Things on my mind today

I went to a job fair. It was basically a waste of time. Every company wanted you to apply online. I'm already doing that. I do everything online. I read about several technologies, games, and toys today at the library. I went to learn more about NAS or network attached storage and RAID levels. I feel these are fundamental skills to know. I also want to increase my reasoning and logical abilities so Im going to start playing more puzzles. I read about KENKEN a math game, unlike Sudoku you do math. I also read about game theory and how it ties to everything. I read about a article about cryptoanalyst in Wired. It talked about the CIA and Langley. It was a good article.

TGIF

It's Friday about 11:00AM. I just got done washing dishes, how exciting. I'm excited about going to work. I really like my job. I will be working on the website today. I have a ton of ideas to get some more traffic. If any one needs any help with computer consulting or repair in the Orange County area give me a call.

Content Development and website advice

Today I had a good day at work. I wrote some content on loan modifications. I advised my boss on how to optimize his website better to get more traffic. I talked about blogging, podcasting and even getting some video on You Tube. I love security, but the economy is so bad right now I'm willing to take on new ventures. I downloaded MAMP today to learn PHP and MySQL. I need to keep my blog updated more. Its 11:49 and I want a Red Bull. My one month year old son is up and crying. The joys of parenthood.

A new year

Phuture Networks is planning on obtaining more client's this year. Phuture Networks wants to focus on prospecting and delivering the best service possible to our clients.

TEST

Orange County Computer Consultant

Call Phuture Networks for all of your IT needs in Orange County.

Panasonic BB-HGW700A Network Camera Management System with Router

Network setup is simple, as the camera management system automatically configures up to 16 Panasonic network cameras (IP address, port number, etc.), enables Internet access, creates a custom portal page and enables multi-level security control. A customized, flexible network for your computing environment is made possible by 802.11b/g wireless communication as well as four switched Ethernet connections. The system automatically configures the network connection for up to 128 computers or devices, and additional devices can be manually added.The camera management system's built-in firewall helps protect every network computer from hackers. Use the system with a Virtual Private Network (VPN) server to access a corporate or secure network. You can also customize the firewall to best suit the needs of your home or small business.The BB-HGW700A automatically adds the image from up to 16 cameras on a single web page which can be used from a local network or even the Internet. For easy access, just click a camera image on the camera portal page and that camera's individual screen will open allowing you to view and control that camera easily.

Panasonic BB-HGW700A Network Camera Management System with Router - 4 x LAN, 1 x WAN - Wireless Security Router

SonicWALL SSL-VPN 200 VPN Gateway

SonicWall SSL-VPN 200 Appliance
The SonicWALL SSL-VPN 200 provides small organizations with a simple, cost-effective alternative to traditional remote access products with one that requires no pre-installed client software.

Utilizing only a standard Web browser, users can easily and securely access e-mail, files, intranets, applications, remote desktops, servers and other resources on the corporate LAN from any location. Because there’s no need for a pre-installed or “fat” VPN client, you’re freed from the tasks of deploying, configuring and updating software, reducing maintenance and support costs. Additionally, granular access controls enable you to extend connectivity beyond your organization by providing trusted partners and customers with remote access to specific and defined resources. SonicWALL SSL-VPN solutions integrate seamlessly into virtually any network topology to deliver powerful, scalable and affordable remote access to corporate resources.

Seamless Integration Behind Virtually Any Firewall
The SSL-VPN 200 integrates seamlessly into any network topology and can be easily deployed alongside almost any third-party firewall as a secure remote access solution. This enables you to leverage your existing network infrastructure without the need to purchase additional hardware. The benefits don’t stop there, however. When deployed with a SonicWALL Internet security appliance running SonicWALL Gateway Anti-Virus, Anti-Spyware and Intrusion Prevention Service, the SSL-VPN 200 enhances network integration and security. Deep packet inspection capabilities in the SonicWALL gateway decontaminate mobile user connections to prevent vulnerabilities and malicious code from being introduced into the corporate network.

Powerful SonicWALL NetExtender Technology
The SSL-VPN 200 makes remote access incredibly simple. Users require only a standard Web browser to launch a personalized Web portal that is unique to that person. From this portal, the user has access to e-mail, files, applications and internal Web sites. For more powerful capabilities such as seamless, secure access to any resource on the corporate network including servers and complex or home-grown applications, the appliance transparently pushes a downloadable thin client called NetExtender to the user's desktop or laptop.

Granular Policy Configuration Controls
Your organization includes remote users who require varying levels of access to resources on the corporate network. The SSL-VPN 200 extends secure remote access beyond remote offices and corporate controlled laptops out to network environments and remote computers that are not controlled and managed by the corporate IT department. Built-in granular access controls enable you to provide not only your employees, but also trusted contractors, partners and customers with remote access to specific and defined resources based on company policy.

SonicWALL SSL-VPN 200 VPN Gateway - 4 x 10/100Base-TX WAN, 1 x 10/100Base-TX

Juniper NetScreen 5GT

Weighing in at less than 2 pounds, the NetScreen-5GT is a feature rich enterprise-class network security solution with one Untrust 10/100 Ethernet port, four Trust 10/100 Ethernet ports, a console port and a modem port. Using the same firewall, VPN, and DoS mitigation technology as NetScreen's high-end central site products, the NetScreen-5GT is fully capable of securing a remote office, retail outlet, or a broadband telecommuter. The NetScreen- 5GT supports dial-backup or dual Ethernet ports for redundant Internet connections when network uptime is business critical. The NetScreen-5GT supports embedded virus scanning using Trend Micro's antivirus technology.

Juniper NetScreen 5GT 10 User VPN/Firewall - 4 x 10/100Base-TX LAN, 1 x 10/100Base-TX WAN, 1 x

Cisco ASA 5540 Adaptive Security Appliance

The Cisco ASA 5540 Adaptive Security Appliance delivers a wide range of high-performance, high-density security services with Active/Active high availability and Gigabit Ethernet connectivity for medium-to-large enterprise and service-provider networks, in a reliable, modular appliance. Using its four Gigabit Ethernet interfaces and support for up to 100 VLANs, businesses can segment their network into numerous zones for improved security. The Cisco ASA 5540 Adaptive Security Appliance scales with businesses as their network security requirements grow, delivering exceptional investment protection and services scalability. The advanced network and application layer security services and anti-x defenses provided by the Cisco ASA 5540 Adaptive Security Appliance can be extended by deploying a high performance Security Services Module. Businesses can scale their IPSec and SSL VPN capacity through multiple means to support a larger number of mobile workers, remote sites, and business partners. VPN capacity and resiliency can be increased by taking advantage of the integrated VPN clustering and load balancing capabilities of the Cisco ASA 5540 Adaptive Security Appliance, with support for up to 10 appliances in a cluster supporting a maximum of 50,000 VPN peers per cluster. Businesses can also scale up to 5000 IPSec and 2500 SSL VPN peers on each Cisco ASA 5540 Adaptive Security Appliance through the installation of a VPN upgrade license. Using the optional security context capabilities of the Cisco ASA 5540 Adaptive Security Appliance, businesses can deploy up to 50 virtual firewalls within an appliance to enable compartmentalized control of security policies on per-department or per-customer basis, and deliver reduced overall management and support costs.

Cisco ASA 5540 Adaptive Security Appliance - 4 x 1000Base-T , 1 x 10/100Base-TX

Cisco PIX 506E

The Cisco PIX® 506E Security Appliance delivers enterprise-class security for remote office/branch office environments in a robust, purpose-built appliance. Ideal for securing Internet connections for remote/branch offices, the Cisco PIX 506E Security Appliance, which is part of the world-leading Cisco PIX Security Appliance Series, provides a wide range of rich integrated security capabilities and powerful remote management capabilities in a cost-effective, high-performance solution.

The Cisco PIX 506E Security Appliance delivers a multilayered defense for remote offices through rich security services including stateful inspection firewalling, protocol and application inspection, virtual private networking (VPN), in-line intrusion protection, and rich multimedia and voice security in a single device. The state-of-the-art Cisco Adaptive Security Algorithm (ASA) provides rich stateful inspection firewall services, tracking the state of all authorized network communications and preventing unauthorized network access.

Remote offices benefit from an additional layer of security via intelligent, 'application-aware' security services that examine packet streams at Layers 4-7, using inspection engines specialized for many of today's popular applications. Administrators can also easily create custom security policies for firewall traffic by using the flexible access control methods and the more than 100 predefined applications, services, and protocols that Cisco PIX Security Appliances provide.

Cisco PIX Security Appliances provide market-leading protection for a wide range of voice-over-IP (VoIP) and multimedia standards, allowing businesses to securely take advantage of the many benefits that converged data, voice, and video networks deliver. By combining VPN with the rich stateful inspection firewall services that Cisco PIX Security Appliances provide for these converged networking standards, businesses can securely extend voice and multimedia services to remote office environments for additional cost savings, improved productivity, and competitive advantage.

The Cisco PIX 506E provides several options for securing all network communications between mobile users, remote offices, and corporate networks over low-cost Internet connections. Solutions range from standards-based site-to-site VPN leveraging the Internet Key Exchange (IKE) and IP security (IPsec) VPN standards, to the innovative Easy VPN capabilities found in Cisco PIX Security Appliances and other Cisco security solutions—such as Cisco IOS® routers and Cisco VPN 3000 Series Concentrators. Easy VPN delivers a uniquely scalable, cost-effective, and easy-to-manage remote-access VPN architecture that eliminates the operational costs associated with maintaining remote-device configurations typically required by traditional VPN solutions. Cisco PIX Security Appliances encrypt data using 56-bit Data Encryption Standard (DES), 168-bit Triple DES (3DES), or up to 256-bit Advanced Encryption Standard (AES) encryption.

The integrated in-line intrusion-protection capabilities of the Cisco PIX 506E Security Appliance can protect remote office networks from many popular forms of attacks, including Denial-of-Service (DoS) attacks and malformed packet attacks. Using a wealth of advanced intrusion-protection features, including DNSGuard, FloodGuard, FragGuard, MailGuard, IPVerify and TCP intercept, in addition to looking for more than 55 different attack 'signatures,' Cisco PIX Security Appliances keep a vigilant watch for attacks, can optionally block them, and can notify administrators about them in real time.

The Cisco PIX 506E Security Appliance is a reliable, easy-to-maintain platform that provides a wide variety of methods for configuring, monitoring, and troubleshooting it. Management solutions range from centralized policy-management tools to integrated, Web-based management to support for remote monitoring protocols such as Simple Network Management Protocol (SNMP) and syslog.

Administrators can easily manage a large number of remote Cisco PIX Security Appliances using CiscoWorks VPN/Security Management Solution (VMS). This suite consists of numerous modules including Management Center for Firewalls, Auto Update Server Software, and Security Monitor. This powerful combination provides a highly scalable, next-generation, three-tier management solution that includes the following features:

* Comprehensive configuration and software image management
* Device hierarchy with 'Smart Rules'-based configuration inheritance
* Customizable administrative roles and access privileges
* Comprehensive enterprise change management and auditing
* 'Touchless' software image management for remote Cisco PIX Security Appliances
* Support for dynamically addressed appliances

Cisco PIX 506E Firewall - 1 x 10/100Base-TX LAN, 1 x 10/100Base-TX WAN, 1 x Management

Orange County Computer Security Firm supports Linux

Phuture Networks can help with your Linux and open source needs. We specialize in open source solutions and configuration of operating systems.

Phuture Networks Partners with PGP

Phuture Networks has partnered with PGP to provide encryption solutions to home and small companies. This includes email security, whole disk encryption and secure file transfers. Phuture Networks is also certified by PGP.

Orange County Technical Support Call 714-786-5878

Phuture Networks provides expert support in Orange County for the following services.

* Virus Removal and Protection
* Spyware, Popups, Spam
* New PC Setup and Data Transfer
* E-mail and Internet Issues
* Troubleshooting and Repair
* Wireless Networking
* Network Cabling
* Hardware Upgrades
* Operating System Installation.

If your computer is running slow or you would like to try Linux or get set up on the Internet give us a call today!

Phuture Networks Orange County Computer Services Call 714-786-5878

Phuture Networks offers the following services in Orange County. Call today for your free estimate.

# Hardware/Software Installation, Troubleshooting, Repair, Upgrades, Maintenance.
# Computer Network\Server Design, Installation, Security, Troubleshooting, Repair, Upgrades, Maintenance.
# Internet (T1/DSL/Cable/VPN) Sharing Setup, Troubleshooting, Repair, Upgrades, Security, Maintenance.
# Virus, Worm, and Spyware Removal.
# Backup and Recovery.
# Router/Firewall Design, Installation, Troubleshooting, Repair, Upgrades, Maintenance.
# Windows 9x, NT, 2000, XP, Vista, 2003 Server, Small Business Server.

