The Little Geeni

Another excellent tool that’s freely available to Windows Vista administrators (or anyone else, for that matter) is the Microsoft Baseline Security Analyzer (MBSA). This tool scans a system and quickly identifies security holes such as missing software patches or accounts with a blank or weak password.

Better yet, it recommends corrective action. The only bad news of sorts is that it’s not built into Windows Vista. You have to download this one from the Microsoft web site. The newest version of this tool at the time of this writing was released in May of 2008, Version 2.1. This updated version provides additional features which are detailed at the Microsoft website.

However, legacy Microsoft products are not supported by MBSA 2.1. Because of this, Microsoft has teamed-up with Shavlik Technologies to offer a free companion tool for MBSA 2.1. This will allow users of MBSA 2.01 to still receive security updates.

For the MBSA 2.01, the install steps are straightforward; just follow the steps in the wizard. During installation, the MBSA places a shortcut on the desktop by default. To launch the tool and perform a scan, follow these steps:

Double-click the desktop icon, and then, from the MBSA home page, choose Scan a Computer. Note here that admins can also use the MBSA to scan multiple computers in a network from a central location. In the Computer to Scan page, you should see the local machine listed if you’ve chosen the “Scan a computer” option. (The other selection produces a page from which you can select a range of machines.) Furthermore, the options in this screen let you specify exactly what components get checked during the scan. Once you verify the machine to scan, click the “Start scan” link. You’ll now see a Scanning page with a progress bar that can take several minutes to complete. When the scan finishes, you’ll see a report screen.

As you can see, this provides extremely valuable information to administrators who are interested in doing everything they can to stop problems before they start. For example, the administrator of this machine has been very diligent about installing necessary software updates, it seems, and has gotten passing grades in most areas of computer security. But the MBSA scan generates a failing grade…how is this possible? The MBSA makes it easy to investigate the exact nature of the failing grade by clicking the “Result details” link, revealing the dialog box. In this case it reveales a very significant (yet usually hidden) threat: local user account passwords are weak, thus generating the failing grade.

If you’d like to get my book “Windows Vista Administration: The Definitive Guide” by Brian Culp, (or any of my other books and tutorials), you can pick it up at my website, www.TheAnswerHub.com or at most major book chains. In addition, I’m always happy to provide additional assistance for free (within reason, mind you…don’t go thinking this is some sort of a free ride). Visit me at my website and submit your questions to me. I’ll get back to you with an answer as soon as possible.

Up Next: in the conclusion of this 5-part series, we’ll be discussing the removal of malicious software using the Malicious Software Removal Tool within Windows Vista.

Troubleshooting Analyzer, Baseline, Microsoft, Part, Security, Troubleshooting, Using, Vista, Windows

PHP means Hypertext Preprocessor Programming; it is basically server side scripting language. Server side means the scripts will be in HTML but server processes on it first before sending that applications to browsers. You cannot see PHP coding in source of that particular web page because the code is not visible, it only gives output. PHP is used to create dynamic web pages for internet business.

Why programming in PHP:

PHP is very helpful in content management system PHP can be used for command line scripting It can be used in relational database management systems Provides design structure to promote rapid application development It allows developers to write extensions in C It can be used in all major operating systems including Linux, Microsoft Windows and RISC OS It permits users to transfer specific files from their client computers to a web server It is flexible in database connectivity

PHP Programming Protection:

While it is not entirely possible to protect your site, yet there are few precautions that you can incorporate for better protection with PHP programming. Some of these are:

You should check the referrer, for being sure that the information sent is from your website and not an outside source. Since, there are maximum chances of the information is being fake. Restriction of the type of extension files being uploaded on the website is yet another method of security check. Renaming files is another way in which the program can be secured. This procedure involves the checking of double-barreled extensions like file.php.gif. Changing the permission command for the upload folder so that files within it are not executable. All the alterations created by the user should be allowed only when they ‘Login’ into the database. On the other hand the owner of the site should always keep a close watch on all files being uploaded and then make them live.

PHP development services have many advantages like low cost and high performance. The other advantage is that the code is simple and easy to understand. PHP is widely used for frameworks and to design a structure. PHP is mainly used for the small business with limited budget.

Therefore, the successful development of a website through PHP web development is complete only when the site owner consults a professional programmer.

There are lots of service providers in India who provide outsourcing PHP programming services with highly qualified and skilled IT professional. They are providing best services at affordable rate and always ready to fulfill all your requirements. If you’re getting good service provider then you can fulfill all your requirements and you can also earn long profit form that because the future of PHP is very amazing.

php Benefits, More, Security, Website

Video used for internal training at Cisco. The basics of Security. Shot a few years ago but still pretty relevant.

Computer Security Cisco, Security, Training, Video

The emergence of the World Wide Web as a global, around the clock marketplace has opened a multitude of new opportunities to businesses which have never before been seen. Computers and global communication networks have brought vendors, customers and markets together in new and beneficial ways. Along with all of the benefits which business has gained from the information age come some downsides. New crimes have not been created by new technology, but rather new technology has given new tools to criminals to commit the same crimes as they always have. The difference is that criminals now have a global reach, just as businesses do. In the U.S. at least, the responsibility for protecting consumers from having their personal information pilfered is placed upon businesses.

While some will blame the computer itself for crimes involving identity theft, it is usually not the computer but rather the way in which the victim has made use of it which is at issue. Their lack of attention to network and computer security has offered access to criminals – right into their home or business. After all, if we never lock our doors, would we blame the contractor who built our home for a burglary? In a corporate environment, it is typically employees, including IT staff who are really at fault.

About 70% of data breaches at businesses can be laid at the feet of people within the company. Employees using weak passwords or making the egregious mistake of writing down their passwords in plain view allow unscrupulous employees and others easy access to company information. Employees know that the quickest way to find a password is to sit at someone’s desk; quite often, employees will tape passwords on notes on the monitor, to the desk (or underneath it) or in desk drawers, often simply labeled “passwords” or worse yet, on the desktop of their computer in an unencrypted document. Keep in mind that if a security breach happens through the use of a legitimate user name and password, it is very difficult for your IT staff to catch. Poor password management on the part of your employees can give criminals complete access to sensitive corporate data.

IT departments try to reduce the risk of data breaches through the implementation of stronger security policies. There are six basic rules of password security which they commonly use. These are:

LENGTH – Passwords should always be at least eight characters long. The longer, the better as long as you can remember your password.
RANDOMNESS – A password should be difficult to guess. Use combinations of numbers and letters; words, dates and so on.
COMPLEXITY – Employ a mix of numbers, punctuation marks and lower and uppercase letters in your passwords.
UNIQUENESS – Use a unique password for each user account.
ROTATION – Passwords should be changed every two to three months.
MANAGEMENT – Never let anyone see your password. And never, ever write it down.

The conflict which is going here is between IT departments and other employees. As IT departments make security measures more complex and difficult for employees, they use weaker security habits to increase the ease of access for themselves. Employees will nearly always forgo security for the sake of convenience.

One way to avoid this conflict is to adopt token based password management. These sorts of systems include:

Security:
o PIN protected smartcards which lock data after a predetermined number of failed attempts at access.
o Passwords are never stored in computers, where hackers and snoopers can find and use them.
o Passwords can be as long as 20 characters, with all 96 possible characters on the keyboard being available to use.
o Each website, encrypted file and network can (and should) have its own unique, complex.
o Since your passwords are never typed in, a keylogger cannot record them.
o The card can be encrypted so that only the software used to manage the cards can access the data on them.

Convenience:
o The management system for these cards can handle logins for different accounts, files, applications and networks.
o The management system can launch a web browser, navigate to the appropriate login page and take care of authentication, all with a double click.
o Users never have to remember (or type)passwords.
o Users will have their passwords on them at all times.
o These cards can be carried in a wallet or even used as an employee ID badge.
o Passwords will not be written or stored where they can be found.
o Cards can store over 100 different passwords and their associated account information
o Login sites are saved to the card.

