Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2008-06-15 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Happy Father's Day

Published: 2008-06-15
Last Updated: 2008-06-15 23:21:14 UTC
by Marcus Sachs (Version: 2)
0 comment(s)

In most countries June 15th is Father's Day this year.  So, to all of the dads out there in reader-land, we extend our warmest Happy Father's Day wishes.  Kids, be sure to call the Old Man today if you are no longer living at home and tell him how you are doing.  If you are still living in your parent's basement, then come upstairs and tell him how much you appreciate that high-speed Internet connection he's paying for.  :)

While you are on the phone (or IM'ing) with Dear Old Dad, ask him if he's got automatic updates turned on for the home computer and if he keeps his antivirus software updated.  Also check to make sure that he's got a good firewall in place.  Those three things will keep most of the evilware out of the family computer.  Beyond that, we can't stop Dad from surfing to parts of the Internet he should not be going to, from downloading lots of cool widgets and programs, or from engaging in file swapping.  But we can keep him educated on the latest threats and countermeasures.

UPDATE

One of our faithful readers who wants to remain anonymous sent us some additional tips and thoughts on this subject: 

For the "dads" of the world, who are more parts Homer Simpson than not, the advice in today's diary is well taken. 

Now that no one needs to intentionally visit "naughty parts" of the web in order to be: 
 - carpet bombed by Safari (on Windows),
 - auto-executed by MSIE-from-the-(Windows-)desktop,
 - impaled by Shockwave Flash 0-Days,
 - blackmail encrypted using 1024-RC4,
 - etc.,

 ...  it might also be wise for "dad" to not keep the family's financial data jewels on the same computers that recreationally/idly connect to networks.  Critical data should be strongly encrypted and stored off-line, whenever not directly in sanctioned use, and archived in a trustworthy and recoverable manner. 

That said, decent fathers and adults, never stop being fathers -- even of adult children. 

The generations that *feel* most "safe" on today's Internet, to the point of reckless, if not negligent, over-connectedness, are today's teens and twenty-somethings.  This stuff doesn't even begin or end with IM-pic-txting "in-the-nude," which has become the latest bit of youthful "jackass"ing (as in those movies). 

After "dad" graciously receives thanks, and sets the good example, by confirming the proffered Safe Computing checklist, fathers might also try to use the same phone call to make sure that the young'uns aren't deeply into the Danger Zone, themselves, in all of the ways that anti-virus, firewalls and keeping private data private and exploitable data protected, are be completely bypassed. 

Yes, it's the Good Old paternal reality check about using Good Judgement and developing High Situational Awareness, so that Good Judgement can, in turn, make a difference. 

Which requires ample parental listening and observing, in order to know what the "kids" are really up to.  Heck, maybe, "mom" *already* knows... 

Marcus H. Sachs
Director, SANS Internet Storm Center

Keywords:
0 comment(s)
Diary Archives