Threat Level: green Handler on Duty: Kevin Shortt

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

An ISC Back to School Special

Published: 2006-08-31
Last Updated: 2006-08-31 20:09:16 UTC
by Lorna Hutcheson (Version: 1)
0 comment(s)
Yes, it is that time of year.  The hustle and bustle of getting kids situated in school has begun and for many folks has already occurred.  Along with that, comes the purchase of that shiny new laptop or desktop for little Johnny Joe or Sally Sue.  If your not buying one, you maybe powering up the one you have for the first time in a while.  To quote a line from Uncle Ben in the movie Spiderman "With great power comes great responsibility".  A computer is a powerful tool and someone has to be responsible for that tool.  So here are some things that you need to consider as you get your kids ready for school.

Back to School Shopping List
For starters, here are some assessories you might want to make sure they have available that you might not have considered. 
  • Blank CDs/DVDs are pretty useful for burning a backup copy of a home work assignment or major project that they might be working on and can't afford to lose.
  • Consider a USB key(s) for easy transferring of data.
  • An extra ethernet cable (if you don't have access to a wireless network)  and a handy wireless card to take with you as a backup or if you don't have wireless built-in.
  • A good backpack for your laptop or rollers for the laptop.  I find a backpack is much easier for when you're on the go alot.
  • A lap top security cable, especially for use in the dorm rooms
  • Make sure you have purchased antivirus software for your systems.  You cannot exercise that "great responsibility" mentioned above without having it.
Back to School TO DO List
Now that you have that new computer or your old one for that matter, how do you exercise "great responsibilty" over that power?  Here are some tips:
  • Make sure the system is patched and stays patched with all the lastest updates.  This is especially true for systems that have been shutdown/offline for the summer.  Before doing anything else, patch the systems (from a protected network, if at all possible).  Remember that Microsoft releases their patches on the second Tuesday of the month and many vendors release theirs as well during the same time frame it seems.  So mark the date on your calendar to watch for patches.  Also you can configure most software to automatically check for updates.  Don't just focus on the patches for the operating system, remember all those other programs and pieces of software on the computer that need to be updated as well.
  • Ensure your system is running an antivirus program and has up to date virus definitions.  Many vendors are releasing weekly if not daily updates.  The software will often times automatically look for updates on a weekly basis.  I would consider marking the update page for you antivirus vendor and checking it on a daily basis for new signature releases.
  • If you run a windows box, ensure your firewall is turned on for both your wireless and local area network. Macs have a builtin firewall as well, so ensure it is turned on, and don't forget those Advanced options in OSX 10.4!  If you're running an operating system that doesn't have a firewall builtin, look for a third-party firewall that is compatible for that system.
  • Screen savers, that are password protected, are another good option to turn on.  Just don't set the timeout on the screen saver to be something like 30 minutes or an hour since that will defeat the purpose.  My personal preference is just learn to lock the desktop when walking away from the system.  You're still just typing in a password
  • Don't run your system with Administrator privileges as a matter of course.  Set up an account as a regular user and run with that account except in those rare instances when you need the greater privileges.  It can lessen the impact of malware and remote exploits.
  • If you are using wireless take great care and ensure that you encrypt your data.  However, there are many times that you have to attach to an open wireless network.  It may be that the campus has open wireless network or that you decide to work at the local coffee shop and use their network.  In such cases, you don't have control over how you connect but you can still secure your data.  One solution is to use Kyle's  Tip of the Day: Secure Surfing at the Coffee Shop (or Hacker Conferences).  Another  good option is to use a hosted VPN solution.  There are some good ones out there that are available for a small price and well worth the money.
  • Stay away away from peer-to-peer (P2P) networks.  While growing in popularity it is also growing in risk.  The risks involved range from the software you download to participate in the P2P network (ontaining spyware or other beasties)  to the actual files being distributed or obtained.  A vast majority of the files being shared are copyrighted songs and movies which is illegal and can land your little Johnny Joe or Sally Sue in alot of trouble.  Many of the infection mechanisms used by malware today target P2P networks.
  • A final set of tips for safe computing.  Be careful when opening email from unknown individuals.  If your mail viewer has a preview pane it needs to be turned off and change your settings to read your mail in plain text.  Be very careful what you click on, especially links that come in via email or IM.  The same principle applies for opening attachments.
During the month of August, we published a daily Tip Of the Day that you might want to take a look at and will also give you some good guidance.  The computer is a powerful tool and school networks are prime targets for folks looking for vulnerable systems.  Protect yourself and others by sending your kids off to school with their backpacks completely packed and ready to go.

Keywords:
0 comment(s)
Diary Archives