wantITbuyIT
Buy Desktops, Laptops, Mobiles, Servers, Workstations and much more at wantITbuyIT.com

pic
Computer Security is a branch of technology known as information ...read more

pic
For the best available support, please select the appropriate category....read more

pic
If you need any help or IT support. You can send us your query feeling Support Form.

Internet Protection
  • Computer Security

           Computer Security is a branch of technology known as information security as applied to computers. Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction. The objective of computer security varies and can include protection of information from theft or corruption, or the preservation of availability, as defined in the security policy.
            Technological and managerial procedures applied to computer systems to ensure the availability, integrity and confidentiality of information managed by the computer system. Computer security imposes requirements on computers that are different from most system requirements because they often take the form of constraints on what computers are not supposed to do.

    Typical approaches to improving computer security can include the following:

    * physically limit access to computers to only those who will not compromise security.
    * Hardware mechanisms that impose rules on computer programs, thus avoiding depending on computer programs for computer security.
    * Operating system mechanisms that impose rules on programs to avoid trusting computer programs.
    * Programming strategies to make computer programs dependable and resist subversion.

    Computer Security has three Layers:
    * Hacking
    * Cracking
    * Phreaking

    Hacking:
    Unauthorized use or attempts to circumvent or bypass the security mechanisms of an information system or network.
    Computer hacking always involves some degree of infringement on the privacy of others or damage to computer-based property such as files, web pages or software. The impact of computer hacking varies from simply being simply invasive and annoying to illegal.

    Cracking:
    The act of breaking into a computer system.
    Software Cracking is the modification of software to remove protection methods: copy prevention, trial/demo version, serial number, hardware key, CD check or software annoyances like nag screens and adware.
    The most common software crack is the modification of an application's binary to cause or prevent a specific key branch in the program's execution.

    Phreaking:
    The art and science of cracking the phone network.

    Security by design:
    The technologies of computer security are based on logic. There is no universal standard notion of what secure behavior is. "Security" is a concept that is unique to each situation. Security is extraneous to the function of a computer application, rather than ancillary to it, thus security necessarily imposes restrictions on the application's behavior.

    There are several approaches to security in computing; sometimes a combination of approaches is valid:
    1. Trust all the software to abide by a security policy but the software is not trustworthy (this is computer     insecurity).
    2. Trust all the software to abide by a security policy and the software is validated as trustworthy (by tedious     branch and path analysis for example).
    3. Trust no software but enforce a security policy with mechanisms that are not trustworthy (again this is     computer insecurity).
    4. Trust no software but enforce a security policy with trustworthy mechanisms.

    12 tips for computer security:

    1. Update / patch ALL your software every now and then!
    2. Check / adjust ALL your settings so they are safe, since they ARENT by default!
    3. Use firewall, like ZoneAlarm to control what goes in and out from your computer!
    4. Use good passwords: at least 13marks long, containing both letters and numbers. Remember to change      your password every few months atleast and don’t ever use the same password in two places!
    5. Get a good antivirus program: NOD32, F-Secure or Norton Antivirus and keep it updated!
    6. Don’t open or execute files that you are not 100% sure are absolutely safe nomatter where or how you get     them.
    7. Wipe your historyfiles (like cookies, internet history and temporary files, etc.), logs and personal files, with     specific wiping program (like Eraser) instead of just deleting them.
    8. Use encryption to enhance your privacy! Use encrypted email (like Hushmail or Ziplip), www-surfing and     encrypt sensitive files on your computer (PGP).
    9. When you are finished using some internet-based service like email, sign out of it rather than just closing     your browser! Also, when you leave your computer, make sure that none of such programs or connections     are left open that someone could abuse. In WindowsNT/2k/XP, press Windowskey+L to lock the     workstation.
    10. Don’t use public computers for anything you need to type in your logins, they usually have Trojan horses     that capture your passwords.
    11. Make backups and store them in safe place! Easiest way to do a total-backup is to make an "Image" of     your harddrive or partition and store it on safe location, but floppies will usually be just fine for storing     documents, etc.
    12. Install and Use a Hardware Firewall.

  • Top 10 Application Security Vulnerabilities in Web.config Files

    These days, the biggest threat to an organization's network security comes from its public Web site and the Web-based applications found there. Unlike internal-only network services such as databases-which can be sealed off from the outside via firewalls-a public Web site is generally accessible to anyone who wants to view it, making application security an issue. As networks have become more secure, vulnerabilities in Web applications have inevitably attracted the attention of hackers, both criminal and recreational, who have devised techniques to exploit these holes. In fact, attacks upon the Web application layer now exceed those conducted at the network level, and can have consequences which are just as damaging.
    Some enlightened software architects and developers are becoming educated on these threats to application security and are designing their Web-based applications with security in mind. By "baking in" application security from the start of the development process, rather than trying to "brush it on" at the end, you are much more likely to create secure applications that will withstand hackers' attacks. However, even the most meticulous and security-aware C# or VB.NET code can still be vulnerable to attack if you neglect to secure the Web.config configuration files of your application. Incorrectly configured Web-based applications can be just as dangerous as those that have been incorrectly coded. To make matters worse, many configuration settings actually default to insecure values.

