- Change Default Administrator Passwords (and Usernames): At the core of most Wi-Fi home networks is an access point or router. To set up these pieces of equipment, manufacturers provide Web pages that allow owners to enter their network address and account information. These Web tools are protected with a login screen (username and password) so that only the rightful owner can do this. However, for any given piece of equipment, the logins provided are simple and very well-known to hackers on the Internet. Change these settings immediately.
- Turn on (Compatible) WPA / WEP Encryption: All Wi-Fi equipment supports some form of encryption. Encryption technology scrambles messages sent over wireless networks so that they cannot be easily read by humans. Several encryption technologies exist for Wi-Fi today. Naturally you will want to pick the strongest form of encryption that works with your wireless network. However, the way these technologies work, all Wi-Fi devices on your network must share the identical encryption settings. Therefore you may need to find a "lowest common demoninator" setting.
- Change the Default SSID: Access points and routers all use a network name called the SSID. Manufacturers normally ship their products with the same SSID set. For example, the SSID for Linksys devices is normally "linksys." True, knowing the SSID does not by itself allow your neighbors to break into your network, but it is a start. More importantly, when someone finds a default SSID, they see it is a poorly configured network and are much more likely to attack it. Change the default SSID immediately when configuring wireless security on your network.
- Enable MAC Address Filtering: Each piece of Wi-Fi gear possesses a unique identifier called the physical address or MAC address. Access points and routers keep track of the MAC addresses of all devices that connect to them. Many such products offer the owner an option to key in the MAC addresses of their home equipment, that restricts the network to only allow connections from those devices. Do this, but also know that the feature is not so powerful as it may seem. Hackers and their software programs can fake MAC addresses easily.
- Disable SSID Broadcast: In Wi-Fi networking, the wireless access point or router typically broadcasts the network name (SSID) over the air at regular intervals. This feature was designed for businesses and mobile hotspots where Wi-Fi clients may roam in and out of range. In the home, this roaming feature is unnecessary, and it increases the likelihood someone will try to log in to your home network. Fortunately, most Wi-Fi access points allow the SSID broadcast feature to be disabled by the network administrator.
- Do Not Auto-Connect to Open Wi-Fi Networks: Connecting to an open Wi-Fi network such as a free wireless hotspot or your neighbor's router exposes your computer to security risks. Although not normally enabled, most computers have a setting available allowing these connections to happen automatically without notifying you (the user). This setting should not be enabled except in temporary situations.
- Assign Static IP Addresses to Devices: Most home networkers gravitate toward using dynamic IP addresses. DHCP technology is indeed easy to set up. Unfortunately, this convenience also works to the advantage of network attackers, who can easily obtain valid IP addresses from your network's DHCP pool. Turn off DHCP on the router or access point, set a fixed IP address range instead, then configure each connected device to match. Use a private IP address range (like 10.0.0.x) to prevent computers from being directly reached from the Internet.
- Enable Firewalls On Each Computer and the Router: Modern network routers contain built-in firewall capability, but the option also exists to disable them. Ensure that your router's firewall is turned on. For extra protection, consider installing and running personal firewall software on each computer connected to the router.
- Position the Router or Access Point Safely: Wi-Fi signals normally reach to the exterior of a home. A small amount of signal leakage outdoors is not a problem, but the further this signal reaches, the easier it is for others to detect and exploit. Wi-Fi signals often reach through neighboring homes and into streets, for example. When installing a wireless home network, the position of the access point or router determines its reach. Try to position these devices near the center of the home rather than near windows to minimize leakage.
- Turn Off the Network During Extended Periods of Non-Use: The ultimate in wireless security measures, shutting down the network will most certainly prevent outside hackers from breaking in! While impractical to turn off and on the devices frequently, at least consider doing so during travel or extended periods offline.
Friday, 6 June 2008
10 Tips for Wireless Home Network Security
The recommendations below summarize the steps you should take to improve the security of your home wireless network.
5 Easy Steps to protect u from Spyware
Computers on the Internet are almost constantly bombarded with viruses and other malware- so users employ antivirus software to protect themselves. Email inboxes are constantly flooded with pathetically useless spam- so users employ anti-spam programs and techniques to protect themselves. As soon as you think you have things under control you find out your system has a myriad of spyware and adware programs silently running in the background monitoring and reporting on your computer activity.
The more benign spyware and adware simply monitors and tracks your the sites you visit on the web so that companies can determine the web-surfing habits of their users and try to pinpoint their marketing efforts. However, many forms of spyware go beyond simple tracking and actually monitor keystrokes and capture passwords and other functions which cross the line and pose a definite security risk.
Below are 5 easy steps you can follow to try to avoid and, if not avoid, at least detect and remove these programs from your computer system:
The more benign spyware and adware simply monitors and tracks your the sites you visit on the web so that companies can determine the web-surfing habits of their users and try to pinpoint their marketing efforts. However, many forms of spyware go beyond simple tracking and actually monitor keystrokes and capture passwords and other functions which cross the line and pose a definite security risk.
Below are 5 easy steps you can follow to try to avoid and, if not avoid, at least detect and remove these programs from your computer system:
- Be Careful Where You Download: Unscrupulous programs often come from unscrupulous sites. If you are looking for a freeware or shareware program for a specific purpose try searching reputable sites like tucows.com or download.com.
- Read the EULA: What is an EULA you ask? End User License Agreement. It's all of the technical and legal gibberish in that box above the radio buttons that say "No, I do not accept" or "Yes, I have read and accept these terms". Most people consider this a nuisance and click on "yes" without having read a word. The EULA is a legal agreement you are making with the software vendor. Without reading it you may be unwittingly agreeing to install spyware or a variety of other questionable actions that may not be worth it to you. Sometimes the better answer is "No, I do not accept."
- Read Before You Click: Sometimes when you visit a web site a text box might pop up. Like the EULA, many users simply consider these a nuisance and will just click away to make the box disappear. Users will click "yes" or "ok" without stopping to see that the box said "would you like to install our spyware program?" Ok, admittedly they don't generally come out and say it that directly, but that is all the more reason you should stop to read those messages before you click "ok".
- Protect Your System: Antivirus software is somewhat misnamed these days. Viruses are but a small part of the malicious code these programs protect you from. Antivirus has expanded to include worms, trojans, vulnerability exploits, jokes and hoaxes and even spyware and adware. If your antivirus product doesn't detect and block spyware you can try a product like AdAware Pro which will protect your system from spyware or adware in real time. One of the best free Anti-spyware that I have used is "Spybot - Search & Destroy" made by Safer Networking Limited.
- Scan Your System: Even with antivirus software, firewalls and other protective measures some spyware or adware may eventually make it through to your system. While a product like AdAware Pro mentioned in step #4 will monitor your system in real time to protect it, AdAware Pro costs money. Scan your system periodically and also keep your Anti-Spyware Up-to-date.
Thursday, 5 June 2008
Security Threats to Your Email Communications
This section describes many of the common security problems involved in communications and email in particular.
Eavesdropping: The Internet is a big place with a lot of people on it. It is very easy for someone who has access to the computers or networks through which your information is traveling to capture this information and read it. Just like someone in the next room listening in on your phone conversation, people using computers "near" the path your email takes through the Internet can potentially read and copy your messages!
Identity Theft: If someone can obtain the username and password that you use to access your email servers, they can read your email and send false email messages as you. Very often, these credentials can be obtained by eavesdropping on SMTP, POP, IMAP, or WebMail connections, by reading email messages in which you include this information, or through other means.
Invasion of Privacy: If you are very concerned about your privacy, then you should consider the possibility of "unprotected backups", listed below. You may also be concerned about letting your recipients know the IP address of your computer. This information may be used to tell in what city you are located or even to find out what your address is in some cases! This is not an issue with WebMail, POP, or IMAP, but is an issue when sending email, securely or insecurely, from any email client over SMTP.
Message Modification: Anyone who has system administrator permission on any of the SMTP Servers that your message visits, can not only read your message, but they can delete or change the message before it continues on to its destination. Your recipient has no way to tell if the email message that you sent has been altered! If the message was merely deleted they wouldn't even know it had been sent.
False Messages: It is very easy to construct messages that appear to be sent by someone else. Many viruses take advantage of this situation to propagate themselves. In general, there is no way to be sure that the apparent sender of a message is the true sender - the sender's name could have been easily fabricated.
