Upload
dominick-fields
View
218
Download
1
Embed Size (px)
Citation preview
A crazy dream
An evil wizard made all the traffic cops to disappear
...driving schools disappeared too ...as well as most traffic signs
The traffic started to look like Internet
The reality case: Joe Sixpack
A nice guy and family man, a mechanic by trade Joe goes to the big department store and decides
to buy his family a new computer for Christmas – great, they had a nice deal with printer and scanner included!
He will unpack the PC and set it up, next day a technician will come and set up his network
For a couple of days, everything is smooth Then some new programs appear, the computer
slows down, lots of ads will show up...
What is the real problem
Joe Sixpack dealt with Computer seller Software seller Network company
None of them were concerned of his security
In the old times
Cracking computers was less malicious (pranks) seldom economically motivated a contest of equals demanding some skill done by quite a small number of people
The mass factor
For each malicious AND skilled cracker, there is a large number of script kiddies with no skills no life lots of free time to burn
Again the well-equipped fools – but this time a bit different kind
Wild shots
In fact, no one actually aimed to nail Mr Sixpack It was just an undefended machine “Nothing personal” (followed by two head shots) The kiddies comb a segment of the Net, typically
scanning for a certain vulnerability (can also function as foot soldiers for more sophisticated cracker gangs or RBN-like criminal networks)
“Who gives a sh...?”
Quite a common reaction – I am no president/businessman/actor/politician/sportsman
Who cares if my machine is cracked? I DO! Because it will typically join thousands of others
in Storm or similar botnet – AND I MAY GET HIT
A botnet?
Lots of hijacked computers controlled centrally Major uses
Sending spam and propagating scams DDOS attacks – increasingly used in organised
extortion schemes Increasingly used in political attacks
Some other uses for a hijacked PC
Online porn archive – ordinary is just an embarrassment, but child/snuff porn also exists – and earns the propagators a long time in prison
Warehouse for illegal software – BSA will freak out
IRC trading channel for e.g. stolen credit cards Spam engine Attack springboard Money source (via online banking)
Another problem: pick two of three
Simple, affordable, secure Typical perception:
Windows PC: (quite) affordable, simple Mac: simple and (quite) secure Linux PC: affordable and secure
Not exactly true, but hard to change Car race analogy: Joe Sixpack in a top-notch race
car vs Sebastian Loeb in an old Lada – the driver counts the most, but the platform plays a role too
Hopeless....?
Not really Most really simple attacks target systems without
updates – keeping a system up to date helps a lot The apartment door analogy: all sensible people
invest in locks which won't last against any special operations unit – but will keep out the guys needing the next needle
Remember: there is no 100% security – but we may raise the level high enough to keep a majority of smaller pests out
Ten Commandments for home users 1. Thou shalt keep your Systems updated 2. Thou shalt not take the Rights of Administrator
in vain 3. Thou shalt choose all passwords carefully,
paying utmost care to the Administrator account, likewise shall thine passwords not have valid meaning in any known language
4. Thou shalt create separate accounts for each User of thine Computer
5. Thou shalt have good shields if thou insist on using Windows
6. Thou shalt not touch unknown Attachments in thine Mail and not allow anyone who lives in thine household to do it
7. Thou shalt put junk mail filters into good use 8. Thou shalt know what Software lies in thine
Computer 9. Thou dost well if thou use OpenOffice.org,
Mozilla Thunderbird and Firefox instead of MS Office, MS Outlook and Internet Explorer
10. Thou shalt seek wise people to help thee, and wisdom for thyself. A wise Man may err once, while a Fool keeps doing it all over
(Amen!)
Scripture commentary follows
1. Update, update, update. Every system 2. Have at least two accounts in XP – one for
administration, another for everyday use. Vista's UAC may make it a little less important, but it can be done there too
3. Typical password attacks are based on dictionary-type files. Therefore – no straight meaning (hidden ones are recommended though), at least 6-8 symbols, at least two cases plus numbers
4. If there are more than one user, each should have their own account – makes it easier to track problems
5. Shields in Windows include Antivirus (ClamWin is free and open-source) Anti-spyware (Defender, S&D, others) Firewall (Comodo is good) Browser popup and script blockers (for Firefox e.g.
AdBlock Plus and NoScript) 6. If you don't know the sender, don't open it 7. Junk mail filters can be combined if needed,
e.g. may add SpamAssassin to Thunderbird etc, they also need to be trained
8. Your computer is not a box of chocolates (sorry, Forrest!). Or else the bad guys won't even need a rootkit
9. MS Office, Outlook and IE are Big targets Easy targets
10. “A man learns all his life, yet dies a fool” - the question is, how big a fool...
Some notes about the Web
Passwords should not be written down recycled
In case of a monetary transaction over the web Check the address. Twice Check the web page – is it the right one or only poses
as one? Think critically – does a bank ask things like this?