Portability:
o Passwords are available to users at any workstation once their smartcard is inserted.
o The card can be used in the office or at home or from another remote location. These sorts of smartcards are great for students and others as well.
o Smartcards are ideal for employees who work remotely but need secure access to the company network.

It takes more than just a password to make your network secure, but with the use of security tokens, passwords are no longer the weakest link in a company’s security scheme. Tokens have been developed by security companies for a variety of different applications – companies can evaluate these offerings on the basis of form, usability, the amount of modifications which will be required in their infrastructure, ease of installation and of course, cost. Some smartcards offer advances security but also mean that a lot of back-end server work must be done in order to implement them. Others are easy to set up and use, but are a risk if they are lost or stolen.

Business owners are required by the Privacy Protection Act to keep customer data secure. While no one security measure can provide total security, proper password management should be part of every company’s overall security strategy.

“May your data be secure and your identity be your own.”

Computer Security Business, Don't, Passwords, Security, Threaten

Security is often the most worried about aspect of running a computer network. Keeping unwanted users out whilst allowing freedom for users to access network applications is a full time job. Yet many network administrators fail to pay any heed to one of the most crucial aspects of keeping a network secure – time synchronisation.

Time synchronisation is not just important but it is vital in network security and yet it is staggering how many network administrators disregard it or fail to have their systems properly synchronised.

Ensuring the same and correct time (ideally UTC – Coordinated Universal Time) is on each network machine is essential as any time delays can be an open door for hackers to slip in undetected and what is worse if machines do get hacked are not running the same time it can be near impossible to detect, repair and get the network back up and running.

Yet time synchronisation is one of the simplest of tasks to employ, particularly as most operating systems have a version of the time protocol NTP (Network Time Protocol). Finding an accurate time server can sometimes be problematic particularly if the network is synchronised across the internet as this can raise other security issues such as having an open port in the firewall and a lack of possible authentication by NTP to ensure the signal is trusted.

However, an easier method for time synchronisation, being both accurate and secure, is to use a dedicated NTP time server (also known as network time server). An NTP server will take a time signal direct from GPS or from the national time and frequency radio transmissions put out by organisations such as NIST or NPL.

By using a dedicated NTP server the network will become a lot securer and if the worst does happen and the system does fall victim to malicious users then having a synchronised network will ensure it is easily solvable.

Computer Security Security, Synchronisation

A secure network is an important component of your successful business. The task of constantly protecting the network against malicious attacks and unexpected threats is burdensome and distracts you from your core business. How do you ensure your networks are protected and self-defended?

InfraScape provides the solution to assure network security and maintain business continuity. We provide the strategy, services and our proprietary monitoring technology to help companies overcome fear and combat threat proactively. Our round the clock technical support further enhances the confidence of our customers. We are your preferred managed security services partner.

More and more organizations are turning to managed security providers for a range of security services to reduce costs and to access skilled staff whose full-time job is security. Security solutions and technologies such as firewalls, intrusion detection systems (IDSs), virtual private networks (VPNs), and vulnerability assessment tools are weapons that far more effective when they are managed by skilled professionals.

Our Security and Technology Services include:

• Network boundary protection, including managed services for firewalls, intrusion detection systems (IDSs),

and virtual private networks (VPNs)

• Security monitoring

• Incident management, including emergency response and forensic analysis

• Vulnerability assessment and penetration testing

• Anti-virus and content filtering services

• Information security risk assessments

• Data archiving and restoration

• On-site consulting

Benefits of engaging InfraScape as your MSS Partner

Skills

We have insight into security situations based on our extensive experience, dealing with hundreds of potentially threatening situations every day.

Cost

The cost of a managed security service is typically less than hiring in-house, full-time security experts.

Staffing

You can outsource repetitive security monitoring and protection functions, and focus internal resources on more critical business initiatives.

Facilities

We can enhance security by using our physically hardened sites with state-of-the-art infrastructure that are managed by our trained personnel.

Security expertise

We are often able to obtain advance warning of new vulnerabilities and gain early access to information on countermeasures.

