Tech Notes: Computer Security 101

I know most people have little interest in computer security or computer technology for that matter. You just want to do your emails, business, and the fun stuff on the Net without any thought of security. Unfortunately criminal elements are not content to attack only top secret FBI computers, they are more than happy to get your personal information (including your credit card & banking info). Besides, viruses and worms do not differentiate between really nice people who feed stray cats and the rest of us. When on the internet your just another IP address. Yes, while your watching the weekend baseball game there are dirt bag criminals and teenage miscreants around the globe that are devising new way to steal or destroy your information for profit or just plain entertainment.

The sheer number of criminal hacking attacks is huge. With the advent of broadband (your now connected 24/7), and with the ubiquity of wireless connectivity (Wi-Fi), the threat has exponentially increased. Most cable companies provide a wireless connection built-in to the cable router, so whether you know it or not you might be broadcasting your info or allowing others to use your connection.

I will divide the type of danger into two basic types of attacks:

Malware: Any code implanted into your computer to destroy/ alter information (virus, worms), capture your information (key-logger, Spyware) redirect you to another site for the purpose of fraud (URL redirection), or social engineer you to give information unknowingly (SPAM, Phishing, false virus alerts). They can also install software that will take total control of your resources for active DoS attacks (Zombie, SpyBot). Its likely you have some of the aforementioned already on your computer without realizing it.

Bandwidth theft: This is mainly a wireless issue whereby an attacker uses your bandwidth connectivity for their purposes. The consequences are not just a slow computer. If the perpetrator is doing illegal activity, such as downloading child porn, the police will find you by your IP address and come looking for you. In time you should be able to convince them of your innocence, but being on a sex offender list even for a short time could be painful. Also Malware attacks can start from wireless intrusions.

Keyboard spy

Criminals engage in the above activities by finding vulnerabilities within your software applications (including your web browser & operating system). Once they find the vulnerability, they insert a payload of malicious code onto your hard drive. The vulnerability could be your own security practices including a weak password. The good news is, by doing at least some of the following, you can greatly reduce the security issues outlined above. Sure, it takes a bit of time, but it takes more time and aggravation to deal with the problems after you have been compromised. Below I have listed the basic precautions you can take to reduce your vulnerability and help mitigate an attackers damage if/ when it happens.

Software updates
Operating system (OS): Get the latest incremental updates, patches, and service packs to your operating system. Its easy to set to auto update, but its worth going to the update site periodically and check manually. There is a major benefit of having the latest Operating System version (Currently Windows 7 or OSX Lion), but there is a caution since all of your applications might not work on the newest versions. Web Browser: All the major web browsers (IE explorer, Firefox, Safari, & Google Chrome) have had significant updates including security enhancements. Applications: Word processors and other apps can be exploited by hackers. Get them updated as well. Adobe Flash and Java are particularly vulnerable.

Security Software
2) Anti-Virus: You need a good anti-virus program. Mcafee and Norton (Symantec) are the largest, and both include security suites that include anti-Virus (AV), firewalls, file back-up, among other features. You must make sure they auto install all new AV definitions which come out weekly or sooner. AVG is a free AV program that works well. OSX users don’t get too cocky. Although you have been fairly immune to viruses they could be coming to a Apple near you. Virus Barrier is a excellent choice and also provides a firewall too. Anti Spyware: Webroot works excellently (it also comes with a security suite). You can mix & match suites for optimal effectiveness. Firewall: Windows & OSX comes with basic firewalls; you can also employ 3rd party software/ hardware. Firewalls helps control your connections and applications used through the internet. You can also turn your computer off or disconnect it from your router when not in use. Sandboxie or a VMware are excellent application choices for the sophisticated user. Those products completely isolate your operating system. Of course avoiding web sites that are known abusers (porn etc.) is a good idea.

Procedure & configuration implementations

Wireless: A Wi-Fi network is basically radio communication between computers therefore creates a major vulnerability. You need to secure your wireless router in one of two ways. You can configure your router to accept only certain computers to communicate with. This is accomplished by setting up MAC address (a unique address to each computer NIC) within the router configuration software. Or you can require a password. The password system encrypts all traffic. There are several major encryption types. I have listed them from least to most secure.

WEP - Wired Equivalent Privacy (do not use this type)
WPA - Wireless Protection Access
EAP - Extensible Authentication Protocol
AES - Advanced Encryption Standard
In addition to the above settings, you can configure your router not to broadcast your SSID. Some individuals enjoy riding around with a laptop (War-Driving) trying to find unsecured (or weakly secured) hot spots. If you’re not using your Wi-Fi you can turn the router or your computer wireless card physically off. If you use a Wi-Fi from a hotel, libraries, or any public venue, assume all your activity is being observed and recorded. Think about what sensitive information you send online when you do flight reservations, banking, or even reading an email. Even though your traffic is encrypted they are subject to interception (Man-in-middle attack).

