Computer Internet network security News

Securing Wireless Networks – Application Virtualization

It seems that more and more home users are going with wireless networks rather than the tradition wired networks with wires hanging everywhere and running wild around the house and in the crawlspace. What seems like a good idea quickly turns into a nightmare if you don’t vamp up the security of your wireless network.

Speed is of the essence. Typically, one thing matters to new users of wireless, getting connected and browsing that first website. While wireless connectivity can accomplish this, it’s best to set up your wireless connection securely before venturing out into cyberspace. Below are some tips to help secure your wireless network.

Change the default admin password. Admin passwords are easily figured out by attackers when they are left as the default. Not changing your wireless admin password opens your network to attack and can lead to many problems depending on the attacker’s agenda.

Another wireless security measure you will need to take is turning on encryption. Enabling WEP encryption on your wireless network will help you protect your privacy and all your info won’t be floating around outside your home waiting to be picked up by a passerby. It’s important to remember that all your devices on the wireless network will need to have the same encryption. So find the strongest encryption possible that will work on all devices of the wireless network.

Stop the auto-connect feature. Do not allow your devices to auto-connect. Allowing auto-connect may connect to a network that you don’t particularly want. Example, you don’t want your laptop connecting to your neighbor’s network and sending info.

It’s also a good idea that you install firewalls on all devices that connect to the wireless network. Even if the wireless router is firewalled, it’s important to also install firewalls on all computers that are connected to the wifi network. It’s important that these firewalls be set up correctly and block any intrusions that may compromise your wifi network.

Position your wireless router close to the center of your home. Although the reach of wifi networks can vary greatly, it’s important to not allow the signal to float around great distances from the main access point. It virtually impossible to stop all leakage from exiting your home. But minimizing the risk to your wifi network will help to protect it.

Another good idea for wifi network security is to not allow broadcast of the SSID. Your router may have SSID broadcasting set up by default; however you should be able to change this setting in the configuration. This feature is only useful for mobile environments, and is not needed in home wifi networks.

These are just a few tips to securing your wifi network. It’s always a good idea to check for firmware updates to your router as new exploits and vulnerabilities arise. Some routers will have an auto update feature and it’s important to use it. Using auto update will help keep your wifi network secure without the need of remembering to check for updates.

Jake Forrester writes Wifi Security articles for SX Security. Learn more about Wireless Security by visiting http://www.sxsecurity.com

Fetch helpful knowledge in the sphere of Link Building On Auto-Pilot – please go through the publication. The time has come when concise information is truly within your reach, use this chance.

Wireless network security network-security

What is Spyware?

I have lost count of the number of times that we have been called out to repair a personal computer and found that the system was damaged by “Spyware”. Spyware is Internet jargon for Advertising Supported software (Adware).

Advertising Spyware is software that is installed alongside other software or via ActiveX controls on the internet, often without the user’s knowledge, or without full disclosure that it will be used for gathering personal information and/or showing the user ads. Advertising Spyware logs information about the user, possibly including passwords, email addresses, web browsing history, online buying habits, the computer’s hardware and software configuration, the name, age, sex, etc of the user.

In addition to privacy and security concerns, resource-hogging Adware and Spyware can cause system and browser instability and slowness.

Here are a couple of scenarios indicating a Spyware “infection”.

- Scenario 1:

Your search engine is New: Google. You visit the Google website and do your search. All of a sudden you have advertisements popping up all over your screen. Annoying right? The Google web site does not use pop-ups! It is against their company philosophy (another reason why I love Google). So where are the pop-ups coming from? There is software (Spyware) on your PC monitoring your key strokes and hard drive contents and sending the information to a third party on the Internet which then presents advertising pop-ups to you based on your search interests or the web sites you have been visiting.

This scenario illustrates how Spyware can be extremely annoying. But worse, consider the security and privacy issues that are highlighted by this type monitoring. How secure are your passwords that you use locally or online? Is this information being sent back to a server along with other personal or business information scanned from your hard drive? Maybe, maybe not. It is not worth taking a chance. We will discuss how to identify and prevent Spyware from “infecting” your system a little later.

