Internet Security & Personal Privacy
with John Bondon
Featured Links
Probably the best place to start to learn more about internet security, and the issues related to it, is to check out GRC.com. Read about the Shield's Up Test, the Leaky Firewall test, and all his rants and raves in general. I could spend literally DAYS on this site and still not get through everything!
Windows Configuration Tips
Under Folder Options be sure to Show Hidden Files. Also uncheck Hide Known File Extensions and if you don't need it, turn OFF File & Print Sharing. Also disable port 445. For information on how to disable port 445 by disabling Netbt visit: http://www.uksecurityfocus.com/husdg/windows2000/close445.htm.
GRC.com's Firewall Related Links
http://www.grc.com/lt/hardware.htm
Resolving Firewall Related Issues with Windows XP Service Pack 2 (SP2)
Windows XP SP2 enables the Internet Connection Firewall (Windows Firewall) by default. This may cause some programs to seemingly stop working after you install Windows XP Service Pack 2. Refer to this Microsoft Knowledge Base Article - 842242 for more information on how to resolve such an issue.
Check out the ShieldsUp! test. A great port scanning tool to test your firewall (or lack thereof!).
A great site to test the security vulnerabilities of your browser. Complete with pop-up explanations of what each vulnerability is.
BP Security Analyzer is an advanced diagnostic tool that quickly scans your PC to identify:
Your vulnerability to identity theft, data corruption, and unwanted advertising caused by dangerous hidden spyware infections.
Threats to your privacy caused by unwanted cookie files.
Your susceptibility to pop-up advertising caused by unfavorable system configurations.
Traces of undesirable web sites that you may wish to block in the future.
Another online security check, though not as thorough or useful as the grc.com site. Also, symantec will report your virus is not up to date, if you don't have Norton installed and current! Not exactly unbiased, now is it?
URL Spoofing Demo Page - You can't always trust the URL (web address) listed in your browser!
Password protection perplexes IT managers -
cognitive biometrics - where users are authenticated by their thoughts and actions, rather than by passwords!
Brown & Caldwell McAfee Page
http://mcafee.bc.com (Internal)
http://mcafee.brwncald.com (External)
NEW!
Virtualization Technology
Run a complete guest computer inside your real computer! By disciplining your kids to only use the virtual, you can isolate any potential malware/virus risk. Virtual PC is now FREE!
Run a complete guest computer inside your real computer! By disciplining your kids to only use the virtual, you can isolate any potential malware/virus risk. VMWare Player is now FREE!
Virtual Appliance Marketplace (for VMWare)
place to download pre-configured virtual appliances for VMWare.
NEW!
E-Greetings
The Dangers of Electronic Greeting Cards - Know which sites are safe, and which to AVOID!
Protect your media player from podcasts
Special report by Brian Livingston on the risks of poisoned audio, video, and image files in popular media players. Dumb programming mistakes in popular media players can allow spyware to silently infect your PC while an apparently innocent multimedia file is playing.
Rootkits explained. Technique used to hide spyware and viruses on a PC.
Strider GhostBuster Rootkit Detection
An API used to delete rootkits. It's not based on a known-bad signature, and it does not rely on a known-good state. It targets the fundamental weakness of hiding rootkits, and turns the hiding behavior into its own detection mechanism.
Blocking Unwanted Pests with a Hosts File
You can use a HOSTS file to block ads, banners, cookies, web bugs, and even most hijackers. This site will show you how. A copy is also available at: ./hosts.txt.
Users of Google -- BEWARE of typos!
Anti-Spyware Test (Guide) - a comprehensive review of leading anti-spyware software.
Secret Code to trace copies and print jobs
How invisible patterns of yellow dots on every document printed on the affected machines can indicate when and where the print was made.
lHome PCs Hijacked to spread Spam
http://news.bbc.co.uk/2/hi/technology/3528810.stm
My original Spam talk can be found here, along with useful links, including my tips on 9 Ways to Prevent Spam.
OUCH: The Report On Identity Theft and Attacks On Computer Users
A Disposal Credit Card creates a one-time use credit card number which is associated with your real credit card number. If lost or stolen, has no material value to your real credit card.
A Disposable Email address allows you to give out a different primary email address which is affiliated with you but separate from the common email address you use for friends.
American Express Private Payments
Understanding the Basic Concepts
Encrypting Files Using WinZip 9
Cloak - a great example of steganography. Cloak will hide file(s) inside an image file.
