Re: Windows Awareness Question

["Lawrence R. Rogers" <lrr () SEI CMU EDU>]

> I need a resource to take someone through step by step what they need to
> do when they buy a new PC.  It was assembled months ago, it doesn't have
> 50 patches it needs, and ...
>
> I have been asked for a "Where do we start" article.  When I help
> friends out at home, I burn the latest free firewall, free antivirus,
> free ad-aware, and free anti-spyware to a CD, load that before
> connecting to the network, and then start windowsupdate after everything
> else is loaded.
>
> How do you advise users of home systems, and students?
>
> Jim
> - - -
> Jim Moore, CISSP, IAM
> Information Security Officer
> Rochester Institute of Technology
> 13 Lomb Memorial Drive
> Rochester, NY 14623-5603
> Office: 585-475-5406
> Fax: 585-475-7950
>
> "In cases of defence 'tis best to weigh the enemy more mighty than he
> seems" - William Shakespeare (Henry V, Act 2, Scene 4)

I have written and it is available for your use and adaptation subject to the
permissions described therein, the following Home Computer Security Guide:

        http://www.cert.org/homeusers/HomeComputerSecurity/

I believe that computer owners and users need a technology-neutral
understanding of the problems they're trying to solve to compliment the
specific technology they use. That technology changes quickly and sometimes
radically. To that end owners and users need to be empowered to deal with
these inevitable changes in a productive way, as opposed to throwing one's
hands up in the air and removing the now unuseful software package.

The Home Computer Security guide explains a problem to be solved in a
non-computer setting and then in a computer setting. The guide next
gives examples using Windows 2000 and provides checklists as an aid
to help owners and users keep track of those tasks on their computer systems.

By the way, there are many other short stories (2-3 pages long) available
at:

        http://www.cert.org/homeusers/

These try to explain computer security issues for a non/less-technical
audience. I've got one more in the works and two more in my brain, so
watch this space for future articles.

Finally (for now!), you can visit:

        http://www.us-cert.gov/webcast/

and watch the presentation using the files entitled:

        "A Cybersecurity 101 Workshop"

My presentation is like 15 minutes into the webcast. It too is
targeted to that non-less-technical audience. You can learn about the
similarities between the last scenes of the movie "Crocodile Dundee" and the
Internet, a similarity you may not have otherwise thought of.

If you find any of this useful, please drop me a line. It helps me to let the
boss know that the time I spend on this work benefits somebody. Thanks!

                                        Larry Rogers
                                        Senior Member, Technical Staff
                                        CERT* Education and Training Center
                                        Software Engineering Institute
                                        Carnegie Mellon University
                                        4500 Fifth Avenue
                                        Pittsburgh, PA 15213
                                        lrr () cert org
                                        lrr () sei cmu edu
                                        Phone: 412-268-8042 (Direct)
                                               412-268-7700 (SEI)
                                        FAX:   412-268-7966

* Registered U.S. Patent and Trademark Office

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.

--YFdZeAFcCYLLFRUdFLLGCbaJSWKFNH--

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.