- Scenario 2:

You start your computer in the morning. The PC was never the fastest on the block to boot up and be ready to work but it was never as slow as it is now. Now the computer’s hard drive’s light stays on continuously and you can hear the hard drive thrashing away in your computer. This abnormal disk activity is a clue that there may be Spyware scanning your hard drive and sending the results to a third party which in turn is using it to aim advertising at you based on your interests.

The second scenario illustrates not only the privacy and security issues mentioned in scenario one, but also the resources that the Spyware appropriates for it’s own use. The most noticeable resource degradation is that of the PC itself. Valuable RAM, CPU cycles, and hard disk reads are being used by the Spyware for it’s own use. On a slower PC this resource use is very noticeable creating an unusable and unstable PC for periods of time. User productivity is sure to suffer because of this. Network and Internet bandwidth is also being used by the Spyware which results in slower access for legitimate network communications and can result in reduced productivity and higher costs of network ownership.

How to Identify a Spyware “Infestation”

There are some clues that indicate spyware could be installed on a computer.
You are bombarded with pop-up ads every time you use the web browser.
The PC is showing sluggishness and increased disk activity is noticed.
The PC becomes increasingly unstable and more prone to crashes and blue screens.
Icons appear in the taskbar tray that weren’t there before.
Network activity is observed when the computer is not being used.
An increase in the amount and frequency of email spam is observed.

There are many freeware titles available that install Spyware on your system. One of the most identifiable types of Spyware is from a company called Gator Advertising(http://www.gator.com/). Their Spyware is installed alongside free programs such as Precision Time, Date Manager, and Offer Companion. You may have seen one or more of these programs after they magically appear in your Taskbar Tray (where your computer clock is displayed). See figure 2-1 and 2-2. Ever wondered how they got there? You’re about to find out.
Date Manager tray icon

Precision Time tray icon

How Spyware is Installed

Some Internet websites utilize additional software to enable special features available on the site. One of the most common sites using this technology is the Microsoft Windows Update site. Before installing updates, you are required to accept the installation of a small piece of software called an ActiveX control. Shockwave enhanced sites also require the acceptance of additional software. It is okay to accept this software. Provided that your Web Browser security settings are enabled you will be shown a screen asking permission to install the software. See figure 2-3 and 2-4

Now this is where it gets confusing. Have a look at the figure 2-5 and 2-6 below. Not much difference from the Shockwave and Windows Update Security Warnings shown above. These usually popup when you are first entering a website which gives the impression that they are required in order to view the site. Not so. That’s where they get you. Most users will assume they need to install the software, they click and the Spyware payload is downloaded to their PC. Other forms of spyware infection are a result of saying OK to offers like the ones shown in Figure 2-7 and figure 2-8.

How to Prevent Spyware “Infection”

The chance of keeping a PC free of Spyware infection is greatly increased by following a few simple rules.
Ensure that your internet browser settings are set to at least default levels. Internet Explorer security settings are accessible by going to the Internet Explorer Tools menu and choosing Internet Options. Go to the Security tab to view or modify the settings.
Read all security warnings before hitting the Yes button. If you are unsure, choose No. If it turns out the webpage to be viewed requires the download, hit the Refresh button on the web browser or use the F5 key to refresh the screen.
Avoid using peer-to-peer file sharing services such as Kazaa. They are notorious for packaging Spyware with their programs.
Check your start menu, desktop, and Add/Remove Programs module for unknown installed applications.
Regularly clean out the internet browsers temporary files and cookie cache. This can be performed from Internet Explorers Internet Options on the General tab.
Whenever possible, close advertising pop-ups using the Close “X” in the top right corner of the window. If there appears to be no way of closing the window without clicking a button within the window, don’t. Press the Alt and F4 key at the same time. This will close the window in focus.
Use a firewall product that monitors and prevents unauthorized applications and data from both entering and leaving the PC.
Use Spyware cleaning software such as New: AdAware from New: Lavasoft. Scan for Spyware regularly.
In a corporate environment it is good practice to disable a users ability to install software on the PC.
Educate yourself and other users about what Spyware is and how it can be prevented.
Have your computer examined by a qualified computer technician who can access vulnerabilities and suggest ways of increasing your computer’s security.