Phuture Networks Services offered in Orange County, CA

Phuture Networks provides the following services for client's in Orange County:

Information Security Consulting

Intrusion Prevention Systems

Firewalls

Web Filtering

VPN

Secure Voice

Cisco IOS Firewall

I have attached a link to Cisco's information on there opertaing system. These includes a complete list of features that you enable with their security products.

Cisco Security Podcasts

I do allot of learning online. I frequently listen to podcast's to keep up on all the security alerts. Here is a link to Cisco's Security Podcasts. Enjoy!

Phuture Networks is now a Cisco Partner

Phuture Networks has just become a Cisco Parter. This will enable Phuture Networks to provide you with all of your Cisco needs. Phuture Networks will have more resources ready for our clients. Call today for your free quote. Phuture Networks will also do a network survey for your company.

Cisco PIX and Cisco ASA multiple security vulnerabilities

Attention network administrators running Cisco gear. According to reports on the Internet there are multiple flaws with these security appliances.

These range from DoS attacks, memory leaks, and authentication flaws with VPN. These is also potential to mess with SIP traffic.

Watchguard Firebox X Edge X20e UTM

The new Firebox® X Edge e-Series security appliances deliver powerful network protection for small businesses and remote/branch offices. Available in both wired and wireless models, the Edge can be used as a stand-alone integrated security appliance or as a VPN endpoint solution. The Firebox X Edge offers stateful firewall, VPN, and URL filtering, plus advanced networking and traffic management capabilities to maximize network configurability. An intuitive, Web-based user interface makes it easy to deploy and manage.

For remote offices/small businesses with up to 30 users. A smart choice for branch office VPN endpoint connectivity to a central office running a Firebox X Core or Peak, allowing centralized management of Edge functionality with WatchGuard System Manager.

Features

* Dynamic stateful packet firewall and VPN capabilities
* Easy setup and configuration with application-specific security policies
* Spoof detection, site blocking, and port blocking
* Advanced networking features including WAN failover, QoS, Traffic Management
* Work/home network separation for telecommuters
* Support for Dynamic Network Address Translation (NAT), 1:1 NAT, and Port Address Translation (PAT)
* Managed desktop antivirus protection
* Six network ports to connect a variety of devices on your network

Watchguard Firebox X Edge X20e UTM Bundle Security Appliance - 6 x 10/100Base-TX

Cisco PIX 535 Firewall

The Cisco PIX 535 Security Appliance delivers enterprise-class security for enterprise and service provider networks in a high performance, purpose-built appliance. Its highly modular three-rack unit design supports up to ten 10/100 Fast Ethernet interfaces or nine Gigabit Ethernet interfaces as well as redundant power supplies, making it an ideal choice for businesses requiring the highest levels of performance, port density, reliability, and investment protection. Part of the world-leading Cisco PIX Security Appliance Series, the Cisco PIX 535 Security Appliance provides a wide range of rich integrated security services, hardware VPN acceleration capabilities, and powerful remote management capabilities in a highly scalable, high-performance solution.

Cisco PIX 535 Firewall - 2 x 10/100Base-TX LAN, 1 x Management, 1 x

SonicWALL PRO 4060 VPN/Firewall

The SonicWALL PRO 4060, part of SonicWALL's PRO Series, provides complete business continuity for even the most complex networks. Powered by SonicWALL's next-generation SonicOS operating system and powerful deep packet inspection architecture, the PRO 4060 delivers enterprise-class firewall throughput and VPN concentration. Unbeatable price/performance characteristics make the PRO 4060 the ideal solution for companies that need rock solid network protection coupled with fast, secure VPN access for remote employees.

SonicWALL PRO 4060 VPN/Firewall - 4 x 10/100Base-TX LAN, 1 x 10/100Base-TX WAN, 1 x 10/100Base-TX

Check Point Safe@Office 500 UTM Appliance

Designed for the small business, Check Point Safe@Office 500 Unified Threat Management appliances deliver proven Internet security. A single Safe@Office appliance can protect a network of up to 100 users (recommended) from a wide array of Internet threats, providing a solid line of defense against threats ranging from hacking attempts and denial of service attacks to phishing and viruses.

Check Point Safe@Office 500 UTM Appliance - 4 x 10/100Base-TX LAN, 1 x 10/100Base-TX WAN, 1 x 10/100Base-TX DMZ

Watchguard Firebox X Edge X55e

The new Firebox® X Edge e-Series security appliances deliver powerful network protection for small businesses and remote/branch offices. Available in both wired and wireless models, the Edge can be used as a stand-alone integrated security appliance or as a VPN endpoint solution. The Firebox X Edge offers stateful firewall, VPN, and URL filtering, plus advanced networking and traffic management capabilities to maximize network configurability. An intuitive, Web-based user interface makes it easy to deploy and manage.

For small businesses requiring an affordable, integrated security appliance with unmatched ease of use. Includes best-in-class firewall and VPN capabilities, optional URL filtering, and advanced network traffic management features, such as WAN failover and configurable QoS, to ensure that your business is always secure and connected.

Watchguard Firebox X Edge X55e UTM Bundle - 6 x 10/100Base-TX Management, 1 x

PROCURVE SWITCH 2524 24PORT MANAGED 10/100

The HP Procurve 2524 switch can perform at 9.6 Gbps. It supports layer two switching and offer VLAN capabilities.

The switch can be locked down on a per port basis and offers TACAS as well. There is also a web interface so that you can manage the switch remotely.

PROCURVE SWITCH 2524 24PORT MANAGED 10/100 W/ 2 EXP SLOTS

Technical Details
General Information
Manufacturer: Hewlett-Packard
Manufacturer Part Number: J4813A#ABA
Product Name: ProCurve 2524 Ethernet Switch
Brand Name: HP
Manufacturer Website Address: www.hp.com
Product Line: ProCurve
Product Type: Ethernet Switch
Interfaces/Ports
Number of Ports: 24
Interfaces/Ports: 24 x RJ-45 10/100Base-TX LAN
1 x DB-9 Console Management
Fast Ethernet Port: Yes
Media & Performance
Connectivity Media: Twisted Pair 10/100Base-TX
Performance: 9.6Gbps Switching Fabric
6.6Mpps Throughput for 64-byte Packet
I/O Expansions
Number of Expansion Slots: 2
Expansion Slots: (2 Total) Expansion Slot
Network & Communication
Flow Control: IEEE 802.3x (Full-duplex)
Address Table: 4K MAC Addresses

Cisco ASA 5505

The Cisco ASA series provides best of class security protection for networks. Security features include firewall, VPN with IPsec, intrusion prevention. The Cisco ASA series has replaced the PIX line of products. There are five different modules that can be integrated.

Cisco ASA 5505 50-User Bundle - 8 x Management, 3 x , 1 x

Information Security Consultation Costs Call 714-786-5878

Phuture Networks provides information security services starting at $30 an hour. We will provide a security assessment of your home network or business network. Phuture Networks will provide you with a full report of security vulnerabilities. Remediation of these threats can be provided at additional costs.

Phuture Networks can test your network remotely. If needed a security consultant can come on-site for a physical analysis. Travel costs will be incurred. Phuture Networks serves the Orange County, CA area.

Phuture Network Services offered Call 714-786-5878

Phuture Networks offers the following services in the Orange County Area:

1. Information Security
2. Process Security
3. Internet Technology Security
4. Communications Security
5. Wireless Security
6. Systems integration and configuration
7. Procurement Services.

Please email today for a free consultation.

Email

Linkedin Profile

I decided to post my Linkedin profile. Please feel free to view it. Potential clients can email me at benjamin.hargis@gmail.com. 

Asus EEE and Backtrack 3 Beta

I want to get a Asus EEE PC galaxy black with Backtrack 3 Beta. This is a great setup for my business. The machine is small and light enough to take with me anywhere. Backtrack has all the security tools I need to do vulnerability and penetration testing for my clients.

Need a Router Password?

If you ever need to look up your default router password check out this website. It allows you to search by manufacture as well. 

Redhat Linux Videos Online

I learn allot from watching videos online regarding Linux, computer science and security from websites like You Tube and Google Tech Videos. These are great tools to use and learn for free.

Relaunch of Phuture Networks website

I temporarily brought down Phuture Networks for upgrades. Phuture Networks new website will have a more user friendly feel to it. Client's will receive their own login username and passwords so you can check on project status, billable hours and post any questions, comments or suggestions regarding Phuture Networks or your security project.

Phuture Networks

This is shameless self promotion. I'm really trying to get my consulting business going. It is allot of work. I work 8 hours daily doing solutions selling in IT. I tell clients to think of me as a consultant for free.

I want to be on my own in three years. With my own clients. I want to provide security consulting on a contractual basis. I will handle all aspects of security. This includes updating servers. Patching software. Keeping virus signatures up to date. Managing firewall rule sets.

I spend my nights and evening eating breathing and sleeping IT security. Anyone need a security consultant?

CA Arcserve

There are reports from Secunia that CA Arc Server has multiple vulnerabilities. The exploits can used to bypass security restrictions.

Secunia has a very good list of up to date alerts.

Hacker Methods

So how do hackers and crackers go about attacking networks and hosts? The best ones do research first. They want to know about your company, workers names, hobbies. The more information the better.

The first step would be to scan your target to determine which ports are open on your network. This can be done with many tools on the Internet. I will not list the tools as this is not a hacker tutorial but more of a heads up. Once they find what ports are open they can determine what services are running. A simple scan on Google or other websites can tell you which vulnerabilities are known for this application or service.

The next step would be to search for exploit code for that open port/service. At this point the attacker could craft a packet with a payload with the exploit code. The exploit code can tell the remote host to send back a shell or any other numerous things. Most attackers want access to the system to look for things. Others are malicious.

Attackers will often install a sniffer to grab more passwords on the network. Then cover their tracks and come back at a later time to grab the information or use your host as a jump off point for more attacks. Some hackers use mulitple systems to do Denial of service attacks. DDos is used with multiple systems.

The lesson here is patch and patch often, install IDS systems and have a firewall that will drop any suspicious traffic. Monitor your logs and encrypt your data!

Layered Technologies Hacked

It appears that hackers have managed to get into Layered Technologies databases. There are reports that over 6,000 user id's and passwords were compromised. This just shows why encryption should be used more vigilantly.

It looks like the hacker got in over HTTP. He then accessed the database and copied the information. Passwords for SSH, MySQL, Cpanel and other applications were taken. I would suggest to anyone using this company to switch their passwords or think about another hosting company.

Intrusion Detection Systems

In my previous post I talked about a IDS. IDS is a system that is used to monitor your network or hosts for behaviour that is out of the norm. They look for known attacks and alert you. You can usually have a back end database to store this information.

IDS systems can protect against zero day exploits, directory traversal, SQL injection attacks, buffer overflows, worms and othe Mal ware.

A good IDS should be able to do the following:

1. Deep Packet Inspection
2. Behaviour analysis
3. Logging

SNORT is a great and free IDS. It can do network analysis and logging.

There are plenty of books availiable to learn and configure SNORT.

Cisco also has a IDS, they call it IPS or Intrusion Prevention System.

McAffee Intrushield

McAffee Intrushield is a IPS. Intrusion protection system. The Intrushield can scan data at up to 10Gbps. Their are different models. I was told by a security enginerr by McAffee security engineer that it is effective because it uses FPGA's and ASIC's to transfer data. I noticied a bullet point that stated that the device could even scan for encrypted threats. I asked how can the IPS device determine if it is legit traffic or Malware? He stated that the device decrypts the packets and then scans the contents.

This device also supports QOS. Which will allow you to prioritize data. For instance VoiP would need more bandwith than P2p. They also have a technology called Vitual IPS to protect VLAN's.
The Intrushield is compatabile with McAffe Orchestra and and Mcaffee NAC.

Business Intelligence

Business Intelligence is used to find patterns and trends to spot opportunities. This is awesome technology. Databases can be modeled to look for this data, then turn it into information. The saying information is power is true. Business Intelligence allow you to peer into all the data to see your best customers, best locations for real estate, stock trends, and economic data.

It can be used to look at customer behaviour, what magazines they order, websites visited to, and much more. This is information can then be used by marketing and advertising companies or even worse spammers or telemarketers.

The future hold real time data analytics and business intelligence. Where decision's can be made on the spot. Talk about pressure.

There is a open source data mining tool called Rapid. Data mining, AI, data warehousing and analytics are interesting topics. I will be taking SQL next semester.

The government uses a similar technology for homeland security using databases to look for patterns and similarities to detect threats to our nation.

Microsoft Products

It seems like everyday there is a new Microsoft software title. It's mind boggling. There is Microsoft Expression. Which is web design suite. It allows for CSS layouts and also works well with .NET. This is not a surprise. There is also something called Microsoft accounting. I found this interesting, because I need accounting program for Phuture Networks to bill my clients.

Microsoft also has something called start up center. It's a good resource covering everything from tax laws to office setup. I like the fact it has list's of things that can be needed as office supplies and then links to Kinko's and other office supply places. It's a startup portal.

They have a certification called Microsoft Small Business Specialist. This is a test that I'm planning to take. Microsoft has allot of good information.

Microsoft Working with Sun on Virtualization

According to a article in CRN, Micros0ft is working with Sun to make sure that their virtualization will be compatible. This means that if I purchase a Sun server with Solaris, It should, emphasis on *should* be able to run MS Server.

Do I want this? Sure why not. I like running multiple operating systems to see what I like the best. They all have benefits and flaws. For instance MS Windows is great for the business world. i.e. applications. I love Mac OS X for it's beauty and simplicity. It is the perfect OS and system for home users.

If I want to code, I then use Linux/UNIX depending on what platform I need to try to write or debug software on. I'm no expert programmer, but can read and write some C, HTML (not a programming language) PERL and Assembly X86.

With Web 2.0 taking off. A popular buzzword. What it really is is services using AJAX. Think of applications on the web to use. Google Apps comes to mind, Facebook and Myspace.

To sum this up I think it is a smart move for Microsoft. After all Novell has Xensource.

Windows Vista Encryption Algorithim

A few months back I asked a Microsoft Sales Rep what encryption was used for Vista. He did not know. The encryption algorithm implemented is AES-CBC. This is Advanced Encryption Standard in cipher block chaining mode.

AES is a block cipher developed by our government. The key sizes can be 128, 192 or 256. The block size is 128bits. It can change the plain text 10, 12, 14 rounds.

To learn more detailed information. Wikipedia has a excellent article.

Artificial Intelligence

When will AI come to the point that we live in a world like IRobot. I often think of developing a massive database of information. It would be very sweet to have AI, running in the database. It would look for patterns, learn and try to make logical decision's. I read about data mining, data warehousing, and data modeling. This is all in the field of informatics.

Artificial Intelligence is developing intelligent systems to mimic human behavior. AI can be applied to all fields of research. There is also the thought that AI will one day take over humans. Pretty scary.

There are so many databases out there on the Net. Imagine if someone developed a intelligent spider to crawl the net looking for correlations, trends over even try to predict future events. This is already a reality.

VM Ware Products

Their are several products that VW Ware offers. There are products for first time virtualization users, for enterprise users, technical and programmers and products for locking down the desktop and as well as management.

For Servers there is VM Ware Server -----> VM Ware Infrastructure
For desktops there is VMWare player. You can run virtual machines on any machine. These are free downloads.

Virtual Manager allows you to create virtual machines.
VM Workstation allows developers to run multiple virtual machines for software development.

VMWare Ace is used on desktop for security, it can be used to lock down endpoints.
VMWare Infrastructure.

ESX Server is the flagship or foundation for distributed virtualization. ESX server takes care of managing memory, hardware, networking and splits them up into virtual machines. Virtual center gives you a birds eye view of your virtual machines. It also handles workloads, optimizing and it has templates.

There are several add-ons for ESX server.

VM Ware is great for Malware analysis. You can view and run the source code in the vitual machines in a controlled enviroment. There are Anti-Virus companies that use VMware and software debugging tools such as Soft Ice to look into worms and see what there are meant to do. What worms, viruses and othe Malware is contained in the payload.

Open Source Search Engine

Today while working I came across Koders. Koders is a open source search engine. This is nice. There is also Google Code search. The beauty of this is that you can search for functions and routines that other programmers have written. Why reinvent the wheel?

I also went through a hour of Microsoft licensing training. There are so many options. I'm currently working on loking for companies that need Enterprise Agreements. This can be for SQL, Windows Server, Microsoft Exchange, Server, Windows Vista all the favors. You can also get software assurance which alows you to get software upgrades. This can be valuable because Microsoft is coming out with Microsoft Exchange 2008.

Microsoft Security Alerts for Sept 2007

Microsoft released some security alerts. There is only one critcal alert. It allows an attacker to run code remotely on your machine. This is dangerous because they can ask fr a shell back to their computer to execute commands.

Here are four of the alerts:

•	MS07-051 - addresses a vulnerability in Windows (KB 938827)
•	MS07-052 - addresses a vulnerability in Visual Studio (KB 941522)
•	MS07-053 - addresses a vulnerability in Windows (KB 939778)
•	MS07-054 - addresses a vulnerability in MSN Messenger and Windows Live Messenger (KB 942099)

To update your system. Click here.

Microsoft has a ton of use full information on security.

Here is their security portal.

Microsoft also has a security response center. The one thing I wonder is why there are so many holes in the first place? There is software that will scan your source code for known vulnerabilities. This should be done before shipping the product!

Cyberwar

The DOD has stated that Cyberwar is real. Our US networks have been attacked by China. I heard on CNN that our Secretary of Defense's computer was also penetrated. I do not know if this is true. President Bush says it's not.

The Air force has some of the best cyberwarriors. They have classes to train our troops on information warfare. The have a degree in Cyberwarfare. It's in the electrical and engineering department. They train on IP networks, telecommunications, radars, satellites, transportation systems, and power systems.

The NSA also does try to stop these attacks. The DOD had one of the lowest security rating's out of goverment agencies. The National Science foundation had some of the best security.

Virtualization

Virtualization is hot right now. I sale VM Ware products. I'm currently studying for the VM Ware professional sales. There are plenty of other player in the field right now. There are open source solutions. Such as Virtual Box.

There is also Novell is Xensource.

Virtualization allows you to run multiple virtual machines on one computer or server. It is handy. I run Parallels here at home on my Macbook. The benefit is that I can run Mac OS X and then have Redhat Linux in another window. This allows me to focus on programming in Linux and using Mac OS X for my photos or running ITunes.

Companies can use virtualization to reduce IT cost's, There does not have to be as many desktops. You can run multiple virtual machines on the server and have clients connect with dumb terminals.

Virtualization is also good for security. A virus or worm will only stay in the virtual machine and not infect other machines, or virtual machines. Virtual machines can also be transported with VMware. This can be carried on person in a USB drive.

Microsoft Automatic Updates

It appears that Microsoft has been installing updates without our permission. Tommorow is patch Tuesday. I wonder how many holes they are going to patch?

You can view the knowledge base articles to see what they are installing on your computer there are allot of updates. It would be nice of Microsoft to let users know that they are going to be installing software. It's bad enough that I cannot see the source code. How do I really know what is in those updates? More Spy ware? This is why I love Open Source/Linux. I can view the code and run MD5 checksums to insure that the software has not been tampered with.

I was reading this article in Eweek that stated that they have been doing this for quite some time.

AOL Instant Messenger Attack

It appears that it is possible to send HTML code to AOL messenger, to shut it down or try to gain information from the clients computer.

Here is the link to Bugtraq.

Cisco Adaptive Security Appliance

Every morning I get up and sign into My Yahoo and IGoogle. I have them configured to show me the days exploits and vulnerabilities. I do this to keep my clients informed. My clients consist of Network administrators, CIO's, CEO's and business owners.

Today I recommended a Cisco ASA to a client with IPS. IPS stands for intrusion prevention system. The Cisco ASA comes standard as a firewall. You can then add different modules such as VPN, Content filtering and Anti-X.

The VPN can support different users depending on the module selected. It does SSL and IPsec. There are different encryption protocols that can be utilized as well such as DES and 3DES. A VPN is a virtual private network. It allows you to login remotely form home or Starbucks securely. When you do this without a VPN, you send your data in clear text. A simple sniffer between your computer can pick up these packets and read what is in them. Encryption slows the process of reading the contents. 3DES and DES are very strong and it would take years or even longer to crack it. When you are surfing at your local Starbucks, the guy next to you can run a wireless sniffer and grab your bank account information, Yahoo Login ID, or Amazon login.

The content filtering module allows network administrators to implement security policies. Like blocking Yahoo instant messenger, Myspace, and ESPN during work hours.

Anit-X is a anit-Malware application. It defends against viruses, trojans, key-loggers, exploit code and other goodies that attackers like to use to gain info, mess up data, and just for fun.

The IPS module is nice. It attempts to stop attacks before they happen. How? It has a signature database, the firewall does deep packet inspection. This means it looks at the content of the packets and compares it against a updated databse of known attacks. It it looks suspicious it is dropped or quarantined for later inspection.

Working for a VAR

I have not posted to this blog for a long time. There has been allot of good stuff going on in my life. My son Alexander was born in May. I have not had allot of time to do anything really. I started working for a value added reseller. I enjoy my work. I focus my sales on storage, security and networking products. I.m trying to gain as many certifications as possible to increase my knowledge and provide solutions to clients.

Right now I'm going for VMware sales professional. I enjoy learning, it keeps my brain going. I work with some people who dont have the drive to really learn the new technologies. They just want to make the sale. I understand that and am not putting them down. I'm different. I want to know what I'm selling and how it works. I want to see if I can make it better. It can be software that needs added functionallity or hardware that could run faster or cheaper.

In five years from now I want to be running my own business Phuture Networks full time. I'm looking to provide managed security solutions for clients. This can include remote and onsite penetration testing. Wireless assesments, web server hardening, OS hardeing and verification of firewall rulesets. Recommendations on intrusion detection systems and physical security.

Computer Security News

Its Friday night. I'm listening to some techno and reading many different feeds. The one that caught my attention is about an Israeli computer security firm, discovered how to read enrypted pin traffic used by banks. The secret service is investigating this claim. It makes me wonder what type of encryption protocols are in place to protect me at my local ATM ? Are they strong ? Is there a standard or do banks get to choose ?

There were also some reports that Wall Street and other financial institutes could be attacked shortly. The goal of the terrorists is to hurt the US economy.

I also read a article today about how mainframes seem to have been forgotten. There are still IBM mainframes and I'm sure many other supporting our nations infrastructure. Security needs to be considered for all hardware and software on the network regardless of how old it is. Even printers are open season for experienced crackers.

In other news a hacker from Romania, hacked into NASA the department of energy and the US Navy. This worries me. Were talking the Navy and DOE. What type of testing is our goverment doing to protect against these attacks ? We have the NSA who is supposed to be protecting our networks and communications. But they choose to listen to US citizens. Protect first guys.

I still don't get why people don't use encryption. You hear almost every day. they got access to all these records. Is it that its too difficult to implement. I admit my grandma does not need it but our universities and goverment sure does.

Review of HP iPAQ hx2495

I just picked up one of these PDA's from Amazon. Im quite happy. It is a little heavy compared to my Toshiba PDA, but so much more powerfull. It has built in WiFi and Bluetooth. I connected to my corporate network with no problem at all.

I really missed having my PDA around. One day my Toshiba just quit. It was a refurbished model. I picked this up for $288.99. It was a good deal.

McAffe Secure Internet Gateway

I just done with a presentation on the McAffee Secure Internet Gateway. This is a unified threat solution. It has Anti-Virus, Anti-Spware and firewall capabilities. It also has anti SPAM system.I stayed after the presentation to ask what operating system runs on the device. It is a modified version of RedHat. It is also checked by a outside third party for any vulnerabilities.

It comes in different models like the 3100, 3200 and 3300.

These models also have web filtering capabilities. This device is capable of protecting both POP 3 and SMTP fro email security.

To find out more go to www.mcaffee.com

Math and computer science

I'm currently in school majoring in computer science with a focus on security. I'm really need to brush up on my math skills. I was on Slashdot and came across this post about what type of math CS majors should look into.



Article on Slashdot

CCNA Notes

Flow Control provides data integrity prevents the sending host from overflowing the buffers of the receiving host. Sends data in segments. Synchronization and windowing is also handled at this layer.

Routing is handled at the network layer. The network layer is also responsible for routing thru the internetwork and network addressing.

Router update packets include RIP, IGRP, and OSPF.

Kevins Mitcnicks Security Advice

I came across this on Wired Magazine site. This is quoted from Kevin Mitnick. One of the most famous hackers of all time.

Here's my Top 10 list of steps you should take to protect your information and your computing resources from the bad boys and girls of cyberspace.

