Episode 003 – Jan 23 2008

This week Martin and Sallie sit down with Rob Benson, WELS Network Security Administrator, to discuss how to keep your computer, it’s information and your identity safe.

The interview:

  • Computer Security – Martin and Sallie are joined by Rob Benson, WELS Network Security Administrator, to discuss computer and e-mail security for the church office, school and home

The tidbits:

The featured artist:

  • WELS contemporary praise band Koine sings I Hear the Savior Calling from their second CD, Gesangbuch – www.koinemusic.com

Get involved:

2 replies
  1. Martin Spriggs
    Martin Spriggs says:

    Doug, thanks for the feedback. Sounds like you and Rob could have an exhilirating security chat over lunch someday.

    It is an ongoing challenge to create simple to use tools that average users can handle, but still provide an effective level of safety. As you know, most of our congregations don’t have a professional they can tap on to go to the lengths you outlined in your comment.

    Thanks again for your comment. We’re glad you took the time to listen!

    Blessings,

    Martin

    Reply
  2. Doug
    Doug says:

    Thanks for dedicating a podcast to the important issue of security. I have a couple interesting stats, then a brief anecdote and lesson learned.

    Stats:

    Anti-virus detection of new malware hovers around 30% — that indicates to me that AV is an unreliable protective mechanism.
    Source: http://winnow.oitc.com/avmalwarestats.php

    Fewer than 1 in 5 applications on Windows computers are patched.
    Source: http://secunia.com/blog/17/

    Anecdote: A few years ago I helped clean up a widespread malware infection at the church’s school. The work performed on the hosts was fairly extensive, and included much more than simple AV scans. After work on all the hosts was completed, the final task was to capture packets on the router and perform traffic analysis. That final check uncovered one computer that, on boot up, sent one encrypted packet to an IP address assigned to an out-of-state dial-up ISP, AV did not detect any malware on the box. The running processes all looked appropriate. Netstat looked OK. All the host-level tests looked OK. Yet that one packet gave away the presence of a bot. And that was a few years ago. Bots today are much more sophisticated and stealthy.

    The lesson learned was that proving the effectiveness of security measures requires network-level work. If you don’t capture and analyze the traffic, you simply can’t demonstrate that your efforts were effective.

    Reply

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *