狠狠撸

狠狠撸Share a Scribd company logo

中国的互联网

Liu Xing
Liu Xing

The document provides tips for journalists to safely surf the internet. It discusses threats like viruses, spyware and unauthorized access. It recommends using a hardware router, firewall software, hosts file, Firefox browser with security plugins, antivirus software, VPNs, strong unique passwords for different accounts, and being cautious of public wireless networks. The focus is on protecting devices, encrypting data, and practicing safe online behavior.

1 of 64
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
Sur?ng the Internet Safely (for Journalists) Foreign Correspondents Club of China June 19, 2008 Andrew Lih http://www.andrewlih.com/ Copyright 2009 Andrew Lih
Mom’s advice: “Don’t take candy from strangers”
Net-connected computer continually doing this
中国的互联网
What are the threats?
Sought/unsought threats ? External intrusion/attacks ? Viruses - malicious invasion ? Spyware - software leeches ? Web-based scripting ? Sensitive data transmitted over Internet
Technology
De?nitions ? URL: Uniform Resource Location http://www.foo.com/news.html ? DNS: Domain name system Convert www.foo.com to numerical address ? Internet protocol (IP) address: Unique ID of computer on Internet (like 128.51.56.122) Used to route packets across the Internet
Typical Scenario ? Computer connects to Internet DSL, Starbucks, corporate, et al. ? Gets a DHCP welcome package IP address and DNS server ? Access web page URL http://www.foo.com/news.html
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
中国的互联网
Sequence ? Happens quickly (hopefully) ? Multiple “GET”s for images, ads, video, scripts, documents, audio, et al.
中国的互联网
Incoming: Packets Connections Services Email
Incoming: Packets Connections Services Email Execute?
Unsolicited data? Incoming: Packets Connections Services Email Execute?
Where? Unsolicited data? Incoming: Packets Connections Services Email Execute?
Where? Unsolicited data? Incoming: Packets Connections Snooping? Services Email Execute?
Where? Unsolicited data? Incoming: Packets Connections Snooping? Services Email Execute? Who?
Where? Unsolicited data? Incoming: Packets Connections Snooping? Services Email Execute? Who? What?
Where? Unsolicited data? Incoming: Packets Connections Snooping? Services Email Execute? Who? What? Store cookie?
Where? Unsolicited data? Incoming: Packets Connections Snooping? Services Email Execute? Who? What? Store cookie?
Where? Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Email Execute? Who? What? Store cookie?
Where? Blacklist Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Email Execute? Who? What? Store cookie?
Where? Blacklist Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Email Execute? Who? Veri?cation What? Store cookie?
Where? Blacklist Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Encryption Email Execute? Who? Veri?cation What? Store cookie?
Where? Blacklist Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Encryption Email Execute? Who? Veri?cation What? Distinguish/ Filter Store cookie?
Where? Blacklist Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Encryption Email Execute? Conditional Access Who? Veri?cation What? Distinguish/ Filter Store cookie?
Where? Blacklist Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Encryption Email Execute? Conditional Access Who? Veri?cation What? Distinguish/ Filter Store Manage cookie?
Motivation ? Annoyance ? Productivity ? Corporate safety and privacy ? Time
