwords should be changed at least annually

• When creating a password:

– Avoid using dictionary words

– Never use a blank password

• Test the strength of your password here.

9

Antivirus Software• Antivirus software is a computer program that can detect, prevent, quarantine, and

remove malicious programs from your computer

• Purchase and install antivirus software that detects the latest viruses and malware,

allows automatic updates, permits customizable system scans

– Most Internet security vendors offer Security Suites (RECOMMENDED) which

include antivirus, anti-spyware, anti-spam, IM security, and firewall software –

benefits: cost, single vendor, good tool integration

– NASA HQ offers FREE antivirus software to NASA HQ employees. Call the IT

Help Desk to request Home Use Software (PC or Mac)

• Configure antivirus software to: 1) auto-protect, 2) perform automatic updates, 3) scan

all file types, 4) scan email attachments, and 5) scan the system daily

10

System Scans• System scans are a function of your antivirus software and should be run on a regular

basis

• Configure your antivirus software to scan all files and folders at some regular interval

(daily)

– By default, some antivirus software is only configured to run on a subset files and

folders

– Configure these scans during times of least productivity

11

Software Updates• Software bugs and vulnerabilities are continuously being discovered and could make

your system susceptible to compromise. Keeping your system updated is a great way

to ensure you are running the latest secure version of software.

• To avoid running vulnerable software:

– Configure the Windows XP/VISTA operating system to

automatically download and install software/security updates

– Configure all non-Windows software (e.g., personal firewall, antivirus, photo

authoring tools, games) to check for new updates and install them when they

become available

12

Safe Browsing• There are many sites on the Internet attempt to steal your information by downloading malicious

software in the background, fooling you into entering private information onto fake websites, and

• To protect yourself:

– Install a Internet Security suite that scans attachments and your system (opt: rates sites)

– Ensure “secure” sites use HTTPS and have the SSL icon at the bottom of the page

– Do not open suspicious error dialogs from within in the browser or accept free deals

– Disable use of remembering passwords for sites

– Disable use of remembering what you entered in forms

– Always clear your private data when you close your browser

– Block pop-ups

– Set Internet zone security level

13

Freeware

• Freeware is software offered free of charge that can be downloaded from the Internet.

• BEWARE of “free” software as many sites package freeware with viruses, trojans,

keyloggers, adware, and other malicious programs\

• Only download freeware programs from reputable websites; also perform Internet

searches to see if other users have reported problems with the software

• Always use antivirus software to scan the software prior to execution or installation

14

Email Security• Email is a popular way for hackers to deliver and spread viruses and malware to a

computer

• To ensure you do not infect your computer or others:

– Only open email attachments that come from a trusted source and that are

expected

– Scan email attachments prior to opening

– Delete unwanted and suspicious messages such as spam

– Never send confidential information through email (e.g., SSN, credit card number

and CVN)

– Always type URLs into your browser instead of clicking on the link

15

WiFi Security• Wireless networks are susceptible to the same vulnerabilities as the a wired network

but in some ways more vulnerable to snooping.

• Wireless networks are, by default, unencrypted and can be used by anyone who can

pick up the signal.

• To improve the security of your wireless network, use encryption (WEP, WPA-PSK,

WPA2)

– Any encryption is better than none, but WPA2 is the best

– Configure the WPA2 passphrase using the principles from slide Strong Password

16

Links• Windows Automatic Updates:

http://www.microsoft.com/windows/downloads/windowsupdate/automaticupdate.mspx

• Strong Passwords: http://www.microsoft.com/protect/yourself/password/create.mspx

• Password Checker: http://www.microsoft.com/protect/yourself/password/checker.mspx

• Home Computer Security: http://www.cert.org/homeusers/HomeComputerSecurity/

• Phishing: http://www.microsoft.com/protect/yourself/phishing/identify.mspx

• Windows Firewall: http://windowshelp.microsoft.com/Windows/en-US/Help/bfe523a9-7eec-4d3f-add1-

2f68b9cfa1c01033.mspx#EG

• Limited account: http://www.microsoft.com/windowsxp/using/setup/winxp/accounts.mspx

• Standard account: http://windowshelp.microsoft.com/Windows/en-US/Help/68a1c4fd-b3f6-4cb9-93a1-

8a6023836e531033.mspx

• Internet Security Suites:

http://www.pcworld.com/article/158157/top_internet_security_suites_paying_for_protection.html

17

Questions & Answers

18