Professional Documents
Culture Documents
HRD Division
Government of India
PREFACE
"Three people can keep a secret only if two of them are dead!"
Benjamin Franklin
It's quite common to have such quotes as its not easy to keep a secret. As per
human tendency, a secret is never kept as a secret when it's explicitly said that
it's secret. Human nature tends to boost it up immediately whispering it to
others. Thus a secret is never a secret. Maintaining secrecy is nothing but
securing ourselves or our data.
In early days, it was not a great deal of emphasis on security as the systems were
all closed. In simple terms, the data flow among the systems was persisting, but it
was not beyond the organization but was in a simple LAN. Much of the technical
details like protocols used for communication etc was not known to public.But
today that's not the scenario everything is public, everything is open to all. It was
Internet that has changed the whole computer paradigm and brought
tremendous change in the way the computers communicate with each other. The
secured information is also been exchanged through this open world of Internet.
Being a common man, we use Internet for our routine tasks. We should know
how to use all the features provided by Internet securely so that the optimum
usage of Internet can be done keeping ourselves safe, in terms of privacy and
maintaining secrecy.
Information Security Awareness should reach children and students who are the
actual users for Internet and are the future of tomorrow. The importance of
Security is identified and the initiation was taken by Department of Information
Technology, Government of India by starting the project Information Security
Education and Awareness. The main objective of this project is to spread
awareness on Information Security among people.
As part of this programme, material like handbooks, cartoon books for kids,
posters, brochures are all developed by C-DAC Hyderabad. Parents and Teachers
also play a vital role in this program as they are the people who teach children
and students. This book mainly targets the Parents and Teachers as it covers
topics related to security and also stressed on points of how to carry the same
information to children and others. With all of your help, this project would
reach the success point.
- C-DAC Hyderabad
Table of Contents
1. Introduction..................................................................................................................
7
2. Computer Ethics..........................................................................................................
8
2.4 Scenarios..............................................................................................................
11
3. Understanding Internet............................................................................................
12
5. Filtering services.........................................................................................................
29
5.4 Changing the parental control settings in the parental control toolbar 39
5.5 Spam filter............................................................................................................
43
7. Social Networking.....................................................................................................
50
8.4 Guidelines............................................................................................................
53
9. Safe Downloading....................................................................................................
55
10. Blogging....................................................................................................................
58
10.1Types of blogs....................................................................................................
58
15.3 In Organizations................................................................................................
79
21.1 MBSA.................................................................................................................
112
Information Security needs have to be addressed at all levels, from the individual
user to an organization and beyond that to the government and the nation.
Information Security is becoming synonymous with National Security as
Computer Networking, which is vulnerable to Cyber attack and forms the
backbone of critical infrastructure of the country's banking, power,
communication network, etc... It is, therefore, important to have secure
Computer Systems and Networks. Also, increased focus on outsourcing of IT and
other services from developed countries is bringing the issue of data security to
the fore. Furthermore, owing to the massive Internet boom, a lot of home users
with little or no prior knowledge of the threats and their countermeasures are
exposed to the Internet. This, the attackers, can exploit to expand their base of
malicious activity and use innocent people for their schemes. Consequently, we
aim to spread the education to school children, teachers, parents and senior
citizens and equip them with the knowledge needed to mitigate the threat.
2.2.1 Acceptance
2.2.7 Supervision
You should know what children are doing on the Internet and
the sites they visit on the Internet and should check with whom
they are communicating.Restrict them browsing inappropriate
sites. Parental involvement is essential when a child is using
the Internet in order to make him follow the rules.
We must encourage children, students and others to gain the knowledge from
the Internet and use it wisely. Internet is a great tool where we can gather
information which can be used for learning.
Some of the rules that individuals should follow while using a computer are
listed below:
2.4.1 Scene 1
Ravi asked kishore if he could look at the essay written by him, He said sure and
didnt think much about it. After some days their essays were verified by the
class teacher who asked kishore to stay after class. The teacher pointed out that
their essays were similar and asked for an explanation.
So always teach and guide children not to copy content or information from
Internet or from classmates.
2.4.2 Scene 2
Vicky has stepped out from the computer lab without logging off. Bob sits on
Vickys computer, logs-in as Vicky, sends false e-mail messages to a number of
students and posts similar messages on the class newsgroup.
So teach children that they must never misuse others computers and e-mail IDs
to harm others and defame them.
3. Understanding Internet
There are different definitions for Internet but the meaning is the same as shown
below
The word Internet exactly means network of networks. The Internet consists
of thousands of smaller regional networks spread throughout the world. It
connects approximately 80 million users in Asian countries on any given day.
Web site contains one to millions of inter connected pages, has hyperlinks to
connect and help to find your way around the web site. You can find different
kinds of information on the web- like games, health matters, holiday destination,
train timetables, weather forecast and many more. There are millions of web
sites available on the Internet, and you can find any thing that interests you.
3.1.2 A Web Address
Each Web site has its own unique address, which is called a Uniform Resource
Locator or URL. To visit a site, you need to type its address in the address bar of
your web browser.
Through the Internet, thousands of people around the world are able to access
information from their homes, schools, Internet cafes and workplaces.
The user can connect easily through ordinary personal computers and
share the knowledge, thoughts by making the use of an Internet.
We can send electronic mail (e-Mail) to family members and friends with
accounts on the Internet, which is similar to sending letters by post. The
E-mail can be sent within minutes no matter where they are without
postal stamps etc.
We can post information that can be accessed by others and can update it
frequently.
We can access multimedia information that includes video, audio, and
images.
We can learn through Web-Based Training and Distance Learning on the
Internet.
The geographic sharing of the Internet continues to spread, around the world
and even beyond. A main feature of the Internet is that once you have connected
to any part of it, you can communicate with all of it.
3.3.2 Architecture
The Internet is a great tool for developing the communication and collaboration
skills of students and children. Above all, the Internet is an effective means of
building language skills. Through e-Mail, chat rooms and discussion groups,
students learn the basic principles of communication in the written form. This
gives teachers the opportunity to incorporate Internet-based activities into
normal literacy programs and bring variety to their teaching strategies.
3.5.1 Privacy
Some websites prompt students to complete a form revealing their name, e-Mail
address, age and gender, and sometimes even their telephone number and postal
address, in order to access information. Some requests are legitimate: much
depends on the nature of the website requesting the information. Providing
personal information online can result in a student being targeted for spam
(unsolicited e-Mail), advertising materials and/or viruses. Privacy issues also
apply to students developing personal websites and publishing online. Personal
details, including photographs of themselves or other students, may lead to the
information being captured and reused by others for illicit purposes.
Risks in Peer to peer networking due to their unstructured networks and sharing
with unknown computers or persons may rise to affect or infect your computers
with viruses, spam's
Use filtering software you trust to filter the data communication from
your system.
Use file sharing program controls and adjust the P2P program to run
whenever required. Disable automatic starting.
Always update Operating System, Anti virus and Anti Spyware packages.
Do not use an administrative account. It may expose the whole system to
other users in P2P networks. Create separate account for normal
operations.
Treat all download files with suspicion.
Take back up of important files. This will help you in recovering the files.
Delete any pirated software, files, etc. Alternatively, do not download
them at all.
4. Search Engines and Web Browsers
Search engines can provide fast, easy access to any kind of material on the
Internet.Most search engines allow you to block search results that are
unsuitable for children.Blocking inappropriate search results greatly reduces the
chance that your children will stumble across dangerous or objectionable
material on the Internet.These search result filters are not foolproof.Some
unwanted content may still apear in the search results
http:// In short, http means the hypertext transfer protocol and the file is a
web page and every time you dont need to type the http, it is automatically
inserted by the browser.
www World Wide Web
Other domain names are .com (commercial organization), .net (network domain)
etc.
(The organization address and location of the organization address are known as
the domain name).
co.in suffix or global domain name shows the type of organization address and
the origin of the country like the suffix co.in indicates a company in India.
Generally a web browser connects to the web server and retrieves the
information.Each web server contains the IP address, and once you are
connected to the web server by using http, it reads the hyper text mark-up
language (HTML) which is a language used to create document on World Wide
Web in which the same document is displayed in the web browser .
A Web browser is a software application that runs on the Internet and allows
viewing the web pages, as well as content, technologies, videos, music, graphics,
animations and many more.
4.2.4.4 Safari
From the tools menu select the option, In private filtering settings, this
option is used for Browse privately. If you want to protect yourself
from fraud when you use a public computer, it's a good idea to erase your
tracks. In Private Browsing it is told to the Internet Explorer not to
record or save your browsing history, temporary Internet files, from data,
cookies, and user names and passwords?
From the tools menu of Internet explorer select the Internet options and
then click on the security tab and check the current security settings and
change the settings of the security zone as per the necessisity.
To change the security setting under security level move the slider up to
increase the security level from a medium to high level.
Enable the protected mode using this option, all the websites are opened
in protected mode.
Anti malware feature in a firebox protects you from viruses, worms, Trojan
horses and spyware. If you accidentally access a vulnerabile site, it will warn you
from the site and tell you why it is not safe to use. Firefox checks every part of a
Web page before loading it to make sure nothing harmful is sneaking through the
back door.
Security settings in a firebox control the level of examination youd like Firefox to
give a site and enter exceptionssites that dont need the third degree.
Customize settings for passwords, cookies, loading images and installing to add-
ons for a fully empowered Web experience as shown below
From the tools menu of the firebox browser select the options and then
click on the security tab.
Under security tab enable the options like warn me when sites try to
install the add-ons in and to add or remove the sites click on the
exceptions tab and add or remove the sites you want.
Enable the option tell me if the site Im visiting is a suspected attack site.
Enable the option tell me if the site I am using is a suspected forgery
Firefox gets a fresh update of web forgery sites 48 times in a day, so if you
try to visit a fraudulent site thats pretending to be a site you trust a
browser prompts you a message and will stop you.
Disable the option remember passwords for sites Firefox integrated the
feature into your surfing experience. Choose to remember site
passwords without intrusive pop-ups. Now youll see the remember
password notification integrated into your view at the top of the site
page, and if you choose the never remember passwords for sites it will
not show any notification.
Select the advanced tab and enable the encryption tab in order to have a
secure data transfer and use SSL 3.0 .
In Firefox web browser select Tools options select contentenable
Block pop-up windows as shown below
Antivirus software is a feature that integrates smartly with your antivirus
software. When you download a file, your computer antivirus program
automatically checks it to protect you against viruses and other malware,
which could otherwise attack your computer.
The other features are automated updates. This lets us to find the security
issues and fix updates and make the safe surfing and receive automatic
notification or wait until you are ready.
From the setting menu select the Incognito window a new window
appears. Pages you view from this window wont appear in your web
browser history or search history.They wont leave any traces like cookies
after you close the incognito window any files you download or
bookmarks will be preserved.
Chrome there is a new feature that has an own Task Manager that
shows you how much memory and CPU usage each tab and plug-in is
using. You can open it by clicking Shift-Esc from within Chrome or place
the cursor on a window and right click and select the Task Manager. You
can get more details by clicking the Stats for nerds link, which is on the
Task Manager, and it will open a page with full details of memory and
CPU usage for each process within the browser. It is used to close a bad
process in one tab and wont kill your whole browser session.
One of the features of chrome is dynamic tabs.Here you can drag tabs
out of the browser to create new windows, gather multiple tabs into one
window or arrange your tabs. However, you wish and it becomes quick
and easy to login into the desired sites i.e. reopen the closed sites.
The safe browsing feature in the Google Chrome displays a warning if the
web address listed in the certificate doesn't match the address of the
website .The following are the steps for safe browsing setting in Google
Chrome.
From the settings tab select the options and select under the hood
under privacy enable the option show suggestions for navigation error.
Enable the option use a suggestion service to help complete searches and
URLS typed in the address bar.
Enable DNS pre-fetching to improve page load performance.
Enable the phishing and malware protection.
In Google Chrome web browser Select Tools options Select under the
hood Under cookies select the Restrict how third party cookies can be
used only first-party cookie information is sent to the website. Third-
party cookie information isn't sent back to the websites that originally set
the third-party cookies as shown below
Phishing Protection
Safari protects you from fraudulent Internet sites. When you visit a suspicious
site, Safari warns you about its suspect nature and prevents the page from
loading.
Malware Protection
Safari recognizes websites that harbour malware before you visit them. If Safari
identifies a dangerous page, it warns you about the suspect nature of the site.
Antivirus Integration
Secure Encryption
Automatic Updates
Get quick, easy access to the latest security updates. Safari takes advantage of
Apple Software Update, which checks for the latest versions of Safari when
youre on the Internet.
Pop-Up Blocking
Cookie Blocking
Some companies track the cookies generated by the website you visit, so they
can gather and sell information about your web activity. Safari is the first
browser that blocks these tracking cookies by default, better protecting your
privacy. Safari accepts cookies only from your current domain.
5. Filtering services
5.1 Filtering Services in web browser
The content filtering over the Internet sometimes called parental controls, these
are used to block any access to offensive websites. It is not guaranteed but it can
be very helpful.
People find some inappropriate content like images of sex, violence or strong
language on the Internet.
As Internet is a free zone anyone can post anything and there is no effective
restriction on the Internet itself. As a result, many people use content filtering
software and set browser settings to block offensive websites.
In Internet Explorer, there is an option to restrict the web sites and access only
those web sites set by a user.
In Yahoo search engine there is option for a safe search filtering Click on
Advanced Select desired option
Remember none of these filtering features are 100 % accurate- and some
unsuitable content may still slip through.
