The Little Geeni

If you’re connected to the Internet (especially with an “always on” connection such as cable or DSL), you’re at risk for intrusion from hackers or with infection from a virus or spyware. This can happen without your knowledge. You can be browsing, logging on and off various web sites, etc., and be compromised. However, you can protect yourself from this type of intrusion by following a few simple steps.

1.. Use a firewall to block all incoming connections from the Internet to services that should not be publicly available. By default, you should deny all incoming connections and only allow services you explicitly want to offer to the outside world.

2.. Enforce a password policy. Complex passwords make it difficult to crack password files on compromised computers. This helps to prevent or limit damage when a computer is compromised.
3.. Ensure that programs and users of the computer use the lowest level of privileges necessary to complete a task. When prompted for a root or UAC password, ensure that the program asking for administration-level access is a legitimate application.

4.. Disable AutoPlay to prevent the automatic launching of executable files on network and removable drives, and disconnect the drives when not required. If write access is not required, enable read-only mode if the option is available.

5.. Turn off file sharing if not needed. If file sharing is required, use ACLs and password protection to limit access. Disable anonymous access to shared folders. Grant access only to user accounts with strong passwords to folders that must be shared.

6.. Turn off and remove unnecessary services. By default, many operating systems install auxiliary services that are not critical. These services are avenues of attack. If they are removed, threats have less avenues of attack.

7.. If a threat exploits one or more network services, disable, or block access to, those services until a patch is applied.

8.. Configure your email server to block or remove email that contains file attachments that are commonly used to spread threats, such as .vbs, .bat, .exe, .pif and .scr files.

9.. Isolate compromised computers quickly to prevent threats from spreading further. Perform a forensic analysis and restore the computers using trusted media.

10.. Train employees not to open attachments unless they are expecting them. Also, do not execute software that is downloaded from the Internet unless it has been scanned for viruses. Simply visiting a compromised Web site can cause infection if certain browser vulnerabilities are not patched.

When it comes to doing business online, security is a two-way street. Safe online transactions demand smart behavior on the part of consumers and proactive security policies and procedures on the part of Web sites.

Businesses that sell goods or services online also have a responsibility to keep their transactions secure and private. And the more sites know about current e-commerce security threats, the better job they can do at protecting their transactions. Your browser should comply with industry security standards, such as SSL Certificate. SSL(Secure Socket Layer) is a security Protocol.

Computer Security From, hackers, keep, Network, Points, Safe, Secure, viruses

Important data is quite frequently transmitted and stored in web applications. That’s why an explicit security testing is very important. Security testing not only helps in maintaining the privacy of vital data, but also important to solve authorization and authentication issues. There are many companies that provide on demand securitytesting services.

There are many tools and techniques to reveal the vulnerabilities of a web application. But as simple as it may sound, it can be an equally daunting task. With the use of the right security testing tools you can uncover many hidden issues that can leak sensitive information. With so many web application security testing tools available, it is equally important to choose the most suitable option.

A security testing tool should be easy to use so as to save unnecessary wastage of time. The tool should not be complex and should be easy enough to be understood by first time users. The installation should be simple and the basic setup should not require too much time.

A security testing tool is incomplete without certain standalone tools such as HTTP editors, web proxy and HTTP discovery service. These tools allow detection of live web servers on the network. These utilities are very important to perform a thorough investigation. You should also be able to create logs easily. Logging allows you to track the entire process from submitting the URL details. You can locate the error code and can even identify the headers sent and received via the HTTP protocol.

Hence, choosing the right kind of tools and a proper implementation is required to keep your system secured. You need an expert’s help for conducting security tests and keeping your system up-to-date. Iviz Security, a premium software testing company, specializes in conducting penetration tests to shield your network’s security, including potential vulnerabilities and threats.

Computer Security avail, demand, keep, Network, secured, Security, Services, Testing

Many people enjoy the flexibility of a wireless network and love the fact they can sit in their garden with their laptop and check their email. Whilst wireless networking is indeed a very useful technology it does come with its downsides. The truth is many people are not particularly tech savvy and will setup their wireless networking without implementing any wireless security, the same group of people are totally unaware of the massive threat to private data and their internet connections that arise from the no wireless security.

Having an unsecure network is like allowing someone to come into your house, plug a network cable into your router and start browsing the web as they please, you just wouldnt do it! Which is why you shouldnt leave a wireless network unsecure, it is inviting people to connect to it and do any of the following:

1: Download illegal content.
2: Use the connection for malicious activity
3: Intercept local traffic and have the ability to check what sites your visiting, your private data and even passwords.

This is just the beginning. There are many horror stories of peoples wireless networks being used and abused with criminal activities happening leaving the owner of the network responsible!

This is why wireless security is so important, if you leave your network open then your just asking for trouble, and you wont even know its happening! People can access your network from several houses down the street and you would be none the wiser.

So always implement Wireless Security, make sure that you are using a wireless key, preferably WPA or WPA2 as WEP is extremely vulnerable and can be cracked in a few minutes with freely available tools from the internet.

Computer Security Home, Network, Security, Wireless

Check my new Monitor and Wireless keyboard/mouse set .

About, personal

Network Authentication Process

The process of a client associating and authenticating to an access point is standard. Should shared key authentication be selected at the client, there are additional packets sent confirming the keys authenticity.

The following describes EAP network authentication.

 1. Client sends probe to all access points

 2. Access point sends information frame with data rate etc

 3. Client selects nearest matching access point

 4. Client scans access point in order of 802.11a, 802.11b then 802.11g

 5. Data rate is selected

 6. Client associates to access point with SSID

 7. With EAP network authentication the client authenticates with RADIUS server 

Open Authentication

This type of security assigns a string to an access point or several access points defining a logical segmented wireless network known as a service set identifier (SSID). The client can’t associate with an access point unless it is configured with that SSID. Associating with the network is as easy as determining the SSID from any client on the network. The access point can be configured to not broadcast the SSID improving security somewhat. Most companies will implement static or dynamic keys to supplement security of SSID.