1. Hardware router ? Prevents outside traf?c to naked computer ? Share single connection, Wi-Fi ? Use NAT “shield” ? Use WPA or WPA-2 encryption (not WEP) ? Manufacturers: Linksys, Netgear, D-Link, TP- LINK, Apple, Travel: Apple Airport
2. Firewall software ? Turn on Windows Firewall ? Only allow known connections in/out ? May need some customization ? Apple: Security preferences
中国的互联网
3. Hosts ?le ? Blacklist of known bad sites (built into Windows/Mac) ? HostMan (Windows) manages hosts ?le ? http://www.abelhadigital.com (Wordpress)
中国的互联网
4. Browser execution ? Web 2.0: no longer just a read-only page ? Javascript (AJAX, Google Docs, et al.) ? Flash (YouTube) ? Java ? ActiveX (Microsoft)
Symptoms ? Slowdown with apps/advertising ? Running dangerous processes ? Accessing resources (auto-play audio/video)
Use Firefox ? Open source browser, secure, fast ? Tabbed browsing ? Plugins to enhance safety ? NoScript ? Ad Block Plus ? Flashblock
中国的互联网
Flashblock (no Flash unless enabled)
NoScript (blocks Javascript)
McAfee Siteadvisor ? Firefox plugin, warns of bad sites ? McAfee trusted name in security ? Integrates with Google searches
中国的互联网
中国的互联网
5. Viruses/Spyware ? Infect computer through email, web sur?ng, or just sitting on the Internet ? Virus: destroy data, nuisance ? Spyware: sucks processor time, steals private data, becomes part of botnet
5. Viruses/Spyware ? Get good software ? BitDefender or Kaspersky ($) ? Avira AntiVir (free) ? Ad-aware (free) ? Spybot Search and Destroy (free) ? Webroot Spysweeper
6. Secure connections ? Virtual Private Network (VPN) ? Your news operation/company may already give you this capability ? Surf any site, no Great Firewall blocks ? Public options: HotspotVPN ($8.88/mo) PublicVPN ($59.95/yr) Witopia personalVPN ($39.99/yr)
中国的互联网
7. Practices ? Password discipline ? Email account discipline
Passwords ? Have three types on hand ? Trivial (“buddha”) ? Nontrivial (“h@ppybuddh@”) ? Banking strength ("6eijin9spring!1978", like Beijing Spring)
Accounts ? Throwaway - Free services (spam collects, registrations, bogus name) try BugMeNot junkbox168@yahoo.com ? General (Email, work, personal) fred.wong@gmail.com fred.wong@scmp.com ? Secure (Con?dential sources, HushMail) fred.wong@hush.com
Internet access ? Home, cafes, wireless, hotels on the road ? Consider extremely insecure ? Who can contact your computer? ? Who can read what you’re doing? ? Passwords in the clear?
Steps ? Google mail - https://mail.google.com/mail ? Note the “S” and must be that address! ? Entire session is encrypted ? Yahoo/Hotmail - encrypted login, not session!
Steps ? Firefox browser - clear private data ? Try “Flock” as 2nd “clean” browser ? Skype - http://www.skype.com ? Secure instant messaging, voice
VPN ? VPNs good for general use ? Protect against snoopers in Starbucks and on hotel broadband
Prescriptions ? Have some type of VPN accessible ? Use Secure Google Mail (https:// mail.google.com/) ? Use Skype for secure chat ? Use a broadband router at home (Linksys WRT-54G or Apple Airport) ? Use Apple Macintosh (w/Windows)
Review ? If you remember nothing else today... ? Hardware ?rewall ? Firefox and plugins ? Antivirus/Antispyware software ? Avoid Yahoo/Hotmail ? www.andrewlih.com/securitytips
Retooled Old New Internet Explorer Mozilla Firefox Yahoo/Hotmail Google mail (https) Weak password Strong passwords Cleartext transmissions VPN or secure email Naked computer Router/?rewall No security software Antivirus/Antispyware Instant messaging Skype Naked email HushMail
Andrew Lih www.andrewlih.com Wikipedia book January 2009
Ad

