Threat Level: green Handler on Duty: Manuel Pelaez

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

The twelve (or so) hints of Christmas.

Published: 2008-12-18
Last Updated: 2008-12-19 21:46:09 UTC
by Mark Hofman (Version: 1)
1 comment(s)

It is that time of the year again when people rush out and buy computers, although in the current economic climate this may be a bit less than usual.  Brent (thanks), suggested that maybe we could do a list of things you should be doing to help protect that family member who is about to receive their new online toy.

So here is a list of things to do (thanks Swa) before you hand the machine over to your friend, family member, distant relative neighbour, or friendly stranger.

  1. Diversity is good,  consider Linux, Mac, Windows.
    My kids for example are very happy with their Linux box and Mac and as soon as I explained that the fox or compas did the same thing as the big blue E, which they are taught to look for at school, they were off and running.
    As Swa says,  diversity is not just good for agriculture. 
  2. Start by creating installation/recovery disks.  Many machines do not provide these any more, they are on a partition, which as I discovered you can accidentally make disappear.
  3. Install from scratch if you can.  Leave off all the bloatware that comes with many of the new machines.  Typically the apps aren't needed anyway.  (create a new recovery disk at the end).
  4. Harden the system by removing unnecessary components
  5. Buy them a few years worth of AV/AS protection.  Many people use the AV that comes installed with the machine and don't realise that it expires in three months or so.
  6. Average Joe user rights should be enough, make a normal user and an admnistrator, teach the user to not use the administrator user.  I often don't even tell them what the password is,  as long as they can install things they are happy.   Make a second admin account for your self if it is likely that you will become the helpdesk.  (With permission of course !, Thanks Rovert for the reminder). 
  7. Make sure all software is auto-updating, teach user to allow them.
  8. Make a backup, teach user how to repeat this, and how to restore.
  9. Get alternate browser, again diversity is good. Consider Firefox, Safari, Opera, .... It's a sad world if 70% of it is vulnerable to the same bug.
  10. Secure the browser: e.g. firefox: install the add-ons NoScript and CookieSafe, teach user how to use it.
  11. Make sure the user grasps the concept that warnings are to be read and understood, not clicked on to get to what they wanted to do. Such ignored warnings can cost them a lot.
  12. Teach them internet safety.  I created a cheat sheet for my 80+ year old aunt.  if she is unsure about something she can check.  The sheet has  (in aunt speak) things on it like  "your bank will never send you an email asking for passwords".  Emails asking for money, or spinning sob stories should be ignored.  etc, you get the idea.   It also has info on how to print, how to use skype, etc.  Pretty much anything I thought would reduce any helpdesk calls (she doesn't always remember that I'm in a differnt time zone.
  13. Teach them to ignore the ISP/Bank/Shop/etc  help desk that suggests you should turn the firewall off because that will make their service work. 


So they were the 12 or so hints of Christmas.  If you have some to add let me know and I'll update the diary in the next day or so.

Happy holidays

Mark

Keywords:
1 comment(s)
Diary Archives