Written on
May 8, 2008
by
editor
by: Djai Tanji
Bad news is, many Microsoft Window users are not aware of common security leaks in their network settings. The common setup for Microsoft Windows’ network computers is: Client for Microsoft Networks, NetBEUI Protocol, File&Printer Sharing for Microsoft Networks, and Internet Protocol TCP/IP. But if your setup allows NetBIOS over TCP/IP, you can have a security problem because this means that your files can be shared all over the web world; and that your log-on name, computer name and workgroup name will be visible for public viewing. Also, if your setup allows File and Printer Sharing over TCP/IP, this also means that your files can be shared all over the net. And it doesn’t mean that you’re safe if your computer is not connected to any network. It can also have dangerous settings because your network settings were changed during the time when internet was installed.
Posted in : : Information : : No Comments »
Written on
May 5, 2008
by
editor
by: Djai Tanji
Before, when a website uses Secure Sockets Layer (SSL) and when the traffic is encrypted, it is as good as a secured website. But unfortunately, Encryption or that little lock that usually appears in your browser does not completely make a website secure because if your site you are submitting personal data to contains a Vulnerability, this means that an attacker can steal your data. Some sites may contain logos with “secured by ____” but you should not rely on that. A website owner can just copy the image and save thousands of dollars doing that. Better keep in mind that there are specific rules about web security for certain types of sites as well.
Posted in : : Web Security : : No Comments »
Written on
May 2, 2008
by
editor
by: Djai Tanji
RSS was only known before as a “techie tool” but has now grown at a lightening speed and has become a tool that is continuously being utilized by the general population. RSS’ security has been questioned as it gains enormous popularity. But RSS’ podcasting phenomenon is where its vulnerabilities lie. RSS can be used in distributing file types like word documents, images, mp3 files, etc which can be a root of concern although most people may not feel that the risk is significant. They think that by choosing the content that they receive in their mails, security should not be something to be worried about, which is quite wrong. The danger lies in the mere fact that lots of RSS readers, pod-catchers or news aggregators automatically download information contained in the enclosure field despite its file type or source.
Posted in : : Information : : No Comments »
Written on
April 30, 2008
by
editor
There is a lot of risk over the internet, and this is compounded by the fact that it is changing constantly. If you subscribe to a few newsletters and bulletins or read blogs like this one, you would go a long way in being aware of the latest dangers. You could subscribe to Microsoft Security Bulletins for the earliest notification of the discovery and fixes available for instable programs. If you want to be alerted of live viruses, you could subscribe to the following: Symantec AntiVirus Research Centre Newsletter, Trend Virus Info, McAfee Dispatch and Sophos Email notification.
Posted in : : Network Security - Tips : : No Comments »
Written on
April 17, 2008
by
editor
The FBI called for new legislation that allows the federal police to keep close look at internet activity to track down illegal activities. This seem to go beyond a current plan to monitor traffic on federal-government networks, and that the bureau should have a broad “omnibus” authority to conduct monitoring and surveillance of private-sector networks as well. This could violate the Fourth Amendment’s guarantee of freedom from unreasonable searches and seizures. In general, courts have ruled that police need search warrants to obtain the content of communication
Source
Posted in : : Info - Network Security - Threats - Web Security : : No Comments »
Written on
April 15, 2008
by
editor
Suspecting a spyware in your system? Here are some tips on how you could get rid of spyware in your computer:
1. Get, install and periodically run Ad-aware and Spybot Search & Destroy.
2. To prevent reinfection by Aureate/Radiate - search for advert.dll on your system. If it’s there and if you can, delete it (Ad-aware will do this for you). Then create an empty text file, name it advert.dll, make it read-only and save it in your Windows/System directory. Then configure Ad-aware (version 5 or later) to ignore advert.dll.
Posted in : : Hacks - Info - Network Security - Prevention - Threats - Tips - Web Security : : No Comments »
Written on
April 10, 2008
by
editor
A spyware is computer software that is classified as privacy-invasive. This is installed covertly on a personal computer. Once installed, it can monitor the user’s behavior, collect personal information like surfing habits and sites that visited. It can interfere with user control of the computer such as installing additional software, redirecting Web browser activity, accessing websites blindly that will cause more harmful viruses, or diverting advertising revenue to a third party. It can change computer settings, resulting in slow connection speeds, different home pages, and loss of Internet or other programs.
Posted in : : Hacks - Info - Network Security - Threats - Web Security : : No Comments »
Written on
April 8, 2008
by
editor
An IDS or Intrusion Detection System is a system that detects the misuse of network or computer resources. It uses a number of sensors to detect intrusions. Some of these may be the following: a sensor to monitor TCP connection requests, log file monitors, or file integrity checkers.
The IDS system collects data from its sensors and analyzes this data to alert the administrator if there is malicious activity on the network. It is commonly divided into NIDS (Network Intrusion Detection Systems) and HIDS (Host Intrusion Detection Systems). Newer NIDS also attempt to act as NIPS (Network Intrusion Prevention Systems). An example of an excellent open source Network Intrusion Detection System is SNORT
Posted in : : Network Security - Web Security : : No Comments »
Written on
April 4, 2008
by
editor
Accounting refers to the tracking of the consumption of network resources by users. This information may be used for management, planning, billing, or other purposes. Real-time accounting refers to accounting information that is delivered concurrently with the consumption of the resources. Batch accounting refers to accounting information that is saved until it is delivered at a later time. Typical information that is gathered in accounting is the identity of the user, the nature of the service delivered.
Posted in : : Network Security - Web Security : : No Comments »
Written on
April 3, 2008
by
editor
Authorization is the granting of specific types of privileges or barring privileges to an device or a user based on their previous authentication, what privileges they are requesting, and the current system state. This may be based on restrictions, for example time-of-day restrictions, or physical location restrictions, or restrictions against multiple logins by the same user. Most of the time the granting of a privilege constitutes the ability to use a certain type of service. Examples of types of service include, but are not limited to: IP address filtering, address assignment, route assignment, QoS/differential services, bandwidth control/traffic management, compulsory tunneling to a specific endpoint, and encryption.
Posted in : : Network Security - Web Security : : No Comments »