    This article lists five of the "worst offenders" of misconfigurations of application security that are universally problematic for all ASP.NET Web-based applications. Part two of this article will list an additional five misconfigurations that are specifically applicable to ASP.NET sites that use Web Forms authentication. So without further ado, let's get started!


    1. Custom Errors Disabled

    When you disable custom errors as shown below, ASP.NET provides a detailed error message to clients by default.
    Vulnerable configuration:
    <configuration>
    <system.web>
    <customErrors mode="Off">
    Secure configuration:
    <configuration>
    <system.web>
    <customErrors mode="RemoteOnly">
    In itself, knowing the source of an error may not seem like a risk to application security, but consider this: the more information a hacker can gather about a Web site, the more likely it is that he will be able to successfully attack it. An error message can be a gold mine of information to an attacker. A default ASP.NET error message lists the specific versions of ASP.NET and the .NET framework which are being used by the Web server, as well as the type of exception that was thrown. Just knowing which Web-based applications are used (in this case ASP.NET) compromises application security by telling the attacker that the server is running a relatively recent version of Microsoft Windows and that Microsoft Internet Information Server (IIS) 6.0 or later is being used as the Web server. The type of exception thrown may also help the attacker to profile Web-based applications; for example, if a "SqlException" is thrown, then the attacker knows that the application is using some version of Microsoft SQL Server.
    You can build up application security to prevent such information leakage by modifying the mode attribute of the <customErrors> element to "On" or "RemoteOnly." This setting instructs Web-based applications to display a nondescript, generic error message when an unhandled exception is generated. Another way to circumvent this application security issue is to redirect the user to a new page when errors occur by setting the "defaultRedirect" attribute of the <customErrors> element. This approach can provide even better application security because the default generic error page still gives away too much information about the system (namely, that it's using a Web.config file, which reveals that the server is running ASP.NET).


    2. Leaving Tracing Enabled in Web-Based Applications

    The trace feature of ASP.NET is one of the most useful tools that you can use to ensure application security by debugging and profiling your Web-based applications. Unfortunately, it is also one of the most useful tools that a hacker can use to attack your Web-based applications if it is left enabled in a production environment.

    Vulnerable configuration:
    <configuration>
    <system.web>
    <trace enabled="true" localOnly="false">
    Secure configuration:
    <configuration>
    <system.web>
    <trace enabled="false" localOnly="true">

    When the <trace> element is enabled for remote users of Web-based applications (localOnly="false"), any user can view an incredibly detailed list of recent requests to the application simply by browsing to the page "trace.axd." If a detailed exception message is like a gold mine to a hacker looking to circumvent application security, a trace log is like Fort Knox! A trace log presents a wealth of information: the .NET and ASP.NET versions that the server is running; a complete trace of all the page methods that the request caused, including their times of execution; the session state and application state keys; the request and response cookies; the complete set of request headers, form variables, and QueryString variables; and finally the complete set of server variables.

    A hacker looking for a way around application security would obviously find the form variable histories useful because these might include email addresses that could be harvested and sold to spammers, IDs and passwords that could be used to impersonate the user, or credit card and bank account numbers. Even the most innocent-looking piece of data in the trace collection can be dangerous in the wrong hands. For example, the "APPL_PHYSICAL_PATH" server variable, which contains the physical path of Web-based applications on the server, could help an attacker perform directory traversal attacks against the system.

    The best way to prevent a hacker from obtaining trace data from Web-based applications is to disable the trace viewer completely by setting the "enabled" attribute of the <trace> element to "false." If you have to have the trace viewer enabled, either to debug or to profile your application, then be sure to set the "localOnly" attribute of the <trace> element to "true." That allows users to access the trace viewer only from the Web server and disables viewing it from any remote machine, increasing your application security.


    3. Debugging Enabled

    Deploying Web-based applications in debug mode is a very common mistake. Virtually all Web-based applications require some debugging. Visual Studio 2005 will even automatically modify the Web.config file to allow debugging when you start to debug your application. And, since deploying ASP.NET applications is as simple as copying the files from the development folder into the deployment folder, it's easy to see how development configuration settings can accidentally make it into production, compromising application security.

    Vulnerable configuration:
    <configuration>
    <system.web>
    <compilation debug="true">
    Secure configuration:
    <configuration>
    <system.web>
    <compilation debug="false">

    Like the first two application security vulnerabilities described in this list, leaving debugging enabled is dangerous because you are providing inside information to end users who shouldn't have access to it, and who may use it to attack your Web-based applications. For example, if you have enabled debugging and disabled custom errors in your application, then any error message displayed to an end user of your Web-based applications will include not only the server information, a detailed exception message, and a stack trace, but also the actual source code of the page where the error occurred.