• Back up everything! You are not invulnerable. Catastrophic data loss can happen to you -- one worm or Trojan is all it takes.
• Choose passwords that are reasonably hard to guess -- don't just append a few numbers to a no-brainer. Always change default passwords.
• Use an antivirus product like AVG or Norton, and set it to update daily.
• Update your OS religiously and be vigilant in applying all security patches released by the software manufacturer.
• Avoid hacker-bait apps like Internet Explorer and disable automatic scripting on your e-mail client.
• Use encryption software like PGP (pretty good privacy) when sending sensitive e-mail. You can also use it to protect your entire hard drive.
• Install a spyware detection app -- or even several. Programs that can be set to run frequently, like SpyCop, are ideal.
• Use a personal firewall. Configure it to prevent other computers, networks and sites from connecting to you, and specify which programs are allowed to connect to the net automatically.
• Disable any system services you're not using, especially apps that could give others remote access to your computer (like Remote Desktop, RealVNC and NetBIOS).
• Secure your wireless networks. At home, enable WPA (Wi-Fi protected access) with a password of at least 20 characters. Configure your laptop to connect in Infrastructure mode only, and don't add networks unless they use WPA.

This is great advice and I recommend following his points....

I love Open Source Software

I can do anyhting with Open Source, I love it. Need a webserver ? Get Apache. How about a web proxy why not try Squid ? Lets not even mention security. Vulnerability Scanners, Intrusion Detection Systems and its all free. The only thing I see is the learning curve and time it takes to configure and manage this software.

Attack can disable Windows Firewall

A attacker can send a crafted packet to shut down Microsoft Windows firewall. Not shocking. Microsoft has never been known for security. The attack involves ICS or Internet Connection Serivce.

The attacker would have to be on the local LAN for this to work properly.

Google picks up JotSpot

Jotspot was one of my prospects for a company who shall remain nameless. When I talked to a guy over there, I told him him how I thought that there idea was good and was amazed that Google has not bought them yet. Now I read this morning that they bought them.

They offer wikis to families and businesses.

http://www.jotspot.com

Cisco ASA 5500

Cisco ASA 5500

This is a review on the new Cisco ASA 5500

The Cisco ASA or Adaptive security appliance can use different modules for different security needs.

There are currently four unique modules. They include the firewall module, IPS which is a intrusion

protection system. Anti-x module and a VPN (virtual private network) module.

The benefits of this appliance is that modules can be added as your needs grow. All in one device.There is a business edition provides small to medium businesses with VPN and gateway capabilities.

The firewall module can be implemented to stop corporate users from abusing instant messaging, theintroduction of spyware and adware onto the corporate network.It will also protect against externalthreats suck as hackers or crackers. Policies can also be set up to bloak peer to peer file sharing.

The Cisco ASA 5500 can also provide VPN access for remote users. The SSL (Secure Sockets Layer) and also IPsec protocols can be used to encrypt traffic.

Different forms of authentication can be used such as Kerbeos, Microsoft Active directory, LDAP lightweight directory protocol and RSA secure ID.

Everythinbg can be controlled through the Cisco Security Manager, a all in one management platform. I watched a video on this at Ciscos website. I like the interface, you can even see attacks in real time and decide to section off that part of the network. Thats pretty slick. Another way to do this is through MARS, which is Cisco's analysis tool.

There are diffrent modules for different needs Some firewalls can support up to 1.2Gbps.

The Anti-X technology is based on Trend Micros technology to stop threats like viruses, spyware, trojans and worms.

CCNA Progress

Im still studying working on my CCNA, I'm studying IP addressing and subnetting currently. its going well. I have decided to rewrite my business plan for Phuture Networks. I'm going to focus solely on IT Security.

I injured my knee, I have been out of work for about a week since I cant drive. Its my right knee. The one good thing I can say about it, it has given me time to think. I have been analyzing allot of code in C, PERL and Python. I want to be able to read the stuff like English.

I have almost completed my introduction to engineering class. I like it. It has made me more methodical and detail oriented.

My son is getting huge, I cant believe how fast kids grow. Its really amazing.

Microsoft Vista and Pirates

Microsot has come up with a plan to thwart illegal software copies. The solution ? They will lock out anyone who does not register their OS within 30 days ! I wonder how long it is going to take for some skilled cracker to reverse engineer the code.

It will not actually lock you out just give you real limited functionallity. Which would suck. During the 30 days you will get popups. Lovely. Letting you know that you must register.

During this grace period warnings will be displayed and Vista will block access to the Windows Defender anti-spyware tool, ReadyBoost memory expansion feature and Aero advanced graphics option, Microsoft said.

Just run Linux. IMAO

Day 1 Studying for CCNA

I have made up my mind to stay focused on obtaining my CCNA or Cisco Certified Network Associate, I have downloaded many study guides and plan to read one chapter daily, out of my CCNA book. When I pass the exam I will focus on security. I would like to become a expert with firewall technologies, configurations and setup.

The main subject for today is the OSI layer or open systems interconnect. This is a standard that allows vendors software/hardware to communicate. There are seven layers for the OSI model. They include: Application, Presentation, Session, Transport, Network, Data and Physical layers.

The Application layer provides network access to programs, it also does error recovery and flow control. It makes sure that communications can be established by checking resources. The following protocols can be found here. NCP, SMB, Telnet, SMTP, Appletalk and SMB.

The Presentation layer does protocol conversion and my favorite encryption and data compression. This layer uses protocols such as NCP, TDI and AFP.

The Session layer does just that it opens a session it does connection establishment, data transfer and cloese the connection. The protocol NetBios can be found on this layer.

The Transport layer put messages into smaller packages adn does error detection and correction. Some of the protocols here NetBeui, NWLink, IP, IPX, and TCP.

The Network Layer does routing, handles addressing, translates logical addresses to physical ones as well as traffic management. The protocols here are IP, IPX, NWLink and NetBeui.

The Data Link Layer packages bits into frames so they can be transported over the network layer. There is also the MAC sublayer that puts the MAC address into the frame header.

The Physical Layer would bethe actual cabling, connectors and electrical signals transmitted on the wire.

That is my quick synopsis of the OSI layer.

Current BrainBench Certifications

I guess I really am a geek. This didnt take long at all....

Alexanders Doctor Visit

I took my son to the doctors today, he had to get four shots. I hated every second of it. He is only 4 months old. But its over for at least a couple months. My girlfriend went with me.

I made it into work late today, doctors note and all. I find my inbox is full of spam. We sell spam firewalls and but I guess the rules are not configured properly on our network. Today is a typical Monday, making cold call and not reaching anyone.

I'm currently enrolled in Engineering at a community college. It is ok. I can say it is making me think about things differently. It's like programming in the sense of breaking the complex problems into smaller chunks. I have always liked taking things apart as a kid. Now here is my chance to start building. Next semester, I will be taking more math and physics. I do not want to stop going to school. There are so many subjects that interest me. I'm a geek :)

I still want to take technical writing and drawing, CAD, CAM and more advanced electronics. I'm still undecided on my major. I'm thinking about information assurance or computer engineering.

Stolen Laptops and Data

It seems like daily I hear about security breaches, laptops being stolen. All this personal information is being leaked. I dont understand why people dont use encryption ? I admit it seems daunting, but there are programs out that now that require you to click a button. Its that simple. But what standard do you encrypt with ? I personally like AES which stands for Advanced encryption standard. It is FIPS compliant another lovely acronym that stand for federal information processing which means the goverment uses it to secure unclassified data.

If you want to know the ins and outs of the algorithihm here is a paper published by NIST.

AES Text

After finishing the document, I feel like I need another Red bull.

It talks abouts ciphers, bits, plaintext and other goodies. A knowledge of C C++ or Unix is helpfull. There are alot of functions.

XOR is used in the algorithim to encrypt plaintext into ciphertext.

The cipherkey itself can have lengths of 128, 192 or 256 bits.

There is to much math for me, gives me a headache, although I can understand some of the code.

Microsoft Presentation

We had Microsoft come out to our office to show us Vista. It looks clen but the hardware requirements are going to require allot of people to upgrade. Thats good new to me but bad for consumers. Personally I love Linux. Vista looks allot like OS X. Apple's OS.

There are some new security feautures including a way to encrypt directories and filesystems. When I asked what encryption protocol would be used, I did not get an answer. That's marketing for you. I also read that Microsoft released 12 security alerts. 8 are critical. You can read about the here .

Goals and Career

I currently work for a large IT company consulting enterprise accounts on hardware software needs. I'm working on obtaining my Associates degree and have decided that my major is going to be information assurance. (IT Security). I plan on studying for my CCNA and have a goal of obtaining it by January of 2007. After I complete my self-study. I will go after my CISSP. Currently I'm a MCP or Microsoft Certified Proffesional.

Here is a sample of the courses:

Bachelor of Science - 127-128 credits

Programming and Computers - 25 Credits
CT-115 Introduction to Programming	3
CT-152 Introduction to Unix Completed	3
CS-130 Computer Science Fundamentals I	4
CS-220 Database Management	3
CS-230 Computer Science Fundamentals II	3
CT-301 Website Construction	3
SE-301 Software Engineering	3
SE-458 Senior Design Project	3
Computer Security - 18 Credits
CS-356 Web/CGI Programming Using PERL	3
CS-418 Operating Systems	3
NS-201 Network Security Protocols and Administration	3
NS-351 Secure Website Administration **	3
NS-352 Unix Administration and Security ***Completed	3
NS-401 Network Security Theory and Algorithms	3
Mathematics and Sciences - 21 Credits
MA-114 Algebra and Trigonometry	4
MA-124 Discrete Mathematics	3
MA-128 Introduction to Statistics	3
MA-261 Calculus I	4
MA-262 Calculus II	4
Science elective (1)	3
Telecommunications and Networking - 6 Credits
TC-110 Introduction to Telecommunications	3
CT-240 Internetworking with Routers and Switches	3
Management - 6 Credits
MIT-201 Introduction to E-Business Completed	3
MIT-208 Internet and the Law	3
Humanities/ Social Sciences - 19 Credits
FS-100 Freshman Seminar	1
HU-331 or HU-332 Arts and Ideas	3
SS-351 Ethics	3
Humanities/History/Philosophy electives (2)	6
Social Sciences electives (2)	6
English Communications - 9 Credits
EN-101 English Communications I	3
EN-102 English Communications II	3
EN-408 Writing Seminar in Technical Research	3
Technical Electives - 24 Credits
Technical electives (6)	18
Technical electives (2) - must be 300 or above	6

Final Project for Internet Technologies Class

My final project is about having a Internet presence. I already have this blog up, so I'm going to point a link here to my blog. This was my first online class and I enjoyed it. I will be taking critical thinking in August for my next online class.

I also have some articles that I have written that I would like to share with my classmates here is the link.

I also have a business website I made called Phuture Networks.

I have also beent thinking about doing some security podcast's. I keep up with numerous RSS feeds in my Firefox browser. I had a great time with this class and encourage my classmates to keep in touch. I can be emailed at phuturegenius@yahoo.com

A new Morning

It has been some time since my last post, things have been great. My son was born on May 5, he is awesome, most of my time now consists of working, and spending time with my family. Time management skills are in order here. There is so much going on in the IT industry. I like the fact that Apple has released a new Macbook. Its Intel Dual Core,and goes for $1099. I'm in the process of seeking for a new laptop. I have one, but could see myself owing 3. One for the windows platform, anohter for Apple Mac OS and well a third for Unix. Why ? Not only because Im a geek, but I write, try to code and just now getting into photos. I found my dads old 35mm. He is no longer around. So I like photography now. Some many gadgets to get, baby formula to buy. I feel like there is not enought time in the day. Not to mention blogging, soon podcasting. Well thats it today folks have a great one !!!!

The mischief makers BOTS

Bots can be automated to do just about anyhing, there really just scripts that are deisgned to do do network snooping. Here is the scenario, a new exploit is announced online, within minutes a cracker firs up his *nix box, code some PERL and bingo, this script is sent loose to probe networks looking for vulnerable PC's and delivering the result to a system in Finland.

First step is to keep your updates current, run a firewall, and dont use file sharing networks. I cannot stress this enough most malware comes thru those networkds even with Spyware running.

Phishers and VOIP

Now it seems that Phishers are reocrding automated services with VOIP, just imaagine calling into Bank Of America, your call is routed over a VOIP network and someone is on the the line with a digital recorder. Man does that suck, Im sure they already nknow how to decoded DTMF codes to get your banking account number. My suggestion get PGPhone, its a product that will encrypt your Voip traffic. That way they can try to do cryptanalysis and by the time they crack (they wont) You will no longer even need a bank account.

Search Engine Marketing Job

Well things are changing for the better in my life, I got a new job placing ads in search engines thru Yahoo Search Marketing and Google Adwords.Its a cool company too. I cannot beleive how much money is in the industry, and all the new stuff I'm learning about. The biggest issue? Click Fraud. There is alot but not as much as people think.

I'm currently learning about Google's API's and plan on taking PHP next semester. Everything is going webbased. This is cool and scary at the same time. Most of the stuff on the net is vulnerable on the net there are exploits posted daily. How much stuff of mine do I really want on the web? Besided this and a couple of other blogs not much.

