fbpx
Wikipedia

Defensive computing

December 15, 2023

Defensive computing is a form of practice for computer users to help reduce the risk of computing problems, by avoiding dangerous computing practices. The primary goal of this method of computing is to be able to anticipate and prepare for potentially problematic situations prior to their occurrence, despite any adverse conditions of a computer system or any mistakes made by other users. This can be achieved through adherence to a variety of general guidelines, as well as the practice of specific computing techniques.

Strategies for defensive computing could be divided into two categories, network security and the backup and restoration of data.

Network security edit

Users put their computers at risk when accessing the Internet and other networks. The use of either of these allows others to gain access to a user's system and important information. By implementing certain strategies, defensive users aim to reduce the risk associated with network access.

Firewall edit

A firewall is a collection of security measures that protects a computer from harmful inbound and outbound traffic on the Internet and prevents the unauthorized access of computer systems.[1] These security measures are integrated into the form of special software that runs autonomously either on individual computer systems, or externally through built in software within routers and modems.

Not all firewall software will protect computers from sending unauthorized or harmful outbound traffic. An important defensive computing strategy is to seek and implement quality firewall software that filters both inbound and outbound traffic.[2]

Anti-malware software edit

A basic strategy for all defensive computer users is to install and use anti-malware software. Firewalls may not completely protect a computer. Malicious software may be able to get through a firewall and onto a system. Anti-Malware such as anti-virus, anti-phishing and email filtering software offer some protection against harmful software that reside within a computer. The amount of malicious software available over the Internet is steadily increasing.[3] It is important for defensive users to use to anti-malware that is both effective and easily updated in order to combat new strains of malicious software that are developed.[2]

The other side of anti malware is that it contains serious vulnerabilities itself.[4] A malware could use vulnerabilities of anti-malware to launch malicious code.

Anti-malware works by scanning files a network connections for known signatures. Those signatures can never be up to date. To be able to scan network connections, encryptions (SSL/TLS) need to be bypassed or even broken by anti-malware software. When monitoring emails anti-malware opens all attachments for analysis, a bug in this scanner can be used as a starting point for malware. Attackers just need to send malware to a mailbox that is scanned automatically.

It is questionable if malware scanners are even useful at all. Ex Mozilla developer Rober O'Callahan writes in his blog that anti malware software should be disabled (except windows defender)[5]

Skepticism edit

An important aspect of defensive computing is for users to be skeptical of the data to which they have access via the Internet.[6] Malicious software can exist in a multitude of different forms and many are misleading to general computer users and even some anti-malware software. Defensive users think critically about the information they can access, to reduce their chances of downloading and spreading malicious software. Strategies include scanning email attachments prior to opening them and manually filtering suspicious emails from inboxes. Users should be aware of persuasive subject lines and headings in emails from any address, as they may actually contain malicious software or spam, which can mislead users into false advertisement resulting in identity theft.[2] Defensive users can scan files they download prior to opening them and can also configure their computers to show file extensions, revealing potentially dangerous files that appear harmless.[6] Skepticism can also be applied to the websites visited by users. As with emails, users can be led to false advertisements. Also, malicious software can unknowingly be downloaded and infect a computer, just by visiting a certain website.

Backup and recovery procedures edit

Despite the efforts of a defensive computer user, the loss of important data can occur due to malware, power outages, equipment failure and general misuse. Although the loss of data cannot be completely prevented, defensive users can take steps to minimize the amount of data lost and restore systems to their previous state.

Backup of files edit

A defensive strategy against unintentional data loss is the regular backup of important files. Users can make multiple copies of important data and store them either on the same computer or on another device such as a compact disc or an external hard drive.[7] Users can also upload important files to the Internet, provided they have access to Internet storage services.

Restoration edit

Some operating systems give users the option of performing a procedure that restores a computer to a predetermined state. If no option is available, a user can obtain the appropriate restoration software for their system. In the event of a system failure or a serious case of data loss, a user can restore any lost or changed files and remove any malicious files that did not previously exist.[7]

Good practices for protecting data edit

  • Regularly backup important files, documents and emails.
  • Do not use the administrator account for day-to-day activities.
  • Keep software up-to-date with the latest versions.
  • Keep antivirus and antispyware up-to-date with latest versions.
  • Use different passwords
  • Disable auto run feature from USB flash drives. Some viruses, specially worms, spread automatically through USB flash drives [8]
  • Always connect to the Internet behind a firewall
  • When in doubt, throw it out

See also edit

References edit

  1. ^ http://www.cs.unm.edu/~treport/tr/02-12/firewall.pdf, A History and Survey of Network Firewalls
  2. ^ a b c http://news.cnet.com/8301-13554_3-9923976-33.html, The Pillars of Defensive Computing
  3. ^ Krebs, Brian (2008-03-19). "Anti-Virus Firms Scrambling to Keep Up". ISSN 0190-8286. Retrieved 2023-04-26.
  4. ^ Taviso (2016-06-28). "Project Zero: How to Compromise the Enterprise Endpoint". Project Zero. Retrieved 2023-04-26.
  5. ^ Robert. "Disable Your Antivirus Software (Except Microsoft's)". Retrieved 2023-04-26.
  6. ^ a b http://www.melbpc.org.au/pcupdate/2206/2206article6.htm 2006-07-24 at the Wayback Machine, How To Protect Yourself From Virus Infection
  7. ^ a b http://www.microsoft.com/protect/yourself/data/what.mspx, How to Decide what Data to Back Up
  8. ^ http://news.cnet.com/8301-13554_3-10027754-33.html, Be safer than NASA: Disable autorun