It is important to teach your children to surf the web safely and take time to
explore the Internet with them.
5.2 Parental Control Bars
Parental Control Bar is a simple, powerful tool to help shield your children from
explicit websites. Simply activate Child-Mode while your children surf the
Internet, and the toolbar will block access to adult-oriented websites. Ensure
that your child is safe while using the Internet .
Parental controls will provide you with the advantage of being able to do the
following
The Parental Control Bar in Windows vista OS supports for Internet Explored by
default. For information on setting up parental controls in Windows Vista.
Open Parental Controls by clicking the start button, clicking Control Panel, under
User accounts, clicking Setup Parental Controls. If you are prompted for an
administrator password or confirmation, type the password or provide
confirmation.
Then click the standard user account for which to set Parental Controls
Under Parental Controls, Click On.
Once you've turned on Parental Controls for your child's standard user account,
you can adjust the individual settings that you want to control. You can control
the following areas like web restrictions, time limits , games, can block specific
programs.
Third party parental control bar tools can be downloaded from the following
links.
There are many Firefox addons or extensions, which we can download from
https://addons.mozilla.org/en-US/firefox/search?q=parental+control&cat=all
Some of the products/addons for Firefox
5.2.1.3 Glubble for Families
Glubble allows you to create a private family page where you can monitor and
support your childrens online activities. Glubble provides games, chat, safe
surfing, and a Family Photo Timeline service for uploading, storing, and sharing
your photos online. Glubble integrates Ask for Kids, a safe search engine for
children.
https://addons.mozilla.org/firefox/addon/5881
Web page content by using a list of inappropriate words and replacing them
with asterisks (***). Note that the bad word filter does not block websites
containing the words; you must add the website to a Blacklist. ProCon can also
block all traffic, making sure that only desired websites (set in the Whitelist) can
be accessed. You can manage "white" and "black" lists of sites and pages. ProCon
also has password protection in order to keep others from changing the settings
Available: https://addons.mozilla.org/firefox/addon/1803
4. The wizard asks for the parental control password which will be used to
manage parental control settings.
5. Type the password and enter a question which will be used as a hint when you
forget the password typed earlier. Be sure that your child doesnt know the
answer for the question.
6. Type the e-Mail address, to which the parental password will be sent and click
Next.
7. Next the installation starts by taking appropriate files from the website and
completes with in a few minutes.
8. The parental control bar will be added to the Internet Explorer browser as
shown above
9. Below shows the parent button showing that the browser is acting in parent
mode.
10. Type the website that you want to block for children and click the button
Block this site.
13. Whenever child wants to browse the website, the browser should be in child
mode. So click parent mode button, so that the browser is changed to child
mode. Then the parent control toolbar appears as shown below telling that child
safe mode is now active.
15. When the child wants to browse the blocked site, it asks for the password
to open the site which is shown as below.
16. Now if the child wants to view the website without entering password, an
error occurs like this.
5.4 Changing the parental control settings in the parental
control toolbar
1. To change settings for allowing and blocking websites, click the 'change
parental settings'.
2. After clicking change parental settings, a window opens and asks for the
parent control password.
3. Type the password and click ok. After that a window opens like this.
4. You can add sites in the allowed list by clicking the allowed site list tab.
5. Type the website that you want to allow and click allow button as shown
below.
6. You can also add sites in the blocked list by clicking blocked site list.
7. Type the website that you want to block and click block button as shown in
the below figure.
8. You can also filter some type of contents by clicking basic site filters tab.
9. The following window appears after click the Basic site filters tab.
Click on the spam filter option and add e-Mail ID which you feel not a trusted ID
or e-Mail ID of an unknown user.
X.400 is the universal protocol that provides a standard format for all e-Mail
messages. X.500 is an extension to X.400 standard, which provides standard
addressing formats for sending e-Mails so that all e-Mail systems are linked to
one another.
The working of e-Mail is as shown in the figure below. Each mail server consists
of two different servers running on a single machine. One is POP3 (Post Office
Protocol) or IMAP (Internet Mail Access Protocol) server which holds the
incoming mails and the other SMTP (Simple Message Transfer Protocol) server
which holds the outgoing mails. SMTP works on the port number 25 and POP
works on the port number 110 and IMAP works on the port number 143.
In the figure shown above, Client 1 has an account in the mail server 1 and
Client 2 has an account in mail server 2.
When Client 1 sends a mail to Client 2, first the mail goes to the SMTP
server of mail server 1. Here the SMTP server divides the receiver address
into two parts username and domain name.
Now with the help of the domain name it will request particular IP
address of the recipients mail server, and then it will send the message to
mail server 2 by connecting to its SMTP server.
Than SMTP server of Mail Server 2 stores the message in Client2 mailbox
with the help of POP3 in mail server 2. When the client 2 opens his
mailbox, he can view the mail sent by client 1.
POP3 server contains a collection of text files one for each mail account.
When a message has arrived to a particular user it will append that
message at the bottom of that particular user account text file.
When a user connects to the mail server for checking his mails, he
connects to POP3 server of that mail server through port 110. Here it
requires username and password to view his mailbox on the mail server.
IMAP is also similar to POP3 protocol.
Since a backup is maintained for an e-Mail server all the messages will be stored
in the form of clear text though it has been deleted from your mailbox. Hence
there is a chance of viewing the information by the people who are maintaining
backups. So it is not advisable to send personal information through e-Mails.
Say you have won a lottery of million dollars, Getting or receiving such kind of
mails is a great thing, and really its the happiest thing. However these mails may
not be true.By responding to such a kind of mails many people lost huge amount
of money. So ignore such kind of e-Mails, do not participate in it and consider it
as a scam.
Sometimes e-Mails offering free gifts and asking personal informa are received
from unknown addresses.This is one way to trap your personal information.
6.1.3.1 Attachments
Sometimes attachments come with e-mails and may contain executable code like
macros, .EXE files and ZIPPED files. Sometimes attachments come with double
extensions like attachment.exe.doc.By opening or executing such attachments
malicious code may downloaded into your system and can infect your system.
Tip: Always check and confirm from where the e-mail has been received,
generally service people will never ask or provide your password to change.
Spam messages may trouble you by filling your inbox or your e-mail database.
Spam involves identical messages sent to various
recipients by e-Mail. Sometimes spam e-mails come with
advertisements and may contain a virus. By opening such
e-Mails, your system can be infected and your e-Mail ID is
listed in spammers list.
6.1.3.5 Hoaxes
Hoax is an attempt to make the person believe something which is false as true. It
is also defined as an attempt to deliberately spread fear, doubt among the users.
Use e-Mail filtering software to avoid Spam so that only messages from
authorized users are received. Most e-Mail providers offer filtering services.
6.1.4.2 Ignore e-mails from strangers
Avoid opening attachments coming from strangers, since they may contain a
virus along with the received message.
