Monday, April 11, 2011

Understanding Computer Security Awareness The Contest

Computer Security Contest

This week in Computer Security Class we learned that there would be a contest which set out to campaign for increased information security awareness at colleges and universities. They want people to come up with a creative and/or educational video or poster on information security. As an incentive to participate there also giving away cash prizes so check it out maybe you can earn some extra cash. This contest integrated well into the class because the class is titled Computer Security it was only fitting we enter a contest that is trying to spread computer awareness.
http://net.educause.edu/Elements/Attachments/security/video/2011/2011-SecurityFlyer.pdf

   
Cyber Watch

This week we also learned about CyberWatch. CyberWatch is an Advanced Technological Education (ATE) Center, headquartered at Prince George’s Community. The CyberWatch goal is to is to improve information assurance education at all levels increase and the quantity and quality of the information assurance workforce. They develop curriculum to obtain Information Security A.A.S. Degree, an Information Security A.S. degree, an Information Security Certificate, and an Information Security Management Certificate for teachers, and they run annual contest for students including the contest I mentioned before. They have ways to engage children k-12 so they too can be safe and spread computer awareness.




I can be upgraded, can you? by Bacall, Aaron


Heres the CyberWatch link if you;d like to know more about the site.
http://www.cyberwatchcenter.org/index.phpoption=com_content&view=article&id=50&Itemid=29&limitstart=2
 


Sunday, April 3, 2011

Understanding Wireless Security And P2P Networks

This week in computer security Class we learned about how to secure your wireless network and p2p file sharing. In this weeks entry I will explore these two topics.

Securing Your Network 

When using a wi-fi connection you want to secure your network so other people are not able to “piggy back” which is someone using your internet connection to get online on their computer. Some people may piggy back because they can not afford internet or just don’t want to pay for it but others seek out unprotected wi-fi connections so law enforcement cannot find them when they participate in criminal activity online. To secure your connection from this you should :



Change Your SSID (Service Set Identifier)
Change it from the manufactures default setting to something obsecure so hackers will not be as prone to break into your signal because this shows you at least took the standard security precautions, as per say someone who’s SSID is say the manufactures name its more than likely than that the person is using the default password which is that much easier to crack.


Turn On Encryption
The two wireless encryption standards are WEP AND WPA.WEP it turns out (which my laptop happens to have) is not as secure as WEP and for less than a hundred bucks you can buy a program online to crack into its network. WPA is the better of the two as it is more recent and has a more secure connection.


Change The Default Administrative Username and Password
The common default name for wireless routers is usually administrator. Change the name to something that is easy for you to remember.


Shut off Wireless Router When Not In Use
This reduces the chance of someone hacking into your network because there is no network to hack into and it resets the IP address of the router making it more difficult to trace.
 


Since this weeks lesson I have taken extra precautions to secure my wireless network as I did not know many of the different things that I was doing that were leaving my computer vulnerable. One I changed the default name of my wireless router. I like many just plugged it in and began to use it thinking that “hey it came with a password why change it“. This is what every hacker is looking for the people who rely on the router having the necessary security settings right out of the box. 2. I also changed the password which I had left as the default setting which was “1234567890” pretty easy to have guessed right?. 3. Now knowing that even with these precautions my connections my signal is running WEP which is outdated and not as secure as WPA its definitely time to look into another security type. Until then I’ll take extra precautions like I’ve turned off the auto save to my passwords and usernames and I have cut back a bit on online shopping due to my somewhat rising paranoia of the “black hatters” out there looking to steal my life digitally.

The link belwo gives a better understanding of the diffrence between WEP and WPA.
http://www.youtube.com/watch?v=bs6Oq59litc
 


P2P File Sharing




Download Complete. by Harrison, Stuart
We all have done it. At least once. Who can resist because if you’re a music lover like me you’d be giving Itunes hundreds of dollars a month to download your favorite songs past and present. Have you ever been somewhere and a song you haven’t heard in it seems like forever comes on and you just have to download it? Well next time just pay the .99 cents. P2P networks allow multiple users to share files readily. The most popular are Limewire, Bearshare, Warez, and Imesh. When downloading from these sites you open up your computer to attacks. While downloading malicious software can be easily installed costing you more in the long run. Not only will your computer be messed up but you could face up to five years in jail and $250,000 in fines. According to "Cyber Crime Fighters Tale From The Trenches" music pricay accounts for 12.5 billion dollars of economic loss per year . I f you were losing that much money a year i'm sure you would levrl hefty fines too. So next time you think of downloading that song think twice because you never know what your actually downloading. A good rule of thumb not just for computers but  life in general is NOTHING IS FREE!!!.