Message Replay: Just as a message can be modified, messages can be saved, modified, and re-sent later! You could receive a valid original message, but then receive subsequent faked messages that appear to be valid.
Unprotected Backups: Messages are stored in plain text on all SMTP Servers. Thus, backups of these servers' disks contain plain text copies of your messages. As backups can be kept for years and can be read by anyone with access to them, your messages could still be exposed in insecure places even after you think that all copies have been "deleted".
Repudiation: Because normal email messages can be forged, there is no way for you to prove that someone sent you a particular message. This means that even if someone DID send you a message, they can successfully deny it. This has implications with regards to using email for contracts, business communications, electronic commerce, etc.
Eavesdropping: The Internet is a big place with a lot of people on it. It is very easy for someone who has access to the computers or networks through which your information is traveling to capture this information and read it. Just like someone in the next room listening in on your phone conversation, people using computers "near" the path your email takes through the Internet can potentially read and copy your messages!
Identity Theft: If someone can obtain the username and password that you use to access your email servers, they can read your email and send false email messages as you. Very often, these credentials can be obtained by eavesdropping on SMTP, POP, IMAP, or WebMail connections, by reading email messages in which you include this information, or through other means.
Invasion of Privacy: If you are very concerned about your privacy, then you should consider the possibility of "unprotected backups", listed below. You may also be concerned about letting your recipients know the IP address of your computer. This information may be used to tell in what city you are located or even to find out what your address is in some cases! This is not an issue with WebMail, POP, or IMAP, but is an issue when sending email, securely or insecurely, from any email client over SMTP.
Message Modification: Anyone who has system administrator permission on any of the SMTP Servers that your message visits, can not only read your message, but they can delete or change the message before it continues on to its destination. Your recipient has no way to tell if the email message that you sent has been altered! If the message was merely deleted they wouldn't even know it had been sent.
False Messages: It is very easy to construct messages that appear to be sent by someone else. Many viruses take advantage of this situation to propagate themselves. In general, there is no way to be sure that the apparent sender of a message is the true sender - the sender's name could have been easily fabricated.
Message Replay: Just as a message can be modified, messages can be saved, modified, and re-sent later! You could receive a valid original message, but then receive subsequent faked messages that appear to be valid.
Unprotected Backups: Messages are stored in plain text on all SMTP Servers. Thus, backups of these servers' disks contain plain text copies of your messages. As backups can be kept for years and can be read by anyone with access to them, your messages could still be exposed in insecure places even after you think that all copies have been "deleted".
Repudiation: Because normal email messages can be forged, there is no way for you to prove that someone sent you a particular message. This means that even if someone DID send you a message, they can successfully deny it. This has implications with regards to using email for contracts, business communications, electronic commerce, etc.
Tips/Advice for preventing misuse on Orkut
1.Don’t write your personal contact numbers anywhere on Orkut You might wish to give your personal contact details (phone number, email address etc) to someone but avoid posting it in scrapbook as it’s public. You can send it using the “write message” which is private to a user.
2.Avoid uploading your personal photographs in album.
3.Validate person’s identity before you add him/her as your friend .
4.Make sure the testimonial written for you comes from genuine person and the text is ok before you approve it.
5.Although keeping the scrapbook clean is a good habit, but people like to keep the scraps but make sure you delete scraps that contains info you don’t like others to read, contain your personal information, contain friends personal information etc.
6.As cloning and fake profiles are on rise, make sure the profile is genuine before you add him/her as your friend.
7.Some companies may have policies that restricts employees from posting company name or confidential details anywhere on the web, obey them.
8.Don’t just join any community, make sure it’s authentic and you really need it.
9.Last but very important, Don’t run behind the numbers, you are not contesting on orkut, are you? nobody cares for how many friends are there on your list or how many scraps you have or how many communities you have joined. Remember more the number more unsafe you are on the orkut.
2.Avoid uploading your personal photographs in album.
3.Validate person’s identity before you add him/her as your friend .
4.Make sure the testimonial written for you comes from genuine person and the text is ok before you approve it.
5.Although keeping the scrapbook clean is a good habit, but people like to keep the scraps but make sure you delete scraps that contains info you don’t like others to read, contain your personal information, contain friends personal information etc.