Encryption & data privacy: There are programs that can encrypt sensitive documents or folders on your hard drive to prevent inadvertent disclosure. Files can be emailed in encryption form. There are also whole disk encryption applications that will encrypt your entire disc and decrypt the files as needed (on the fly). There could be sensitive data stored within your browser. Todays browsers have privacy settings that will prohibit the storage of data such as cookies and browsing history that are stored on your hard disk. Its also a good idea to periodically flush the cache which you can do inside the browser menu options.

Social Engineering/ Social Networking: Most people are very concerned with online privacy, but yet will plaster all kinds of personal information on social networking web sites. Everyone should be aware that every human in the world can have access to that data (yes, that includes Jehad terrorist, KBG agents, German teenage hackers, your teachers, and possibly even your parents... ouch!). Privacy settings such as "Friends only" cannot guarantee privacy or anonymity. "Open Source" information is the quickest and easiest way to gain information about anyone and is used by both law enforcement and criminal elements. Also remember the information is forever in the aether. You cannot rely on erasing something later. I am not espousing avoiding these sites altogether as they can be very useful or entertaining. The bottom line is you must be aware anything you put online is public knowledge, so you must weigh your privacy with your online social activities at all times. Also, giving your up-to-the-minute location (such as I am out of town, please rob my house now) can have consequences. If you mention your dog and other favorite things, those will be the first words a hacker will use to break your passwords. In addition, someone can impersonate a long lost friend or other ruse since they know a lot of personal information about you. Social engineering attacks can come from SPAM emails, telephone calls (to your house or work), or even a in-person meeting.

SPAM: Don’t forget, an email address can be spoofed (as can Caller ID) or stolen. The real danger here is believing what you read. SPAM is not just a nuisance that clogs up your email folder. Be skeptical with all your communications and keep an eye out for social engineering attacks. "Spear Phishing" is dangerous because it uses open source information to target you directly as opposed to general "Phishing" that will generate thousands of generic SPAMS to multiple persons. You can click on a link in a message and be sorry you did! The best defense against SPAM fraud and social engineering is your common sense and basic computer knowledge.

Back-up Software: Even the CIA can get hacked. You can do all the above precautions and have a $20,000 Intrusion Detection/ Intrusion Prevention System (IDS/ IPS), and still are not guaranteed to thwart a Zero Day and certain Root Kit attacks. Also data lost by accident is just as damaging as a outside attack. In the end you cannot deny that a good back-up could be your best last hope of getting corrupted or lost data back. Use an automated system to an external drive or use a service that puts your data on the cloud. Even if your house burns down, your data will remain safe. Mac users have a built-in app called Time Machine which is very intuitive and when combined with "Super Duper!" back-up software is an ideal solution.

**** I have found "eWallet" to be incredibly helpful. It will organize and save all your passwords within an 256k encrypted file and will synch to any platform (Mac, Windows, iOS). This allows you to have complex passwords, and allow you to have a different password for each web site you have.

**** If you are using public wireless hot spots to do any business you need a proxy server/ VPN service. These services will encrypt and anonymize your traffic. Do not choose a free VPN service, its worth the money for a paid service which has adequate bandwidth and security such as "
GO Trusted", IP Vanish, Pure VPN or IAPS at (a bit higher security). "Easy-Hide-IP" is a proxy without the VPN hassle. You can also use these VPN's at home to increase security.

Advanced users
Another solution is to VPN your portable computer to your home computer and use your home internet connection as your gateway. This is a bit tricky and complicated since your default router you get from the cable company does not offer VPN functionality. You will need to purchase your own router but you won't be paying monthly fees! You cannot just swap out routers, but you must keep your ISP router full open and have your new router (or VPN device) behind it with all the NAT rules and firewall configuration engaged. The advantages are three fold: You can configure for a L2TP/ IPSEC connection (best security, way better than the SSL from most fee based VPN's), No monthly charges (just the price of a new router), and you are not going through a 3rd party server (increased security). Of course you have to configure a router which some people won't appreciate. ALL THE ABOVE VPN CONNECTIONS WORK WITH MOBILE DEVICES. Using the G3 cell connectivity is fine, but a VPN WiFi connectivity has advantages. Apple has a built-in VPN client you can configure. The good news is you only configure your VPN connection once and using it is just a click away.

The main lesson here is being complacent is not an option. There are concrete steps you can take to limit your risk and help mitigate an attack on your computer and data. Don't become the latest victim to the next cybercrime wave!

Phones and other portable devices are prone to attack and require security tools too! When going overseas I recommend a disposable temp phone, if you need a phone.

JRD 8/11
Stacks Image 12
Stacks Image 13
Back to tech notes