Disk and File Shredders: A Comparison (fortune city)
http://www.wired.com/news/technology/0,1282,54986,00.html
http://www.computer.org/security/garfinkel.pdf
http://www.sltrib.com/2003/Jan/01162003/business/business.asp
http://www.techtv.com/screensavers/answerstips/story/0,24330,3418249,00.html
E-Cyclers Embrace Data Destruction
HP's Data Sanitization Service
ATTACKS & INTRUSIONS & DATA THEFT & LOSS --Florida State Employee Data Compromised - (26 March 2006)
People who worked for the state of Florida between January 1, 2003 and June 30, 2004, are being notified that the privacy of their personal data may have been compromised. Florida's Department of Management Services was using an outsourcing service provider, Convergys, that outsourced the data to GDXData, that, in turn, outsourced the contract to a subcontractor in India. Convergys maintains the offshore work was done without its knowledge and has cancelled its contract with GDXData.
One Florida state public employee union wants the contract with Convergys cancelled.
http://www.computerworld.com/printthis/2006/0,4814,109938,00.html
Stolen Laptop Contained Personal Data from Vermont State Colleges - (24 March 2006)
A laptop computer stolen from a car parked on a Montreal street contained personal data belonging to thousands of Vermont State Colleges students, faculty and staff. Security precautions were taken as soon as the school learned of the theft, which occurred on February 28, but people whose data were stored on the computer were notified just last week.
http://www.timesargus.com/apps/pbcs.dll/article?AID=/20060324/NEWS/603240363/1002
MOZY - 2GB FREE backup - Best online backup service I have seen yet. Easy to use software complete with pre-configured backup data sets that understands the location of your data! Can be scheduled to run at set hours and to limit bandwidth utilization.
How to Set Up and Improve the Security of Home Wireless Networks
Microsoft best practices webcast for setting up a wireless home network.
Cracking the wireless security code
Network World assembled 23 wireless products from 17 vendors and ran them through a battery of tests aimed at answeing the question "can a WLAN (Wireless LAN) be deployed securely?" A great resource to better understand WEP, WPA, 802.11, and best ways to secure your wireless network.
The latest encryption method for wireless networks - Protected Extensible Authentication Protocol.
Taking
the Leap to PEAP for Wireless
What are EAP, LEAP, PEAP and EAP-TLS and EAP-TTLS?
Securing Wireless LANs with PEAP and Passwords
Microsoft solutions guide for wireless local area networks (WLANs). Lots of useful related links too!
Assigning 802.11b Access Point Channels
Radio Frequency (RF) spectrum, channel separation, and interference issues related to wireless LANs.
Man arrested for hopping on to home Wi-Fi network
LastBit - cracking Office and Windows passwords
Israeli couple jailed for inventing a computer virus used for major industrial-espionage
SANS webcast: Ten Ways To Hack Proof Your Identity
December 3rd, 2003, SANS presentation by John N. Stewart, Director of Corporate Security Programs for Cisco Systems. Not only is Mr. Stewart a highly respected 10-year computer security veteran, he was also himself a victim of identity theft. Listen as he shares his own experience, and lessons learned.
MSN Money: Don't be hooked by the Internet's biggest fraud
Counterfit Credit Cards Detective Bob Watts of the Newport Police Department demonstrates how to fake a credit card
OUCH: The Report On Identity Theft and Attacks On Computer Users
The theft of Paris Hilton's cell phone address book
Who to Call
If you suspect you may be a victim of identity theft, take action IMMEDIATELY!
Carefully monitor your credit, bank, and financial insitution accounts.
Notify the financial institution or creditor of any suspicious or unauthorized activity.
Place a free security alert on your credit report. This also entitles you to a free credit report.
Get a free credit report from one or all of the agencies below to verify that no one has opened accounts in your name without your knowledge.
Contact one or all of the credit agencies below:
Experian www.experian.com 888-397-3742
Equifax www.equifax.com 800-525-6285
Trans Union www.transunion.com 800-680-7289
Or simply visit AnnualCreditReport.com and get immediate access to your credit files from all three of the above credit agencies online!
Security freezes: Know your rights
|
SECURITY FREEZES | STATE-BY-STATE |
|
Click below to learn more about bills in your state, or how to file
if a law is already in effect. States considering action link to a
Consumers Union site that tells how to contact lawmakers.
Note: Bills were also introduced in Indiana, Kentucky, Maryland and Utah, but the legislative sessions ended before they could be voted on. |
To Opt Out of Pre-Approved Credit Offers
Phone 1-888-5-OPT-OUT
You can learn more about Identity Theft by visiting the Federal
Trade Commission website or the Identity
Theft Resource Center. For the Social Security Administration (fraud
line), phone 800-269-0271.
To view / listen to my previous Security Talk sessions, click here.
This page last updated Wednesday, January 14, 2009 .
