1

How to stay safe on the Internet

Jaqui Lynch

Email – jaqui@circle4.com

January 2008http://www.circle4.com/papers/awc-jan08.pdf

2

Agenda

• Computers– Computer protection– Personal protection– Privacy

• General Survival• Networking• Wireless• Questions

3

Computers• Windows

– Keep it patched• windowsupdate.microsoft.com

– Run Antivirus and keep it up to date– Get a bidirectional software firewall– Ensure you are on at least Windows XP and it is up-to-date

• Linux is even better but I am biased!– Cleanse regularly– Upgrade software apps to latest versions– Turn off file sharing unless you know how to secure it– Try an alternate browser – 75% target IE

• Firefox– Risks

• Viruses• Cookies• Security holes• Javascript• Scrap files (.shs ….)

4

Cleansing

• Check out the following:– http://www.webroot.com

• Spysweeper• Window washer

– Create a hosts file• http://www.mvps.org/winhelp2002/hosts.txt• This file redirects adware to 127.0.0.1

– Secure your Internet Explorer– Turn off javascript in your emails– Use a different email client to Outlook

• Podcasts– Check out “Security Now” on iTunes

5

Sample hosts fileThere is no place like 127.0.0.1This file lives in:Windows XP = C:\WINDOWS\SYSTEM32\DRIVERS\ETC Windows 2K = C:\WINNT\SYSTEM32\DRIVERS\ETC Win 98/ME = C:\WINDOWSThe file is called hosts127.0.0.1 localhost#start of lines added by WinHelp2002# [Misc A - Z] 127.0.0.1 phpadsnew.abac.com127.0.0.1 a.abnad.net127.0.0.1 b.abnad.net127.0.0.1 c.abnad.net #[IE-SpyAd] 127.0.0.1 d.abnad.net127.0.0.1 e.abnad.net127.0.0.1 www.accoona.cn

and so on

6

Other cool software• http://spywarewarrior.com/asw-test-guide.htm

– Above is an independent review site on Anti-spyware• Spywareblaster

– http://www.javacoolsoftware.com/spywareblaster.html

• Spybot search and Destroy– http://www.safer-networking.org/en/index.html

• Startup Inspector– http://www.windowsstartup.com/

• Sunbelt’s Counterspy– http://www.sunbelt-software.com/CounterSpy-Download.cfm

• GRC.com– UPNP http://www.grc.com/unpnp/unpnp.htm– DCOM http://www.grc.com/dcom/– MSMSG http://www.grc.com/stm/shootthemessenger.htm

7

Test yourself

• www.grc.com– ShieldsUp

• https://www.grc.com/x/ne.dll?bh0bkyd2– Leaktest

• http://grc.com/lt/leaktest.htm

• Scan yourself across the network– security.symantec.com– www.pandasoftware.com/products/ActiveScan.htm– housecall.trendmicro.com/– www3.ca.com/virusinfo/virusscan.aspx– www.kaspersky.com/virusscanner

8

Email• Treat it like a postcard• One to one communications • Spam

– Never reply as you confirm your address• Use inbox protection (hotmail) or

filtering and/or blocking• Never say anything that you wouldn’t

say in public• Remember ISPs back this stuff up• No visual or audio cues so people take

it literally

9

Email Abuse• Spam• Scams• Flaming• Harrassment and stalking• Spoofing• Mail bombs• Viruses• Chain letters• Pornography• Photos• Inline html and/or pdfs

10

Chat rooms• Let you talk to groups of people all around the world• This generations version of the phone• Public, private or IRC• Some have monitors, most do not – watch for computers• Most dangerous area of the net

– You don’t know who is there (actively or lurking)– You establish a relationship and trust over time– Pedophiles use them to find victims– People lie

• They often progress to IM and email where you are now one on one

• Watch out for rooms associated with sex, cults, ritual• Choose a vendor neutral screen name• Turn on logging• Web chat is still chat (yahoo & AOL teen chat)

11

Social Networking sites• Public forums:

– http://www.myspace.com– http://www.facebook.com– Linked In– Youtube

• Thing to remember– What you put up stays around (caching)– It is publically accessible and will be forwarded– Employers and universities search these sites– What do you want your online identity to be?– With freedom comes responsibility– Respect both your own and others privacy– Same rules apply in virtual worlds

• Second life• Runescape, etc

12

Instant Messaging

• Unique identifier associated with profile• Real time – more IM than email• Blend of email and chat• ICQ was the forefather to IM• Runs in background and notifies you when

there is a message• Buddy list – a notify list of friends• Skype and Video conferences/cameras

