Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Tip of the Day: Turn off your Computer - SANS Internet Storm Center SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Tip of the Day: Turn off your Computer
A computer can not be compromissed while turned off. In particular home computers are typically only used a couple of hours a day. So why not turn it off while you don't use it?  Some DSL/Cable modems have a 'disconnect' switch. This switch will usually turn off the ethernet interface of the modem. Turning off the modem alltogether is another option.

You have to be a bit careful turning off your PC making sure you still get necessary patches. Typically, the DSL/Cable modem will check for updates whenever you turn it on. For the PC: It should still regularly check for updates while turned on. Rebooting the PC may be useful to make sure all the new code is loaded. In corporate environments: Do not turn off your PC unless you talked to the network administrator first. Techniques like 'Wake on Lan" can be used to turn on the PC remotely if needed to perform backups and to patch.

A turned off PC with a BIOS password is also a reasonable deterant to protect your PC from unauthorized use. In particular at home if you would like to prevent other household members from using your PC. (note however that this will usually not protect you from more sophisticated attacks and theft)

And don't forget that this will save energy as well.

If you have any tips to share, please send them to us via the contact form.  I will be teaching next: Application Security: Securing Web Apps, APIs, and Microservices - SANSFIRE 2022


4511 Posts
ISC Handler
Aug 4th 2006

Sign Up for Free or Log In to start participating in the conversation!