[CiberPAC-net] Safeguards Via FBI-NIPC

"Simple Computing Safeguards"
for Small Business & Home Computer Users

[CiberPAC-net] Safeguards via FBI-NIPC

Sources: www.infragard.net/library.htm
www.nipc.gov/publications/nipcpub/computertips.htm

Visit www.nipc.gov to learn about
password protection practices

Use strong (non-shared) authentication.
Choose pass-phrases that are more difficult or impossible to guess.
Assign different keys for each account.

	authentication
	Verifying the identity of a user logging onto a computer system or verifying integrity of a transmitted message. See password, digital signature, IP spoofing and biometrics.

Make regular backups of critical data.
Create backups at least once DAILY.
Larger organizations create WEEKLY full backups
with DAILY incremental backups every day.

At least MONTHLY, verify off-site backup media’s integrity and usability.

Use effective software protection from malware.
A - Have it correctly installed on your workstation,
B - Check for new virus signature updates DAILY . . .
C - Scan ALL files either incrementally or periodically.

	malware
	(Malicious WARE) Software designed to destroy, aggravate and otherwise make life unhappy or frustrating ! See virus, macro virus, Word macro virus, Worms and Trojan horse.

Do NOT open email attachments from strangers,
regardless of how enticing its Subject Line or attachment seems !

Be suspicious of any unexpected email attachment
from someone you DO know . . . It may have been sent
WITHOUT that person’s knowledge from an infected machine.

Do NOT keep computers online when inactive!
Either shut them off -OR- physically disconnect them from Internet connections.

Use a firewall as a gateway between your computing resources
and any Internet connections.
Firewalls may be deployed as hardware or software safeguards for defense-in-depth solutions.

Such safeguards are essential when computers are always online using popular DSL and cable modem connections. However they are equally valuable safeguards for those using dial-up Internet connections.

Gateway

-1- A computer performing protocol conversion between different types of networks
or applications. For example, a gateway converts a TCP/IP packet to a NetWare IPX
packet and vice versa or from AppleTalk to DECnet, from SNA to AppleTalk and so on.

Gateways function at layer 4 and above in the OSI model. They perform complete
conversions from one protocol to another rather than only supporting one protocol
from within another, such as IP tunneling. Routers can sometimes implement
gateway functions.

An electronic mail, or messaging, gateway converts messages
between two different messaging protocols.

See LAN and IP gateway.

-2- A computer acting as a go-between for two or more networks using the same protocols.
In this case, the gateway functions as an entry/exit point to the network. Transport protocol
conversion may not be required, but some form of processing is typically performed.

See proxy server.

Review About.com Computing Safely 101

Regularly verify and quickly install security patches from qualified software vendors . . .

For HELP with first & last safeguard listed . . . visit www.securemicrosoft.com

See prior article by Stan Stahl, Ph.D @ Auerbach Publications on Thursday, August 23, 2001 . . .

While Code Red has infected over 350,000 computers during the last several days,
neither it nor viruses like Sircam will be end of civilization as we know it.
Nevertheless, the threat from worms, viruses, and other 'bad guys' (malware) is real.

But, like a freeway traffic jam, it's only 'really' real when you're among those stuck in it.
While it is effectively impossible to completely eliminate the risk of loss from these
nefarious agents of doom, here are seven (7) things you can do to mitigate the risk.
_______________________________________________________________

Click here for NDU KnowledgeNet Glossary . . .

Also scan NCMS Trusted Access & www.humanfirewall.com

To learn more about . . .
Tips, Tricks and Traps to AVOID

Internet Security & Microsoft's PSA+

By:mark.j @ 10:28:AM - - SendNews [HERE] / BT eSecurity [HERE]

Following the recent problems with Internet worms
such as Code Red . . . Microsoft offered up a
'Personal Security Advisor' (MPSA) system:

Microsoft Personal Security Advisor (MPSA-Demo)
is an easy to use web application that will help you secure your
Windows NT™ 4.0 or Windows 2000™ personal computer system.

MPSA will scan your system and build a customized report on items such as – missing security patches, weak passwords, Internet Explorer and Outlook Express security settings, and Office macro protection settings.