    Unfortunately, this configuration setting isn't the only way that source code might be displayed to the user. Here's a story that illustrates why developers shouldn't concentrate solely on one type of configuration setting to improve application security. In early versions of Microsoft's ASP.NET AJAX framework, some controls would return a stack trace with source code to the client browser whenever exceptions occurred. This behavior happened whenever debugging was enabled, regardless of the custom error setting in the configuration. So, even if you properly configured your Web-based applications to display non-descriptive messages when errors occurred, you could still have unexpectedly revealed your source code to your end users if you forgot to disable debugging.

    To disable debugging, set the value of the "debug" attribute of the <compilation> element to "false." This is the default value of the setting, but as we will see in part two of this article, it's safer to explicitly set the desired value rather than relying on the defaults to protect application security.


    4. Cookies Accessible through Client-Side Script

    In Internet Explorer 6.0, Microsoft introduced a new cookie property called "HttpOnly." While you can set the property programmatically on a per-cookie basis, you also can set it globally in the site configuration.

    Vulnerable configuration:
    <configuration>
    <system.web>
    <httpCookies httpOnlyCookies="false">
    Secure configuration:
    <configuration>
    <system.web>
    <httpCookies httpOnlyCookies="true">

    Any cookie marked with this property will be accessible only from server-side code, and not to any client-side scripting code like JavaScript or VBScript. This shielding of cookies from the client helps to protect Web-based applications from Cross-Site Scripting attacks. A hacker initiates a Cross-Site Scripting (also called CSS or XSS) attack by attempting to insert his own script code into the Web page to get around any application security in place. Any page that accepts input from a user and echoes that input back is potentially vulnerable. For example, a login page that prompts for a user name and password and then displays "Welcome back, <username>" on a successful login may be susceptible to an XSS attack.

    Message boards, forums, and wikis are also often vulnerable to application security issues. In these sites, legitimate users post their thoughts or opinions, which are then visible to all other visitors to the site. But an attacker, rather than posting about the current topic, will instead post a message such as "<script>alert(document.cookie);</script>". The message board now includes the attacker's script code in its page code-and the browser then interprets and executes it for future site visitors. Usually attackers use such script code to try to obtain the user's authentication token (usually stored in a cookie), which they could then use to impersonate the user. When cookies are marked with the "HttpOnly" property, their values are hidden from the client, so this attack will fail.

    As mentioned earlier, it is possible to enable "HttpOnly" programmatically on any individual cookie by setting the "HttpOnly" property of the "HttpCookie" object to "true." However, it is easier and more reliable to configure the application to automatically enable "HttpOnly" for all cookies. To do this, set the "httpOnlyCookies" attribute of the <httpCookies> element to "true."


    5. Cookieless Session State Enabled

    In the initial 1.0 release of ASP.NET, you had no choice about how to transmit the session token between requests when your Web application needed to maintain session state: it was always stored in a cookie. Unfortunately, this meant that users who would not accept cookies could not use your application. So, in ASP.NET 1.1, Microsoft added support for cookieless session tokens via use of the "cookieless" setting.

    Vulnerable configuration:
    <configuration>
    <system.web>
    <sessionState cookieless="UseUri">
    Secure configuration:
    <configuration>
    <system.web>
    <sessionState cookieless="UseCookies">

    Web applications configured to use cookieless session state now stored the session token in the page URLs rather than a cookie. For example, the page URL might change from http://myserver/MyApplication/default.aspx to http://myserver/MyApplication/(123456789ABCDEFG)/default.aspx. In this case, "123456789ABCDEFG" represents the current user's session token. A different user browsing the site at the same time would receive a completely different session token, resulting in a different URL, such as http://myserver/MyApplication/(ZYXWVU987654321)/default.aspx.

    While adding support for cookieless session state did improve the usability of ASP.NET Web applications for users who would not accept cookies, it also had the side effect of making those applications much more vulnerable to session hijacking attacks. Session hijacking is basically a form of identity theft wherein a hacker impersonates a legitimate user by stealing his session token. When the session token is transmitted in a cookie, and the request is made on a secure channel (that is, it uses SSL), the token is secure. However, when the session token is included as part of the URL, it is much easier for a hacker to find and steal it. By using a network monitoring tool (also known as a "sniffer") or by obtaining a recent request log, hijacking the user's session becomes a simple matter of browsing to the URL containing the stolen unique session token. The Web application has no way of knowing that this new request with session token "123456789ABCDEFG" is not coming from the original, legitimate user. It happily loads the corresponding session state and returns the response back to the hacker, who has now effectively impersonated the user.

    The most effective way to prevent these session hijacking attacks is to force your Web application to use cookies to store the session token. This is accomplished by setting the "cookieless" attribute of the <sessionState> element to "UseCookies" or "false." But what about the users who do not accept cookies? Do you have to choose between making your application available to all users versus ensuring that it operates securely for all users? A compromise between the two is possible in ASP.NET 2.0. By setting the "cookieless" attribute to "AutoDetect," the application will store the session token in a cookie for users who accept them and in the URL for those who won't. This means that only the users who use cookieless tokens will still be vulnerable to session hijacking. That's often acceptable, given the alternative-that users who deny cookies wouldn't be able to use the application at all. It is ironic that many users disable cookies because of privacy concerns when doing so can actually make them more prone to attack.