Static WEP keys

Configuring your client adapter with a static wired equivalency private (WEP) key improves the security of your wireless transmissions. The access point is configured with the same 40 bit or 128 bit WEP key and during association those encrypted keys are compared. The issue is hackers can intercept wireless packets and decode your WEP key.

Dynamic WEP keys (WPA)

The deployment of dynamic encrypted WEP keys per session strengthens security with a hash algorithm that generates new key pairs at specific intervals making spoofing much more difficult. The protocol standard includes 802.1x authentication methods with TKIP and MIC encryption. Authentication between the wireless client and authentication RADIUS server allows for dynamic administration of security. It should be mentioned that each authentication type will specify Windows platform support. An example is PEAP which requires Windows XP with service pack 2, Windows 2000 with SP4 or Windows 2003 at each client.

The 802.1x standard is an authentication standard with per user and per session encryption with these supported EAP types: EAP-TLS, LEAP, PEAP, EAP-FAST, EAP-TTLS and EAP-SIM. User network authentication credentials have nothing to do with the client computer configuration. Any loss of computer equipment doesn’t affect security. The encryption process is handled with TKIP an enhanced encryption standard improving WEP encryption with per packet key hashing (PPK), message integrity checking (MIC) and broadcast key rotation. The protocol uses 128 bit keys for encrypting data and 64 bit keys for authentication. The transmitter adds some bytes or MIC to a packet before encrypting it and the receiver decrypts and verifies the MIC. Broadcast key rotation will rotate unicast and broadcast keys at specific intervals. Fast reconnect is a WPA feature that is available allowing employees to roam without having to re-authenticate with the RADIUS server should they change floors or rooms. The client username and password is cached with the RADIUS server for a specified period.

EAP-FAST

 • Implements symmetric key algorithm to build secure tunnel

 • Client and RADIUS server side mutual authentication

 • Client sends username and password credential in secure tunnel

EAP-TLS

 • SSL v3 builds an encrypted tunnel

 • Client side and RADIUS server side assigned PKI certificates with mutual  authentication

 • Dynamic per client per session keys used to encrypt data

Protected EAP (PEAP)

 • Implemented at Windows clients with any EAP authentication method

 • Server side RADIUS server authentication with root CA digital certificate

 • Client side authentication with RADIUS server from Microsoft MS-CHAP v2 client with  username and   password encrypted credentials

Wireless Client EAP Network Authentication Process

 1. Client associates with access point

 2. Access point allows 802.1x traffic

 3. Client authenticates RADIUS server certificate

 4. RADIUS server sends username with password encrypted request to client

 5. Client sends username with password encrypted to RADIUS server

 6. RADIUS server and client derive WEP key. RADIUS server sends WEP key to  access point

 7. Access point encrypts 128 bit broadcast key with that dynamic session key. Sends to client.

 8. Client and access point use session key to encrypt/decrypt packets

WPA-PSK

WPA pre-shared keys use some features of static WEP keys and dynamic key protocols. Each client and access point is configured with a specific static passcode. The passcode generates keys that TKIP uses to encrypt data per session. The passcode should be at least 27 characters to defend against dictionary attacks.  

WPA2

The WPA2 standard implements the WPA authentication methods with Advanced Encryption Standard (AES). This encryption method is deployed with government implementations etc. where the most stringent security must be implemented.

Application Layer Passcode

SSG uses a passcode at the application layer. Client can’t authenticate unless they know the passcode. SSG is implemented in public places such as hotels where the client pays for the password allowing access to the network.

VLAN Assignments

As noted companies will deploy access points with SSID assignments that define logical wireless networks. The access point SSID will then be mapped to a VLAN on the wired network that segments traffic from specific groups as they would with the conventional wired network. Wireless deployments with multiple VLANs will then configure 802.1q or ISL Trunking between access point and Ethernet switch.   

Miscellaneous Settings

Turn Microsoft File Sharing OFF Implement AntiVirus Software and Firewall Install your company VPN client Turn OFF Auto Connect to any wireless network Never use AdHoc Mode – this allows unknown laptops to connect Avoid signal overrun with a good site survey Use minimal transmit power setting

Anti Theft Option

Some access points have an anti theft option available using padlock and cabling to secure equipment while deployed in public places. This is a key feature with public implementations where access points can be stolen or there is some reason why they must be mounted below the ceiling.

Security Attacks

• Wireless packet sniffers will captures, decode and analyzes packets sent between the client computer and access points. The purpose is to decode security information.  

• Dictionary attacks attempt to determine the decryption key configured on the wireless network using a list or dictionary with thousands of typical passcode phrases. The hacker captures information from the authentication process and scans each dictionary word against the password until a match is found. 

• The specific mode assigned each wireless client affects security. Ad Hoc mode is the least  secure option with no access point authentication. Each computer on the network can send information to an Ad Hoc neighbor computer. Select infrastructure mode where available.

• IP spoofing is a common network attack involving faking or replacing the source IP address of each packet. The network device thinks its communicating with an approved computer. 

• SNMP is sometimes a source of compromised security. Implement SNMP v3 with complex community strings.

Cisco Wireless Network Design Guide available at amazon.com and eBookmall.com

Shaun Hummel is an author of various technical books and has a web site focused on information technology job search solutions and certifications.

http://www.networkjobsolutions.com

Computer Security Network, Security, Wireless