Tuesday, March 22, 2011

Understanding Computer Threats

Watch Out

This week in computer security we learned about different kinds of computer threats in class. It turns out not that spam and Nigerian letters are not the only things to look out for. There is spy ware, malware, trojan horses and worms. about but there are loads of other threats looking to take over your computer. Literally! through malware/spy ware and viruses such as Trojan hoses and worms. For the most part everyone has at least heard of these types of security threats right?? The thing that is most shocking to me was the fact that hackers are now able to turn your computer into what is known as a zombie. Sounds si-fi but it’s the real deal. A zombie computer is a computer that has been implanted with a daemon that puts it under the control of a malicious hacker without the knowledge of the computer owner. Zombie applications give hackers access to your machine, usually by exploiting a security vulnerability or creating a backdoor entry point. Once a cracker establishes this link, he or she can manipulate your computer. When a network of computers that have transformed into zombies they are called a botnet.
Some botnet applications allows hackers to control your computer remotely. Others give the hacker the ability to look at your private information and steal your identity. Unfortunately it is hard to get your computer out of a botnet and that is even if you knew that your computer was part of one. If you think it may be you should try a  system restore( restoring your computer to the state it was last in when saved) or if that dosen't work take it to a computer professional.

System Restore 
 If you ever are suspicious and need to do a system restore heres how to do one


1. Go to your system control panel
2. Click System & Security Tab
3. Restore Files

Here's how it looks http://screencast.com/t/qh43kh9t

I have windows 7 on my pc so it may be diffrent on other pc's but it will still be under the same tab generally. Here's a link  for exactly how to do a system restore.

http://www.ehow.com/how_2266976_do-system-recovery.html





Symptoms Of A Botnet

  • unusually slow computer
  • your hard drive running even when you are not active on the computer
  • you have items in your sent folder that you did not send
  • your software programs suddenly don’t run
 To protect yourself from these attacks make sure you apply anti virus and operating system patches and shut of your computer when not in use.
 

In the link below is a video which describes a clever scheme hackers use get money from you. Fake anti virus software is on the rise and are being made everyday to trick you. Some of these schemes are even on legitimate sites. for instance if you are trying to watch a video sometimes certain sites will ask you to download a special ad on to be able to play the video. Hackers have exploited this by using these pop up boxes to instead download misleading software to your computer. Once downloading it the tells you that you have a virus. It also goes over why Norton security is a great anti virus to have. Norton security alerts you of risks before you download them preventing unknowing downloads of malicious software.


 
<object width="640" height="390"><param name="movie" value="http://www.youtube.com/v/kMLYwfSy8YE&hl=en_US&feature=player_embedded&version=3"></param><param name="allowFullScreen" value="true"></param><param name="allowScriptAccess" value="always"></param><embed src="http://www.youtube.com/v/kMLYwfSy8YE&hl=en_US&feature=player_embedded&version=3" type="application/x-shockwave-flash" allowfullscreen="true" allowScriptAccess="always" width="640" height="390"></embed></object>






Hope you enjoyed.


computer hacker cartoons, computer hacker cartoon, computer hacker picture, computer hacker pictures, computer hacker image, computer hacker images, computer hacker illustration, computer hacker illustrations

Monday, March 7, 2011

Understanding Phishing, Pharming, Spam, and Scams

This week in computer security we learned about different types of ways criminals use to obtain your information. Methods used are phishing, pharming, and spam.