Be careful while downloading attachments from e-Mails into your hard disk. Scan
the attachment with updated antivirus software before saving it.
Use E-Mail filtering software to avoid Spam so that only messages from
authorized users are received. Most e-Mail providers offer filtering
services.
Do not open attachments coming from strangers, since they may contain a
virus along with the received message.
Do not send messages with attachments that contain executable code like
Word documents with macros, .EXE files and ZIPPED files. We can use
Rich Text Format instead of the standard .DOC format. RTF will keep your
formatting, but will not include any macros. This may prevent you from
sending virus to others if you are already infected by it.
Avoid filling forms that come via e-Mail asking for your personal
information. And do not click on links that come via e-Mail.
Do not click on the e-Mails that you receive from un trusted users as
clicking itself may execute some malicious code and spread into your
system.
6.2.1.1 Spim
Generally, it happens in real time and we need to stop the work and deal with
spim as the IM window pop-ups, in the e-mail we have time to delete and we can
delete all spam at a time, or we can scan before opening any attachments. This
cannot be done in IM.
Through social networking there are many advantages like we can get into any
kind of groups based on our hobbies, business, schools and many more, it is a
different communication tool to keep in touch with friends and colleagues.
Apart from all these advantages there are disadvantages like based on these
communication tools, sites can be trapped by scammers or any hackers so it is
very important to protect yourself.
These social networking sites are very popular with young people. They expose
them to risks they have always faced online but in a new forum: online bullying,
disclosure of private information, cyber-
stalking, access to age-inappropriate
content and, at the most extreme, online
grooming and child abuse.
Most of the sites and services provide options for privacy settings and use
them to prevent attackers to view your information. You can also set the
privacy settings according to whom you want to allow seeing your
information.
There are free online games and commercial games , most of the popular games
are enclosed with end user license agreements and limited to access by the
creators of games and the breaking of the agreement range from warning to
termination.
There are massively multi-player online games like real time strategy games, role
playing game, first person shooter games and many more.
Some times because of the insecure game coding, the game software
causes buggy behaviour on your computer and introduces unknown
vulnerabilities.
8.4 Guidelines
Beware of clicking links, images and pop ups in the web sites as they
may contain a virus and harm the computer.
Some free games may contain a virus, so be cautious and refer while
downloading them.
Scan all the files after you download whether from websites or links
received from e-mails.
Always use updated antivirus, spam filter and spyware to help detect and
remove virus, spyware from the application you want to download.
Never download any files like music, video, games and many more from
untrusted sites and dont go by the recommendations given by your
friends or made by any random website's comments.
Check that the URLs are same and always download games, music or
videos from the secure websites like which use HTTPS websites instead of
HTTP. In the web address, it replaces http to https. The https refers to
the hypertext transfer protocol secure.
Download anything only from thrust worthy websites. Dont click links to
download anything you see on unauthorized sites.
If any dirty words appear on the website just close the window no matter
how important it is, because spyware may be installed on your PC from
such websites.
Check the size of the file before you download, sometimes it shows a very
small size but after you click it increases the size of the file.
Never believe anything which says click on this link and your computer
settings will be changed and your PC can be turned into XBOX and can
play unlimited games on your computer.
Dont accept anything that offers you free download because that may
contain malicious software.
Dont click the link or file and let it start download automatically,
download the file and save where you want save and then run on the
application.
10.1Types of blogs
There are many different types in content and the way content is delivered or
written
Personal blogs
Corporate and organizational blogs
Genre blogs
Media type blogs
By Device blogs
10.1.4 Media type blogs (vlog, linklog, photoblog) are used for sharing the
videos called vlogs, for sharing the links called linklogs and for sharing the
photos called photoblog.
10.1.5 By the device (mobile phone, PDA, wearable wireless webcam) are
used to write the blogs through the mobile device like mobile phones or PDA
called moblog.
10.2 Risks involved in blogging
If you give your personal information like your
name, location address, phone numbers, credit
card details in the blogging sites, your
information may be stolen by others (identity
theft) because everyone who is having login
account in the site which you are using can
access to your profile. The profile which you are
creating will be visible to everyone on the
blogsite. The persons like strangers can access
your profile and can view all your details.
For example, if you give your credit card number in the site, they may use that
number for their own business or shopping purpose and the bill will be sent to
you. Another example is if your children give their school name or location
addresses in the site, the strangers who access that data may take advantage of it
and may kidnap your children.
Guide them with other positive examples such as the children are
posting their related information.
10.5 Scenario
Like many of her friends, Alice has a blog. However, unlike her friends, she
keeps its location secret. She doesnt link to anyone elses blog, and she doesnt
comment on other blogs using her blog identity. Somehow, though, Bob finds out
the URL for Alices blog and adds it to the friends list on his blog. Word spreads,
and soon everyone has read Alices blog. Unfortunately, she has used her blog to
criticize most everyone she knows, including other students, teachers, and her
parents. Everyone is furious with her.
Children may face different security risks when they use a computer or when
they are online. Not only do you have to keep them safe, you have to protect the
data on your computer. By taking some simple steps, and can reduce the risks.
All the web browsers keep a record of recently visited sites and also make
temporary copies of web pages. To see recently visited sites, click on the History
button or press Ctrl and the H key.
Understand the risks yourself and plan ahead before monitoring and
allowing children access to the Internet.
Discuss with children what they can and cannot do online.
Make a contract with children on usage of computer with signing.
Work out how you are going to monitor their Internet use.
The boundaries you set and the kind of conversations you have with your
children will depend on their age and technical ability as well as your
judgement as parents.
These factors will change as they grow up and should be reconsidered
regularly.
If a child is too young to access computer always sit with them while they
are online.
Ask your children to share all their online user names and passwords
with you.
Set browser settings to limit the access to inappropriate content.
Put the computer in an open area in the home.
Consider installing Internet monitoring software to track what they do
online.
Set up a separate user account for your child with a limited permission and can
give limited control over the computer.
For example, they wont be allowed to install new programs or change settings
without your permission. It also helps monitor and control what they do online.
Online scam is an attempt to trap you for obtaining money. There are many types
of online scams, this includes obtaining money with fake names, fake photos,
fake e-mails, forged documents, fake job offers and many more.
Generally, it happens by sending fake e-Mails for your personal details like online
banking details, credit card details. Sometimes e-Mails are sent from lottery
companies with fake notice, when ever you participate in online auction and e-
Mails received for fake gifts.
Phishing scam
Online scammers send you an e-mail and ask your account information or credit
card details along with a link to provide your information. Generally, the links
sent will be similar to your bank. So when ever you post your details in the link
then the details will be received by scammers and money is misused.
Lottery scam
Sometimes you receive an e-Mail like you won a lottery of million dollars
receiving such a kind of mails is a great thing, and really its a happiest thing. By
responding to such a kind of mails huge amount of money will be lost. Because
these e-Mails are not true, scammers try to fool and trap you to obtain money.