What Linux Live CD's are good for security?

I use Whoppix alot, it is a great CD, with alot of good tools, categories include penetration testing, wireless testing, it has compilers being that is Linux, it has a ton of usefuill perl scirpts and a vulnerability DB.

You can find it here:

Apple and Dual Boot

This is great, but why not triple boot? I know its possible, what if I want to run Windows 2000 Mac OS X.. and BSD or any flavor of Linux? I like many operating systems for many different reasons. Im looking at VMware so I can run virtual machines to test code in a controlled enviroment. I want to analyze malware and peek beneath the hood to see what functions and system calls it might be trying to access.

Microsoft now offers a virtual server, for free :) I like free stuff Go open source. I have not tested it yet. Im curious to see how stable it is lol.

Pay Per Click Management

I have created another blog for my day to day activities at a PPC management firm I work for check it outby clicking on the title Pay Per CLick Management.

DRM- Digital rights management

The word for the day is Digital Rights Management
Is it ok to burn and copy music or to use servies for Limewire? I know it's illegal. I cant think of someone nowadays that does not burn music, I personally notce everything that I read I can find online and it usually more up to date.

The copyright protection schemes will continue to be cracked. Is it of any use?

DRM is used on DVD's, product activation, and digital water marketing.

Adware

I hate Adware, I'm always looking for great tools to get it removed. Here is a great adware and spyware remover.If your PC is running slow, or downloand alot of music, I recommend checking this out!

No Adware

Krav Maga

Today I woke up and went to my first Krav Maga class.It was fun and a great workout. They also played really cool music which was a plus. I have been blogging alot I have three blogs up currently and one website. I have decided to blog my classes online, not only for a learning experience, but to rehash my studies and to give back to the online community. My classes this semester are HTML and Ecommerce.

Southern California Linux Expo

Well SCALE is around the corner. Im excited, I think I'll drag my girlfriend along with me to introduce her to Linux. She uses MS Windows which I do as well at work and at home. I use Linux as well. I prefer Linux for the reason that so much good software is availiable and its free. I also have my choice of compliers ready at my disposal.

What is SCALE? Click on the link above to check it out.

This is my plan:

These are the talks I will be attending.

Day 1

A Look at the Current and Future Face of PHP
Lunch
Fighting Spam using Linux and Open Source Tools
phpWebSite Open Source CMS
Linux Network Security

Day 2
Performance Tuning Linux Applications With DTrace
So you want to be a consultant
Exhibiton
New Features in MySQL 5.0, 5.1, and beyond

Department of Justice VS. Google

The Department of Justice wanted access to search queries on Google. The DOJ asked Google to release search records for a particular week. Then they asked for a list of all URL's indexed in Google. This is insane thats like over a billion URL's.

Google said no.

Yahoo did release search results. No personal information was released.

AOL did comply. No personal information released as well.

Sunday

Its Sunday morning, I got up early lifted some weights and got my car washed. Then me and my girlfriends made a trip to Costco to return a DVD/VCR combo. We already have one. There was no problem with the return which was nice.

We are now watching Lord of War with Nicholas Cage. It 's about a gun runner, I like it. I will probably be going back to Blockbuster today to return the rest of the movies. I also rented Pirates of the Silicon Valley, its about the making of Apple and Microsoft. Its also good. It shows how crazy Steve Jobs actually was. I dont know if he still is :)

Back to School

I have enrolled back into school I'm taking HTML and Ecommerce, lets see how I can profit from this.

Thursday Morning

I decided to take the rest of the week off for vacation. I will be bloging and gaming. I'm going to go see Narnia later today, which should be cool. I will be posting a review about it today.

Yet another blog I started

I have started a new blog to test out WordPress. Here is the link: http://phuture.wordpress.com. Why did I decide to try Wordpress? Why not. Its free currently for a lite version and the interface is clean and simple to use. This is very important to me. Dont get me wrond I feel comfortable in any *nix shell enviroment and can move around but I think about other people who are lacking the skills in the computer department.

Keep It Simple Stupid

KISS- I have been applying this to my life lately, throwing out alot of junk. Organizing and enjoying the things that I have not what I want. I can honestly say Im happy. How does this relate to computer security? It doesnt I just felt like ranting.

More papers on security.

Its back to work for me. I will be posting some more articles here shortly. I'm currently working on a physical security paper expalining about CCTV, Alarms and Biometrics. This should be a good paper. This weekend I studied ARP poisining and spoofing and ways to try to prevent it. It really is amazing how hackers change their MAC address to get free Internet access at your local starbucks on your dime.

Cisco PIX 506E

Cisco Pix 506E Security Appliance

This firewall is a enterprise class security appliance. It could be used for small to medium sized businesses, sattelite offices and regional offices.It supports two 10/100 fast ethernet cards and also two 802.1q virtual interfaces.This alows your business to create a DMZ or demilitarized zone. This is a spot on your network that you put your webservers but not your backend servers like SQL or Exchange. Cisco took the approach of multilayered defense again with this product and it has alot of nice feautres to help protect your network and data.There are no moving parts making it more reliable.

The Cisco Pix 506E uses what Cisco calls Cisco Adaptive Security Algorithim.This provides statefull packet inspection it logs all authorized attempts to use the network as well as trying to block unauthorized access.The firewall is designed to look for common vulnerabilities, it looks for about 55 well known attacks.It inspects layers 4 through 7 os the OSI layers. The Cisco Pix 506E also looks at application data traversing the network and even protocol status.The designers of this firewall did a good job. The Cisco Adaptive Security Algorithim does protocol field checking and also URL length checking. It does not mention anything about if it can filter Unicode.It has over 100 applications already documented so you can allow or disallow them easily.

Cisco PIX Device manager allows administrators to manage their network remotely.Network or Firewall administratos can still create their own ACL's or access control lists and user and group based policies. Network administrators can decide which applications that are and are not allowed thru their network as well as protocols.Protocols that this device checks are HTTP, FTP,SMTP, DNS, SQl*Net,NFS,ILS, SCCP and many more.For instance I would not allow my employess to use Telnet, if they needed remote connectivity at all I would suggest SSH using a cool program called Putty for Windows based machines.

Since Im on the topic of remote management I will talk about some of the Cisco Pix 506E solutions.The are many different ways to mange this device. It can be troubleshooted and configured remotely.If you have a web browser which I hope all admins have, you can access this firewall through the Internet. It uses SNMP simple network management protocol for monitoring devices on the network.You can use Auto Update server, security monitor and management center for firewalls.

The firewall does auditing, has support for Dynamic devices on the network and can do software images.

The Cisco Pix 506E also has support for VPN's or virtual private networks.You can use either IKE Internet Key Exchange or IPsec.Cisco also offers VPN concentrators to speed up connections. I will be writing articles on those shorlty. The encryption standards it supports are DES data encryption standard, this is crackable. 3DES which is more secure and AES advanced encryption standard. I recommend the later. The VPN can work with NAT or network address translation which hides your internal IP address from the Internet. Support for up to 10 VPN uers.The firewall also supports TACAS+ and RADIUS.

VoIP- Voice over Internet protocol can also be ran thru this firewall. So that you can sleep well at night knowing that your multimedia and voice connections are secure.
This is probably my favorite about this device. Intrusion Prevention. This firewall has tools that protect it from many well-known attacks.

Dos or denial of service attacks are prevented from bringing down your network and firewall. I do question how much data this device can take before shutting down or how many packets it can drop quickly. There tools are called DNSGuard, FloodGuard, MailGuard, IPVerify and TCP intercept.

This firewall can also contact adminstrators real time thru a cell phone SMS or email thru a devich such as a RIM Blackberry.I have read of software that will allow you to SSH to your router, computer thru the Blackberry. Cisco's auditing software is called CiscoWorks Information management Solutions or SIMS.No not the game. It collects and anayzes data from across your network allowing you to prioritize threat levels.

Benjamin Hargis
Phuture Networks
http://www.phuturenetworks.com/
http://www.computersecurityadvice.com/

Voice over IP

I hear allot about VOIP what is it?

VOIP stands for voice over internet protocol. Basically it means making phones calls over your local area network (LAN) or even across the Internet.

VOIP is normally cheaper than your PSTN that’s public switched telephone network i.e. your local carrier.

VOIP is a good choice for businesses as well to save money on long distance calls if they have many satellite offices. VOIP service providers usually have lower fees because they are not a government regulated currently as the phone systems which at one time were a monopoly. VOIP can even be free if you connect directly to another VOIP client.

VOIP routers can send your incoming phone calls to you anywhere thus cutting down on the number of lines and you can be reached anywhere you have a Internet connection.

This and the combination of technologies like WiFi are going to make for one huge network. That voice, data and video will be sent everywhere and from anywhere. With this VOIP technology you have allot more features as well such as Caller ID, Call Forwarding and answering services all from your computer or PDA.

There are some issues to still be worked on.

Here are some:

The amount of band with required.

Security issues- what type of encryption should be used and how much is going to slow down the call and network?

This is a exciting and new technology which I will be writing more about.

Benjamin Hargis

More info on Cisco PIX 501

Cisco Firewall PIX 501

This firewall is designed for homes and small businesses.This firewall can support up to ten users on a basic license from Cisco. It has a 133 MHz processor and comes with 16MB's of RAM. In addition it has 8MB of Flash RAM.

The Firewall also comes with 1 uplink port and a four port switch. It does not support Layer 2 transparent fire walling. It also does not support the routing protocol OSFP which stands for Open Shortest Path First. There is no VLAN-Virtual Local Area Network.

The PIX 501 allows you to setup a VPN-Virtual Private Network easily with the Cisco Easy VPN Server.

The firewall supports speeds up to 60Mbps bidirectional.

When you implement cryptography such as 3DES or DES it slows down the traffic.The PIX 501 can support anywhere from 50-unlimited users depending on your license

Cisco PIX Technology

Cisco PIX Security Appliance.

Cisco PIX Security applications can enforce policies on users and applications.

Cisco PIX can protect you from many different network and Internet based attacks.

Cisco PIX offers secure connectivity, using methods such as SSHv2 Secure Shell Two and VPN virtual private networks.

This is fairly easy to setup.

Cisco PIX can provide you with secure VOIP voice over internet protocol.

IPSec or Internet Protocol Security IPSec can be setup for VPN's.

Cisco PIX Security appliances provide multiple layers of security.

This hardware/software based solutions is designed to look for anomolies aka weird traffic thats not normal on your network, which could be an indication of a attack.

There is over thirty different engines looking for different attack signatures.

The current version is Cisco PIX appliance version 7.0

Here are some of the feautures:

You can rollback previous configurations in IOS.

QOS- Quality of Service

You can update software on the fly with bringing down the hardware. No rebooting.

VPN client security

Layer 2 transparent firewall.

This is really interesting 3G mobile security services.

You can configure the firewall to block instant messaging, point to point networking P2P.

You have the ability to block applications trying to tunnel thru your network with encrypted
traffic.

Cisco PIX provide rich statefull packet inspection PIX can protect your voice, data, and video
traffic.

Version 7.0 also supports IKE or Internet Key Exchange.

Everything can be managed from Cisco Adaptive Device Manger which can be console and web based.

Benjamin Hargis CEO Phuture Networks
http://www.phuturenetworks.com
http://www.computersecurityadvice.com/
Here are some other sites for you viewing pleasure:http://www.checkmategame.blogspot.com
http://www.realestatelead.blogspot.com/

Sales Tips

-Here are some tips for people in sales, hope this helps.

Anticipate objections and be ready with rebuttals.

Get down to the real objection.

Follow up with all leads.

Do it the best its ever been done.

Its all numbers, dial more.

Provide value for customers.

Control the conversation, listen even more.

Follow ethical practices.

Planning, goal setting, decision making, delegation and communication work on improving these areas.

Toss out ideas at meetings.

Keep abreast of the market

Look for multiple sources of income.

Assume responsibility for your actions.

Build relationships.

Network like crazy.

Be resourcefull, ready, remebered and relentless.

Help customers discover the best solutions.

Persist and dont give up!

I've been in sales for 15 years this can be valuable to new sales people and veterans.

Building Internet Firewalls

Building Internet Firewalls by Oreilly

This book covers the basics of firewall technology to the nitty gritty details. I highly recommend it. It is well written and covers such interesting topics as protocols, databases, security strategies and examles of firewall setups.

Building Internet Firewalls covers packet Filtering, Proxy Services, NAT- network address translation and VPN's virtual private networks. Firewall architecture such as single box, screened host, bastion host, multiple screened hosts, modems and internal firewalls for your intranets.