Service Performance

When you contract us for security monitoring services, our service can report near real-time results, 24 hours a day, 7 days a week, and 365 days a year.

Computer Security Managed, Security, Services, Solutions

The future of security tools has changed greatly for the last several years. Today the network must respond to network attacks maintaining the network reliability, business performance and cyberspace security. The aim of cyber security issue is to make the network more flexible in order to prevent attacks and to keep on working.

Network security is a primary issue for every company, organization or individual. There exist various types and levels of network attacks. The main differences between national, corporate and information cyber security lie in the level of network security and tools applied. The national data requires the highest possible level of network security. The corporation has to use a multilayered approach in order to protect the information located on the computer from network attacks. The level of information security depends on an organization, state or individual, who use it. Thus, the level of network security is defined according to this principle.

Department of Homeland Security and Cyberspace Security (DHS) has been created to improve the cyber security of America. DHS is responsible for developing the national plan for securing the state resources and infrastructure of the US; giving crisis management concerning cyber attacks; providing technical assistance to the government entities concerning emergency recovery plans of critical information systems; coordinating with agencies of the federal government to provide advice about appropriate protective measures to organizations including the private sector, academia, and the public; funding research that will lead to new technologies in support of homeland security.

Strategic principles of the National Homeland Security are directed at securing cyberspace via the following:

• Preventing cyber attacks against US infrastructures;

• reducing national vulnerability to cyberspace attacks;

• reducing the recovery time after a cyber attack occurs.

The national cyber space security has several priorities. They are:

1. The national cyberspace security response system. This system is public/private architecture for analyzing, warning and managing cyber incidents of national importance.

2. The national cyberspace security threat and vulnerability reduction program.

3. The national cyberspace security awareness and training program.

4. Government security cyberspace.

5. International cyberspace security program. It is aimed at preventing cyber attacks that could influence national security. This program improves the international response to attacks of such kind.

Computer Security Cyber, National, Security

Information security refers to all levels of cyber security. Information storage is of primary importance for corporations, states and individuals as users of the Internet. Information cyber security is aimed at securing data. Corporations, states and individuals implement security policies, plans and strategies in order to prevent a cyber attack and keep the information safe. Information cyber security differs from national and corporate security as it has the only purpose – maintaining the information and its security. The information security strategy is a part of a corporation’s strategic planning, a part of the security tools used by an individual. The strategy serves as a plan of actions for implementing and maintaining the security level. The strategy denotes the information security program and contains activities and processes that are required for effective work and data storage. Information cyber security strategic plan includes the protection of data considering the operating conditions, culture and mission of a corporation.

Information security policy is a collection of major principles of a corporation that establishes the limits of information usage. Some corporations have a strict policy concerning collecting data by its employees. They prohibit opening and copying any files on a working computer in order to protect the organization from any kind of threat. Moreover, there exists a security control, such as separation of duties, access control, authentification and authorization, etc.

Application control covers the protection tools created to prevent network attacks on the computer. Application control tools protect computers from network attacks during all the stages of an attack. Application control decreases the computer’s attack via static rules and decisions. It acts as the last defense technology and is helpful in the space that reduces the number of threats when other defense tools do not act. For instance, a static environment can have limited program control regulations.

The usage of application compliance refers to another developing area of application control technology. It gives the chance ‘to apply a corporate policy on application compliance, operating system level and peer-to-peer applications before network access is given’. Enforcing this application model makes the system state and the whole network space enhanced. Thus, application control tools are like firewall technology based on the possibility to find a threat by applying necessary regulations. Application control is a necessary tool in a multi-layered computer protection system, however, it is not recommended to apply it as a single defense technology of a dynamic system.

Network security is a primary issue for every company, organization or individual. There exist various types and levels of network attacks. The main differences between national, corporate and information cyber security lie in the level of network security and attack prevention tools applied. The national data requires the highest possible level of network security. The corporation has to use a multilayered approach in order to protect the information located on the computer from network attacks. The level of information security depends on an organization, state or individual. Thus, the level of network security is defined according to this principle.