External links edit

  • by Michael Horowitz December 2009

December 15, 2023
defensive, computing, form, practice, computer, users, help, reduce, risk, computing, problems, avoiding, dangerous, computing, practices, primary, goal, this, method, computing, able, anticipate, prepare, potentially, problematic, situations, prior, their, oc. Defensive computing is a form of practice for computer users to help reduce the risk of computing problems by avoiding dangerous computing practices The primary goal of this method of computing is to be able to anticipate and prepare for potentially problematic situations prior to their occurrence despite any adverse conditions of a computer system or any mistakes made by other users This can be achieved through adherence to a variety of general guidelines as well as the practice of specific computing techniques Strategies for defensive computing could be divided into two categories network security and the backup and restoration of data Contents 1 Network security 1 1 Firewall 1 2 Anti malware software 1 3 Skepticism 2 Backup and recovery procedures 2 1 Backup of files 2 2 Restoration 3 Good practices for protecting data 4 See also 5 References 6 External linksNetwork security editUsers put their computers at risk when accessing the Internet and other networks The use of either of these allows others to gain access to a user s system and important information By implementing certain strategies defensive users aim to reduce the risk associated with network access Firewall edit A firewall is a collection of security measures that protects a computer from harmful inbound and outbound traffic on the Internet and prevents the unauthorized access of computer systems 1 These security measures are integrated into the form of special software that runs autonomously either on individual computer systems or externally through built in software within routers and modems Not all firewall software will protect computers from sending unauthorized or harmful outbound traffic An important defensive computing strategy is to seek and implement quality firewall software that filters both inbound and outbound traffic 2 Anti malware software edit A basic strategy for all defensive computer users is to install and use anti malware software Firewalls may not completely protect a computer Malicious software may be able to get through a firewall and onto a system Anti Malware such as anti virus anti phishing and email filtering software offer some protection against harmful software that reside within a computer The amount of malicious software available over the Internet is steadily increasing 3 It is important for defensive users to use to anti malware that is both effective and easily updated in order to combat new strains of malicious software that are developed 2 The other side of anti malware is that it contains serious vulnerabilities itself 4 A malware could use vulnerabilities of anti malware to launch malicious code Anti malware works by scanning files a network connections for known signatures Those signatures can never be up to date To be able to scan network connections encryptions SSL TLS need to be bypassed or even broken by anti malware software When monitoring emails anti malware opens all attachments for analysis a bug in this scanner can be used as a starting point for malware Attackers just need to send malware to a mailbox that is scanned automatically It is questionable if malware scanners are even useful at all Ex Mozilla developer Rober O Callahan writes in his blog that anti malware software should be disabled except windows defender 5 Skepticism edit An important aspect of defensive computing is for users to be skeptical of the data to which they have access via the Internet 6 Malicious software can exist in a multitude of different forms and many are misleading to general computer users and even some anti malware software Defensive users think critically about the information they can access to reduce their chances of downloading and spreading malicious software Strategies include scanning email attachments prior to opening them and manually filtering suspicious emails from inboxes Users should be aware of persuasive subject lines and headings in emails from any address as they may actually contain malicious software or spam which can mislead users into false advertisement resulting in identity theft 2 Defensive users can scan files they download prior to opening them and can also configure their computers to show file extensions revealing potentially dangerous files that appear harmless 6 Skepticism can also be applied to the websites visited by users As with emails users can be led to false advertisements Also malicious software can unknowingly be downloaded and infect a computer just by visiting a certain website Backup and recovery procedures editDespite the efforts of a defensive computer user the loss of important data can occur due to malware power outages equipment failure and general misuse Although the loss of data cannot be completely prevented defensive users can take steps to minimize the amount of data lost and restore systems to their previous state Backup of files edit A defensive strategy against unintentional data loss is the regular backup of important files Users can make multiple copies of important data and store them either on the same computer or on another device such as a compact disc or an external hard drive 7 Users can also upload important files to the Internet provided they have access to Internet storage services Restoration edit Some operating systems give users the option of performing a procedure that restores a computer to a predetermined state If no option is available a user can obtain the appropriate restoration software for their system In the event of a system failure or a serious case of data loss a user can restore any lost or changed files and remove any malicious files that did not previously exist 7 Good practices for protecting data editRegularly backup important files documents and emails Do not use the administrator account for day to day activities Keep software up to date with the latest versions Keep antivirus and antispyware up to date with latest versions Use different passwords Disable auto run feature from USB flash drives Some viruses specially worms spread automatically through USB flash drives 8 Always connect to the Internet behind a firewall When in doubt throw it outSee also editStopping e mail abuse Phishing Computer insecurity End user computing Network security Computer worm Computer security Defense strategy computing References edit http www cs unm edu treport tr 02 12 firewall pdf A History and Survey of Network Firewalls a b c http news cnet com 8301 13554 3 9923976 33 html The Pillars of Defensive Computing Krebs Brian 2008 03 19 Anti Virus Firms Scrambling to Keep Up ISSN 0190 8286 Retrieved 2023 04 26 Taviso 2016 06 28 Project Zero How to Compromise the Enterprise Endpoint Project Zero Retrieved 2023 04 26 Robert Disable Your Antivirus Software Except Microsoft s Retrieved 2023 04 26 a b http www melbpc org au pcupdate 2206 2206article6 htm Archived 2006 07 24 at the Wayback Machine How To Protect Yourself From Virus Infection a b http www microsoft com protect yourself data what mspx How to Decide what Data to Back Up http news cnet com 8301 13554 3 10027754 33 html Be safer than NASA Disable autorunExternal links editDefensive computing priorities by Michael Horowitz December 2009 Retrieved from https en wikipedia org w index php title Defensive computing amp oldid 1151798267, wikipedia, wiki, book, books, library,

article

, read, download, free, free download, mp3, video, mp4, 3gp, jpg, jpeg, gif, png, picture, music, song, movie, book, game, games.