The different ways to filter traffic are also discussed in depth. You can filter based upon address, protocol, source and destination addresses amongst many other variables. It discusses both Micorsoft Windows and *nix based solutions.

It goes over Internet Services such as RPC, DCOM, DOM, CIFS, SMB, SSL, RAS, PPTP and so many others.

This book is a awesome reference to add to your security analyst book collection.

Microsoft Security Update

Microsoft has released several security alerts for Microsoft Internet Explorer. Here are four of them:

HTTPS Proxy Vulnerability (CAN-2005-2830)

File Download Dialog Box Manipulation Vulnerability (CAN-2005-2829)

COM Object Instantiation Memory Corruption Vulnerability (CAN-2005-2831)

Mismatched Document Object Model Objects Memory Corruption Vulnerability (CAN-2005-1790)

This can cause problems ranging from attackers reading web addresses sent to a proxy server to running malicious code on your hosts to gain admin access.

MS05-055Vulnerability in Windows Kernel Allows Elevation of Privilege (908523)http://www.microsoft.com/technet/security/bulletin/MS05-055.mspx

This one allows attackers to escalate or gain higher privleges than allowed an example would be a user with no rights gaining administrative control of the machine. It is possible to change kernel memory with this vulnerability. This can lead to remote code execution as well.

Cisco PIX 501 security appliance

The is a firewall thats easy to set up for home or small office. It has a four port fast Ethernet switch built in.

This firewall can provide up to 60Mbps data transfer or 3Mbps of encrypted traffic using (3DES) . This can be used for VPN's Virtual Private Networks.

It supports AES which is the Advanced Encrytion Standard at up to 4mbps.

Here is Cisco's overview of their product

SANS going to start IT college

SANS will create a IT college! This is great news. Its going to be in Maryland, hmm I wonder why. Maryland is famous for computer security why do you ask? The National Security Agency is there. I would love to attend this school, it would be fun. They will offer two programs for Masters Degrees:

Information Security Engineering
Information Security Management

This will not be easy there looking for high GPA's and recommendations from employeers.

Security Warrior

This is a great book that gets more technical than most books I read. What does it contain? What does it not :)

It has assembly programming tutorials, reverse engineering concepts and tools. Overflow attacks and ways to stop them or at least make it more difficult.

TCP/IP analysis and tools to help in your network engineering chores. It breaks down protocols and their strengths and weaknesses.

It also covers forensics, and anti-forensics. SQL, Wireless, VPN's and SSL.

There is so much in this book and its a great read and handy reference this is my third time reading it so I recommend it to any security analyst's bookshelf.

Bidding for Excel Vulnerability

A cracker discovered a hole in Microsoft Excel and try to auction it off! This is a first, kinda funny in my opinion. Ebay quickly pulled it from their website. This is a goodthing. There are tons of free software out on the Internet to recover Microsoft Office passwords.

I use many Linux Distributions on bootable CD's to recover these from clients who have forgot or lost their passwords. I can recover most files even ones that have been deleted.

Virus Definitions

I'm amazed on how so many people think that antivirus software is a cureall its only as good as your last updates. Malicious users write malware daily to exploit and corrupt your systems. Turn on your auotmatic updates! YOu should also use a firewall, if your using wireless use WPA with strong paawords.

Spyware is also rampant on the Internet is your homepage changing automatically? There is also the threat of keyloggers which could be logging your bank account info, or even your Amazon account information! Use tools such as SpyBot Search and Destroy or Adaware.

What is PERL?

Practical extraction and reporting language. Perl is a stable programming language. It is great for automating tasks, especially system administration chores. It is Open Source which means its free.

PERL was created by Larry Wall. PERL is sometimes called the duct-tape of the internet. PERL can be used with popular database programs and implemented into websites as well.

Where can you get PERL? http://www.perl.org/get.html

Website on PERL http://www.perl.org/news.html

The PERL Journal http://www.tpj.com/

Examle of PERL code:

A cheap alarm clock: perl -e ’sleep(120); while (1) { print "\a" }’

Random Password Generator

Steve Gibson writes great software. This tool will generate random passwords for you you, this is usefull for alot of things such as WPA and WEP.

https://www.grc.com/passwords

It gives you 3 choices!

63 random alpha-numeric characters (a-z, A-Z, 0-9)

63 random printable ASCII characters

64 random hexadecimal characters (0-9 and A-F):

Want to learn ARM assembly?

So what exactly is ARM, its a RISC based processor it can be used for mobile applications such as cellphones, it also can be used for routers, switches and hubs. I like embedded programming and figured I would include a link to learn to code in assembly for ARM.

http://www.heyrick.co.uk/assembler

Microsoft Security Video

This come from Microsoft in Japan- it is so cool.

From Microsoft Japan
http://www.microsoft.com/japan/athome/security/images/thinksecurity/tv/thinksec_1m.wvx

Firefox Vulnerability

We all new this one was coming. I love Firefox but the more popular it gets the more were going to see holes and exploits. Its still alot safer than IE.

http://isc.sans.org/diary.php?storyid=920

This code was written just to test Firefox, and it worked.

Real Estate Website

Check this out if you are in Real Estate http://realestatelead.blogspot.com/

Voice Over IP

This technology is hot, it allows you to make phone calls over the internet with the IP protocol, companies like Google might have plans to use this nationally already. There is also VONAGE.

You can check them out here : http://www.vonage.com/

Looking for a great debugger?

IDA Pro dissasembler is perfect for looking at machine language. Word of warning it is difficult to use, but it is the best in my opinion. It works with different processors as well. It also serves as a dissasembler. This is great for looking at Malware to find it what makes it tick and see which system calls its using. It call also allow you to view HEX. Stacks, jumps, tables it has it all!

Wired buffer overflow show

I came across this on Wired's website www.wired.com It's a flash program showing how a buffer overflow works. Pretty cool yet makes it look way to easy :) Generating shellcode is not for the faint. Here is the link http://ly.lygo.com/ly/wired/news/flash/special_reports_bugs_1.html

Microsoft Internet Explorer Vulnerability

Another one? Come on Microsoft, Smart people use Firefox www.mozilla.org. There is a window() object that fails to check code passed thru it correctly. An attacker can execute code to launch a shell and take over the computer. The IE user would have to view a HTML documnent or email to be affected.

Disable Active scripting.

Follow this link to check out a paper on malicious active scritping:
http://www.cert.org/tech_tips/malicious_code_FAQ.html#ie56

Cisco Vulnerability

Cisco just released a report warning of a flaw with OpenSSL www.openssl.org/ It is possible for an attacker to perform a man in the middle attack by spoofing IP addresses thru DHCP. DNS posioning is also a possibility only certain version of BIND are affected. For more information go here: http://www.cisco.com/warp/public/707/cisco-response-20051202-openssl.shtml

Best computer security websites

Here are websites I frequent alot:

http://www.securityfocus.com
http://www.packetstormsecurity.nl
http://www.sans.org
http://www.cert.org
http://www.securiteam.com
http://www.linuxsecurity.com
http://www.phrack.org
http://www.neworder.box.sk
http://www.slashdot.org
http://www.google.com
http://www.securitynewsportal.com
http://www.infosyssec.com
http://www.snort.org
http://www.honeynet.org
http://www.dshield.org
http://www.astalavista.com
http://www.whitehats.com
http://www.incidents.org
http://www.microsoft.com
http://www.iss.net
http://www.cisecurity.org
http://www.networkintrusion.co.uk
http://www.isc.incidents.org
http://www.grc.com
http://www.foundstone.com

Web Programming

Have you ever seen acronyms like SOAP, XML, HTML and wonder what they are. Would you like to learn how to code in DTD, CSS or learn server scripting like PHP? This site shows you everything has awesome tutorials and is laid out easily.

http://www.w3schools.com/

Global Information Assurance Cert

Sans http://www.sans.org came up with a certification called GIAC. The basic cert is for security fundamentals. There are advanced topics like forensics, firewalls, incident handling, hacker techniques, and windows and unix OS information. This looks like a solid cert to obtain.

Here is all the certifications they offer:

http://www.giac.org/certifications/

TCP/IP

Need hep understanding IP addressing? Here is one of the best papers that Ive found on the net. Explains everything from subnetting to broadcast addressing. It also explains about the different classes such as A, B, C and D. http://www.bergen.org/ATC/Course/InfoTech/Coolip/

One of the best sites for Computer Security Training

I came across this site and it has a ton of information on different security certificates that are out there. http://www.cccure.org/

Looking for Information on CISSP

This is the official site to get information on obtaining your CISSP certificate. This site has alot of great information on it. Check it out here: https://www.isc2.org/cgi-bin/index.cgi

Hardware Modification

If your anything like me you like to take things apart and make them better, faster, smaller, lighter etc. Here are some great sites to help you out with your modding.

http://www.hackaday.com

http://www.makezine.com/blog/

Cpanel

My friend decided to host my website, I know have access to this program called Cpanel, its sweet, I have many scripts I can play with and best of all its running on a Linux server. Say goodbye to be stuck in some lame program where I cant even view the HTML :) It has full support for PERL, PHP its looks awesome.

http://www.cpanel.net

Cisco CCNA Certification: Broadcasts, Unicasts, And Multicasts

When you begin your CCNA studies, you get hit with a lot of different networking terms right away that you might not be familiar with. What makes it a little more confusing is that a lot of these terms sound a lot alike. Here, we're going to discuss the differences between broadcasts, multicasts, and unicasts at both the Data Link (Layer 2) and Network (Layer 3) layers of the OSI model.

A broadcast is simply a unit of information that every other device on the segment will receive. A broadcast is indicated by having every bit of the address set to its highest possible value. Since a hexadecimal bit's highest value is "f", a hexadecimal broadcast is ff-ff-ff-ff-ff-ff (or FF-FF-FF-FF-FF-FF, as the upper case does not affect hex value). The CCNA exam will demand you be very familiar with hex conversions, so if you're not comfortable with these conversions, get comfortable with them before taking the exam!At layer 3, a broadcast is indicated by setting every bit in the 32-bit binary string to "1", making the dotted decimal value 255.255.255.255.

Every host on a segment will receive such a broadcast. (Keep in mind that switches will forward a broadcast, but routers do not.) In contrast to a broadcast, a unicast is a packet or frame with only one destination. There is a middle ground between broadcasts and unicasts, and that is a multicast. Where a broadcast will be received by all, and a unicast is received by only one host, a multicast will be received by multiple hosts, all belonging to a "multicast group". As you climb the Cisco certification pyramid, you'll be introduced to creating multicast groups and controlling multicast traffic, but for your CCNA studies you need only keep certain multicast groups in mind.Class D addresses are reserved for multicasting this range is 224.0.0.0 - 239.255.255.255.

The addresses 224.0.0.0 - 224.255.255.255 are reserved for use by network protocols on a local network segment, and like broadcasts, routers will not forward these multicast packets. (Packets with these addresses are sent with a Time To Live of 1.)As a CCNA candidate, you should know that OSPF routers use the address 224.0.0.5 to send hellos, EIGRP routers use 224.0.0.10 to send updates, and RIP version 2 uses 224.0.0.9 to send routing updates. RIP version 1 and IGRP both broadcast their updates.Multicasting gets a bit more complicated as you go from your CCNA to the CCNP and CCIE, but by simply understanding what multicasting is, you go a long way toward securing the CCNA.

Cisco Router Security

Network security is a hot topic today, and will only increase in importance in the months and years ahead.While most of the attention is paid to exterior threats, there are some steps you can take to prevent unwanted Cisco router access from within your organization.Whether you want to limit what certain users can do and run on your routers, or prevent unauthorized users in your company from getting to config mode in the first place, here are four important yet simple steps you can take to do so.Encrypt the passwords in your running configuration.This is a basic

Cisco router security command that is often overlooked. It doesn’t do you any good to set passwords for your ISDN connection or Telnet connections if anyone who can see your router’s running configuration can see the passwords. By default, these passwords are displayed in your running config in clear text.One simple command takes care of that. In global configuration mode, run service password-encryption. This command will encrypt all clear text passwords in your running configuration.Set a console password.If I walked into your network room right now, could I sit down and start configuring your Cisco routers? If so, you need to set a console password. This password is a basic yet important step in limiting router access in your network.

Go into line configuration mode with the command “line con 0”, and set a password with the password command.Limit user capabilities with privilege level commands.Not everyone who has access to your routers should be able to do anything they want. With careful use of privilege levels, you can limit the commands given users can run on your routers.Privilege levels can be a little clumsy at first, but with practice you’ll be tying your routers down as tight as you like. Visit www.cisco.com/univercd for documentation on configuring privilege levels.Configure an “enable secret” password.It’s not uncommon for me to see a router that has an enable mode password set, but it’s in clear text. By using “enable secret”, the enable mode password will automatically be encrypted. Remember, if you have an enable password and enable secret password set on the same router, the enable secret password takes precedence.These four basic steps will help prevent unwanted router access from inside your network. If only preventing problems from outside your network was as simple!

