Internet Security Technologies : Firewall

A firewall is an application that allows the user to control and filter packets flowing in and out of the network. Firewalls effectively block probes like ping, operating system fingerprinting, port scans and other types of intrusions. Many companies offer free firewall for personal use only.

A firewall may be software or hardware. A firewall is at the entry point of the network it protects. The most basic firewall performs packet filtering. In packet filtering, the firewall is the first program that receives and handles incoming network traffic and the last to handle outgoing traffic. The policy of filtering the packets may be based on allowing or disallowing packets based on:

• source IP address
• destination port
• protocol

Circuit Relay or Circuit Level Gateway provides additional security. This operates on the Transport Layer. This firewall also determines whether the connection between both ends is valid according to a set of configurable rules. It then opens a session and permits traffic from the allowed source for a limited time period.

Application level gateway acts as a proxy for applications. It performs all data exchanges with the remote system on behalf of the applications. It also allows or disallows network traffic according to specific rules. This is the most secure type of firewall.

Source

Posted in Info, Network Security, Web Security Comments Off

SSL (Secure Socket Layer) :

Netscape Communications Corporation developed SSL for providing security and privacy over the Internet. The protocol supports server and client authentication. Since the protocol is application-independent, it allows other protocols like HTTP, FTP, and Telnet to be transparently layered on it. An Secure Socket Layer (SSL)-enhanced browser encrypts the data sent from the browser to the server. SSL uses encryption and certificates to authenticate websites and web users.

Ssh (Secure Shell) :

Ssh is a program used to:
1. log into another computer over the network
2. execute commands in a remote system
3. move files from one system to another

Ssh provides:
1. strong authentication and secure communication over unsecured channels
2. secure connections and secure forwarding of arbitrary TCP connections
3. provides encrypted communication
4. Ssh is proposed as an alternative to the traditional BSD ‘r’ commands-rlogin, rsh, and rcp. It replaces Telnet. The free version of the SSH protocol suite can be downloaded from http://www.openssh.com/.

Source

Posted in Info, Network Security, Web Security Comments Off

Internet Security Technologies : Encryption

Encryption is the process of rendering data unreadable for snoopers. The designated receiver must have the correct key to decrypt the data. Hackers can intercept data over the network by eavesdropping, tampering, or impersonation. The strength of the encryption depends on the key length.

An encryption system can be of two types: public or private. In public key encryption, a pair of keys called the public key and the private key is used. The public key can be given to anyone and the sender uses it to encrypt the message. The receiver then uses his private key to decrypt the message. The private key is obviously not revealed. In private key encryption, the same key is used to encrypt and decrypt the data. The private key must be sent to the receiver through a secure connection.

Source

Posted in Info, Network Security, Prevention, Web Security Comments Off

5. Swedish Urology Group — Urine Trouble!
Victims: “Hundreds”
Class Action Outrage Scale: 1 out of 10 lawyers

Doctors lost three hard drives containing patients’ personal information, and we mean personal!

4. The Nature Conservancy — Think of It as Recycled Data
Victims: 14,000
Class Action Outrage Scale: 9 out of 10 lawyers

Someone at the Conservancy was thinking locally but acting globally by apparently visiting a website of questionable provenance. The site was poisoned with malware. Soon, malicious hackers were clear-cutting names, home addresses, birthdates, Social Security numbers of employees and their dependents, and, yes, direct deposit bank account numbers. Let’s hope there’s been a climate change in the group’s security department.

3. TSA, Part II – Still Doing DHS Proud!
Victims: 100,000
Class Action Outrage Scale: 3 out of 10 lawyers

Thieves stole a computer hard drive with the names, Social Security numbers, dates of birth and bank account and routing information of current and former employees, including federal air marshals. Don’t worry, though. How easy could it be to pose as an air marshal with only that information?

2. Her Majesty’s Revenue and Customs — One Regrets the Error
Victims: 25 million
Class Action Outrage Scale: 10 out of 10 lawyers

Two CDs containing personal data on about 7 million families went missing in the mail, and the HMRC chancellor resigned. Frankly, we included it just so we could quote sentences like: “The chancellor seeks the advice of the Serious Organised Crime Agency,” and “Mr Cable said he sincerely hoped the discs would not fall into the hands of ‘the criminal fraternity,’” and “Police have visited London rubbish tips in their hunt for missing computer discs.” Makes the worst breach in Britain’s history sound kind of lovely.

1. TJX — ’Sorry About That. Here’s a Gift Card. Come Back Soon for our Sale!’
Victims: Millions of bargain shoppers worldwide
Class Action Outrage Scale: 8 out of 10 lawyers

No breach got more ink this year than TJX’s, which involved some, OK, tens of millions, OK, 50 million, all right all right around 100 million credit and debit card records. Priceless moments included TJX’s defense in press accounts that “our security was comparable to many other major retailers” and the portion of TJX’s proposed settlement with consumers in which the company would hold a three-day “Customer Appreciation Sale” and give some customers $30 store vouchers. (Sorry about the e. coli in the meat in our store; here’s a gift card to buy more meat in our store). After consumer advocates raised a stink, the vouchers were changed to $15 checks. Sad as the whole episode was for consumers, TJX’s stock has remained healthy. Don’t you just love a bargain?

via [CSOOnline]

Posted in Hacks, Info, Network Security, Threats, Web Security Comments Off

Distributed Denial of Service (DDoS) Attack

How is a DDoS executed against a website?

