Safety and Security 2006 - Computer Security Notes

	SLAC Computer Security	Search SLAC

SLAC Home \| Computing Home \| Computing Outages \| Help

SLAC Safety and Security Briefing 2006 - Computer Security Notes

Spear Phishing

These are emails targeted at individuals after research of the company’s website. Emails appear to come from within the company. A link to a forged company web page is included in the email and the potential victim is tricked into giving away personal information to the scammers. Use plain text email. Inspect the URLs closely before trusting a web site. Don’t give personal information without due consideration.

Web Security Markers

Know your web browser software. Find out where it puts incons to alert you that you are on a encrypted web page. Open the “lock” and see what company validated it. It should be a reputable company like VeriSign, RSA Data Security, Thawte, etc. Stop if you get any Security Alerts about the certificate.

Internet Scammer's Methods

1. Selling - They are using adware/spyware and tracking cookies to try to monitor where you go on Internet. You can use browser settings to control cookies, ads, and javascript. You should use adware/spyware detection software like SpySweeper and Ad-aware in addition to your anti-virus protection on your home systems. SLAC’s centrally supported Symantec installation includes this already Don’t respond to or buy anything advertised through spam email.

2. Scams/Frauds/Identity Theft - Nigerian 419 email scam is an example and one which we’ve probably all received multiple times. Click-through fraud is done so that people hosting websites with advertisements can make money by automating a whole herd of “zombie” computers to click on their website’s advertisements. The advertisers will pay a fee to the website owner. Identity theft happens when the scammer gets some of your Personally Identifiable Information (PII). Protect it!

3. Act as Middleman for 1 and 2 above - build malware tools for others to use or control a botnet. Botnets are massive numbers of infected machines (zombies) which can be remotely controlled by bot herders. Prevent your computer from becoming a zombie by keeping it fully patched, including the 3^rd party applications.

Use Wireless Wisely

When you use wireless networks then everyone else on that network could pick up what you are sending and receiving over the Internet. You should use SSH, SSL encrypted pages, or VPN to encrypt anything you don’t want the world to see.

New Wireless Service Coming Soon *

Pretty soon you’ll have to agree to Acceptable Use and provide contact information before you’ll be granted access to the SLAC Visitor network. Look for article in SLAC Today in the coming weeks.

Shut Down Skype When Not Actively In Use *

Due to the bandwidth of the SLAC network if you leave Skype up you will quickly become a “super node”. This means your computer (and the SLAC network) is routing calls for a significant portion of the Internet. Select Exit from Skype icon in system tray.

Think About Computer Security As You Develop New Solutions *

Many times the security of an application isn't considered until too far along in the development or purchasing process. Please remember to give us a heads-up as you are thinking about doing "new" things here at SLAC. Send an e-mail to security@slac.stanford.edu and we'll do what we can to help you.

Symantec A/V and SpySweeper Free From Campus *

If you have a SUNet ID then you can get Symantec Anti-Virus and WebRoot SpySweeper for free from Stanford Campus by using your SUNet ID. This is perfect for your home computer.

Use Caution with CDs and Memory Sticks *

People could try to trick you into placing infected CDs or memory sticks into your computers. These could be government individuals trying to test us or they could be real attempts to infect or take your computer into a botnet, etc.

Disable AutoRun in Your Computers *

A layered defense is best. We recommend you disable autorun in your computer. The Autorun-check program available here: http://www.cdmenupro.com/autorun-check.htm can be used to check and change the settings on a Windows computer. Here is another web page with various suggestions for accomplishing the same thing: http://www.annoyances.org/exec/show/article03-018

Reporting Computer Security Problems

E-mail security@slac.stanford.edu. If after-hours please call x4357 (Helpdesk).

* = Not included in the talk on 9/7/06 due to time limitations

Owner: SLAC Computer Security
Last Updated: 02/19/2008
Feedback: Please send to Computer Security Feedback