Recommended

PDF
Cloud Computing Webinar: Legal & Regulatory Update for 2012
itandlaw
?
PPTX
Winkler Cloud, ORCON, and Mobility
Vic Winkler
?
PPT
Ivas Fondo Uag
pediatria
?
PDF
Cois taller 3 glosario (1)
beny6747
?
PPTX
SCSU Ebsco Database App
librfun
?
PPS
Test De Memorie
Alexandru S
?
PPT
5 Things Flashmeet Version
Con Morris
?
PPT
Segmentation = Happiness: SEMPDX Presentation
Ian Lurie
?
KEY
Search and Social Media
Ian Lurie
?
PDF
Advanced Link Tactics and Offsite SEO
Ian Lurie
?
PDF
Thinking Social Strategically
Jason Falls
?
PPT
Explain twitter to employees
Shashi Bellamkonda
?
PDF
What Successful Nonprofits Get Right about Marketing and Fundraising
Kivi Leroux Miller
?
PDF
Sesion 3
Luis Molina
?
PDF
Mark Little Fence Sitting Soa Geek
deimos
?
ODP
Gestión de configuración con mercurial y etckeeper
Ernesto Crespo
?
PPS
Concediu
Alexandru S
?
PPT
Newcomers Breakfast
Terri Bays
?
KEY
Studywiz new staff introduction - aug 2011
Andrew McCarthy
?
KEY
Using Oral Recordings for Reflection in English (with video)
Andrew McCarthy
?
PPS
Italia
amfelisa
?
PPT
电脑作业2
junia
?
PDF
Seminariotecnologia2010
Governo de Rond?nia
?
PDF
No Bragging and Nothing Boring: 9 Effective Ways to Share Impact
Kivi Leroux Miller
?
PDF
database diklat
Surana Ir, MSc, PU-SDA
?
KEY
Testing smells
Sidu Ponnappa
?
PDF
Cablevision/Madison Square Garden vs NHL
alirafat
?
PPS
energy resources
bbrendaa
?
PDF
Opera mini use_and_user_behavior_white_paper
Liu Xing
?
PDF
Ubuntu
Liu Xing
?

More Related Content

Viewers also liked (20)

KEY
Search and Social Media
Ian Lurie
?
PDF
Advanced Link Tactics and Offsite SEO
Ian Lurie
?
PDF
Thinking Social Strategically
Jason Falls
?
PPT
Explain twitter to employees
Shashi Bellamkonda
?
PDF
What Successful Nonprofits Get Right about Marketing and Fundraising
Kivi Leroux Miller
?
PDF
Sesion 3
Luis Molina
?
PDF
Mark Little Fence Sitting Soa Geek
deimos
?
ODP
Gestión de configuración con mercurial y etckeeper
Ernesto Crespo
?
PPS
Concediu
Alexandru S
?
PPT
Newcomers Breakfast
Terri Bays
?
KEY
Studywiz new staff introduction - aug 2011
Andrew McCarthy
?
KEY
Using Oral Recordings for Reflection in English (with video)
Andrew McCarthy
?
PPS
Italia
amfelisa
?
PPT
电脑作业2
junia
?
PDF
Seminariotecnologia2010
Governo de Rond?nia
?
PDF
No Bragging and Nothing Boring: 9 Effective Ways to Share Impact
Kivi Leroux Miller
?
PDF
database diklat
Surana Ir, MSc, PU-SDA
?
KEY
Testing smells
Sidu Ponnappa
?
PDF
Cablevision/Madison Square Garden vs NHL
alirafat
?
PPS
energy resources
bbrendaa
?
Search and Social Media
Ian Lurie
?
Advanced Link Tactics and Offsite SEO
Ian Lurie
?
Thinking Social Strategically
Jason Falls
?
Explain twitter to employees
Shashi Bellamkonda
?
What Successful Nonprofits Get Right about Marketing and Fundraising
Kivi Leroux Miller
?
Sesion 3
Luis Molina
?
Mark Little Fence Sitting Soa Geek
deimos
?
Gestión de configuración con mercurial y etckeeper
Ernesto Crespo
?
Concediu
Alexandru S
?
Newcomers Breakfast
Terri Bays
?
Studywiz new staff introduction - aug 2011
Andrew McCarthy
?
Using Oral Recordings for Reflection in English (with video)
Andrew McCarthy
?
Italia
amfelisa
?
电脑作业2
junia
?
Seminariotecnologia2010
Governo de Rond?nia
?
No Bragging and Nothing Boring: 9 Effective Ways to Share Impact
Kivi Leroux Miller
?
database diklat
Surana Ir, MSc, PU-SDA
?
Testing smells
Sidu Ponnappa
?
Cablevision/Madison Square Garden vs NHL
alirafat
?
energy resources
bbrendaa
?

