Your neighbor stops you at your curb. He knows you‟re a computer security guru and wants to know the secret to protecting his computer from hackers. You need to get back to mowing the lawn and don‟t really have time to explain log monitoring, patch management, vulnerability assessments, penetration testing, least required access, the CIA triad, and the finer points of risk management. Besides, you know you’re the only guy on the block with syslog servers, hardware firewalls, IDS and HIPS watching the one computer in your house that you only use for online banking.
So what do you tell him? “Keep your patches and antivirus software up to date and don‟t run untrusted programs”. You know it’s not enough, but any more advice would commit you to hours of free consulting or get you uninvited to the neighborhood Christmas party.
"Don't run untrusted programs" good advice! The problem is most people trust everyone when it comes to free software. “Keep your patches and antivirus up to date”. In my experience users typically, once educated, allow their computers to automatically install its Black Tuesday Microsoft patches and their antivirus software to update itself.
Their antivirus will stay up to date until the evaluation license that came with the computer expires. Conscientious home users do, for the most part, run their Windows updates and keep their antivirus product updated. However, auxiliary programs which are not updated automatically by Microsoft updates and other manufacturer provided self-update programs are often not updated and become vulnerable to attack.
Not fully patched and frequently running potentially malicious code, home computers are often left with their antivirus product as the primary means of defense against attack. Commercial organizations tend to do a little better.
They often have a firewall, some patch management, and try to keep their antivirus product up to date. Still, today many organizations do not practice defense in depth and depend largely upon their antivirus products to protect them from malicious code and attackers who attempt to gain access to their valuable computing resources.
File Type: PDF
File Size: 854 KB
Direct Link Mega:
Direct Link AnonFiles:
Direct Link Mediafire:
Direct Link Solidfiles:
Direct Link Sabercathost:
Direct Link Tusfiles: