Monday, March 3, 2008

Home Computer Security

This is a paper about securing your home computers and networks. The goal of computer security is to keep unauthorized users from using your resources. This can be anything from your computer to your printer or even your web camera. Detection is another important aspect that should be monitored as well. I often get asked "Why should I worry?" Maybe you shouldn’t. If you are concerned about any of your files or the possibility of losing them you should care. There is also online banking that many people use to watch their accounts. Malicious users can also use your computer to launch attacks against other networks, or put files on your computer as a means of storage. Even if you have the computer just to send email to Grandma don’t think that you are not at risk. Attackers like to hide there tracks by jumping thru multiple locations such as your computer. Malicious users can take over your webcam and watch and even listen to you! Attackers like to use multiple systems to launch denial of service attacks-sending tons of packets to bring a network to its knees. Identity theft is huge right now. Your credit report should be reviewed frequently. Identity thieves can gain allot of information from your home computers. FTC said there are approximately over 10 million victims a year. If your ID is stolen or think it is visit Never send out your personal information in email it is not secured. The risk is getting greater daily as more people connect to the Internet. Script Kiddies download tools that make breaking into computers as easy as pressing a button. Security patches are offered thru vendors but most people do not bother to patch there systems or have the time. Do people in your household use file sharing programs? I cannot believe the amount of Spy ware and viruses that are hidden in some of those files. I removed over 600 different Malwares from a home computer who thought they were just downloading music. The system was always freezing and changing homepages in Internet Explorer. Not to mention these file sharing programs can be sharing your financial data, medical records, secret recipes or your last tax return. Key loggers can be on your system recording every keystroke and emailing it to an attacker, enemy or even your spouse. This includes IM s, Emails, and passwords anything. There are Anti-Virus software that will detect most of these programs.Anti-Spyware can also detect allot of MalWare or malicious code. Use strong passwords that are alphanumeric or use a password strength tool. I would not use anything in a dictionary American or Foreign as those can be cracked easily thru Brute Force. Don’t use the same password for every account. Change your passwords regularly, and don’t write them down. I recommend making regular backups of at a minimum your critical system files. Back up to a CDR to ensure that your data cannot be overwritten. Please monitor your children’s surfing habits and teach them about the dangers of the Internet. I recommend installing filtering software to keep their curious minds out of the wrong sites. Staying abreast of Anti-Virus updates. Don’t upon email attachments that can contain viruses or other malware. Don’t run programs if you don’t know where they came from than can have Trojan horses. Trojan Horse is a program that appears to be a regular program such as Solitaire buts its actually sending your bank account information to an email address. Attackers can also take over your computer have .mp3 file ran at 3AM in the morning to scare you, even open and close your CD-DRIVE door. Disable JAVA, JavaScript and Active X Keep up to date on patching your operating systems and applications. In Windows you can set up automatic updates. You can also visit the Windows Update site. Microsoft releases patches even second Tuesday of the month this is known in IT as black Tuesday, there is always allot of patches. Upgrade to Service Pack 2. Internet Explorer always has security issues. There are Open Source browsers like Firefox which is a great browser and has more security feautures. Firefox has allot of great add ons as well that can make researching more effective amongst other utilities Disable scripting in email Enable NAT Network Address Translation on your router. This will hide your private IP address from the Internet. While still allowing computers to access the Internet. Most network firewalls have IP NAT masquerading where multiple device on the Internet appear as one IP address. Make sure you are not enabling shares on your computer for any of your drives. This will look like a hand holding a drive in Microsoft Windows. Be aware of Phishing these are Internet Con-Artist looking to catch a some fish. Emails are sent that look like Bank Emails, Amazon and PayPal, it amazes me how many people I work with think its the real thing. If your considered about security consider encryption. For Home users look into PGP or Pretty Good Privacy to secure your email, you can even encrypt your hard drive. When you think you have deleted your files they are still retrievable consider a file wiping utility. Use a Surge Protector. No firewall can stop all attacks. Benjamin Hargis CEO Phuture Networks

