PC
By Jaime Ortiz
PC
Zero-Day attacks
Key Loggers
Root Kits
Phishing and Whaling
Encrypted payloads that are polymorphic
I am Running a Firewall
So how come someone can send you an
Instant Message?
How can someone SKYPE you?
How can you connect to you computer
running Go To My PC?
Did you configure your Firewall or just plug
and play?
Anyone use BitTorent (aka backdoor)?
Dont you think Google runs a firewall?
How about TJ Max, NASA?
OS
Someone is Watching
http://download.cnet.com/Malwarebytes-Anti-Malware/300
0-8022_4-10804572.html
your PC
http://www.safer-networking.org/en/home/index.html
http://www.ccleaner.com/
GotoMyPC
Quicktime
Firefox
Winzip
Chrome
Java
BitTorrent
Flash
Acrobat
Microsoft Office
Drivers
Windows Update
Opera
Skype
VNC
Instant Messenger
Router
Antivirus
Though its effectiveness has diminished over
Checkout www.virustotal.com
Antivirus (cont)
Watch out for free flash drives, scan them!
Enable SMTP or IMAP scan if you use mail client
Scheduled Scans are required
Run On-Access scans
Yes there is a performance hit
antibacterial???
It does not hurt, but stay tuned..
Email
Not all email uses encryption, watch out for HTTPSHTTP
switch
Gmail accounts are free
Email (cont)
Gmail www.gmail.com
tracks your email content
Big Brother
Gmail anonymizes you and the sender, be careful
Great SPAM and AV protection in Gmail
If you ever leave your ISP, your email stays the same
Uses HTTPS at all times
Treat email like your home, you dont recognize it,
Passwords
Passwords need to be strong
Usually means hard to remember
Every account should have a unique password
Banks, Email, Amazon, Instant Messenger..
NEVER click Remember my password
Trivial to steal if you are compromised
Use a password manager http://KeePass.info
Auto generate passwords for you
Complex password
One password unlocks all of them
Cut and Paste
Encrypted storage
On-screen keyboard ideal for typing Master Password
Password Manager
Passwords (cont)
Banks are using RSA Two Factor
http://www.nytimes.com/2004/12/24/technology/24online.html?_r=1&p
agewanted=2&oref=login
virtual-account-numbers-1273.php
Firewalls
Dont confuse NAT with Firewall functionality
Run both a software and hardware based firewall
Software firewall imperative if you travel or use
public WiFi
Windows Vista or higher firewall pretty good
Zone Alarm free
www.zonealarm.com/security/en-us/zonealarm-pcsecurity-free-firewall.htm
Software based
You need a firewall that warns/tells you when
OUTBOUND connections are taking place
ALWAYS have a router/firewall between your home
Linksys BEFSX41
Netgear
Prosafe
Firewalls (cont)
Use a complex password to manage
Always use HTTPS to manage hardware device
Do not allow WiFi clients to access Firewall
Dont use port forwarding if you can help it
If you need remote access use Logmein and Phone
Factor
If you are a gamer, then learn DD-WRT and isolate
system or use one of the firewalls mentioned below
Want a real firewall for free?
Very Powerful close to what is used in the enterprise
Smoothwall
WRT
Iptables
Untangle
Filtering
DNS is the Achilles Heal
DNSsec is gaining support
Time Warner and Host Servers setting up as we
speak
Use OpenDNS www.opendns.com
Free reliable DNS
Can provide filtering to reduce the chance of your
machine from going to bad sites
Good approach to keep your kids from wandering off
the reservation
Block known sites that are known attack vectors
Setup the IP address of OpenDNS in your router
Filtering (cont)
Your browser can provide filtering
Internet Explorer SmartScreen Filter
Good filter to prevent you from going to
malicious site
Dynamically updated
Checked in realtime
Secure WiFi
The bottom line if WiFi is dangerous in public
Trivial to use as a method of penetration
Secure it
WPA2 AES with PSK (Pre-Shared Key)
yet
If you want other options try Ethernet over Power
Use your power lines in your house as a network
Great for getting internet access to your DVR
Cheap and encrypted
Backups
When things go south, you want to protect your
data
Perform regular backups
www.mozy.com
www.idrive.com
Radical Approach
There is another way if you choose to accept
your mission
May not cost you money or very little if it does
What if I told you that recent advances in
science have shown a new method that can
save you money, time and may improve your
quality of life
You are right, there is no such thing! But lets
take a look at what we can do.
www.vmware.com/products/server/
www.microsoft.com/downloads/details.aspx?
FamilyId=04D26402-3199-48A3-AFA22DC0B40A73B6&displaylang=en
But Windows software is not free
If you bought Windows 7 Pro you are covered
Copy this file, and restore it from time to time if you think
your VM has been infected
Brand new PC/load in under 30 seconds
attacks
You current PC should be able to run Virtual Computer
Alternate Approach
Check craigslist and buy a cheap laptop
Heck, new ones can be bought for $300.00
Make a rule in the house, the laptop is
your PC www.dban.org/download
Use free Encryption to protect files www.trucrypt.org