Online Auction
If you bid for a product you never get the product promised or dont match the
product, and the description given to you may be incomplete, wrong, or fake. The
scammer accepts the bid from one person and goes for some other sites where
they can get less than the winning bid so scammers may not send the product
you wanted.
When ever you answer an online advertisement for a letter or e-mail manager
like some US based corporation which lacks address or bank details and needs
someone to take goods and sent to their address or ship overseas, and you are
asked to accept the transfers into your bank.
Generally, it happens for products that are purchased using stolen credit cards
and shipped to your address and then you will be fooled and asked to reship the
product to others they might have deceived who reship the product overseas.
The stolen money will be transferred to your account.
E-Mail Scam Like --Congratulations you have won Webcam, Digital Camera,
etc.
Sometimes you get an e-mail with a message like -- you have won something
special like digital camera webcam , all you need to do is just visit our web site by
clicking the link given below and provide your debit or credit card details to
cover shipping and managing costs. However the item never arrives but after
some days the charges will be shown on your bank account and you will lose
money.
By e-mails
Generally, fraudsters send you an e-mail with tempting offers of easy access to a
large sum of money and ask you to send scanned copies of personal documents
like your address proof, passport details and ask you to deposit an advance fee
for a bank account. So once you deposit the funds, they take money and stop
further communication, leaving you with nothing in return.
Beware of shipping scam.Make sure you get authorized signed document via fax
before proceeding further and make sure you received it from an authorized
company.
Dont be trapped with discounts and think wisely before you proceed with online
auction. Think why $200 product would be $ 20.
Be aware about the products you get for a discounted-price.Think why you
received e-Mail for products when you never enter any online shopping or
contest.
Dont get trapped by scammers and e-Mails with a subject line you won some
$10000 just think why only you received the e-Mail without your participation.
Filter Evasion
Phishers have used images instead of text to make it harder for anti-phishing
filters to detect text commonly used in phishing e-mails.
Malware attacks
Example:
Keeping up with the latest Web security threats is a daunting task, because
viruses and Trojans emerge, evolve, and spread at an alarming rate. While some
infections like Nine Ball, Conficker, and Gumblar have hit the scene and
immediately become the scourge of the cyber security world, others take their
time -- quietly infiltrating more and more computers before revealing the true
depth of the danger they pose.
One such slow grower is Clampi, a Trojan that made its debut as early as 2007
(depending on who you ask) but is only now raising hairs outside professional
security circles. Clampi primarily spreads via malicious sites designed to
dispense malware, but it's also been spotted on legitimate sites that have been
hacked to host malicious links and ads. Using these methods, Clampi has infected
as many as half a million computers, Joe Stewart, of Secure Works, told a crowd
at the Black Hat Security Conference in July, USA Today reports.
Once installed on a PC, the Trojan quietly waits for you to visit a credit card or
banking Web site. When it detects you're on one of the roughly 4,600 financial
Web sites it's trained to watch, it records your username and password, and
feeds that information back to the criminals. Clampi can even watch for network
login information, allowing it to spread quickly through networked PCs (e.g.,
those in an office). In fact, it seems that businesses have been the primary target
of Clampi so far. According to the Times Online, in July, an auto parts shop in
Georgia was robbed of $75,000 when criminals stole online banking information
using Clampi. The Trojan was also used to infiltrate computers for a public
school district in Oklahoma and submit $150,000 in fake payroll payments.
Online shopping has become very popular to purchase all things without leaving
your home, and it is a convenient way to buy things like electronic appliances,
furniture, cosmetics, and many more. We can avoid the traffic and crowds. There
is no particular time to buy things we can buy at any time instead of waiting for
the store to open. Apart from all these advantages risks are involved and there
are unique Internet risks so it is very important to take some safety measures
before you go for online shopping.
Before you go for online shopping make sure your PC is secured with
all core protections like an antivirus, anti spyware, firewall, system
updated with all patches and web browser security with the trusted
sites and security level at high.
Before you buy things online research about the web site that you
want to buy things from, since attackers try to trap with websites that
appear to be legitimate, but they are not. So make a note of the
telephone numbers physical address of the vendor and confirm that
the website is a trusted site. Search for different web sites and
compare the prices. Check the reviews of consumers and media of that
particular web site or merchants.
If you are ready to buy something online check, whether the site is
secure like https or padlock on the browser address bar or at the
status bar and then proceed with financial transactions.
After finishing the transaction take a print or screenshot of the
transaction records and details of product like price, confirmation
receipt, terms and conditions of the sale.
Immediately check the credit card statements as soon as you finish
and get them to know about the charges you paid were same, and if
you find any changes immediately report to concerned authorities.
After finishing your online shopping clear all the web browser cookies
and turn off your PC since spammers and phishers will be looking for
the system connected to the Internet and try to send spam e-Mails and
try to install the malicious software that may collect your personal
information.
Beware of the e-Mails like please confirm of your payment, purchase
and account detail for the product. Remember legitimate business
people never send such e-Mails. If you receive such e-Mails
immediately call the merchant and inform the same.
12.5 Identity Theft
Identity Theft occurs when someone, without your knowledge, acquires a piece
of your personal information and uses it to commit fraud.
Identity theft is a crime used to refer to fraud that involves someone pretending
to be someone else in order to steal money or get other benefits. The term is
relatively new and is actually a misnomer, since it is not inherently possible to
steal an identity, only to use it. The person whose identity is used can suffer
various consequences when he or she is held responsible for the perpetrator's
actions. In many countries specific laws make it a crime to use another person's
identity for personal gain. Identity theft is somewhat different from identity
fraud, which is related to the usage of a false identity' to commit fraud.
Application fraud
Account takeover
Account takeover happens when a criminal tries to take over another person's
account, first by gathering information about the intended victim, then
contacting their card issuer masquerading as the genuine cardholder, and asking
for mail to be redirected to a new address. The criminal then reports the card
lost and asks for a replacement to be sent.
13. Mobile Security
There are various threats, which can affect the mobile users in several ways. For
example, sending multimedia messages and text messages to the toll free
numbers, unknowingly clicking for a message received through the mobile
phone. Now-a-days many malicious programs have come which will try to get
access over mobile phones and laptops and steal the personal information inside
it.
13.1.3.2 Bluesnarfing
In theory, a Bluetooth user running the right software on a laptop can discover a
near by phone, connect to it without your confirmation, and download your
phonebook, pictures of contacts and calendar. Your mobile phones serial
number can also be downloaded and used to clone the phone.
Worms may disturb the phone network by spreading from one mobile to other
mobile through Bluetooth transfer, Infrared transfer
or through MMS attachments. Spyware that has
entered into the mobile phone through Bluetooth may transfer the personal
information to the outside network. The Trojan which got installed along with
the game application in the mobile may send SMS messages to expansible
members and may increase the phone bill.