In Conclusion

There are millions of useful websites on the Internet that survive exclusively due to their use of various forms of advertising. Internet advertising has evolved to the point where it is possible to aim advertising to a very precise target audience. This capability has brought with it a hornet’s nest of privacy and security issues.

A lot of the targeted advertising is possible because of Spyware software. Spyware is a tool that provides advertisers with data about a target computer and user. It is often installed accidentally or without the users knowledge. Spyware logs information about the user, possibly including passwords, email addresses, web browsing history, online buying habits, the computer’s hardware and software configuration, the name, age, sex, etc of the user, and sends this information to a third party on the Internet, usually an advertiser.

Advertising pop-ups, system instability, sluggishness, and increased hard drive and network activity are all symptoms of a Spyware “infestation”.

To prevent Spyware “infestations” there are some simple rules that a user should follow. They include such things as ensuring that Internet settings are set to at least default settings. The use of a good firewall, which monitors activity both in and out of your computer, can assist in identifying and preventing Spyware. Avoid installing peer-to-peer file sharing software and offers to install software that may pop-up on your screen. Educate yourself about Spyware and how it can be prevented.

For a thorough examination of your system and its vulnerabilities contact a qualified computer technician. They will be able to identify areas of concern and suggest ways to increase your computers security.

Glossary

ActiveX Control – A control using ActiveX technologies. An ActiveX control can be automatically downloaded and executed by a Web browser. ActiveX is not a programming language, but rather a set of rules for how applications should share information. ActiveX controls have full access to the Windows operating system. With this power comes a certain risk that the applet may damage software or data on your machine. To control this risk, Microsoft developed a registration system so that browsers can identify and authenticate an ActiveX control before downloading it.

Cookie – A message given to a Web browser by a Web server. The browser stores the message in a text file. The message is then sent back to the server each time the browser requests a page from the server. The main purpose of cookies is to identify users and possibly prepare customized Web pages for them. When you enter a Web site using cookies, you may be asked to fill out a form providing such information as your name and interests. This information is packaged into a cookie and sent to your Web browser which stores it for later use. The next time you go to the same Web site, your browser will send the cookie to the Web server. The server can use this information to present you with custom Web pages. So, for example, instead of seeing just a generic welcome page you might see a welcome page with your name on it.

Shockwave – A technology developed by Macromedia, Inc. that enables Web pages to include multimedia objects.

Spyware – Also called adware , spyware is any software that covertly gathers user information through the user’s Internet connection without his or her knowledge, usually for advertising purposes. Spyware applications are typically bundled as a hidden component of freeware or shareware programs that can be downloaded from the Internet. Once installed, the spyware monitors user activity on the Internet and transmits that information in the background to someone else. Spyware can also gather information about e-mail addresses and even passwords and credit card numbers.

To purchase Electronics and Software, you can visit Electronics.

Spyware computer service, Malware, network-security, networking-security, protecting privacy, Spyware

March 24, 2009 — e-fense, a leading software developer and inventor of HELIX3, announced a special cost saving offer for membership into its network security and computer forensics software forums.
HELIX3 forum membership includes access to Helix3 Live CD download, the complete Helix3 Manual, access to our Members Only Forum with e-fense experts online during business hours to address your questions, access to white papers and webinars written by industry experts to provide you with best practices and educational information, Helix3 Pro expected to be released April 6, 2009 and more.

In summarizing this offer, Lauren LaFortuna said, “Helix3 has been downloaded over 600,000 times and there is a huge need to support this. Helix3 is one of the predominant tools in every law enforcement cyber crime tool kit. Computer crime has always been prevalent on the internet but now corporate thievery is at an all time high. Management and employees are becoming polarized.”

LaFortuna went on to say, “We are making an unprecedented offer to everyone, law enforcement and corporations alike, to join this important Helix3 member group. The cost is minimal at $179 through April 4th. This coincides with the release of the next generation of the product to be called Helix3 Pro. The price will then go up to $239. Since I expect that everyone will inevitably use this, I hope that you join today and save. Corporate information security officers will now get the same access to Helix3 as law enforcement has had.”