Computer Security Cyber, Information, Security

Nowadays, implementation of wireless networks is very common. There are very less clutters in a wireless network, so it is a convenient way of network implementation and management. The troubleshooting of wireless network is easier than wired networks, so people prefer having wireless networks at workplace as well as at home.

However, wireless networks are more vulnerable to security flaws along with the convenience and easy approach of implementation. Even a person with less IT knowledge can easily access an unsecured wireless network and use unethically. Therefore, it is very important to restrict unauthorized access of wireless networks available at home or at your workplace. There are some standard security measures of securing your wireless networks from unauthorized access. In order to secure your wireless network, you can adopt following actions:

Restrict Wireless Network Broadcasting
The default setting of your Wi-Fi router allows automatic network broadcasting so that devices with wireless access feature can detect the wireless networks available in range. Choosing this default setting makes your wireless network open to everybody. To restrict automatic wireless network discovery you can disable this feature. Go through your wireless router manual to learn how to disable this feature.

Enable Data Encryption
Data Encryption is a well-accepted protocol to secure wireless networks. Nowadays, almost every Wi-Fi router or access points come with WEP (Wired Equivalent Privacy) or WPA (Wi-Fi protected access) encryption schemes. By enabling any of these two encryption schemes, you can restrict the access of your Wi-Fi network.

Choosing Strong Network Password
While enabling data encryption, you are required to set a password to allow access to your wireless network. Choosing a strong password is very important to achieve required level of security. An ideal password is combination of alphanumeric keys and comprise of several characters. Avoid using your name, Date of Birth, or other common things as a password for your wireless network.

Activating Firewall
All wireless access points come with an in-built firewall to stop unauthorized incoming and outgoing connections through your wireless network. Learn how to use and customize this firewall for maximum level of wireless network security.

By following above instructions, you can secure wireless networks at your home or at workplace and enjoy the benefits of going wireless without any worries.

Computer Security Ensuring, Networks, Security, Wireless

In a recent report issued by CompTIA, the Computer Technology Industry Association, 50% of small and medium sized businesses (SMBs) had very little trust in the security offered by VoIP vendors, or for that matter, voice over IP security in general.

It is true, having your voice and data running on the same infrastructure leaves your telecommunications particularly vulnerable to all the security threats inherent in an IP network. Viruses, Trojan Horses, and worms can all wreak havoc on a network, and having your voice network go down for even the shortest time is intolerable for most business.

That said, security has come a long way, and most attacks can be stopped at the gateway by a good network administrator. While attacks on VoIP networks in particular are by no means widespread, the possibilities are there, if not imminent, and pose a very real threat to the very time sensitive requirements of voice over IP.

The following is a compilation of just some of the security threats facing a voice over IP network, as well as some security measures that could be taken to prevent such attacks.

SPIT: The new Spam for VoIP

Most anybody that receives email is familiar with the term Spam. Who among us has not received dozens of unsolicited emails, clogging up our mailboxes and causing us to waste our valuable time? Laws have been made to reduce the clutter in our mailboxes, and major offenders have been fined heavily and in some cases put in jail.

Spam is basically the broadcasting of advertisements, announcements, or other unwanted messages, over a network or networks, ending up in the mail boxes of anyone that has an email address on that network. At worst, spam is frustrating for the recipient, and can also cause network problems utilizing a good majority of bandwidth that is meant for other things. As email applications are connectionless and not sensitive to time delay, eventually the recipient will receive their emails intact, albeit a few minutes later than it would normally take.

Spam over Internet telephony, otherwise known as SPIT, can have far greater consequences than email spam. Spitters that target VoIP gateways can use up the available bandwidth, severely disrupting Quality of Service and causing a major degradation in voice quality.

The open nature of VoIP phone calls makes it easy for spitters to broadcast audio commercials just as email advertisements are broadcast. On closed networks like Vonage or Skype, or even your companies LAN, it is a little more difficult as the spitter would have to hack into the network in order to implement the broadcast. It can, however, be done.

