There are many pieces to intrusion prevention and like a puzzle, you must put them all together before you start surfing the net; miss just one piece and you’ve left yourself wide open to attack!

This is what you need to help prevent intrusions including the web security services you should use on a regular schedule.

For those of you that don’t want to read all the details and are ready to jump right into the web security audit, then follow the five steps below.

• Take the Firewall Test, it’s fast and very accurate.
• Take the Anonymous Surfing and privacy test.
• Test the Intrusion Prevention Software.
• Take the Popup Test.

Posted in Network Security, Prevention, Tips, Web Security Comments Off

I rely heavily on my e-mail accounts for communication with friends, school and even work. E-mails helped me very much communicating people who are away from me. This is the cheapest way to communicate with people outside the country and even with the country. Here’s a few tips on how can you protect yourself from e-mails and spam that are being spread through e-mails:

• Keep your e-mail private. Don’t post your e-mail anywhere
• Don’t open and or download emails coming from suspicious senders.
• Always scan the files you downloaded from your e-mail (attachments).
• Use different e-mail accounts for different purposes (school, work, family, etc.)
• Update your spyware remover and anti-virus.
• Use the latest and updated version of your internet browser.

Image source: www.uvsc.edu

Posted in Prevention, Tips, Web Security Comments Off

Here are some tips for you to have a more secure password for use with your e-mail and other Internet accounts:

• Use a combination of UPPER and lower case.
• Use numbers and letters
• Never use your birthday as your password.
• Use symbols like . , ! @ and others
• Never use the same password for all your online accounts
• Never save / write your passwords somewhere else.
• Never share it to someone else. If you really need to share it with someone, please change it as soon as possible.
• If you feel that your password is not secure anymore it is very easy to change it.

Having a hard to guess password will increase the security of your e-mail accounts and or accounts you use online.

Image source: buckeyesecure.osu.edu

Posted in Tips, Web Security Comments Off

An IDS or Intrusion Detection System is a system that detects the misuse of network or computer resources. It uses a number of sensors to detect intrusions. Some of these may be the following: a sensor to monitor TCP connection requests, log file monitors, or file integrity checkers.

The IDS system collects data from its sensors and analyzes this data to alert the administrator if there is malicious activity on the network. It is commonly divided into NIDS (Network Intrusion Detection Systems) and HIDS (Host Intrusion Detection Systems). Newer NIDS also attempt to act as NIPS (Network Intrusion Prevention Systems). An example of an excellent open source Network Intrusion Detection System is SNORT

Posted in Network Security, Web Security Comments Off

Accounting refers to the tracking of the consumption of network resources by users. This information may be used for management, planning, billing, or other purposes. Real-time accounting refers to accounting information that is delivered concurrently with the consumption of the resources. Batch accounting refers to accounting information that is saved until it is delivered at a later time. Typical information that is gathered in accounting is the identity of the user, the nature of the service delivered.

Posted in Network Security, Web Security Comments Off

Authorization is the granting of specific types of privileges or barring privileges to an device or a user based on their previous authentication, what privileges they are requesting, and the current system state. This may be based on restrictions, for example time-of-day restrictions, or physical location restrictions, or restrictions against multiple logins by the same user. Most of the time the granting of a privilege constitutes the ability to use a certain type of service. Examples of types of service include, but are not limited to: IP address filtering, address assignment, route assignment, QoS/differential services, bandwidth control/traffic management, compulsory tunneling to a specific endpoint, and encryption.

Posted in Network Security, Web Security Comments Off

The AAA Protocol (Authentication, Authorization, and Accounting) is a model designed to make computers secure.

Authentication is proving who you are. It refers to the process of establishing the digital identity of one entity to another entity (a user, client, computer, etc. to a server or computer). It is traditionally accomplished by using passwords but can include two factor authentication, one-time tokens, digital certificate, phone numbers, and biometrics. This comes before authorization because the entity’s identity must be checked before it is allowed access to the system.

Posted in Network Security, Web Security Comments Off

“The Scrapkut worm uses active code injection to spread between victims and their friends on Orkut. The malicious code appears on a victim’s scrapbook, containing a link to a supposed YouTube video.

People who click on the link are redirected to an external site hosting malware that’s disguised as a Flash upgrade. Users duped into installing the software get malicious Javascript code injected into their next active Orkut web session. This malicious scrapbook entry is then sent to all the victims’ friends, recommencing the infection cycle.

Source

Posted in Hacks, Info, Web Security Comments Off

If you are fond of renting personal computers from the nearby Intenet café, be sure that your private information like e-mail address, browser history, cookies and others are still safe. How can you keep your private information safe? Here are some steps if you are using Internet Explorer:

1. On Internet Explorer, click on Tools
2. Click Internet Properties.
3. Now select Delete cookies, Delete Files, Clear History.
4. After everything else you click OK.

You private information are now delete on the workstation you rented. If you are using Mozilla Firefox all you have to do is click Tools then click Clear Private Data.

Image source: www.digitalbattle.com

Posted in Prevention, Threats, Tips, Web Security Comments Off

Internet Security Technologies : Firewall

A firewall is an application that allows the user to control and filter packets flowing in and out of the network. Firewalls effectively block probes like ping, operating system fingerprinting, port scans and other types of intrusions. Many companies offer free firewall for personal use only.

A firewall may be software or hardware. A firewall is at the entry point of the network it protects. The most basic firewall performs packet filtering. In packet filtering, the firewall is the first program that receives and handles incoming network traffic and the last to handle outgoing traffic. The policy of filtering the packets may be based on allowing or disallowing packets based on:

• source IP address
• destination port
• protocol

Circuit Relay or Circuit Level Gateway provides additional security. This operates on the Transport Layer. This firewall also determines whether the connection between both ends is valid according to a set of configurable rules. It then opens a session and permits traffic from the allowed source for a limited time period.

Application level gateway acts as a proxy for applications. It performs all data exchanges with the remote system on behalf of the applications. It also allows or disallows network traffic according to specific rules. This is the most secure type of firewall.

Source

Posted in Info, Network Security, Web Security Comments Off