More from Liu Xing (7)

PDF
Opera mini use_and_user_behavior_white_paper
Liu Xing
?
PDF
Ubuntu
Liu Xing
?
PDF
Adobe
Liu Xing
?
PPT
贵颈谤别蹿辞虫的安全性
Liu Xing
?
PDF
I D A
Liu Xing
?
PDF
厂补迟颈辞手机
Liu Xing
?
PDF
Java Script
Liu Xing
?
Opera mini use_and_user_behavior_white_paper
Liu Xing
?
Ubuntu
Liu Xing
?
Adobe
Liu Xing
?
贵颈谤别蹿辞虫的安全性
Liu Xing
?
I D A
Liu Xing
?
厂补迟颈辞手机
Liu Xing
?
Java Script
Liu Xing
?
Ad

中国的互联网

  • 1. Sur?ng the Internet Safely (for Journalists) Foreign Correspondents Club of China June 19, 2008 Andrew Lih http://www.andrewlih.com/ Copyright 2009 Andrew Lih
  • 2. Mom’s advice: “Don’t take candy from strangers”
  • 5. What are the threats?
  • 6. Sought/unsought threats ? External intrusion/attacks ? Viruses - malicious invasion ? Spyware - software leeches ? Web-based scripting ? Sensitive data transmitted over Internet
  • 8. De?nitions ? URL: Uniform Resource Location http://www.foo.com/news.html ? DNS: Domain name system Convert www.foo.com to numerical address ? Internet protocol (IP) address: Unique ID of computer on Internet (like 128.51.56.122) Used to route packets across the Internet
  • 9. Typical Scenario ? Computer connects to Internet DSL, Starbucks, corporate, et al. ? Gets a DHCP welcome package IP address and DNS server ? Access web page URL http://www.foo.com/news.html
  • 17. Sequence ? Happens quickly (hopefully) ? Multiple “GET”s for images, ads, video, scripts, documents, audio, et al.
  • 21. Unsolicited data? Incoming: Packets Connections Services Email Execute?
  • 22. Where? Unsolicited data? Incoming: Packets Connections Services Email Execute?
  • 23. Where? Unsolicited data? Incoming: Packets Connections Snooping? Services Email Execute?
  • 24. Where? Unsolicited data? Incoming: Packets Connections Snooping? Services Email Execute? Who?
  • 25. Where? Unsolicited data? Incoming: Packets Connections Snooping? Services Email Execute? Who? What?
  • 26. Where? Unsolicited data? Incoming: Packets Connections Snooping? Services Email Execute? Who? What? Store cookie?
  • 27. Where? Unsolicited data? Incoming: Packets Connections Snooping? Services Email Execute? Who? What? Store cookie?
  • 28. Where? Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Email Execute? Who? What? Store cookie?
  • 29. Where? Blacklist Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Email Execute? Who? What? Store cookie?
  • 30. Where? Blacklist Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Email Execute? Who? Veri?cation What? Store cookie?
  • 31. Where? Blacklist Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Encryption Email Execute? Who? Veri?cation What? Store cookie?
  • 32. Where? Blacklist Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Encryption Email Execute? Who? Veri?cation What? Distinguish/ Filter Store cookie?
  • 33. Where? Blacklist Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Encryption Email Execute? Conditional Access Who? Veri?cation What? Distinguish/ Filter Store cookie?
  • 34. Where? Blacklist Unsolicited Firewall data? Incoming: Packets Connections Snooping? Services Encryption Email Execute? Conditional Access Who? Veri?cation What? Distinguish/ Filter Store Manage cookie?
  • 35. Motivation ? Annoyance ? Productivity ? Corporate safety and privacy ? Time
  • 36. 1. Hardware router ? Prevents outside traf?c to naked computer ? Share single connection, Wi-Fi ? Use NAT “shield” ? Use WPA or WPA-2 encryption (not WEP) ? Manufacturers: Linksys, Netgear, D-Link, TP- LINK, Apple, Travel: Apple Airport