Author: Chris Bryant

Tips On Buying A Cisco CCNA / CCNP Home Lab Kit

Buying a CCNA / CCNP home lab is the best way to be totally prepared for your Cisco exams.

Most home labs are put together one router or switch at a time, but many CCNA / CCNP candidates prefer to buy kits where you get multiple routers and switches, along with all the cables and other connection devices you'll need.
While this is a good idea, keep a few things in mind when purchasing Cisco home lab kits.

Don't buy anything you don't need. The problem is that when you're first starting out with your Cisco home lab, you don't know everything that you need. (I sure didn't!) Keep in mind that you only need one transceiver per AUI port on a Cisco router, so if you're getting routers with two AUI ports in all, you don't need five transceivers in the kit. It doesn't hurt to have one spare, but three is a little too much.

More importantly, don't buy kits with old CCNA or CCNP study guides included. I've seen kits with books that were three years old and were of no use to the candidate. If you see a kit that looks good but includes books or manuals you just don't want, ask the vendor for a price that doesn't include the books. It never hurts to ask.
Watch the IOS version. Unless you've got access to IOS upgrades, you'll be working with the

IOS version that's on the routers and switches when you buy the kit for a while. You don't necessarily need the latest and greatest IOS version for CCNA study, but don't buy routers with IOS versions beginning with "10" unless you have an IOS to upgrade them with. (And make sure the routers have enough memory to handle the IOS you plan on putting on them.)
Purchasing a Cisco CCNA / CCNP Home Lab is one of the best investments in your career that you will ever make. Exercise just a bit of caution when purchasing your kit, and you'll be on your way to true Cisco success, in the exam room and on your network!

Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage , home of free CCNA and CCNP tutorials! Pass the CCNA exam with Chris Bryant!

Some things I would like to accomplish in my lifetime

Master UNIX
Visit Japan
Master spanish
Get my pilot's license
Visit Tibet
Learn Zen
Get a degree
Get a degree in Computer Science
Get married
make money
Invest in Real Estate
workout daily
Speak chinese
Help mankind
Become a engineer
Get my HAM license
understand electronics
understand physics
be a better boyfriend
get my MBA
Get a PhD
Purchase a home
Pray daily
stop smoking
visit Europe
Purchase a powerbook
Purchase a Sun Workstation
Design Planes
Get a job in Aerospace
learn GO Get a handheld GPS unit
Purchase an Escalade
eat healthier
visit Bali
Retire in Montana
own a boat

Classes I'm planning on taking:

Introduction to Engineering
Personal Finance
Physics
Chemistry
Logic
Business Writing and Communication
Finance
Child Psychology
Web Design
PERL
PHP
C and C++
Cryptography and Security Mechanisms
Practices for Administration of Physical and Operations Security Security in Systems Architecture and Applications Disaster Recovery/Forensics

You may ask all those? Yes, I love learning. Wouldnt mind getting a PHD. :)

Classes Ive taken in no particular order

UNIX/Linux System Administration
UNIX/Linux Operating System
Business 001 - Introduction To BusinessBusiness 005 -
Business Law I
Management 001 - Principles Of Management
Psychology 001 - General Psychology I
Philosophy 001 - Introduction To Philosophy
Internetworking
Electronics
Computer Repair
Computer Networking
Microsoft Windows
Spanish 001 - Elementary Spanish I
Computer Information Systems 787 - Network Essentials

Configuration Guidelines from CERT

I recommend that all sys administrators read these excellent articles:


Home Network Security
Windows NT Configuration Guidelines
UNIX Configuration Guidelines
UNIX Security Checklist New Version 2.0
Anonymous FTP Configuration Guidelines

Here are some articles I have written!!

http://ezinearticles.com/?expert=Benjamin_Hargis

Feel free to read them and email them to friends and colleagues. Keep checking back as I plan to write alot more!!!

A great way to start investing

I use this service and I love it. Its great because there is no minimum to start.

http://www.sharebuilder.com/sharebuilder/Index.asp

Check them out!!!

Looking for a great and cheap way to Try Linux, or Unix?

I go on this site on almost a daily basis to check out the new flavors of Unix and Linux, I probably own at least 4 or 5 distributions currently and all have their ups and downs. I own Whoppix, Knoppis, Auditor and a couple of forensics CD's as well. This is a great way to get alot of tools for open source on one CD. http://distrowatch.com/

Class I'm thinking about taking.

This is a PERL class that I might take; Ive had this teacher previously and hes pretty cool.

Students will be introduced to the Perl scripting language syntax, data types, input/output, Managing System Processes, Database programming, CGI programming and Web Programming. Not an introductory programming course. Students need to have previous programming experience.

I love PERL there are so many things that it is usefull for. I want to be able to write flawless networking applications with it.

Looking for a good way to find files on your desktop?

I have used Google Desktop search and personally do not like the way it indexes my files here is an alternative. Its called Copernic Desktop Search and yes its free!

http://www.download.com/3000-2379_4-10314159.html

It searches most file formats as well.

Free computer security software

Looking for free computer security tools to use?

Got Spyware?

There is now a bill in Congress to make Spyware illegal. Good luck at catching the creators, in the mean time here are two links you can use to get started on your journey against Spyware.

http://www.lavasoft.com/ Ad-aware
http://www.safernetworking.com/ Spybot Search and Destroy.

Note there is better version available for a cost. There are many things you can also do to protect your computer Keep Automatic Updates turned on for all of your Anti-Virus Software, and operating systems. Clean out your cookies as well there is often cookies placed to track your whereabouts on the Internet.

Now the subject of viruses. There are commercial anti-virus scanner like Symantec Norton Anti-Virus and MacAfee in fact many new computers come with trial versions. Unfortunately when these versions run out users most of the time ignore it and wonder why do I have a virus? Let me explain something just because you have a antivirus software program on your computer you are not cured. Virus writers do just that write new viruses and edit old ones to do new things. You need to update your signatures of your anti-virus software continuously. Crafty virus writer’s code Viruses to disable your anti-virus software!

There is free anti-virus solutions one is called AVG http://free.grisoft.com/. I personally use this product and love It, it is not a memory hog like Norton. And you can also set up schedules to run and get updates.

A good firewall is a must especially nowadays. This is because everyone for the most part is running DSL and Cable modems. Which are great for connectivity horrible because it’s like leaving your front door unlocked.

Check out http://www.zonelabs.com/ They have a product called Zone Alarm. It is customizable and blocks allot of attempts of entering your network. It is shocking to see the amount of people trying to get into your network. Zone Alarm will alert you to programs trying to access the Internet. This is kind of annoying but can be a life saver if a program is dialing Kenya on your telephone!! Zone Alarm can remember certain programs.
Windows Service Pack 2 has a firewall in it and I recommend enabling it.

There are many web browsers that you can use. I love Open Source you can probably guess I’m using Firefox www.mozilla.org/products/firefox.com There are so many features that I can rave about like tabbed browsing, if your anything like me at home I have at least two or three browser running if using Internet Explorer, with Firefox I can have as many websites as I want open and tabs at the top with descriptions. it's ingenious in my opinion. I don’t have to switch browsers like I do with IE.

Internet Explorer is one of the most used browsers and most targeted. Mozilla Firefox has many advantages including security. It also does not use ActiveX.

Scan your own systems! To see what ports are open and running. DO you have services that do not need to be running?

Knowledge is power. I work for a technology company for three years and never have they trained any people in multiple departments on security that I'm aware of. I’m amazed to hear things from co-workers such as I don’t have an account with so and so bank but they wanted my information and I gave it to them! Corporate networks are and will continue to be infected by users that are untrained about computer security. People all the time open attachments that they do not know where they came from. Homes users are sometimes even more ignorant. That is not said in a mean way.

File Sharing programs are popular and an opening to viruses, Trojans and other lovely things you don’t want in your network.

For the best and current security tools, alerts and news use Google http://www.google.com/.

Microsoft Internet Security Accelerator

Quick and Dirty Primer on Internet Security and Acceleration Server.

What exactly is ISA?
Microsoft Internet Security and Acceleration server is a web-cache, virtual private networks and application layer firewall.

For vendor information check out www.microsoft.com/isaserver.
I went to a Microsoft security conference and this is what I picked up.

ISA can inspect traffic coming into your network and also do HTTP filtering. It is designed to look for directory traversing. YOu can customize protocolsand policies based upon your criteria.
ISA allows for better authentication thru RADIUS remote access dial in server. You can also use products from RSA such as secure ID, which I recommend.
VPN's can also be customized thru ISA. VPN's are virtual private networks to allow remote users to access your network thru encrypted tunnels using protocolssuch as IPSec.

Internet Security Accelerator can also be used with Microsoft Exchange server for better security.

Internet Security accelerator allows traffic thru that has been deemed ok by the firewall administrator without additional packet inspection increasing performance of your network.
ISA will also cache webpages to allow faster access over the network.
There are always open source alternatives such as Squid, http://www.squid.org which is a open source proxy. This is just a few notes I took down that I thought I would share with the internet community. I hope this helps with any IT decisions.

Making Money

It is Friday morning and I'm thinking about how to make more money on the Internet. There is allot of opportunities. I'm currently using Google Adsense and am constantly looking at ways to improve traffic to my website and total number of clickthrus. I run my own computer consulting company, which is fine. I would rather work fulltime from home because I have a baby on the way and would love to spend all the time I can with my girlfriend, child and my computers. I currently have two jobs. I like my day job, but hate my slow computer at work, it is also not as technically challenging as I would like.

Then there is affiliate programs. I like Amazon http://www.amazon.com because I can select what books amongst other items I want displayed.
The possibilities are almost endless. It takes allot of writing, even more research and link building to get the results I’m looking for. I would like to make a fulltime income of the Internet and not even leave the house unless there is some interesting security problem or technical problem to get into. I'm thinking about just writing more security articles on a daily basis as well. I do it for fun and to share knowledge.

It must be the Colombian coffee this morning because my mind is racing with business ideas of ways to profit and turn nothing into something. I don’t want to reveal too much though because there is always competition :) I’m looking forward to going to the USENIX conference in December it should be a blast. I will be blogging and taking photos of every bit as well. Then I and my pregnant girlfriend will be making a trip to San Diego to Sea world.

This February I should be going back to college, I have attended like 6 community colleges, various trade schools and I'm not even a PH.D.. I think my problem is that I focus on only technical classes and not the General Curriculum suggested. YAWN. The classes I’m looking at? Oddly enough more psychology and ecommerce, maybe a design class. I took Java and could not stand it. They don’t offer Python.

Windows Server 2003 Security

Windows Server 2003 has some of the following feautres to help protect your corporate enviroment:

There is now forest trust that allows you to authenticate other companies in your WAN thru Active Directory, this simplifies some security issues for security and network administrators.
Kerberos is now availiable thru Windows Server 2003 to allow for better and more secure authentication.

Credential Manager allows secure storage for usernames and passwords as well as certificates.

You can now delegate what services can access other resources on your network.
.NET password is now integrated with Active Directory aloowing SSO or single sign on.
RBAC or Remote Based Access Control you can assign more efficient restrictions to manage access to information.

Systems administrators can disallow software to run, with the Software Restrcition Policy.

In Windows 2003 you can audit system alerts and even set up audits of individual users!

Account Management logs IP addresses and even calls for Logon and Logoff events.

You can now log security events in real time and export them to a SQL database to anaylze later.

PKI or Public Key Infrastructure is is system of digital certificates and CA or Certificate

Authorities to verify you are who you really say you are. This is great for ecommerce systems, think E-Bay. You want to know if your really giving your credit card information to E-Bay or E-fake.

Windows Server 2003 now helps with Wireless 802.1x., you can enable PEAP which is protected EAP for authentication.I suggest using WPA in conjuction. he encrytpion protocl they use is called EFS.EFS uses AES-256 which is very strong encryption. There should be security in depth applied.Two form authentication should be applied such as biometrics and passwords.Take a look at RSA secure ID cards.This provides great authetication for users on the move connecting to the corporate networks, or even home. I like open source solutions myself or even third party vendors for encryption such as RSA http://www.rsa.com.

Have a Happy Thanksgiving!

To all my readers have a great Thanksgiving :)

XBOX 360 buggy.

I really do not find this shocking as it is a new product. There will be bugs and probably lots of them we have not even heard about possible vulnerabilities this might open up on your home network. Here is the link
http://www.xbox-scene.com/xbox1data/sep/EEFkZkkkyEHasmrPqu.php

I look forward to playing around with an Xbox 360 shortly. I will then write my own review. I have to admit it looks sweet and has some nice feautres.