NOTE:
Many people on the Internet keep their personal and confidential information in
the shared form. So these people have to be provide training for not to share
their information to the unauthorized users. This information will be kept as safe
and secure as possible, used for the purpose given and not shared with or passed
on to others.
Encrypted data without a key can be easily accessed by modern computer users
by 27 performing brute force attack. So in order to protect the encrypted data
the key length should be long so that it is not easy to guess it. Encrypting the data
only ensures that the data cannot be read by the third party in an
understandable format when the data has been received by them.
In order to delete the data permanently, some software tools are available, which
will prevent the data from being reconstructed. Some operating systems allow
formatting command in such a way that it not only formats but also adds zero
into that place. The easiest way of deleting the data is by using wiping program
which not only formats the disk but also adds some garbage data into it.
Single pass
Here the data is overwritten with 1's and 0's for only one time.
Guttmann method
This method overwrites the data for nearly 35 times and this will be done by
taking in to the account various encoding algorithms used by various disk
manufacturers. Linux and UNIX systems implement a file destruction command
to protect files that contain sensitive content from being recovered by someone
else. The 'shared' command overwrites the specified files repeatedly, in order to
make it harder for even very expensive hardware probing to recover the data. It
additionally provides the feature to shared and then delete a file from the hard
disk. Another Linux/Unix command that can be used to format a disk drive
completely is the 'dd' command. When certain switches to this command are
used, the entire disk is rewritten to zeros.
15. Physical Security
The first step in security is considering the physical security of the PC.
Maintenance of physical security depends on the location and the budget.
The second step is the factors related to physical stability that include the power
supply, physical location of the computer, room temperature, etc. Failure of
anyone of the above said factors leads the computer into risks.
There is a good chance that your home PC is one of the most expensive things in
your home, or if you have got a laptop, it is likely to be the most expensive thing
you carry in a bag.
Although your insurance policy may cover the costs of replacing hardware if its
stolen, there is nothing that money can do to retrieve precious or personal data.
So physical security is as important as software security.
15.3 In Organizations
Many organizations provide tracking and recovery services. These work with the
help of software agents in the computer. Whenever a thief connects to the
Internet, automatically without his knowledge IP address of the system or the
phone number through which he is connecting is sent to the recovery service
centre.
Always maintain a redundant power supply and also make sure that only
authorized users access the computers.
Use systems screen locking functionality to protect against physical
access, such as a screen saver that wont deactivate without a password,
or just log out of everything so anyone that wants access has to log in
again.
Enable the option chassis intrusion in the BIOS settings to be aware of
unauthorized users.
A continuous interruptible power supply should be provided to the
systems in order to prevent loss of unsaved data during power failures.
The systems should be placed in a room which is dust free and has a good
ventilation to avoid overheating of CPU.
The PC keys should be secured and not left unattended.
Do not plug the computer directly to the wall outlet as power surges may
destroy computer. Instead use a genuine surge protector to plug a
computer.
Check the system input power supply and grounding at least annually to
ensure that it meet the manufacturers specification.
Static electricity may affect the integrity and reliability of data and
programs processed and stored on equipment, hence antistatic devices
should be installed.
Use gentle touches on the keyboard.
Dont eat food or drink by the PC.
There should be no magnets near to you PC.
Keep your PC clean.
Lock the room properly in which PC is kept before leaving the home.
Buy lockable CPU cabinets and keep them, locked.
16. Safe Practices
It will control the program in such a way that they do not interfere with
one another.
The security of the operating system running on various PCs and servers plays
an important role in the security of the network as a whole. Not updating one
system in the network may affect the security of the other systems in the
network. Today we have a highly sophisticated operating system with lots of
features, but it may be vulnerable if they are not administered, configured and
monitored properly. Sometimes updating the operating system with latest
patches may lead to interoperability issues with other operating systems. Hence
proper care should be taken while updating the operating system.
Whether youre using your computer at home or travelling with your notebook
PC, the following are basic guidelines for securing System.
16.1.2.1 Install an antivirus product and keep up to date
Virus: A computer virus is a program which is able to replicate and attach itself
to a program or files infecting the system without our knowledge.
Worm: Worms can replicate themselves from one machine to another without
the need of downloading them from the Internet. They often send themselves as
attachments in e-Mails they generate from their infected host computer.
In social networking sites like Facebook, Orkut, and LinkedIn each of which is
studded with answers to commonly used security questions such as favourite
place, school, college, etc..
Strangers search for papers or the disk for passwords where they have been
written.
Tip: Tell your children not to write the passwords on any paper or on any disk
drive to store it. Explain to them that memorising is the best way to store them.
Tip: Explain to your children not to use a password that represents their
personal information like nicknames, phone numbers, date of birth, etc..
Tip: Teach your children not to use dictionary words (like animal, plants, birds
or meanings) while creating the passwords for login accounts.
The Hackers even get the password information by sniffing the network traffic
which is travelling on the network or even can get the password information
by listening to your phone call conversation with others.
Tip: Teach your children not to give their passwords to their friends or to
anyone through online chatting, e-mails or even through phone conversations.
Tip: Explain to your children not to share their passwords with unknown
persons (strangers).
http://www.avast.com/eng/download-avast-home.html
The AVG Anti-Virus Free Edition is similar to the AVG Anti-Virus Professional
Edition product, but does not have all the features. It lacks the fine-grained
control over how scans are conducted. In addition, the free versions do not
receive technical support from Grisoft, and English is the only available language.
Grisoft announced that support for AVG Anti-Virus Free Edition version 7.1
ended on February 18, 2007. Users were required to upgrade to AVG Anti-Virus
Free Edition version 7.5.
http://free.grisoft.com/doc/5390/us/frt/0
http://www.free-av.com/antivirus/allinonen.html
http://www.bitdefender.com/PRODUCT-14-en--BitDefender-Free-Edition.html
http://home.mcafee.com/store/package.aspx?pkgid=276&ctst=1
http://antivirus.comodo.com/download.html
http://www.clamwin.com/content/view/18/46/
http://sourceforge.net/project/showfiles.php?group_id=122629
17.2.3 Calmtk
ClamTk is a GUI front-end for Clam Antivirus using gtk2-perl. It is designed to be
an easy-to-use, lightweight, point-and-click desktop virus scanner for Linux.
http://sourceforge.net/projects/clamtk/
18 . Lockdown, Auditing and Intrusion Detection Tools
18.1 OS Lockdown Tools
Use Secure It Pro to lock your computer when you're not there. The program
comes with a ton of features: Disabling the main Windows key functions, like
Ctrl+Alt+Del, Alt+Tab, the Windows key, and the Ctrl+Esc key combination.
