Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Cyber Security Awareness Month - Day 1 - Securing the Family PC - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Cyber Security Awareness Month - Day 1 - Securing the Family PC

This year we are going to focus on steps that people should be doing with respect to securing their personal corner of cyberspace.  Some of the subjects may include technical procedures such as turning off certain ports or services or modifying software, but we really want this to be more about the person rather than the machine.

To get the month started we will spend the first week talking about the computer your parents or your family uses.  We'll get to children and schools next week, but this week let's stay focused on the adults.  Many of us are our parents' system administrators (as well as our extended family to include brothers, sisters, aunts, uncles, cousins, grandparents, and anybody else who claims to be related to you especially when they remember that you've got half a clue about this thing called the Internet) so it's important to pass along tips to our "users" whenever we are performing maintenance for them.

So today let's look at some common sense advice about the family computer.  Yes, we all know the mantra about keeping the anti-virus software updated and the system patched (we'll talk more about that in a few days) but what else should we be doing?  Some of the things that I recommend for the family PCs I work on include:

  • Keep all computers in full view (no hidden machines, no illusion of privacy)
  • Document computer details in writing (serial number, software, receipts, BIOS password, etc.) and keep the documentation in a fireproof box or safe
  • Use an uninterruptable power supply (UPS) for PCs, laptops have their own built-in UPS - the battery
  • Keep all of the hardware and software manuals, plus any software CDs/DVDs in one place that is easy to find
  • Use a cable lock to keep intruders from stealing the computer should there be a break-in
  • Throw a towel over the webcam (better:  unplug the webcam)
  • Unless it needs to always be on, consider turning it off when not in use
  • Keep plenty of room around the PC so that air can flow through to cool it

What else?  Use the comment link below to add your own ideas and comments to this list.  It is definitely not complete, but should get the discussion started.

Marcus H. Sachs
Director, SANS Internet Storm Center

Marcus

301 Posts
ISC Handler
Backup all your important things. External drives are not expensive and many have easy to use backup functions. I have heard of many people losing their photos, videos, school papers, etc. when customer support or the local shop reloads Windows.
G.Scott H.

48 Posts
Good passwords on all accounts and deactivating accounts not used.
G.Scott H.
4 Posts
Convince users to use accounts without admin access for day to day use.
Anonymous
Re: airflow for cooling and turning off when not in use...

Years and years ago in the dark ages, after the advent of the Apple ][ but before the coming of the IBM PC, I had a summer job doing data entry in the evenings. There was a room with 4 terminals connected to a small computer of some sort, the size of a large white-box PC, sitting in the corner. It was used for collecting the entered data and transmitting it via modem to the corporate mainframe in another state.

The side cover was kept off the computer because I guess it had cooling issues. Fortunate that it was, because one evening I noticed some flashes of light out of the corner of my eye. I investigated and found that a large capacitor in the power supply had caught fire! The p/s was of discreet components not encased in a closed box like today's PCs, so I was able to blow out the fire after unplugging the computer.

I've often wondered what the chances of something like that happening to the PCs we now have all over the house which are left on 24x7. Is there a small rate of defect in power supplies et al. that poses such a danger? Have houses burned down from PCs spontaneously combusting?

Hal

50 Posts
Regarding the UPS, while your laptop may have it's own battery, if it is plugged in, make sure it's on a good surge protector.
Anonymous
Dont use unknown sources of external drives or usb. Learn how to use WOT rating. In every search in the internet either using google, evil results will show up (with RED circle), tell everyone in the house not to click links with RED circle. 2 cents
Anonymous
Backups are so overlooked they should be first on the protections list. They won't keep the bad stuff out, but when you have to reimage due to bad stuff, you want those precious documents saved somewhere. "How do I get all my stuff back?" is probably the most common family-tech support call... There are a few more 'purpose built' external drives out there lately with integrated software for backup, but you still have to get Mom to use them.

For a multi-PC family, this gets trickier. Who put which document on what computer makes recovery (and day-to-day homework tracking!) tricky. A NAS is probably beyond most home setups, but a centralized backup to an external drive on one machine probably isn't.

At the end of the day, backup has to be INVISIBLE, something that just happens when the computer is on the home network. Apple's Time Machine is a great example of this.
Paul

44 Posts
As people rely on digital storage for keepsakes (photos, movies, etc), the Realities of Backups need to be thought out, more than ever.

Setting up a reciprocation with a neighbor, aka store your backups in their house and vice-versa, can work well if you have such a candidate. The caveat appears if an event of larger scope takes place, for example a wildfire or tornado, etc.

Online backups are great. However, as today's headlines in NY show, anything on the internet is subject to civil discovery no matter how "private" you think it is. In truth, you have zero control over the data with any online type of backup, and vendor claims of "privacy" are 100% feel-good. Probably not an issue for most, though, unless you get divorced or your teenager gets implicated in something (civil or criminal).

Storing backups in your car is not so great. If your car gets robbed, they're gone. And if your house catches fire, as a firefighter I can tell you, it's common that the cars in the driveway go with it. Or with flooding, etc.

Tradeoffs abound, so make sure everyone is on the same page with them.

Steven

42 Posts
@Ken: I've actually had power supply failures like that in modern PCs. There was smoke but the physical damage was limited to components inside the power supply casing. The ability to contain this kind of failure without setting fire to the house is necessary to achieve a UL listing.
Anonymous
Bluecoat's free K9webprotection client - configured to deny access to unrated websites,
and OpenDNS configured appropriately too.

Better yet - Ubuntu. Honestly:- try to help them switch, it's is likely to be a excellent investment in your time.
DomMcIntyreDeVitto

41 Posts

Sign Up for Free or Log In to start participating in the conversation!