  • Securing your network, from home users to small business up to enterprise. What you can do.

    With computers being a critical component in running a business, it is more valuable than ever to ensure the security of your networks particularly where there is sensitive data. News headlines announcing that networks have experienced security breaches are all too prevalent. This is where you need a service that checks for those vulnerabilities and prevents from future attacks. Better yet, you need a service that prevents it before it ever happens to your company. Imagine the embarrassment at having to explain to your customers that someone has stolen their credit card information.

    We continue to read headline after headline with news stories that credit card information or social security numbers were exploited. Some companies perform security audits on a regular basis. Certainly institutions like hospitals are required to perform these. But it's mostly small to mid-sized companies that are the most vulnerable.

    Hackers employ various methods for gaining access to systems. An audit often looks at replicating those methods, looking for vulnerabilities and weaknesses in the infrastructure. Affectionately known as Penetration Testing, it involves isolating mild, moderate and critical security threats and then determining the best course of action. When performing a Penetration test, a couple of key areas need to be targeted to ensure that a secure network system helps companies to avoid: - Preventing financial loss through fraud (hackers, extortionists and disgruntled employees) or through lost revenue due to unreliable business systems and processes. - Legal problems. Non-compliance can result in your organization losing business, receiving heavy fines, gathering bad PR or ultimately failing. At a personal level it can also mean the loss of your job, prosecution and sometimes even imprisonment. Poorly protecting your brand by avoiding loss of consumer confidence and business reputation.

    From an operational perspective, penetration testing helps shape information security strategy through identifying vulnerabilities and quantifying their impact and likelihood so that they can be managed proactively; budgets can be allocated and corrective measures implemented.

    For the average home user, there are some basic things, especially when setting up a wireless network at home that you can easily do to prevent users piggybacking on your network or even hacking in to it.

    Add a little security

    Change the SSID (name) of your network and disable the SSID broadcast. Disable DHCP Control MAC Address Filtering

    Add more security

    WEP Encrypt - adds an extra blocking mechanism for hackers

    Even more Security

    WPA - setting up a random pre-shared key of 10 characters ensures your network is practically rock-solid. This is a random string of numbers and letters, just make sure you can remember it yourself.

    These are some very basic steps to securing your data and ensuring your privacy. Keep in mind that small to medium business should do a little more to keep their information secure as there is even more valuable data ie. other people's.

  • WLAN security

    What about security for WLAN? Today wireless networks are at least secure as wired. You only have to use right tools and configurations. Physical security is most important part of security. If you do not have physical access to network, you can not use it. If you can not plug cable you do not have network. This is situation in wired word.

    The biggest security problem, in any type wireless network, is lack of physical security.
    802.11 standards use Authentication as replacement for physical security. Problem is that application uses WEP as encryption.

    WEP - Wired Equivalent Privacy has never deserved its name. It does not take more than 2 minutes, with cracking tools, to break WEP.

    First WEP versions have used 64-bit shared key. 40 bits are for a shared secret and 24 bits are for IV (initialization vector). IV is used that receiver could decrypt the frame.
    Next improvement of first WEP key was 128-bit shared WEP key. With that WEP version 104 bits are used for shared key and 24 for initialization vector.

    IEEE proposed in 2004 new version of WEP - WEP2. It uses the same RC4 algorithm with 128-bit initialization vector. WEP2 has not improved significantly security. It only increases time for cracking.
    Next step in wireless security is WPA - Wi-Fi Protected Access.

    What is WPA encryption? Wi-Fi Alliance launched in October 2003 Wi-Fi Protected Access - WPA, the next generation in WLAN security. Wi-Fi Protected Access does not require a hardware upgrade in 802.11 equipment.

    Only software and firmware upgrade is needed and it makes minimal degradation in network performance.

    WPA was designed as an answer for all WEP weaknesses. It uses Temporal Key Integrity Protocol (TKIP) with Message Integrity Check (MIC). It also has mutual pre-shared key (PSK) authentication scheme using 802.11X/EAP.

    WI-Fi Alliance launched WPA2 in September 2004. It is certified interoperable version of WPA. WPA2 besides PSK 802.1X/EAP authentication, use advanced encryption mechanism.

    This new mechanism is Counter-Mode/CBC-MAC Protocol (CCMP) called Advanced Encryption Standard (AEP).

    WPA and WPA2 have 2 certification modes.

    - Enterprise
    - Personal

    You have 4 different versions of Wi-Fi CERTIFIED devices:
    1) WPA-Personal
    2) WPA2-Personal
    3) WPA-Enterprise
    4) WPA2-Enterprise

    Personal Mode is designed for home and office (SOHO) environment. You do not need authentication server (Radius or IAS).

    It uses manually entered PSK (pre-shared key or pass-phrase). Security level of your wireless network is based on this PSK.

    So, use mix of letters, numbers and non-alphanumerical characters.

    Personal mode uses methods of encryption as Enterprise-per-user, per-session, per-packet encryption with TKIP (WEP) or AES (WEP2).

    Enterprise Mode operates in managed mode with authentication servers (Radius or IAS). With this mode you can meet rigorous requirements of enterprise security.
    Most of access points and wireless routers have option of MAC filtering. With MAC filtering, you can restrict access to stations that you have entered in MAC filtering list.

    The main key to wireless security is to put as many obstacles as you could. If you simultaneously use WEP, WPA, MAC filtering, and if you use IPsec tunnel and SSH then your wireless network is secure like it's wired.

  • Computer Security, Viruses And Threats

    Today, many people rely on computers to do homework, work, and create or store useful information. Therefore, it is important for the information on the computer to be stored and kept properly. It is also extremely important for people on computers to protect their computer from data loss, misuse, and abuse. For example, it is crucial for businesses to keep information they have secure so that hackers can't access the information. Home users also need to take means to make sure that their credit card numbers are secure when they are participating in online transactions. A computer security risk is any action that could cause loss of information, software, data, processing incompatibilities, or cause damage to computer hardware, a lot of these are planned to do damage. An intentional breach in computer security is known as a computer crime which is slightly different from a cybercrime. A cybercrime is known as illegal acts based on the internet and is one of the FBI's top priorities. There are several distinct categories for people that cause cybercrimes, and they are refered to as hacker, cracker, cyberterrorist, cyberextortionist, unethical employee, script kiddie and corporate spy.

    *The Hacker.
    The term hacker was actually known as a good word but now it has a very negative view. A hacker is defined as someone who accesses a computer or computer network unlawfully. They often claim that they do this to find leaks in the security of a network.

    *The Cracker.
    The term cracker has never been associated with something positive this refers to someone how intentionally access a computer or computer network for evil reasons. It's basically an evil hacker. They access it with the intent of destroying, or stealing information. Both crackers and hackers are very advanced with network skills.

    *The Cyberterrorist.
    A cyberterrorist is someone who uses a computer network or the internet to destroy computers for political reasons. It's just like a regular terrorist attack because it requires highly skilled individuals, millions of dollars to implement, and years of planning.

    *The Cyberextortionist.
    The term cyberextortionist refers to someone who uses emails as an offensive force. They would usually send a company a very threatening email stating that they will release some confidential information, exploit a security leak, or launch an attack that will harm a company's network. They will request a paid sum of money to prevent the threat from being carried out, a bit like black mailing.

    *The Unethical Employee.
    An unethical employee is an employee that illegally accesses their company's network for numerous reasons. One could be the money they can get from selling top secret information, or some may be bitter and want revenge.

    *The Script Kiddie.
    A script kiddie is someone who is like a cracker because they may have the intentions of doing harm, but they usually lack the technical skills. They are usually silly teenagers that use prewritten hacking and cracking programs. *The Corporate Spy.

    A corporate spy has extremely high computer and network skills and is hired to break into a specific computer or computer network to steal or delete data and information. Shady companies hire these type people in a practice known as corporate espionage. They do this to gain an advantage over their competition an illegal practice.

    Business and home users must do their best to protect or safeguard their computers from security risks. The next part of this article will give some pointers to help protect your computer. However, one must remember that there is no one hundred percent guarantee way to protect your computer so becoming more knowledgeable about them is a must during these days.

    When you transfer information over a network it has a high security risk compared to information transmitted in a business network because the administrators usually take some extreme measures to help protect against security risks. Over the internet there is no powerful administrator which makes the risk a lot higher. If your not sure if your computer is vulnerable to a computer risk than you can always use some-type of online security service which is a website that checks your computer for email and Internet vulnerabilities. The company will then give some pointers on how to correct these vulnerabilities.

    The Computer Emergency Response Team Coordination Center is a place that can do this. The typical network attacks that puts computers at risk includes viruses, worms, spoofing, Trojan horses, and denial of service attacks. Every unprotected computer is vulnerable to a computer virus which is a potentially harming computer program that infects a computer negatively and altering the way the computer operates without the user's consent. Once the virus is in the computer it can spread throughout infecting other files and potentially damaging the operating system itself.

    It's similar to a bacteria virus that infects humans because it gets into the body through small openings and can spread to other parts of the body and can cause some damage. The similarity is, the best way to avoid is preparation. A computer worm is a program that repeatedly copies itself and is very similar to a computer virus. However the difference is that a virus needs to attach itself to an executable file and become a part of it. A computer worm doesn't need to do that, it copies itself to other networks and eats up a lot of bandwidth.

    A Trojan Horse named after the famous Greek myth and is used to describe a program that secretly hides and actually looks like a legitimate program but is a fake. A certain action usually triggers the Trojan horse, and unlike viruses and worms it will not replicate itself. Computer viruses, worms, and Trojan horses are all classified as malicious-logic programs which are just programs that deliberately harm a computer. Although these are the common three there are many more variations and it would be almost impossible to list them. You know when a computer is infected by a virus, worm, or Trojan horse if your computer displays one or more of these things:

    * Screen shots of weird messages or pictures appear.
    * You have less available memory than you expected.
    * Music or sounds plays randomly.
    * Files get corrupted.
    * Programs are files don't work properly.
    * Unknown files or programs randomly appear.
    * System properties fluctuate.

    Computer viruses, worms, and Trojan horses deliver their payload or instructions through three common ways.

    1 - When an individual runs an infected program so if you download a lot of things you should always scan the files before executing, especially executable files.

    2 - When an individual boots a computer with an infected drive, so that is why it's important to not leave removable media in your computer when you shut it down.

    3 - When an unprotected computer connects to a network. Today, a very common way that people get a computer virus, worm, or Trojan horse is when they open up an infected file through an email attachment.

    There are literally thousands of malicious logic programs and new ones come out by the numbers so that's why it's important to keep up to date with new ones that come out each day. Many websites keep track of this. There is no known method for providing 100% protection for any computer or computer network from computer viruses, worms, and Trojan horses, but people can take several precautions to significantly reduce their chances of being infected by one of those malicious programs. Whenever you start a computer you should have no removable media in the drives. This goes for CD, DVD, and floppy disks. When the computer starts up it tries to execute a boot sector on the drives and even if it's unsuccessful any given virus on the boot sector can infect the computer's hard disk. If you must start the computer using removable media for any reason, such as when the hard disk fails and you are trying to reformat the drive make sure that the disk is not infected.

    How can you protect your computer?

    The best way to protect your computer from any of the above is by using good quality internet securities software. Purchasing this from a reputable security company is recommended to ensure that your software is kept up to date with the most recent virus signatures. If you are not up to date an unrecognised virus will not be stopped by the software. A full security package will protect you from viruses, Worms, Trojan horses, keyloggers and will detect when a hacker is attempting to hack into your computer and prevent them from gaining access when you are online or connected to a network. It is not advisable to use a free antivirus service as these do not provide adequate protection and are a false economy. Recommended internet security software companies are:- Norton, McAfee and others.

  • Phishing on the Pharm: How Thieves Combine Two Techniques to Steal Your Identity

    Bob squinted at the email and began to read:

    Dear eBay User, as part of our security measures, eBay Inc. has developed a security program against fraudulent attempts and account thefts. Therefore, our system requires further account verification


    Security Measures. A threat to suspend his account to prevent fraudulent activity. The email went on to say that there were procedural safeguards with federal regulations to protect the information you provide for us.

    Bob clicked the link and was confronted with an authentic looking logon page, just waiting for him to input his user name and password and confirm what ebay supposedly didn't know.

    He almost did it. The page looked absolutely authentic, and he had already been set up by the email message. His fingers were poised over the keyboard when he happened to glance at the URL.

    There was something very, very wrong with it.

    Pharming to Fleece Sheep

    The art of pharming involves setting up an illegitimate website that is identical with its legitimate prototype, for example the ebay page Bob was almost suckered into using, and redirecting traffic to it.

    Pharmers can do it in two ways:

    1. By altering the Hosts file on your computer. The Hosts file stores the IP address of websites you have been accessing. By inserting a new IP address into the database field corresponding to a website, your own computer can be redirected to the pharmer's website. Any information you give the bogus site is immediately hijacked by the pharmer.

    2. Hijacking the DNS (Dynamic Name Server) itself. A DNS matches the names of address with their IP addresses. If this server can be coerced into assigning new IP addresses to traditional names, all computers using the name resolution provided by the DNS server will be redirected to the hijacker's web site.

    Once that happens, it's time to be fleeced.

    down on the pharm

    Pharmers hijack your hosts file or DNS servers using Spyware, Adware, Viruses or Trojans. One of the most dangerous things you can do is to run your computer without some form of Internet Security installed on it.

    Your security software should be continually updating its virus definitions, and be capable of warning you if something has been downloaded from a web site or through email. It should be able to remove it, quarantine it or tell you where it is so that you can remove it by hand.

    You should also have Spyware and Adware programs installed, and be aware of any change in Internet browsing patterns. If your home page suddenly changes, or you experience advertising pop ups (which may pop up even when you are not hooked up to the Internet), you should run a Virus, Spyware or Adware scan.

    Thanks to the efficacy of these protection programs, pharming is a lot more difficult than it used to be. It isn't as easy to hijack a computer as it once was.

    So, the pharmers have teamed up with the phishermen to get you to visit the bogus web page yourself, and enter all the information they need.


    PHISHING TO catch YOU on THE PHARM

    As Bob discovered, the page he had been taken to by the bogus email message was identical to the ebay logon page. Identical in every way except for the URL.