CEO, Steve Bederman who has long been recognized as a global leader in corporate software growth companies said, “I have worked throughout the world with small, medium and enterprise size corporations. As well, I have worked with many regional and international leaders. Common to all is this immense concern with data loss, it damages corporate and government initiatives alike. The first thing that I recognized in taking on the helm of e-fense was our responsibility to ensure that this wonderful computer forensics software be available to every type organization, public or private. Over 80% of cyber theft happens within, from employees and people with access to networks, not hacking. This has to stop and we all know the damage that this does to everyone. Simply, Helix3 is the affordable answer to reducing this form of risk.”

e-fense said that it will remain on the forefront of this computer security battle. “I encourage you to contact us today. There is enormous risk of data loss through internal security breach. I have participated in many corporate litigations where the verdict was determined based on the evidence delivered with Helix3. Companies need to be prepared with the right tools, e-fense’s computer forensics and network security software solutions are the right tools,” said Drew Fahey, Founder and Chief Technical Officer of e-fense.

e-fense is headquartered in Colorado with offices in Washington DC and England. e-fense was founded in 2001 by a team of computer forensic, incident response and counter intelligence experts. Product lines include Helix3, Helix3 Enterprise and Live Response (worldwide patents pending). e-fense is a world leader in products serving a wide range of clients including federal, state and local law enforcement agencies as well as leading private sector security, legal and information technology professionals around the world.

News computer forensic, e-fense, network-security

Vulnerability management is an effective way for enterprises to understand their networks without any assumptions. Vulnerability management perform the following tasks to keep your enterprise network structure flowing smoothly.

1- Asset management

vulnerabilities can occur in any of the software installed on a device, the more granular the information about that device that can be obtained, the better. The asset identification tools help and scan the network and report details about all the devices they find in network scan — both the expected and the unexpected.

2-Correlation

Correlation is a key where by aggregating data from a variety of sources, including application logs, system logs, traps and alerts, correlation tools help administrators track relationships between devices on the network.

3- Validation

How do you know which vulnerability reports apply to your environment and which do not? Validation. Validation tools confirm which devices in the network are truly vulnerable and distill the vulnerability data into a focused list to help determine which vulnerabilities merit action. Validation compares information about the vulnerability against information about the environment.

4- Remediation

Remediation tools, think carefully about the level of automation that is appropriate. For example, do you perform regression testing on critical applications before deploying a potentially conflicting patch? What patch workflow requires buy-in from teams that currently maintain the process? And what about auditing? Ensuring that automated actions are audited is extremely useful during application debugging.

GFI has recently released the most advanced version of GFI LANguard to date. The new version 9 includes improved user experience through increased automation. What is GFI LANguard? GFI LANguard is a vulnerability management solution offering security scanning, patch management and network auditing through a single, integrated console and provides you with the tools needed to detect, assess, report and rectify any threats. The latest version builds on an extensive feature set to make it easier for users to manage network scans, install patches and get a complete picture of the security scanner set-up on their network.

Vulnerabilities network-security, security scan, security scanner

The Columbus Tech-Security Conference will bring together private industry, government decision makers and technical enthusiasts in the fields of Information & Network Security. This unique conference format will provide several interactive high intensity training sessions as well as tremendous networking opportunities.

Topics may include: Intrusion Detection and Prevention Systems, Wireless Security, Web Hacking, Contingency Planning, Vulnerability Assessments, Threat Management Workshop, Computer/PDA & Enterprise Forensics, Password Recovery & Disk Wiping Tools, Internet Investigation Techniques.

You’ll come away with advice and knowledge that you can start applying to your environment immediately.

Register at http://www.dataconnectors.com/

Computer security events network-security, security training

One of the biggest challenges IT professionals face is keeping data protected and networks secure from intrusions.  Knowing where and how your systems are vulnerable is only half the battle.  Retina allows you quickly, easily and non-intrusively see the state of your networked devices through the eyes of an attacker.

Join this live, web-based demonstration to see eEye’s Retina® Network Security Scanner in action.  Seamlessly integrated with REM™ Security Management Console, Retina provides comprehensive vulnerability management, from discovery and assessment to remediation and reporting.   Register now for a live demonstration of the industry leader in vulnerability assessment.

