There are many pieces to intrusion prevention and like a puzzle, you must put them all together before you start surfing the net; miss just one piece and you’ve left yourself wide open to attack!

This is what you need to help prevent intrusions including the web security services you should use on a regular schedule.

For those of you that don’t want to read all the details and are ready to jump right into the web security audit, then follow the five steps below.

• Take the Firewall Test, it’s fast and very accurate.
• Take the Anonymous Surfing and privacy test.
• Test the Intrusion Prevention Software.
• Take the Popup Test.

I rely heavily on my e-mail accounts for communication with friends, school and even work. E-mails helped me very much communicating people who are away from me. This is the cheapest way to communicate with people outside the country and even with the country. Here’s a few tips on how can you protect yourself from e-mails and spam that are being spread through e-mails:

• Keep your e-mail private. Don’t post your e-mail anywhere
• Don’t open and or download emails coming from suspicious senders.
• Always scan the files you downloaded from your e-mail (attachments).
• Use different e-mail accounts for different purposes (school, work, family, etc.)
• Update your spyware remover and anti-virus.
• Use the latest and updated version of your internet browser.

Image source: www.uvsc.edu

Here are some tips for you to have a more secure password for use with your e-mail and other Internet accounts:

• Use a combination of UPPER and lower case.
• Use numbers and letters
• Never use your birthday as your password.
• Use symbols like . , ! @ and others
• Never use the same password for all your online accounts
• Never save / write your passwords somewhere else.
• Never share it to someone else. If you really need to share it with someone, please change it as soon as possible.
• If you feel that your password is not secure anymore it is very easy to change it.

Having a hard to guess password will increase the security of your e-mail accounts and or accounts you use online.

Image source: buckeyesecure.osu.edu

An IDS or Intrusion Detection System is a system that detects the misuse of network or computer resources. It uses a number of sensors to detect intrusions. Some of these may be the following: a sensor to monitor TCP connection requests, log file monitors, or file integrity checkers.

The IDS system collects data from its sensors and analyzes this data to alert the administrator if there is malicious activity on the network. It is commonly divided into NIDS (Network Intrusion Detection Systems) and HIDS (Host Intrusion Detection Systems). Newer NIDS also attempt to act as NIPS (Network Intrusion Prevention Systems). An example of an excellent open source Network Intrusion Detection System is SNORT

Accounting refers to the tracking of the consumption of network resources by users. This information may be used for management, planning, billing, or other purposes. Real-time accounting refers to accounting information that is delivered concurrently with the consumption of the resources. Batch accounting refers to accounting information that is saved until it is delivered at a later time. Typical information that is gathered in accounting is the identity of the user, the nature of the service delivered.

Authorization is the granting of specific types of privileges or barring privileges to an device or a user based on their previous authentication, what privileges they are requesting, and the current system state. This may be based on restrictions, for example time-of-day restrictions, or physical location restrictions, or restrictions against multiple logins by the same user. Most of the time the granting of a privilege constitutes the ability to use a certain type of service. Examples of types of service include, but are not limited to: IP address filtering, address assignment, route assignment, QoS/differential services, bandwidth control/traffic management, compulsory tunneling to a specific endpoint, and encryption.

The AAA Protocol (Authentication, Authorization, and Accounting) is a model designed to make computers secure.

Authentication is proving who you are. It refers to the process of establishing the digital identity of one entity to another entity (a user, client, computer, etc. to a server or computer). It is traditionally accomplished by using passwords but can include two factor authentication, one-time tokens, digital certificate, phone numbers, and biometrics. This comes before authorization because the entity’s identity must be checked before it is allowed access to the system.

“The Scrapkut worm uses active code injection to spread between victims and their friends on Orkut. The malicious code appears on a victim’s scrapbook, containing a link to a supposed YouTube video.

People who click on the link are redirected to an external site hosting malware that’s disguised as a Flash upgrade. Users duped into installing the software get malicious Javascript code injected into their next active Orkut web session. This malicious scrapbook entry is then sent to all the victims’ friends, recommencing the infection cycle.

Source

Using SharePoint server 2007, you can update, share, and discuss data such as customer communications; employee authored content, interactions with service providers and experts engaged on projects; and news related to the company, that too all under one roof. Taxing to and fro of emails can be dodged. In SharePoint Site, staff and management will be able to glance through or make changes in the company content right at one place. Less storage space is also required. News stories meant for the company’s intranet folio which essentially needs to be analyzed by the concerned superiors before getting posted can be done swiftly concurrently at the central space.

Using another such solution from Microsoft, i.e., Dedicated Exchange Server, employees and employers can enhance their email communication. The main advantage using Hosted Microsoft Exchange is that it can be integrated with SharePoint site. It also allows for wireless synchronization, archival of emails, download of heavy attachments even on the phone, access to contact list, so on and so forth. Cheap Exchange hosting services are available in the market. Also, application hosting and free hosting templates for project management, content management, document management, etc. are easily available these days.

Whilst you make a social network by means of SharePoint, users, private spaces, etc. are by default being developed for each user you adjoin. These individual spaces are known as My Sites, which operates similar to other existing social network sites, however with additional features and abilities. The My Site feature in SharePoint allows to see and administer data, links, calendar, associations, and other private data.

Originally speaking, in SharePoint Server 2010, each My Site has an integrated blog. Additionally, users can generate new SharePoint sites and fasten them to an on hand Team Site. This provides a blog to the team that adjoins additional content and value along with their document repositories, calendars and lists. SharePoint also allows for blog archiving which can also be indexed. Thus, it makes the blog a storehouse for combined facts and data.

People Search is an imperative SharePoint Server 2007 feature for big or emergent organizations. It helps search and find exact people much easier. Several kinds of search features are available to use, for instance the By Expertise search feature. Also, search results can be differentiated by tabs such as job title or by social distance.

Microsoft SharePoint Services also has integrated wikis for information sharing and information and group collaboration on content. SharePoint Wiki features include approval workflows and permissions, document check-in, and version history. There is also an option to use hyper-V hosting with a dedicated SharePoint server. SharePoint price is also not too expensive.

Free hosting templates, hosted blackberry, and Exchange host are also available through SharePoint hosting providers.