    Out of curiosity, he checked the URL for the ebay logon by accessing ebay directly and clicking on the logon link. The two URL's were nothing alike, except the bogus one did have the word ebay in it twice - just enough to make it look authentic.

    By combining the two techniques, the phishermen/pharmers had avoided the high tech problems associated with downloading a Virus that could get past his protection software. They had gone straight for the throat.

    Bob's throat.

    your ONLY REAL IDENTITY THEFT PREVENTION AND protection

    The bottom line is that the only real protection against the pharmers and phishermen is YOU. There are three things you must consider when you read any email demanding information:

    -  Why do they want it? Be extremely skeptical when they say they have to update their records, comply with federal regulations, or prevent fraud. They are the ones initiating the fraud.

    -  Why can't this be done at the website? Why not invite you to access the website directly and provide this information? The answer is because the bonafide company doesn't need an update.

    -  What does the URL look like? Is it a series of subdomains some of which have the name of the bonafide company? Most likely the subdomain is set up with a free hosting company.

    -  Have they provided partial information about you as a guarantee that the email authentically comes from the legitimate source? Be very careful of this one. This technique is effective for pretexting, impersonating a person or company, and was used in the Hewlett Packard scandal to collect information. Just because they know your first and last name (and any other information - known only to the legitimate source) doesn't mean the email is legitimate. They probably hijacked the information off the server.


    the bottom line

    The bottom line is: don't provide any information at the behest of an email, no matter how authentic it looks, or how authentic the page it directs you to looks. If you must log in, do so at the parent site itself.

    Your Identity Theft prevention and protection is, in the final analysis, up to you.

    Don't be the next sheep fleeced by the pharmers who caught you with the phisherman's hook. Being dropped naked into their frying pan is NOT a fate you want.

  • Hacking: An Inside Job?

    "Leaving your Web applications insecure makes no more sense than building a brick wall but using a gate made from chain link fencing.


    Whenever the President of the United States travels anywhere there are numerous individuals charged with making sure the President is secure and unharmed from attack. This is the premise behind Internet security. The work you have done on your site is the product of valuable time and energy. For some business owners the website represents significant research and creative energy. It is possible for a vulnerable website to be hijacked and remade in the image of something that only resembles your website in name only or to have safeguarded data copied for the use of a third party.

    One of the biggest mistakes a website owner can make is allowing the work to be left unguarded. As reported in recent years hacking of a computer system can occur both from within a company or from a remote location, which makes the use of Internet security so important.

    Advances in firewall technology (making them easier to install and configure), improvements in vulnerability scanning and better explanations of how to repair them, and better intrusion-detection with fewer false-positives are all key technologies in this race.

    Some hackers argue they are not involved in felonious activities, but are simply seeking knowledge and using the internet to find answers, however the U.S. Government views the activity as a felony and punishable by applicable state and federal laws.

    It should be noted that the term hacker has been adjusted. No longer is the term ‘hacker’ only used to describe someone gifted at programming and is able to break a website code to gain access to information. Today a hacker is also someone who misappropriates company data. Typically this scenario occurs from an inside and often trusted source.

    System administrators must learn about and maintain their systems securely. Users have to understand their security responsibilities.
    In many cases, business are now making a non-disclosure agreement a part of the hiring procedure to provide an extra legal recourse in the event that data is electronically removed and used in ways unauthorized by company heads.

    If a stranger came into your house, looked through everything, touched several items, and left (after building a small, out of the way door to be sure he could easily enter again), would you consider that harmless?

    Taking security issues seriously is needed in the development of a web-based business infrastructure. It may be worth exploring both on-site and off-site security features as a means of ensuring the long-term usability of your website.

  • The Two Things You Must Know About Your Private Information Before It's Too Late

    Our society is maintained by information: information about who we were, who we are, and in some cases who we will become. We live in the Information age, a time where movement of information is faster than physical movement. Some say that we live in a new type of society called an Information Society, in which the creation, distribution and manipulation of information has become a significant economic and cultural activity. Matthew Lesko, a columnist, made this point clear when he wrote, "Information is the currency of today's world." Sir Francis Bacon an English statesman from the 1500s proclaimed wisely that, "Knowledge is power." His words echo today in the familiar truism, "Information is power."

    In our lives today we experience how the personal information that we keep, that we share and that we lose, moves us through a waxing and waning dance of power and powerlessness. Keep your information safe and you protect your home, your assets, your family and maybe even your life. Share your information and in return you hope to receive valuable goods and services. Lose your information and the things that you enjoy and love can come crumbling down around you.

    Today, instead of on paper, most of our private information is stored in electronic format on hard drives. This technology allows our world to do business as never before imagined. Business is faster, less expensive and requires far less labor than even one generation ago.

    However, throughout history we discover that technological advancement has a price. Pollution and stress invades our environment and often our bodies. The loss of certain skills once familiar drives us toward a dangerous dependency. Now high-tech scam artists and thieves prey on victims around the world at the speed of light and neither needs to be awake for the crime to occur. With these things in mind we are moved to the realization that now is the time for each of us to examine the state of, and the danger to, our personal information.