  • 37. 2. Firewall software ? Turn on Windows Firewall ? Only allow known connections in/out ? May need some customization ? Apple: Security preferences
  • 39. 3. Hosts ?le ? Blacklist of known bad sites (built into Windows/Mac) ? HostMan (Windows) manages hosts ?le ? http://www.abelhadigital.com (Wordpress)
  • 41. 4. Browser execution ? Web 2.0: no longer just a read-only page ? Javascript (AJAX, Google Docs, et al.) ? Flash (YouTube) ? Java ? ActiveX (Microsoft)
  • 42. Symptoms ? Slowdown with apps/advertising ? Running dangerous processes ? Accessing resources (auto-play audio/video)
  • 43. Use Firefox ? Open source browser, secure, fast ? Tabbed browsing ? Plugins to enhance safety ? NoScript ? Ad Block Plus ? Flashblock
  • 45. Flashblock (no Flash unless enabled)
  • 47. McAfee Siteadvisor ? Firefox plugin, warns of bad sites ? McAfee trusted name in security ? Integrates with Google searches
  • 50. 5. Viruses/Spyware ? Infect computer through email, web sur?ng, or just sitting on the Internet ? Virus: destroy data, nuisance ? Spyware: sucks processor time, steals private data, becomes part of botnet
  • 51. 5. Viruses/Spyware ? Get good software ? BitDefender or Kaspersky ($) ? Avira AntiVir (free) ? Ad-aware (free) ? Spybot Search and Destroy (free) ? Webroot Spysweeper
  • 52. 6. Secure connections ? Virtual Private Network (VPN) ? Your news operation/company may already give you this capability ? Surf any site, no Great Firewall blocks ? Public options: HotspotVPN ($8.88/mo) PublicVPN ($59.95/yr) Witopia personalVPN ($39.99/yr)
  • 54. 7. Practices ? Password discipline ? Email account discipline
  • 55. Passwords ? Have three types on hand ? Trivial (“buddha”) ? Nontrivial (“h@ppybuddh@”) ? Banking strength ("6eijin9spring!1978", like Beijing Spring)
  • 56. Accounts ? Throwaway - Free services (spam collects, registrations, bogus name) try BugMeNot junkbox168@yahoo.com ? General (Email, work, personal) fred.wong@gmail.com fred.wong@scmp.com ? Secure (Con?dential sources, HushMail) fred.wong@hush.com
  • 57. Internet access ? Home, cafes, wireless, hotels on the road ? Consider extremely insecure ? Who can contact your computer? ? Who can read what you’re doing? ? Passwords in the clear?
  • 58. Steps ? Google mail - https://mail.google.com/mail ? Note the “S” and must be that address! ? Entire session is encrypted ? Yahoo/Hotmail - encrypted login, not session!
  • 59. Steps ? Firefox browser - clear private data ? Try “Flock” as 2nd “clean” browser ? Skype - http://www.skype.com ? Secure instant messaging, voice
  • 60. VPN ? VPNs good for general use ? Protect against snoopers in Starbucks and on hotel broadband
  • 61. Prescriptions ? Have some type of VPN accessible ? Use Secure Google Mail (https:// mail.google.com/) ? Use Skype for secure chat ? Use a broadband router at home (Linksys WRT-54G or Apple Airport) ? Use Apple Macintosh (w/Windows)
  • 62. Review ? If you remember nothing else today... ? Hardware ?rewall ? Firefox and plugins ? Antivirus/Antispyware software ? Avoid Yahoo/Hotmail ? www.andrewlih.com/securitytips
  • 63. Retooled Old New Internet Explorer Mozilla Firefox Yahoo/Hotmail Google mail (https) Weak password Strong passwords Cleartext transmissions VPN or secure email Naked computer Router/?rewall No security software Antivirus/Antispyware Instant messaging Skype Naked email HushMail
About
? 2025 狠狠撸