1. Security Awareness: Security Tips for Protecting Ourselves Online Friday, May 20, 2011 Brian Allen, CISSP brianallen@wustl.edu Network Security Analyst Washington University in St. Louis http://nso.wustl.edu/presentations/

2. Let’s Talk About… Facebook/Social Networking Password Security AV Products Home Wireless Router Security Laptop Security Safe Web Browsing Phishing Examples Online Banking Virus Example and Case Study

3. Facebook/Social Networking:

14. Password Security

15. Parents’ Password Cracked On First Try The Onion News Feb 27, 2002 REDONDO BEACH, CA – Nick Berrigan, 14, successfully hacked into his parents’ AOL account on the first try Tuesday, correctly guessing that “Digby” was their password. “They actually used the dog’s name,” said Berrigan, deactivating the parental controls on his AOL account.

16. Free Password Managers 1.KeePass – I use this one 2.Password Safe – Bruce Schneier’s Project 3.PassPack –An online password manager Commercial Password Manager: 4.1Password -”Works great on iPhone and OS X”

18. Free Antivirus Tools

19. Antivirus I look for: – the fastest – update themselves automatically – have an easy to use interface AVG = http://free.avg.com AntiVir = http://www.free-av.com Avast = http://www.avast.com

20. From CNET.com Editor Reviews AVG Popularity: * Total downloads 227,792,675 Avira AntiVir Popularity: * Total downloads 61,994,231 Avast Popularity: * Total downloads 60,978,532

21. AVG Interface

22. AVG Will Check Every Email

23. Avira AntiVir Interface

24. AVAST Interface

25. Home Wireless Router Tips

26. Change Default Password Firewall is on by Default WPA2, not WPA or WEP MAC Address Filtering Leave SSID on No personal info in SSID like Smith_Family

27. Change The Default Password

28. Firewall Is On By Default

29. WPA2

30. MAC Address Filtering

31. Home Wireless Router Tips Change Default Password Firewall is on by Default WPA2, not WPA or WEP MAC Address Filtering Leave SSID on No personal info in SSID like Smith_Family

32. Laptop Tracking Software

34. Key Questions to Consider How hard is it to disable or remove the software? Who will have access to the collected data? How many laptops are lost or stolen every year?

35. LoJack Pros Very difficult to disable The company, only with the user’s permission, can log in to: – Take pictures – Erase the hard drive Will work with police to recover the laptop

36. LoJack Bios Compatibility Asus Dell Gammatech Getac Gateway General Dynamics HP Fujitsu Lenovo (IBM Thinkpad) Motion Computing Panasonic Toshiba

37. LoJack Cons Bios compatibility does not include Macintosh – 40% student machines are Macs Most Expensive - $49 per laptop The company can get access into laptops, although it is only to be initiated by the owner after it is reported stolen

38. Laptop/USB Encryption USB Hardware Encryption – IronKey $$$ Laptop/USB Encryption – TrueCrypt (Free!)

39. Safe Web Browsing

40. Four OS Security Tips Make sure the operating system has: – Update automatically – Firewall turned on – All accounts have strong passwords – Up-to-date Anti-virus tool

41. Link Security Tips Don’t click links or open attachments in emails. If you have any doubt, get confirmation directly from the sender. Be wary of messages that include attractive offers or urgent requests. Watch out for links that require you to immediately provide a login and password. Type the URL directly into Google.

42. Browser Security Tips I use Firefox as my regular browser. Firefox will automatically update itself. Firefox 3 and 4 have Phishing and Malware Protection on by default. Use the Add Block Plus Firefox Addon.

43. The Top Firefox Addon (By Far)

44. Without AdBlock Plus

45. With AdBlock Plus

46. Phishing Examples

47. Phishing Email

49. Spear Phishing Example

50. Online Banking

51. Important Online Banking Tip Never type your bank url into a browser Or click on a url that looks like your bank Always let Google find it for you – Should be the first link

52. Virus Example and Case Study:

53. First: Different Types of Infections Viruses – Rely on users to spread: email attachments, links in an email Worms – can spread on their own Trojans – A malicious file that appears to be legitimate Bots – A worm that phones home to a Command & Controller so the attacker can give it instructions

54. What Do The Infections Do? Send Spam Attack other machines Set up a Phishing site Act as a proxy for other malicious traffic Download spyware/adware to the machine Run a keylogger

55. Koobface Botnet Koobface made an estimated $2m since July 2009 It makes money by selling scareware (fake anti- virus), doing click fraud and other scams. Koobface targets Facebook and other sites. 400,000+ bots; 20,000+ fake Facebook accounts Tricks users to execute malware disguised as Flash updates needed to view shocking content. The malware turns PCs into zombie drones under the control of hackers. http://www.theregister.co.uk/2010/11/15/koobface_take_down/

56. Fake Anti-Virus Screen Shot

57. KoobFace Botnet How it works in one example: Koobface is a Russian based botnet The threat arrives as a Facebook private message that contains a supposed link to a youtube video

58. Don’t Click the LINK!

59. Koobface Example Continued Users who are tricked into clicking the link are redirected to other pages until they finally end up at a spoofed YouTube site called YuoTube

60. Don’t Trust the “Adobe Flash Update”!

61. How KoobFace works It navigates through users’ FB pages to search for their friends. It phones home to get the actual message that the worm will then spread to your friends. McAfee says it is not unusual to see 10,000 Koobface variants in one month. http://blogs.mcafee.com/mcafee-labs/malware-at-midyear-a-summary TrendLabs considers Zeus and Koobface to be the most prolific malware families http://us.trendmicro.com/imperia/md/content/us/trendwatch/researchandanalysis/tm101hthreat_report.pdf

62. Koobface Targets MacOSX A new version of Koobface attacks Mac OSX spreads through Facebook. Security company Intego says this version uses a malicious Java applet to attack users. http://krebsonsecurity.com/2010/10/koobface-worm-targets-java-on-mac-os-x/

63. Thank You! Brian Allen, CISSP brianallen@wustl.edu http://nso.wustl.edu

64. Password Managers: KeePass: http://keepass.info Password Safe: http://schneier.com/passsafe.html PassPack: http://www.passpack.com 1Password ($): http://agilebits.com/onepassword Antivirus: AVG:http://free.avg.com AntiVir: http://www.free-av.com Avast : http://www.avast.com Laptop Tracking: LoJack($):http://www.absolute.com/en/lojackforlaptops/home.aspx USB/Laptop Encryption: Ironkey($): https://www.ironkey.com TrueCrypt: http://www.truecrypt.org Firefox Ad Blocker: AdBlock Plushttps://addons.mozilla.org/en-US/firefox/addon/adblock-plus Brian Allen brianallen@wustl.edu