13

The Dark Side of IM• Protect your buddy list - set it so you have to

approve the addition of anyone to it• People can add you to their buddy list and then

keep track of when you are online• Set your options so others can’t add you to their

buddy list• Predators love buddy lists • They also love being able to search profiles and

membership directories

14

Profiles & Directories

• At yahoo you can search the directory by:– Keyword– Gender– Age– Interests

• Requesting profiles with pictures• Asking whether they are online now• Regularly use Google and Yahoo to search on

yourself• Never fill these out truthfully• Predators use these to determine victims

15

Personal Firewalls• Do a search on the web for “personal firewall”• Critical if you are using DSL or Cable Networking but it

does happen to people dialed in• Blackice Defender

– www.networkice.com• Zone Alarm

– www.zonelabs.com• Norton Personal Security

– www.symantec.com & security2.symantec.com– Scan yourself with their security scanner on the web

• McAfee Personal Firewall– www.mcafee.com

16

Privacy• Know how information is being shared

– Registration information for products such as MS Word– Opt out versus opt in– Win ME – control panel – automatic updates– Realplayer– Winamp– Media Player– Napster– 3D Frog Frenzy and many more

• Have a yahoo or other email address just for registrations, etc

17

Tips to staying safe• Keep your identity private

– Never give out name, address, phone ….– Don’t mention your city or school & never provide photos– Lie in your online profile– Use a gender neutral screen name– Don’t reveal anything about your friends either

• Never get together with someone you meet online– Online dating – meet in a public place and take a friend

• Never respond to email, chat, messages that are hostile, inappropriate or make you feel uncomfortable

• Never give out your password and don’t let others post from your account/computer EVER

• Be extremely careful with video cameras

18

Tips to staying safe• Don’t list yourself in the members directory at your ISP or

yahoo, ICQ, IM ….• Keep an eye on your IM buddy list – secure it• Email yourself and check the headers – what did you give

away• Be careful what you put in the registration files for things

like Office – they get embedded in any documents• If email needs to be confidential use PGP and encrypt it• Regularly search on yourself at the social networking sites

and on google• If putting up pictures use small ones that are a little fuzzy • Never put children’s photos up without password protection

19

Common Sense

• Have one credit card that you use online • Check that card statement regularly • Never give your credit card number to

someone who calls you

• No-one legitimate will ask you for your username and pin by phone or email

• Teach your kids and others never to download things– I.e. don’t accept gifts from strangers

20

Online Shopping

• Be as careful as you would be in a store• Make sure it is https, not http• Look for https and the lock at the bottom right• Hover over a URL in an email and make sure it really is

the site you think it is supposed to be• NEVER put your credit card into a site that uses ip

numbers in the URL

• Print a copy of the online order • Use only one card for all online purchases• Check out new companies with the Better Business

Bureau• If an offer looks too good to be true then guess what

21

Extras• Be careful on social networking sites• Check how much you are revealing over time• NEVER meet anyone in real life that you met on the internet

without taking steps to protect yourself – Bring a friend– Meet in a public place– Have a getaway plan

• Human friends are better than computers and healthier• If you post pictures on publically accessible sites

– Be prepared for someone to paste your head on someone else’s body or vice versa

• Don’t post pictures of kids anywhere on the web – They will turn up in kiddy porn later– If you must post them do it in groups with no names or addresses– Make sure the school isn’t putting up photos of your child with

identifying information– Watch out for those “build an autobiographical website” projects at

school

22

Networking

Users Router Cable/DSLor HUB Modem

Internet

23

Wired Routers

• Buy one with enough ports and a firewall• Try to keep all network equipment the

same brand• Using Linksys as an example

– Set time and IP address ranges correctly– Set password for admin to something other

than admin– Turn off remote administration

24

Firewall

25

Password

1. Set the password2. Also set loggingto be enabled3. Turn off remoteAdministration4. Disable snmp5. Disable UPNP

26

Check your DHCP clients

27

DHCP Clients

28

Wireless

• Same basics as wired plus:• Change default SSID to something

meaningless• Cloak it (do not broadcast SSID)• Turn off remote Administration• Turn on WEP 128 and use a good

passphrase• Turn on and use MAC filtering

29

Setting the SSID

30

WEP and Passphrase

31

MAC Filtering

32

MAC Filter

33

Firewall

34

Summary• Good article on social networking sites

– http://www.ben.edu/it/docs/Thoughts%20on%20Social%20Networking.pdf

• Remember that the Cyberworld poses the same risks as the real world – never do something on the net that you wouldn’t do normally

• Common sense is worth more than banning use• If you get stuck – ask a 12 year old for help• Other information is at:

– http://www.haltabuse.org/– http://www.wiredsafety.org

• Check out the Naperville Police booklet at:– http://www.naperville.il.us/emplibrary/pdskworkbook.pdf

• Have a family agreement about internet use– www.wiredkids.org/documents/safesurf_agreement.html

35

Questions

jaqui@circle4.com