A website DDoS is executed by flooding one or more of the site’s web servers with so many requests that it becomes unavailable for normal use. If an innocent user makes normal page requests during a DDoS attack, the requests may fail completely, or the pages may download so slowly as to make the website unusable. DDoS attacks typically take advantage of several computers which simultaneously launch hundreds of thousands of requests at the target website. In order not to be traced, the perpetrators will break into unsecured computers on the internet, hide rogue DDoS programs on them, and then use them as unwitting accomplices to anonymously launch the attack.

Is there a quick and easy way to secure against a DDoS attack?

No. From a simplistic perspective, the best solution is to secure computers from being hijacked and used as attack platforms. This cuts the problem off before it can ever manifest. Thus many experts suggest that we “pull together as a community” to secure our internet computers from becoming unwitting accomplices to such malicious intruders. Unfortunately, for every business that has the knowledge, budget, and inclination to make such changes, there are many more which lack such resources.

Plus, the attackers are most likely going to use non-commercial computers as attack platforms, because they are usually easier to break into. University systems are a favorite, because they are often understaffed or the systems are set to minimum security levels to allow students to explore the systems as part of their education. Further, this is not just a national problem. Any internet server in the world could be used as an attack platform.

Still, the simplest and most effective solution for preventing DDoS is through a global cooperative effort to secure the internet. The first step in the process, therefore, is concerned with scanning your internet computers to make sure they are not being used as unwitting DDoS attack platforms. This is not just good internet citizenry, however, because this also serves to document and verify that your internet computers are not suspect when DDoS attacks occur.

Source

Posted in Info, Prevention, Tips, Web Security Comments Off

YOUR IP ADDRESS IS PUBLIC

Accessing the Internet is a security risk.

When you are connected to the Internet, an IP address is used to identify your PC. If you don’t protect yourself, this IP address can be used to access your computer from the outside world.

A fixed IP address is a larger security risk.

If you’re using a modem with a dial-up connection, you will get a new IP address every time you connect to Internet, but if you have a fixed Internet connection (cable, ADSL, fixed line), your IP address will never change.

If you have a fixed IP address, you give potential Internet crackers all the time they need to search for entrances to your computer, and to store and share (with other crackers) information they might find about your unprotected private data.

Your Network Shares

Personal computers are often connected to a shared network. Personal computers in large companies are connected to large corporate networks. Personal computers in small companies are connected to a small local network, and computers in private homes often share a network between family members.

Most often networks are used to share resources like printers, files and disk storage.

When you are connected to the Internet, your shared resources can be accessed by the rest of the world.

Source

Posted in Info, Web Security Comments Off

“Mendacious machines controlled by hackers that reroute Internet traffic from infected computers to fraudulent Web sites are increasingly being used to launch attacks, according to a paper published this week by researchers with the Georgia Institute of Technology and Google Inc.

The paper estimates roughly 68,000 servers on the Internet are returning malicious Domain Name System results, which means people with compromised computers are sometimes being directed to the wrong Web sites — and often have no idea.

The peer-reviewed paper, which offers one of the broadest measurements yet of the number of rogue DNS servers, was presented at the Internet Society’s Network and Distributed System Security Symposium in San Diego.

The fraud works like this: When a user with an affected computer tries to go to, for example, Google’s Web site, they are redirected to a spoof site loaded with malicious code or to a wall of ads whose profits flow back to the hackers.

The hackers who hijack DNS queries are looking to steal personal information, from e-mail login credentials to credit data, and take over infected machines.

The spoof sites run the gamut. Some are stunningly convincing, others amusingly bogus with spelling errors and typos.”

Source

Posted in Hacks, Info, Threats, Web Security Comments Off

The FBI called for new legislation that allows the federal police to keep close look at internet activity to track down illegal activities. This seem to go beyond a current plan to monitor traffic on federal-government networks, and that the bureau should have a broad “omnibus” authority to conduct monitoring and surveillance of private-sector networks as well. This could violate the Fourth Amendment’s guarantee of freedom from unreasonable searches and seizures. In general, courts have ruled that police need search warrants to obtain the content of communication

Source

Posted in Info, Network Security, Threats, Web Security Comments Off

Suspecting a spyware in your system? Here are some tips on how you could get rid of spyware in your computer:

1. Get, install and periodically run Ad-aware and Spybot Search & Destroy.
2. To prevent reinfection by Aureate/Radiate – search for advert.dll on your system. If it’s there and if you can, delete it (Ad-aware will do this for you). Then create an empty text file, name it advert.dll, make it read-only and save it in your Windows/System directory. Then configure Ad-aware (version 5 or later) to ignore advert.dll.

Posted in Hacks, Info, Network Security, Prevention, Threats, Tips, Web Security Comments Off

Web Security begins and ends with the user, for they are the ones that anti-virus companies can never control nor solve with an engineering formula:

The investigation, conducted by McAfee(R) SiteAdvisor(TM), studied the five major U.S. search engines (Google, Yahoo!, MSN, AOL, Ask) and found that the overall chance of clicking through to a risky site declined by 12.0%. Still, McAfee estimates that consumers click through to risky sites more than 268 million times each month.

“It’s good to see that clicking on search engine results has gotten modestly safer,” said Chris Dixon, director of strategy, McAfee SiteAdvisor. “But when almost one of 12 sponsored links still clicks through to a risky site, there remains significant room for continued improvement.”

Hopefully the number goes down even further next year due to additional internet knowledge and ensure that internet security goes higher.

Source

Posted in Info Comments Off