    Your private information is vulnerable in two ways. It is vulnerable to loss and theft. We can compartmentalize your storage locations into two frameworks, your local, personal computer storage and your online storage. These frameworks each have their strengths and weaknesses.

    Your local, offline information can be stolen by someone breaking into your house, car or wherever you keep your computer. Your data can be destroyed by a hard drive crash, a fire or flood. It is difficult and time consuming to keep consistent, daily backups of your hard drive then store them at a location other than your computer. You can never be sure if your computer is at this very moment infected with spyware, adware, trojans, back doors, key loggers, bots or viruses. Each one is capable of taking control of your computer and sending your valuable, private information from your hard drive to anywhere in the world.

    Many people enjoy keeping notes and documents online. People every day are discovering the convenience of having their thoughts, to-do lists, diaries, customer lists or essays available from any computer in the world. Business people, real estate agents, sales people and others are now getting more work done more efficiently thanks to the wellspring of online document authoring sites.

    Now freed from the task of daily backups and concerns about loss and theft due to an infected computer, only one thing remains from making online document authoring and storage the perfect solution: privacy.
    Unless you see that the address of the website you are on begins with the five letters https, your login ID and password are sent in plain text through unknown places over the Internet. Your documents and everything you type is available to be seen, captured and used by criminals and scam artist devious enough to use that which was supposed to be private.

    Once your information is on the remote computer, do you know how your data is stored? Do you know who has access to it? Perhaps it is a computer technician who think it’s fun to read about other people’s lives and secrets. Perhaps it’s someone who sells information on the side to make a little extra money. You just can’t know. And unfortunately, none of these sites seem to care enough about your privacy to encrypt your documents to prevent this from happening.


  • Spyware Protection - Backup Software is the Best Defense Against Spyware and Computer Viruses

    Your subscriptions to your favorite anti-virus and spyware software expired 28 days ago. You have been meaning to pull out your credit card and renew. However, you just haven't gotten to it.

    Yesterday an e-mail, SPAM really, hit your inbox with an interesting by-line on the latest natural disaster. You click on the innocuous looking link. The next thing you know, Internet Explorer doesn't quite work correctly, followed by a failure of Windows Explorer, followed by your PC running really slow. You have just been hit with spyware! Next thing you know, your PC will not boot and you are dead in the water.

    This Whole Scenario is Preventable
    In this example (which is played out dozens of times every day) the user did not keep his/her software counter measures up to date. There are some extremely top shelf software products available which do a simply wonderful job of keeping up with the latest spyware and virus threats. In fact, by employing several similar products you can often catch threats with one product which was not neutralized by another.

    However, there are no guarantees here! A variety of circumstances may result in a threat to your PC. Depending solely on software counter measures (e.g. anti-spyware, anti-virus software) is only part of the story. You can actually take your destiny and digital protection in your own hands and add another layer of protection.

    Software Backup- Your Own Version of Digital Time Travel
    The two approaches available are:
    ·  Data Backup
    ·  Image Backup
    Data Backup refers to making a copy of your valuable files, personal and business information on some other media that is physically separate from your computer. A myriad of products and services exist for storing this information including USB drives, DVDs, CDs, external disk drives, network drives, archiving services and even the humble diskette.

    However, you must really think through all of the information contained on your computer that you want to save if your PC or Server became unusable including:

    ·  Files from software applications like Word, PowerPoint, etc
    ·  e-Mail files
    ·  e-Mail rules and SPAM filter settings
    ·  Web browser favorites
    ·  Customizations of installed software products
    ·  Product installation keys
    ·  Password files
    ·  Software installation files
    ·  Desktop background images

    Image Backup refers to a process where your server environment is saved. The difference is that in the case of a data backup you may have saved ALL of your valuable information. This is the good news. The bad news is that you have now have to rebuild your personal computer's software:

    ·  The operating system, complete with maintenance
    ·  Customizations that might include your Internet Service Provider settings, preferences, etc
    ·  Shortcuts
    ·  Registry customizations

    An image backup makes a snapshot of your entire server. The ideal scenario is that you tweak and install all of your software. At the point where things are working just right, you take your snapshot which you store away in a safe place. At this point you also start to regularly make regular backups of your valuable data that has changed since the snapshot has changed.

    If you have the misfortune to get nailed by malicious software that cripples your computer, you now have the ability to
    ·  Restore your computing environment
    ·  Restore the most recent copy of your data

    You now can keep on trucking with a minimum of disruption. This approach does take a bit of discipline. However, it really does not take a whole lot of time. These backups can be started when you go to bed, and will be completed by the time that you wake in the morning.

    The alternative is spending time trying to rebuild your system (if you can find all of the software) and IF you can get your valuable data off of your crippled server. It's a simple matter of time, money and aggravation. It's your choice...