Secure It Pro can also disable the Windows boot keys, detect for cold boots, allow
other people to leave messages, log incorrect password attempts, or even hide
itself every few seconds. The program also includes password reminder options,
which can assist you if you ever forget your password, as well as several
advanced configuration options as well as a locking screen saver.
http://www.cleansofts.com/get/945/17903/SecureIT_Pro_470.html
PC Locker Pro is a Freeware that locks and protects your computer when you
leave.
http://pc-locker-pro.en.softonic.com/
It's simple to create, modify, and remove user profiles with Windows Steady
State. There's no need to log in to the user account, edit the registry, or
manipulate files or folders on the hard drive. You control all user restrictions
directly from the main console. Rapidly assign high, medium, or low security
defaults to each user profile. Then fine tune the profiles precisely, using the many
available options in Windows Steady State.
http://www.microsoft.com/windows/products/winfamily/sharedaccess/default.mspx
http://linuxappfinder.com/package/pessulus
http://bastille-linux.sourceforge.net/running_bastille_on.htm
18.1.2.3 Kiosk
System administrators typically spend a lot of their time fixing trivial problems
for users who have accidently changed their settings in some way. When an
inexperienced user moves a desktop icon into the waste bin or sets a mime type
to open with the wrong program they may be unable to reset their changes. Calls
to the system administrator for help are a poor use of everyone's time. It would
be better if the user had never been able to make undesirable changes.
Start the Kiosk tool (as your normal user, there's no need to run as root) by
selecting Kmenu-> System -> Kiosk Admin Tool, or with the kiosk tool command,
and click AddNew Profile. Give this profile a name such as 'locked-down' and
click OK to save. You will be asked for your root password to save the new
profile. Now click Manage Users and add a user policy to link a user to your new
locked-down profile. It is also possible to link a whole group to the policy, you
can see and change which users are in which groups by looking at the file
/etc/group.
http://extragear.kde.org/apps/kiosktool.php
http://www.download.com/Reasonable-Anti-phishing-Toolbar/3000-12768_4-
10634323.html
With this Anti-phishing tool you can detect Phishing, E-Mail Frauds and Spoofed
e-Mails immediately at your INBOX with one click.
http://www.scanwith.com/download/Phishing_Detector.htm
GralicWrap is a remote control that slows down the Internet performance on the
system because the application maintains a constant connection with its central
server. It also blocks the fraudulent websites. Garlic Wrap checks every website
visited by the user against the information stored at its central database.
http://gralicwrap.com/WebDownloadClient.php
McAfee Site Advisor for Firefox - adds safety ratings to sites and search results to
protect you against adware, spam, and online scams.
http://www.siteadvisor.com/download/ff_preinstall.html
Spoof Stick is a simple browser extension that helps users detect spoofed (fake)
websites. A spoofed website is typically made to look like a well known, branded
site (like ebay.com or citibank.com) with a slightly different or confusing URL.
The attacker then tries to trick people into going to the spoofed site by sending
out fake e-Mail messages or posting links in public places - hoping that some
percentage of users won't notice the incorrect URL and give away important
information. This practice is sometimes known as phishing".
http://www.spoofstick.com/Internet_explorer.html
http://www.spoofstick.com/firefox.html
http://www.microsoft.com/technet/security/tools/locktool.mspx
http://www.microsoft.com/downloads/details.aspx?FamilyID=DDE9EFC0-BB30-47EB-
9A61-FD755D23CDEC&displaylang=en
http://technet.microsoft.com/en-in/security/cc242650(en-us).aspx
Tiger is a security tool that can be use both as a security audit and intrusion
detection system. It supports multiple UNIX platforms and it is free and provided
under a GPL license. Unlike other tools, Tiger needs only POSIX tools and is
written entirely in shell language.
http://download.savannah.nongnu.org/releases/tiger/
http://sourceforge.net/projects/tripwire/
The purpose of this program is to scan the system log files to report security-
related events or other events of interest. Swatch can be configured to send
alerts to system administrators. The program uses a resource file to scan for
certain events and generate alerts. The resource file consists of directives that
specify patterns, actions to take when the pattern is found, and the recurrence of
the pattern. The swatch program provides a call pager Perl utility with the
distribution. As the name implies, this utility sends alert pages to systems
personnel. Listing 3 displays a typical swatch resource file. By default, the swatch
program expects the swatch resource file by name to be ~/.swatchrc and
willmonitor the /var/log/syslog file. These defaults can also be specified via
command-line options. Before using this utility, make sure you understand the
syslog configuration information typically located in /etc/syslog.conf
http://safari.java.net/0321194438/ch08lev2sec2
LIDS is an enhancement for the Linux kernel written by Xie Huagang and
Philippe Biondi. It implements several security features that are not in the Linux
kernel natively. Some of these include: mandatory access controls (MAC), a port
scan detector, file protection (even from root), and process protection.
http://www.lids.jp/wiki/index.php?cmd=read&page=Development&word=LIDS
http://www.snort.org/
18.4.1.6 BRO (Network Intrusion Detection System)
This tool works by first extracting the application layer of packets and then
executes event-oriented analyzers comparing the patterns with signatures that
have been identified as malicious data. Although Bro is a signature-based
detection engine, it can detect attacks through changes in traffic patterns and
predefined activities.
http://www.bro-ids.org/download.html
Prelude benefits from its ability to find traces of malicious activity from different
sensors (Snort, honeyd, Nessus Vulnerability Scanner, Samhain, over 30 types of
systems logs, and many others) in order to better verify an attack and in the end
to perform automatic correlation between the various events.
Prelude is committed to providing an Hybrid IDS that offers the ability to unify
currently available tools into one, powerful, and distributed application.
http://www.prelude-ids.org/spip.php?rubrique6
http://www.ossec.net/main/downloads/
19.Security Assessment Tools
19.1 Assessment Of OS Security Levels
http://www.microsoft.com/downloads/details.aspx?FamilyID=6d79df9c-c6d1-4e8f-
8000-0be72b430212&displaylang=en
http://www.nessus.org/download/
http://www.eeye.com/html/products/retina/download/index.html
https://www.iss.net/issEn/MYISS/login.jhtml?action=download
http://www.qualys.com/forms/trials/freescan/matrix/?lsid=6960
http://www.gfi.com/downloads/downloads.aspx?pid=lanss&lid=EN
http://www.coresecurity.com/?module=ContentMod&action=item&id=535
https://www.securehq.com/group.wml&storeid=1&deptid=75&groupid=928&ds=wps
hop_store&SessionID=20091285321932563
http://linux.softpedia.com/get/System/Networking/Nikto-10271.shtml
approach. The scanner can be utilized both at the command line and has an easy
to use GUI front-end. The following items can be scanned:
http://www.xfocus.org/programs/200507/18.html
http://www.vulnerabilityassessment.co.uk/xscan.htm
19.1.12 Sara (Linux, Windows, Open source)
In its simplest (and default) mode, it gathers as much information about remote
hosts and networks as possible by examining such network services as finger,
NFS, NIS, ftp and tftp, rexd, and other services. The information gathered
includes the presence of various network information services as well as
potential security flaws -- usually in the form of incorrectly setup or configured
network services, well-known bugs in system or network utilities, or poor or
ignorant policy decisions. It can then either report on this data or use a simple
rule-based system to investigate any potential security problems. Users can then
examine, query, and analyze the output with an HTML browser, such as Mosaic
or Netscape. While the program is primarily geared towards analyzing the
security implications of the results, a great deal of general network information
can be gained when using the tool - network topology, network services running,
types of hardware and software being used on the network, etc.
http://www-arc.com/sara/
http://download.saintcorporation.com/downloads/freetrial/saint-install-6.7.2.gz
We wrote a program called "Paros" for people who need to evaluate the security
of their web applications. It is free of charge and completely written in Java.