  • Phishing is when fraudulent emails that appear to be from a legitimate source are sent in an effort to obtain sensitive information from a user.
  • Pharming occurs when a fake website is set up that appears identical to a real website, but instead carriers malicious software that could be used to deliver viruses, capture every keystroke you type, or install software that will allow someone else to have remote access and control over your computer. Pharming effectively eliminates the need for "bait" emails and is therefore potentially more dangerous than "normal" phishing scams and can cast a wider "net" in which to snare victims. Even phishing-savvy web users could fall victim to a pharming scam without realizing it.
  •  Spam is the emails you get offering enhancement drugs, herbal remedies and software among other things.
Right now in my spam inbox I have ten messages. This is only a weeks worth of spam so ten is not so bad compared to the hundreds my boyfriend gets weekly. Thankfully yahoo has a great spam blocker and I unsubscribe from any emails from stores who offer me so called "savings" and I delete any message from unfamiliar web addresses. One of the spam emails sent to me claims in the subject line to be from COMPENSATION 2010. Ironically they are a company that claims to have gotten scam victims 2.5 million dollars for phishing attacks that have resulted in identity fraud. Although I find internet crime despicable the way high tech criminals prey on unsuspecting people any one would have to admit that some of these schemes are pretty clever. For instance in 2010 when the census was conducted scammers posed as census workers to collect data. Scammers tricked people into giving out their banking and other personal information.

The best thing to do to try to reduce these crimes from happening is if and when you do receive a suspicious email DELETE IT. Also you can forward the email to spam@uce.gov or www.ftc.gov/bcp/con-line/edcams/spam/report.html then DELETE IT. Don't give out your personal information online unless it is a trusted site that has https and a padlock icon in the address bar. And last but not least just use common sense. How plausible is it that you live in New York or any where in the U.S. for that matter yet somehow you one 500,000,000 in the Camen Islands? Or that someone is going to pay you money to cash a million dollar check? The odds are not that high.

phishing cartoons, phishing cartoon, phishing picture, phishing pictures, phishing image, phishing images, phishing illustration, phishing illustrations

Monday, February 21, 2011

Understanding Cookies

This week in Principles of Computer Security class we learned about the different ways websites collect information from you while you are browsing. One of the most common ways are by storing cookies onto your computer.

Before this lesson I never knew what cookies where and how computers used cookies, but after reading
http://computer.howstuffworks.com/cookie1.htm "How Cookies Work" I now know that cookies are not program but are just a simple text file that allows the web server to store information on your computer and then later retrieve it. The information is stored as name-value pairs which then help the web site determine how many times your computer visits a site and stores your user preferences such as the weather info for your specific city. The database is only able to store things you have selected from the site, such as pages you viewed from the site or information you have given to the site in online forms, etc. All of the information is stored in the site's database, and in most cases, a cookie containing your unique ID is all that is stored on your computer. This technology is also used for other things such as for online courses. To take an online course you need to allow the school site to store a cookie on your computer so that they will know each time that you log in. If they did not have cookies they wouldn't have an effective way to track "attendance".

Now with my new computer savvy I decided to enable a prompt on my computer so I would have to allow my computer to collect the cookie data to ensure that I wasn't storing tons of unnecessary files on my hard disk. I guess I didn’t think this through enough because I had no idea each site can  have 10-20 cookies it seems trying to retrieve data. From not only the site you are visiting but third party sites who want to store cookies. After 10 minutes I became annoyed at all the constant prompts and blocked all cookies entirely. This wasn't such a great idea either as surfing on the internet is virtually impossible without cookies being enabled. It really limits your browsing choices and sites that will allow you on them. One of these sites being Google. I couldn’t log into my  blog account (which I obviously need) without enabling the cookies. Instead of logging me in it gave me an error message stating that my "Browsers cookie functionality was turned off". So I had no choice but to enable my browsers "cookie functionality". So after everything I finally learned you really have no choice but to browse with cookies. The best thing to do is to accept all cookies and delete them regularly.


internet cookie cartoons, internet cookie cartoon, internet cookie picture, internet cookie pictures, internet cookie image, internet cookie images, internet cookie illustration, internet cookie illustrations

Monday, February 7, 2011

Understanding My Digital Citizenship


Digital Citizenship is the norms of appropriate, responsible behavior with regard to technology use. This includes nine elements digital access, digital commerce, digital communication, digital literacy, digital law, digital etiquette, digital rights and rsponsibilities, digital health and wellness and digital security Here are a few exapmles how of some of the elements have affected me in my daily life as a student,a worker, and just in every day life. 