For each weakness identified on your computer, MPSA provides easy to understand information on the security issue at hand, how to fix it, and links to additional information about the issue.

Once you correct a reported deficiency, you can run the scan again and see the results of the change. Running MPSA on a regular basis will help ensure that your system stays up to date and secure.

The online system/tool can be found HERE
and is a very relevant tool for those of you on broadband connections.

If you don't run a fully functional firewall
then this should be a requirement for always-on connections.

We'd also like to point out the following system
for those on any other operating system:

https://grc.com/x/ne.dll?bh0bkyd2
[Gibson Research Corp. Shields Up!]

It's somewhat less complex and should be ideal
for Windows 9x/ME™ and Linux etc. users trying
to find security holes / gaps in their systems that need to be plugged.

Every reader to this site would be well informed
to try either or both.

Source: www.ispreview.co.uk/archives.shtml [29 Aug 2001]

Key facts:

On average, 60 per cent of organizations suffered a security breach in the last two years¹

During 2001, the number of emails containing viruses detected
by a leading scanning service rose above the one per 400 mark²

Unchecked viruses (malware) could cost businesses £907 billion world-wide by the end of 2002³

One survey found that 90 per cent of sampled businesses experienced computer breaches
in a 12-month period - up from 62 per cent in the previous year⁴

Security breaches are often caused by poorly implemented internal processes,
lack of staff awareness and lax controls on contractors

40 per cent of breaches in security are due to operator error⁵

Operational continuity safeguard investments . . .
can help sustain your business's integrity, improve the reliability
of your service and give greater confidence to your customers.

DTI Information Security Breaches Survey 2000.

Message Labs, reported
in the Guardian newspaper, August 2001.

Price Waterhouse Coopers. (PwC)

Internet Security Investor Handbook
– Lehman Brothers, March 2001.

DTI Information Security Breaches Survey 2000.

HIGHLIGHTS 10-01

November 10, 2001

Editors: Linda Garrison

Martin Grand

Source: http://www.nipc.gov/publications/highlights/2001/highlight-01-10.pdf

Connect It and They Will Come: No Grace Period for Internet-connected Hosts

New Internet victim or host computers can be located by malicious parties in a short period
of time. Computer systems which are not properly secured may be compromised within days
or even minutes of connecting to the Internet due to the increased usage
of automated scanning tools.

The hypothesis that newly connected Internet hosts can be quickly found by hackers has been

confirmed by researchers from the Honeynet Project, a computer security research group.

In a study published earlier this year, the group reported the following observations:

One of the project’s research computer systems was compromised
a mere 15 minutes after being connected to the Internet.

Seven computers running default installations of a popular Linux distribution
were attacked within three days of connecting to the Internet.

A default Microsoft Windows 98™ system was compromised five times in less than four days.

These and other observations belie the common misconceptions many users
and some system administrators have about connecting to the Internet:

Misconception 1: "I won’t tell anyone about my computer, so no one will ever even find it."

Misconception 2: "There are millions of computers connected to the Internet,
so the odds against anyone targeting my computer are very low."

Misconception 3: "With all the other important and high-profile servers out there
on the Internet, no one would want to break into my computer."

The impact of automated scanning tools allows individuals to scan tens of thousands
of Internet addresses in a short time. Like many home systems, the computers used
in the Honeynet Project were not advertised or associated with a particular company.

No one had any way of knowing the systems were connected to the Internet except by discovering
them through scanning ranges of Internet addresses, looking for vulnerable hosts to exploit.
After compromising the targets, intruders can examine the victimized computer for exploitable information such as personal information that can be used for identity theft,
or they can utilize the host to attack other systems on the Internet.

Many users hook up to the Internet with the intent of implementing security measures
in the future. It is imperative that users plan on security before they connect their computers
to a public network. Some good starting points for identifying potential problem areas are
the following online resources:

· The NIPC’s "Seven Simple Computer Security Tips
for Small Business and Home Computer Users"
at http://www.nipc.gov/warnings/computertips.htm

· The SANS/FBI list of the
Twenty (20) Most Critical Internet Security Vulnerabilities
at http://66.129.1.101/top20.htm

· NIPC’s CyberNotes at http://www.nipc.gov

· The Honeynet Project -- http://project.honeynet.org