6.As cloning and fake profiles are on rise, make sure the profile is genuine before you add him/her as your friend.
7.Some companies may have policies that restricts employees from posting company name or confidential details anywhere on the web, obey them.
8.Don’t just join any community, make sure it’s authentic and you really need it.
9.Last but very important, Don’t run behind the numbers, you are not contesting on orkut, are you? nobody cares for how many friends are there on your list or how many scraps you have or how many communities you have joined. Remember more the number more unsafe you are on the orkut.
Wednesday, 4 June 2008
7 Tips on How to Protect Yourself Online
Any time you connect to the Internet you are vulnerable to cyber attacks. Hackers can steal your credit card numbers, tax records and passwords, or even completely disable your PC. Follow these tips to help avoid problems:
- Create smart and strong passwords. Make it difficult for hackers to crack your password. You can create a smart password by incorporating capital letters, numbers, and special characters, and using more than six characters. An example of a strong password is: Go1dM!n3.
- Use email wisely. Email is a great way to keep in touch with friends and family, and as a tool to conduct business. Even if you have good security software on your PC, however, your friends and family might not have the same protection. Be careful about what information you submit via email. Never send your credit-card information, Social Security number, or other private information via email.
- Be smart when using instant messaging (IM) programs. If you use an IM program to communicate with friends and family, be careful about sending any personal information through online communications. Protect yourself by using a nickname for your IM screen name, so your name isn’t identified through IM. Never accept strangers into your IM groups. Be smart about how you use IM at work because your employer has the right to monitor and view your messages.
- Shop safely. If you plan to order from an online store, be sure that the Web site uses secure technology. Check the web site’s home page to be sure they have a “HackerSafe” logo with the current date under it. When you are at the checkout screen, verify that the Web address begins with https. Also, check to see if a tiny locked padlock symbol appears at the bottom right of the checkout screen, or that there is a statement on the checkout screen stating that the pages are secure with a security technology vendor. Check that the security technology does exist by checking the security technology company’s web site.
- Watch out for phishing scams. Phishing scams use fraudulent emails and fake web sites, masquerading as legitimate businesses, to lure unsuspecting users into revealing private account or login information. To be safe, if you receive an email from a business that includes a link to a web site, make certain that the web site you visit is legitimate. Instead of clicking through to the site from within the email, open a separate Web browser and visit the business’ web site directly to perform the necessary actions. You can also verify that an email is in fact from a legitimate business by calling the business or agency directly.
- Fun and carefree online gaming. Internet games are fun for the whole family. Make sure you are careful when playing online games, especially when communicating with other players. Be sure that your security software still functions when you are in gaming mode.
- Pay attention to your children’s online activities. Keep your home computer in a community area so that you can monitor their activity. Use child software that is age-appropriate. Limit your children’s time spent online. Install and use parental controls software that allows you to monitor your children’s activity online. This will keep your children from accessing undesirable Web sites and sharing personal information via online communications
Tips to avoid Phishing Attack
In computing, phishing is an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication.
Tips to avoid Phishing Attack
Tips to avoid Phishing Attack
- Learn to identify e-mail messages that could be scams ( Phishing )
Some characteristics to identify these e-mails:
- Use of names and image of existing companies like PayPal, eBay and other Online banks
- Using the name of a real company employee as the sender.
- Include Internet address that seems to belong to real bank
- They threaten with either financial loss or loss of the account itself. like Dear User. We want to verify your account, so please supply as your username and password. If you don't supply us your details we will close your account
2. Check the source of your inbound message. Your bank will never ask you for your password or personal details via e-mail.
3. Never access a Bank website by clicking on links included in e-mail messages. Even web address that look correct in the e-mail message can be the path to a fraudulent website.
4. Strengthen the security of your computer.
5. Always ensure that you are using a secure website. The web address should begin with https:// and a closed padlock displayed on the status bar of the browser.
6. Regularly check your accounts
7. Phishing websites speaks many languages.
8. Remember: If you doubt ( or slightest doubt ), don't provide any confidential information.
9. Keep updated about the evolution of attack techniques.
Subscribe to:
Posts (Atom)