Digital Etiquette
Digital Etiquette ( the electronic standards of conduct or procedure) is very important on the job. When replying and or writing emails you have to remember that even though you are not face to face you still have to conduct yourself with the same business etiquette you would use in a face to face encounter. Writing things in bold or changing font color to red is the same as yelling or screaming. In business e-mail it is always best to choose your words more carefully to reflect your intent and tone rather than rely on formatting for emphasis. It is so easy to come off as blunt, terse or demanding if you do not take the extra little effort to make sure you are perceived as cordial. At my job we write emails daily to communicate with other parts of the company whether it be right there in the building or sending an email to customers in California or Latin America emails are important. All emails pertaining to a customers acconts or anything having to do with products shipped to a customer is printed out and filed electronically for viewing of everyone one in the company. They do this so to keep as proof in case any issues where to arise they have written proof of the correspondence stamped with date and time this is undisputable evidence. So in these emails you have to ensure you use the utmost business etiquette. Watch this video for the do’s and don’ts of digital ettiquette in all areas.


 


Digital Literacy
According to Wikipedia Digital literacy is the ability to locate, organize, understand, evaluate, and analyze information using digital technology. It involves a working knowledge of current high-technology, and an understanding of how it can be used. Digitally literate people can communicate and work more efficiently, especially with those who possess the same knowledge and skills. I have a very busy schedule working full time and having a four year old going back to school was something I felt I just didn’t have time to do. I decided though that when I did go back I would enroll in online classes so I’d be able to go to school around my schedule. While I’m cooking dinner I could listen to the power point presentation for international business, when my son goes to sleep I can take that American Frontier test on the last five chapters that’s due 11:55 midnight or nights I cant sleep I can get up and finish that blog for my Computer Security class. To do all these things and be successful you not only need to have a great multi tasking ability’s but you also need to have a certain degree of digital literacy. So digital literacy has affected my college life greatly because without it I wouldn’t be able to take a full semester online. Ten years ago it was kind of looked down upon because going to school wasn’t the traditional way. But now many highly accredited schools offer online classes in all areas of study. But know due to people becoming more computer literate the line between face to face and online has becoming next to transparent.digital technology.


Digital Commerce
Digital Commerce (buying and selling items electronically) has become very popular. My favorite site to “shop” is amazon.com you can literally shop thousands of items while sitting at home. The ability to be able o buy without waiting in lines or having to waste gas to go to a store yet still get all the great deals is very appealing to the everyday shopper. According to eMarketer forecasters predict that after two years of subpar growth, 2010 US retail e-commerce sales (excluding travel) will climb by 12.7% on volume of $152 billion. http://www.emarketer.com/Report.aspx?code=emarketer_2000672. With so much money being spent there dishonest people looking to take advantage of this fact, using phisiing software, whaling, spoof or other hacks to obtain your information. Not only are people trying to obtain your information so are dishonest companies. My mother used a online service to receive diet information and coupons for dietary products. The service was $4.99. My mother thought it was worth it as some diet drinks are worth anywhere from $30 to $40. Six months later she noticed a reoccurring charge on her bank statement she never noticed before for $39.99. It turns out when she bought the membership for the original site there was a check box that was automatically checked to be signed up for an additional service to get diet tips from a so called “expert”. Other things were entailed in the package(weight tracking and recipe info) but it was hardly worth the $40 they were asking MONTHLY. Be wary of all boxes at the end of purchases offering free magazines or free memberships sometimes they may be worth more than your purchase.




Hope you enjoyed!!!

Monday, January 24, 2011

Why Am I Here

I am starting this blog to chronicle what I am learning in CIS205. At the end of this course I hope to be able to identify different types of security threats and identify different ways of protecting my computer from these threats. As I gain an understanding of this I will share my experience via this blog. Even though I am familiar with blogging this will be my first time having my own blog. I look forward to researching, learning, understanding and then sharing my thoughts and views with you.