Internet Threats for Internet or online (home) Users

Discussion in 'Computer Security' started by a_monk, Mar 6, 2006.

  1. a_monk

    a_monk Guest

    Hi List;

    I am asked to give a talk to a group of home computer users on Internet
    or online security in the community. I am planning to focus on 5
    major/critical threats/risks to them, the list is below. Would have I
    missed some big ones for the home users? Your
    suggestions/comments/input are appreciated.

    Phishing - Identify Theft
    Malicious Code - Spyware, Virus, Worms, etc.
    P2P file sharing / download services
    Social Engineering

    Many thanks in advance.

    A Monk
    a_monk, Mar 6, 2006
    1. Advertisements

  2. Phishing is Social Engineering.
    Sebastian Gottschalk, Mar 6, 2006
    1. Advertisements

  3. a_monk

    Also None Guest

    I conduct neighborhood watch sessions in which computer security is a

    Last night I conducted a survey with my laptop. I took 2 streets in a
    small town in Ohio. I parked mid block for 6 blocks on each of 2
    streets. I had at least 2 accessable signals on each stop. Twenty
    five percent of those signals were without security and I accessed the
    internet from them. Of those accessed, I sailed into their shared c:
    On one corner I had 8 signals including 1 church office. I sailed
    right in and accessed their records and payroll records without any
    "special programs". Needless to say, I will visit the pastor today to
    share this.

    Hope this helps.
    Also None, Mar 7, 2006
  4. I can conduct about 50% are unprotected, 40% are only protected with WEP
    (whcih is about the same as unprotected) and only 10% involve either
    WPA, IPSec or VPN.
    Sebastian Gottschalk, Mar 7, 2006
  5. There are programs available on the internet that would let a hacker
    with only basic level knowledge get through a WEP encrypted signal in
    about 25 minutes. Using an encrypted connection over and above and
    along with WEP is the best way to protect your internet communications.
    A simple program like Max Crypt can encrypt files and folders on a
    hard drive at no cost for added security. Regards

    * (No Logs Internet Surfing)
    * Anonymous Secure Offshore SSH-2 Surfing Tunnels
    * Anonymous Mail & News through SSH-2 Tunnels
    * Free Resources and Privacy Software
    (admins) privacyoffshore, Mar 8, 2006
  6. a_monk

    optikl Guest

    This is the kind of mentoring that helps the uneducated understand
    security. Unfortunately, too many think that random acts of malicious
    mischief will "teach them a better lesson".
    optikl, Mar 8, 2006
  7. a_monk

    Moe Trin Guest


    Aside - I'm highly surprised that only 25% were without security. I would
    have expected 25% with, and 75% without.

    Hopefully the pastor will be understanding.
    Worse, most operators of unsecured systems will accuse you of hacking
    into their systems, threatening criminal complaints, etc. The real
    problem is getting the word to these people that _anyone_ can gain
    access to their systems, including the seventy year old grandfather
    across the street, the six year old next door, or that dachshund in
    the house behind you who's searching the internet for pictures of
    Saint Bernards in crotchless panties and fishnet stockings.

    Old guy
    Moe Trin, Mar 8, 2006
  8. a_monk

    Jim Watt Guest

    and forgiving, unless he is fiddling with the profits.

    However, depending on the jurisdiction you might actually be
    committing an offence.
    Jim Watt, Mar 8, 2006
  9. a_monk

    Also None Guest

    The pastor said they have been talking about it for some time. I
    suggested they contact their puter repair service to rectify it.
    Guess what - they have a couple of guys in the church that know all
    about computers. By the way, I did this along with the second in
    command from the Sheriff's office. He was amazed at what he saw.
    This will be an even hotter topic than the burglary rate in town. In
    Columbus, 85% of residential burglaries are the result of unlocked
    doors and windows. I see no difference with the wireless security.
    I offered to meet with them with my laptop and show them their needs.
    I'll bet they don't even call me.

    Also None, Mar 9, 2006
  10. Aircrack and WinAirsnort are available as Windows binaries. Expect their
    job to be done within 10 minutes.
    Then WEP is a useless overhead.
    Woah, all my files are stored encrypted, but I have no worries uploading
    them by unencrypted HTTP? :)
    Sebastian Gottschalk, Mar 9, 2006
  11. I think the poster was suggesting that having critical data encrypted
    locally would be a prudent second (third, fourth, etc.) line of defense
    against someone who might crack WEP or some other "boundrary" encryption
    or device.
    Borked Pseudo Mailed, Mar 9, 2006
  12. a_monk

    Moe Trin Guest

    On Wed, 08 Mar 2006, in the Usenet newsgroup, in article
    Any one want to take odds that the situation will be unchanged a year
    from now?
    So all you've done is to show a creditable witness for the prosecution ;-)
    Jim is correct about accessing systems being an offense in some jurisdictions.
    I imagine a few minutes on google might turn up some applicable laws.

    Web Results 1 - 10 of about 726,000 for state+law wireless access
    unauthorized. (0.29 seconds)

    Hmmm, New York and New Hampshire laws right on the first screen of results.
    Changing the search term to 'Ohio+law wireless access' brings up a state
    senate bill (Amended Substitute Senate Bill Number 146) - rather extensive,
    but no quickly obvious date. It seems to reference other sections of existing
    law which may or may not have impact.
    I imagine that is true in a lot of places. I don't have figures for the
    Phoenix (AZ) metro area, but 85% doesn't sound unreasonable.
    The homeowner who undresses with the lights on, in front of the window
    with the shades drawn can be prosecuted for specific charges. The same
    homeowner leaving their wireless network wide open with those explicit
    photographs offering a better view can't be prosecuted.
    Ya-all be careful, ya hear? ;-)

    Old guy
    Moe Trin, Mar 9, 2006
  13. a_monk

    neil davis Guest

    Roll phishing into social engineering, then add a category for home
    network security. Cover firewall basics and wireless security basics,
    passwords, etc. Recommend a separate firewall box, like a D-Link or
    linksys box, which are easily configurable and inexpensive these days.

    neil davis, Jun 27, 2006
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.