The ability to broadcast audio messages over a VoIP network is not, in itself, necessarily a bad thing. Companies should be able to get out important messages quickly, and on a broader scope, emergency services could easily communicate mandatory evacuations, or warn of impending disasters in the event of catastrophe.

While Spit is certainly a technical possibility, to date, we have not seen a lot of it. In 2004, the peer to peer VoIP network Skype got hacked into, and users were inundated with unsolicited audio messages. Shortly thereafter, Skype had found and closed the loophole in the network. One other legal recourse is to get on the national Do Not Call list, to prevent solicitors from bombarding your voice mail box

Eavesdropping

Probably one of the scariest vulnerabilities of VoIP is the ability of an outsider to eavesdrop on a private conversation. This concept is nothing new to IP data networks, and generally requires a packet analyzer to intercept IP packets, and in the case of VoIP, saving the data as an audio file. Hackers then have the ability to learn user ids and passwords, or worse, to gain knowledge of confidential business information.

While it is true that eavesdropping occurs on traditional telephone lines as well as cellular networks, for someone to tap into your home phone line pretty much requires a physical presence outside your house. In the case of an IP network, a hacker requires only a laptop, some readily available software, and the knowledge of how to hack into your network.

Security analysts have long used encryption techniques to protect the confidentiality of data traveling through an IP network, and the same concept holds true for voice packets. The challenge with voice is to encrypt strongly and quickly, to protect confidentiality and as not to slow down the packet flow.

Nevertheless, if someone really wants to listen in on your calls, no type of telecommunication is 100% secure.

Phishing the Waters of Voice over IP

Another variation of an email attack, Phishing is designed to trick a user into revealing sensitive data such as user names, passwords, bank accounts, credit cards, and even social security numbers. In the case of VoIP, the attack could come as a voice mail message urging you to call a designated number and provide your user information. Even if the call is automated, touch tones can be easily deciphered. Depending on what information they get, hackers can use it to access bank accounts, or to steal identities.

While you can program a PBX to restrict call backs to known phishers, as more users become familiar with the pitfalls of the Internet, it becomes common knowledge to never give out sensitive information to automated media, be it via data or voice.

SIP Registration Hijacking

The Session Initiation Protocol (SIP) is becoming widely accepted as the method for setting up VoIP phone calls. The process involves a Registrar (in some cases the company PBX itself), which maintains a database of all users subscribed to the network, and basically maps their telephone number to an IP address.

Registration hijacking occurs when the packet header of either party is intercepted by a hacker, who substitutes his IP address for that of the legitimate one. Attacks can take the form of fraudulent toll free calls, denial of service attacks that can render the users device useless, or a simple diversion of communication.

Spoofing

Another hack that is well known in data networks is spoofing Also known as a man in the middle attack, spoofing requires hacking into a network and intercepting packets being sent between two parties. Once the IP address or phone number of the trusted host is discovered, hackers can use this attack to misdirect communications, modify data, or in the case of Caller ID Spoofing, transfer cash from a stolen credit card number.

SIP registration hijacking is a form of spoofing. Both of these spoofs, as well as other hacks such as eavesdropping, can be prevented by employing encryption techniques at the call set up phase. Today, the up and coming mechanism to achieve this is to send SIP messages over an encrypted Transport Layer Security channel. Putting these two protocols together forms the acronym SIPS.

There is no doubt that IP networks can be, and are, hacked into. Since a converged network consists of data and voice, VoIP is as vulnerable as any application to these disruptions, but with a downtime tolerance of no more than 5 minutes a year, such interruptions are considered intolerable for voice applications.

As of today, most of these security threats are not wide spread, and are presented here as a what could happen in the future scenario. Industry experts agree that as voice over Internet telephony becomes more wide spread, malicious hacking attempts are bound to follow.

These and other security threats can be prevented by a vigilant network staff, using all the known security precautions typical of an IP network. No VoIP solution is secure out of the box, and must be locked down by using common sense approaches, including but not limited to changing default passwords, closing down unused ports and services, utilizing firewalls and VPNs for network communications, and diligent intrusion detection.

Computer Security Explained, Security, Threats, VoIP