Register at https://www1.gotomeeting.com/register/819249197

Computer security events intrusions, network-security, retina

o Perform integrity checks on all new employees to make sure that theyhaven’t lied about their background, experience or qualifications.o Give all new employees a simple introduction to information security, andmake sure that they read and understand your information security policy.Make sure they know where to find details of the information securitystandards and procedures relevant to their role and responsibilities.o Ensure that employees have access only to the information assets theyneed to do their jobs. If they change jobs, make sure that they do notretain their access to the assets they needed for their old job. Whendismissing employees, ensure that they do not take with them anybusiness-critical information.o Make sure that no ex-employees have access rights to your systems.o Make sure your employees know about the common methods that can beused to compromise your system. These include e- mail messages thatcontain viruses and ‘social engineering’ ploys used by hackers to exploitemployees’ helpfulness to gain information that will give them access toyour system. Examples of ‘social engineering’ include a hacker using thetelephone to pose as a systems maintenance engineer or pretending to be anew employee.

Business security Business security, Computer-security-tools, Data Security, network-security, security audit

The routing primitives implemented by current structured p2p overlays provide a besteffortservice to deliver a message to a replica root associated with a given key. Asdiscussed above, a malicious overlay node has ample opportunities to corrupt overlaylevelcommunication. Therefore, these primitives are not sufficient to construct secureapplications. For example, when inserting an object, an application cannot ensure thatthe replicas are placed on legitimate, diverse replica roots as opposed to faulty nodesthat impersonate replica roots. Even if applications use cryptographic methods to authenticateobjects, malicious nodes may still corrupt, delete, deny access to or supplystale copies of all replicas of an object.To address this problem, we must create a secure routing primitive. The secure routingprimitive ensures that when a non-faulty node sends a message to a key k, themessage reaches all non-faulty members in the set of replica roots Rk with very highprobability. Rk is defined as the set of nodes that contains, for each member of the setof replica keys associated with k, a live root node that is responsible for that replica key.In Pastry, for instance, Rk is simply a set of live nodes with nodeIds numerically closestto the key. Secure routing ensures that  the message is eventually delivered, despitenodes that may corrupt, drop or misroute the message; and  the message is deliveredto all legitimate replica roots for the key, despite nodes that may attempt to impersonatea replica root.Secure routing can be combined with existing security techniques to safely maintainstate in a structured p2p overlay. For instance, self-certifying data can be stored on thereplica roots, or a Byzantine-fault-tolerant replication algorithm be used tomaintain the replicated state. Secure routing guarantees that the replicas are initiallyplaced on legitimate replica roots, and that a lookup message reaches a replica if oneexists. Similarly, secure routing can be used to build other secure services, such asmaintaining file metadata and user quotas in a distributed storage utility. The details ofsuch services are beyond the scope of this paper.Implementing the secure routing primitive requires the solution of three problems:securely assigning nodeIds to nodes, securely maintaining the routing tables, and securelyforwarding messages. Secure nodeId assignment ensures that an attacker cannotchoose the value of nodeIds assigned to the nodes that the attacker controls. Withoutit, the attacker could arrange to control all replicas of a given object, or to mediate alltraffic to and from a victim node.Secure routing table maintenance ensures that the fraction of faulty nodes that appearin the routing tables of correct nodes does not exceed, on average, the fraction offaulty nodes in the entire overlay.Without it, an attacker could prevent correct messagedelivery, given only a relatively small number of faulty nodes. Finally, secure messageforwarding ensures that at least one copy of a message sent to a key reaches each correct

Networking security network-security, Networking security, p2p, security

An extranet is a private network that uses Internet technology and the public telecommunication system to securely share part of a business’s information or operations with suppliers, vendors, partners, customers, or other businesses. An extranet can be viewed as part of a company’s intranet that is extended to users outside the company. It has also been described as a “state of mind” in which the Internet is perceived as a way to do business with other companies as well as to sell products to customers.An extranet requires security and privacy. These can include firewall server management, the issuance and use of digital certificates or similar means of user authentication, encryption of messages, and the use of virtual private networks (VPNs) that tunnel through the public network.