Through Paros's proxy nature, all HTTP and HTTPS data between server and
client, including cookies and form fields, can be intercepted and modified.
http://www.parosproxy.org/download.shtml
http://www.net-security.org/software.php?id=504
https://h10078.www1.hp.com/cda/hpms/display/main/hpms_content.jsp?zn=bto&cp
=1-11-201-200%5e9570_4000_100__
http://portswigger.net/suite/download.html
http://www.sensepost.com/research/wikto/
Identity theft
Accessing sensitive or restricted information
Gaining free access to otherwise paid for content
Spying on users web browsing habits
Altering browser functionality
Public defamation of an individual or corporation
Web application defacement
Denial of Service attacks
http://www.acunetix.com/cross-site-scripting/scanner.htm
https://www.watchfire.com/securearea/appscan.aspx
http://www.nstalker.com/products/free/
19.2.1 IPLocks
IPLocks Armour provides the industrys most robust solution for detecting and
repairing database weaknesses. No other vendor can match the combination of
scalability, customizability, and cost-effectiveness of IPLocks. Companies around
the world use IPLocks Armour to support critical initiatives such as:
http://www.iplocks.com/products/iplocks_armour.html
https://www.appsecinc.com/downloads/appdetectivepro/
Watch fire App Scan automates web application security audits to help
ensure the security and compliance of websites. Named the worldwide market-
share leader according to Gartner and IDC, our App Scan product suite offers a
solution for all types of web application security testing needs - outsourced,
individual scans and enterprisewide analysis - and for all types of users -
application developers, quality assurance teams, penetration testers, security
auditors and senior management.
https://www.watchfire.com/securearea/appscan.aspx
19.3.1.2 N-stalker
http://www.nstalker.com/products/free/download-free-edition
Sprajax is an open source black box security scanner used to assess the security
of AJAX-enabled applications. By detecting the specific AJAX frameworks in use,
Sprajax is able to better formulate test requests and identify potential
vulnerabilities.
http://www.owasp.org/index.php/Category:OWASP_Sprajax_Project
http://pixybox.seclab.tuwien.ac.at/pixy/download.php
19.3.2.1 Prevx
However, in order to share files on your computer and sometimes in order for
you to access files on other computers within a P2P network such as Bit Torrent,
you must open a specific TCP port through the firewall for the P2P software to
communicate. In effect, once you open the port you are no longer protected from
malicious traffic coming through it.It may cause confusion for novice users in
much the same way personal firewall software such as Zone Alarm does because
simply allowing or banning actions wholesale would result in either allowing a
large amount of suspicious activity to go undetected or banning a large amount
of benign actions such as the user trying to install their own software, so Prevx
asks the user how it should treat the activity.Any time that an application
attempts to access system memory or critical files or alter the registry the Prevx
Home software detects the activity and either blocks it completely or asks the
user how to proceed. According to Prevx the software will detect and prevent
buffer overflows and overruns, modification of critical files and directories,
unauthorized changes to critical areas of the system registry and more.I removed
my antivirus and firewall software for an entire week during my test and still ran
into no viruses or other malicious code or spyware. A scan with Ad-Aware found
a handful of tracking cookies, but nothing malicious.
http://info.prevx.com/downloadprevx2.asp
Honey trap is a network security tool written to observe attacks against network
services. As a low-interactive honey pot, it collects information regarding known
or unknown network-based attacks and thus can provide early-warning
information.
http://honeytrap.mwcollect.org/download-Download%20Honeytrap
20. Operating system Updates and Patches
20.1 Security Update Solution Tools (Windows)
20.1.1 Updates
Latest bug fixes for Microsoft Windows, including fixes for some possible DoS
attacks.
Windowsupdate.microsoft.com
20.1.1.2 WSUS
http://technet.microsoft.com/en-us/wsus/default.aspx
Latest bug fixes for Microsoft Windows, including fixes for some possible DoS
attacks
http://office.microsoft.com/en-us/downloads/default.aspx
20.2.1 Firewall
Firewall is a software or hardware systems that controls the access to or from a
private network. It works by checking and logging the data packets and block the
data packets that does not meet the predefined security criteria. It helps in
keeping your system more secure.
Under Advanced tab, Click on settings under Security Logging section as shown
below.
Under Log settings, check the option Log successful connections and specify the
path of the log file under Log File Options section.
To view the open ports in the system or established connections in the command
prompt type netstat -ano.
Note: If a third party firewall has been installed in the system, ensure that the
default firewall that comes along with your system is turned off.
21. Security Update Detection Tools
21.1 MBSA
Microsoft Baseline Security Analyzer (MBSA) is an easy-to-use tool designed for
the IT professional that helps small and medium-sized businesses determine
their security state in accordance with Microsoft security recommendations and
offers specific remediation guidance. Built on the Windows Update Agent and
Microsoft Update infrastructure, MBSA ensures consistency with other Microsoft
management products including Microsoft Update (MU), Windows Server
Update Services (WSUS), Systems Management Server (SMS) and Microsoft
Operations Manager (MOM). Apparently MBSA on average scans over 3 million
computers each week.
http://www.microsoft.com/technet/security/tools/mbsahome.mspx
You must have both Visio 2007 Professional and MBSA 2.1, a free security tool
from Microsoft, for this connector to work properly.
References:
http://www.microsoft.com/india/windows/products/windowsvista/features/details/
parentalcontrols.mspx
www.switched.com
www.us-cert.gov
www.occ.treas.gov
http://www.getsafeonline.org/nqcontent.cfm?a_id=1157
http://www.google.com/support/websearch/bin/answer.py?hl=en&answer=35892
www.staysafeonline.info
www.yahoo.com
http://www.uni.illinois.edu/library/computerlit/scenarios.php
http://www.getsafeonline.org/
http://dban.sourceforge.net/
http://www.heidi.ie/eraser/
http://micro2000.com/erasedisk/
http://www.apple.com/safari/features.html#security