Companies can use an extranet to:

• Exchange large volumes of data using Electronic Data Interchange (EDI)
• Share product catalogs exclusively with wholesalers or those “in the trade”
• Collaborate with other companies on joint development efforts
• Jointly develop and use training programs with other companies
• Provide or access services provided by one company to a group of other companies, such as an online banking application managed by one company on behalf of affiliated banks
• Share news of common interest exclusively with partner companies

An extranet can allow public access to employees, customers, clients or partners. The extranet uses Internet protocols so users can navigate with a browser, but resides on the company’s private server rather than on a public Internet server. Extranet access from the Internet can be controlled through various architectures that are password or username specific. In other words, areas of the extranet will be available according to password credentials. This limits users to extranet pages relevant to the business they might be conducting, while keeping other areas of the extranet private and secure.

E, Glossary of computer security, Networking security E, EDI, extranet, Glossary-of-computer-security, network, network-security

DHCP is used to lease out individual IP addresses to anyone who configures their system to request one. Other vital information such as subnet mask, default gateway, and name server are also given to the client at this time. The WFG uses a beta DHCPv3 open-source server from the Internet Software Consortium with the additional ability to dynamically remove hosts from the firewall access list when DHCP releases a lease for any reason (client request, time-out, lease expiration, and so on). Configuration files for the server are located in /etc and follow the ISC standard (RFC) format. However, the server executable is customized and does not follow these standards. If the server needed to be upgraded, then the source code would need to be re-customized as well.

The DHCP server is configured to only listen on the subnet interface of the wireless network. This prevents anyone from the wired network to obtain a wireless IP address from this server. As an added security measure, packet filters prevent any DHCP requests coming in on any other interfaces.

Networking security dhcp, network-security, networking-server

Every day, students send dozens of electronic messages or store personal files in their accounts thinking that their messages will remain private and their files secure. This, however, might not be the case.

According to one computing assistant (CA) who asked to remain unidentified, break-ins into personal accounts are not uncommon. “People [on the Internet] have a false sense of security.” Many users leave their accounts open in a public cluster and take a break, give out their passwords, or assign predictable passwords which hackers can figure out. Such unwise judgments are what lead to breaches of privacy, he said.

Stanley Eisenstat, professor of computer science, said that the “safety of your account is determined by your own control.” Giving out passwords to friends, he said, is one of the main ways intruders gain access and control over a victim’s account. Even so, Eisenstat said, another important component of a user’s account depends on the security the system uses.

At Yale, the issue of network security is presently being addressed. According to Andy Newman, systems programmer for technology and programming, there are several levels of security available for students’ accounts. For electronic mail accounts, Newman said there is a basic level of security that protects students from other students who might try to view their files. Because of the access privileges given to users’ accounts when they are first set up, people that might try to break in – even at this basic level of security – will “run into substantial walls that will ultimately impede their access,” Newman said.

Aside from the basic level of security accounts are given, employees of ACS “maintain a substantial number of tools that check the Minerva cluster for anomalies that might be indicative of illegal use of accounts,” Newman said. Although the Minerva/Mercury/Morpheus pantheon is monitored continuously, not all accounts can be monitored simultaneously, allowing for some anomalous activity to go undetected.

More at Yaleherald

Networking security computing, network-security, Networking security, Passwords, security

The best solution  for the `client waits forever` problem is the heartbeat pattern, as it was know it from Wiley Java Design Patterns Vol 3. That implementation is RMI, but the idea is that the server sends a message to the client, which is listening for `still alive`
messages. So you might be able to have your Command socket – which seems to be the choke point for all of your calls – to cancel the requests by calling a thread interupt of something. What one typically do when  don’t have control of the server – which is more often than
not – is I open and close a connection once a minute, blocking calls until the server comes back up.

You could also allow a timeout on activity, counting the bytes being recieved and after nothing increments, timeout then. That`s what you would try if you were transfering 1 gig files or something. But in
general  java.util can be used.

Networking security heartbeat-method, network-security, Networking security, networking-security