The Value Of An Oracle Database

There are some very large, very powerful companies out there that have saved quite a bit of money using an Oracle database. Will your company be one of those? Or, will you simply overlook this opportunity? In order to know if in fact an Oracle database will help you, perhaps you have to know a little more about it. Also, you need to realize the differences that are out there in various versions of the Oracle database. Gathering this information will help you make a sound decision about the use of this product in your business. First, realize that the Oracle database is available to be used and can be benefited from by virtually any size of business. Large corporations, medium sized companies, and even small organizations can all benefit here. What makes it nice to everyone as well is the lower prices that are currently being offered on Oracle database systems. There is no doubt that the introductory price is something to turn heads. The system we will mention here is the Oracle Database 10g Products. These are, believe it or not, the first databases designed for grid computing in the industry. Your options are many: • Enterprise Edition: Packed full with the highest level of performance and scalability. You will find reliability in OLTP as well as in decision support, and management activities. • Standard Edition: Clustering support is provided with this 4 processor version. • Standard Edition One: Same great stuff with a 2 processor version that is perfect for the entry level. • Personal Edition: Perfect for an individual • Lite Edition: Great option for managing mobile database applications. While the features of each of these Oracle database options are many, it makes sense for each and every business out there to find out how well these products can serve their basic needs. Take a moment to see what they can do for you and you may just be impressed with the options that are available to you in Oracle database.View all Sandy Baker's articles
About the Author: For more information please see http://www.money-market-info.co.uk

Active Scripting

I have commented on this many times, this is how alot of Spyware and Viruses infect your computer. Disable active scripting.

How to stop 'Active Scripting' in home PCs by ZDNet's George Ou -- A supercritical zero-day IE flaw has been released in to the wild by a reckless British company. There are no patches available as of 11/22/2005. Here is what you can do now to protect yourself. You must disable "Active Scripting" on all Windows computers running Internet Explorer 5.5 or 6.0 even if you have Windows [...]

Ezine Expert Author

I have been doing alot of writing lately on security topics you can check them out here:

ezinearticles.com/?expert=Benjamin_Hargis

Todays Security Alerts from CERT

US-CERT Technical Cyber Security AlertTA05-312A
Microsoft Windows Image Processing Vulnerabilities
US-CERT Technical Cyber Security AlertTA05-292A
Oracle Products Contain Multiple Vulnerabilities
US-CERT Technical Cyber Security AlertTA05-291A
Snort Back Orifice Preprocessor Buffer Overflow

On another note the German goverment is warning of new strains of Sobig a trojan thats turns PC into email spam bots. look for patches at Microsoft. www.microsoft.com

Wireless Security

Wireless networks using 802.11 have made it simple to connect multiple devices to your home network.This can also make your data availiable anywhere, even outside your home.To set this up all you need is a broadband connection connected to a wireless router or a WAP Wireless Access Point. Your home computers should have wireless access cards installed or if your using a laptop a PCMCIA wireless card. Intel Centrino is great for wireless, I personally use it. I like the fact that I did not have to purchase additional hardware.

When you set up your wireless router or WAP your signal is broadcast. This broadcast usually goes further than your home or business. People like to drive around finding unsecured wireless access points. This is known as Wardriving, some hackers even mark spots on the sidewalk to let other hackers know your home or business is offering free Internet service, or worse yet access to your data.This is not to scare you but make you aware.

Diasble broadcasting so people cannot you your wireless network.
Your routers come with pre-configured system ID's its called a SSID or Service Set Identifier, its very simple to locate this information on the Internet for default SSID's I recommend changing this to something hard to guess. Use alphanumeric's to make it even harder to guess.
Use encryption to protect your network. WEP or Wireless Encryption Protocol is not secure, I have cracked my own network with a Linux machine running Kismet. WEP's keylength is only 40 bits, once you collect enough data from packets its only a matter of time for a determined cracker.Instead use WPA which is WI-Fi protected access. This is more secure.

Configure your router to block incoming outgoing traffic you do not use. Consider blocking Port 23 Telnet and Even FTP.
Router manafacturers have default passwords which I find many home users do not change. CHANGE THEM!

Invest in a software firewall and keep your system up to date. In the month of October 2005 there have been several security flaws listed by Microsoft. Keep Informed.

Security Process

What is ARBIL?
Asset and Risk Based INFOSEC lifecycle.
To implement a comprehensive security plan in I.T. and strategies for risk management.

What is CIA?
Confidentiality, Integrity, and Availability
Confidentiality- making sure your data is available to only those allowed.
Integrity- making sure your data has not been altered in any way. Think bank transactions or chemical formulas.

Availability- making sure your data is available. Hackers often use denial of services attacks to bring down your servers or networks by overloading them with packets.
Hackers use attack trees to determine every possible entrance into your networks. This can be through modems connected to your network, routers, switches, and application vulnerabilities, almost anything connected to your internet.

Make it difficult to determine your OS, which hackers use for Banner Grabbing. This is a simple fix that many systems administrators leave.
Change your banner to display a security warning.

Many people have difficulty understanding security processes alone implementing solutions.

What is SMIRA? Simple methodology for INFOSEC based risk assessment.
Risk management is the practice and process of identifying threats and vulnerabilities to assets. This helps making the correct decisions to implement the necessary safeguards to help your organization carry out its mission.
Organizations should look at threats, vulnerabilities, assets and safeguards.
Risk Assessment

The goal is to have a list of your critical assets. Critical in understanding mission, objectives and operations and what if scenarios.
Then to implement safeguards to protect those assets.

Vulnerability Assessment

This is when you look for vulnerabilities in existing applications and determine there severity. The vulnerabilities will be rated. This includes physical security, web application reviews, policy and procedure reviews, host assessments and OS reviews, and vulnerability scans.

Threat Assessment

This is the process, of identifying existing and potential threats to assets and environments. This will also be based on severity.Where can threats come from? Disgruntled employees, script kiddies, hackers, crackers, foreign governments, and your competition. You can look for threat indicators in your server, logs, CCTV, intrusion detection systems like SNORT. http://www.snort.org

What can threats cause?
Loss of businessDeathFinancial lossCorruption of data.Inability to work, servers down or running slowly.Confidentiality issues.

What are assets?
User IT OperationsStaff Connectivity DocumentationSecurity SystemsThird partiesPaperFilesMedia, like disk, CD’s and USB drives.File, Web, EMAIL, Storage, Application serversAnything of value to the company.
Hackers like to get there hands on all information no matter how unimportant it may seem it can be used to filter out more information.

How do you protect yourself against threats and protect your assets?

Have policies and procedures in place.
Employee awareness of security issues.
Software security in place
Hardware security in place.
Physical security.
Environmental Security. I.e. water level sensors.
Communication security- to protect your phone lines, and PBX systems.
Personnel security.

There is a lot of software on the internet that allows even technically challenged people to run scans on your systems to try to crack them. Anybody that knows how to search Google can easily find such tools. The way the Internet is evolving and more and more people joining the Internet the security risks increase.

Attackers gain information on your systems by doing Domain Lookups with Whois. Port scans using many available tools to find out what you’re running and then do internet searches to find exploit code to crack your systems. Once they find out what applications you’re running it’s only a matter of time before they can crack your systems if you are not protected.
Attackers like to get information on your Domain Names, IP addresses, then they will scan your network looking for live hosts. This can be accomplished with tools like NMAP by Fyodor http://www.nmap.com . By using a tool like NMAP you can send UDP, ICMP, and TCP packets.
This is done to identify host by looking at responses. At this point attackers find out what applications are being used, or any information the host is willing to give out. The more services you have running the more opportunities for someone to remotely exploit your hosts. This can be very time consuming for the attacker. The goal is to find out what OS platforms are being run. Are they Unix, Microsoft Windows or Apple Mac OS? From here it easy much easier for someone to look for shellcode to use against your system.

Sony BMG Spyware

I like Sony as a company but when I heard that they install spyware onto your computer to hid their protection scheme without users knowing, thats shady. If you try to delete it, it will disable your CD-ROM drive! Amazing. There trying to make it hard for people to burn music CD's which is illegal. Copy protection is and will continue to be breakable. That is just my opinion.
F-secure and Symantec have put out updates to remove this spyware.

Home Computer Security

This is a paper about securing your home computers and networks.

The goal of computer security is to keep unauthorized users from using your resources. This can be anything from your computer to your printer or even your web camera. Detection is another important aspect that should be monitored as well.I often get asked "Why should I worry?"
Maybe you shouldn’t. If you are concerned about any of your files or the possibility of losing them you should care. There is also online banking that many people use to watch their accounts. Malicious users can also use your computer to launch attacks against other networks, or put files on your computer as a means of storage. Even if you have the computer just to send email to Grandma don’t think that you are not at risk. Attackers like to hide there tracks by jumping thru multiple locations such as your computer.

Malicious users can take over your webcam and watch and even listen to you!Attackers like to use multiple systems to launch denial of service attacks-sending tons of packets to bring a network to its knees.
Identity theft is huge right now. Your credit report should be reviewed frequently. Identity thieves can gain allot of information from your home computers. FTC said there are approximately over 10 million victims a year. If your ID is stolen or think it is visit www.consumer.gov/idetheft. Never send out your personal information in email it is not secured.The risk is getting greater daily as more people connect to the Internet. Script Kiddies download tools that make breaking into computers as easy as pressing a button. Security patches are offered thru vendors but most people do not bother to patch there systems or have the time.Do people in your household use file sharing programs? I cannot believe the amount of Spy ware and viruses that are hidden in some of those files. I removed over 600 different Malwares from a home computer who thought they were just downloading music.
The system was always freezing and changing homepages in Internet Explorer. Not to mention these file sharing programs can be sharing your financial data, medical records, secret recipes or your last tax return.Key loggers can be on your system recording every keystroke and emailing it to an attacker, enemy or even your spouse. This includes IM's, Emails, and passwords anything.

There are Anti-Virus software that will detect most of these programs.Anti-Spyware can also detect allot of MalWare or malicious code.

Use strong passwords that are alphanumeric or use a password strength tool. I would not use anything in a dictionary American or Foreign as those can be cracked easily thru Brute Force.

Don’t use the same password for every account. Change your passwords regularly, and don’t write them down.I recommend making regular backups of at a minimum your critical system files. Back up to a CDR to ensure that your data cannot be overwritten.
Please monitor your children’s surfing habits and teach them about the dangers of the Internet.

I recommend installing filtering software to keep their curious minds out of the wrong sites.Staying abreast of Anti-Virus updates.Don’t open email attachments that can contain viruses or other malware.

Don’t run programs if you don’t know where they came from than can have Trojan horses. Trojan Horse is a program that appears to be a regular program such as Solitaire buts its actually sending your bank account information to an email address. Attackers can also take over your computer have .mp3 file ran at 3AM in the morning to scare you, even open and close your CD-DRIVE door.

Disable JAVA, JavaScript and Active X
Keep up to date on patching your operating systems and applications. In Windows you can set up automatic updates. You can also visit the Windows Update site.
Microsoft releases patches even second Tuesday of the month this is known in IT as black Tuesday, there is always allot of patches. Upgrade to Service Pack 2.
Internet Explorer always has security issues.

There are Open Source browsers like Firefox http://www.firefox.org which is a great browser and has more security feautures. Firefox has allot of great add ons as well that can make researching more effective amongst other utilities

Disable scripting in emailEnable NAT Network Address Translation on your router. This will hide your private IP address from the Internet. While still allowing computers to access the Internet. Most network firewalls have IP NAT masquerading where multiple device on the Internet appear as one IP address.Make sure you are not enabling shares on your computer for any of your drives. This will look like a hand holding a drive in Microsoft Windows.

Be aware of Phishing these are Internet Con-Artist looking to catch a some fish. Emails are sent that look like Bank Emails, Amazon and PayPal, it amazes me how many people I work with think its the real thing.If your considered about security consider encryption. For Home users look into PGP or Pretty Good Privacy to secure your email, you can even encrypt your hard drive.When you think you have deleted your files they are still retrievable consider a file wiping utility.

Use a Surge Protector.

No firewall can stop all attacks.

Article I wrote on Firewalls

It seems nowadays if you are not online, you don’t exist. It really does not matter what type of company you run, you should have an online presence to let your prospects and clients know about your company and services. When you decide to take the leap onto the Internet there are some precautions you should take. I have friends who say all the time, I really have nothing to hide or worry about. This may be true, but malicious users like to deface websites.Which
can ruin you and your businesses reputation.

This is a paper about firewalls protecting your company from outside threats and unauthorized access.

A firewall is a great start. Firewalls can be both hardware and software based. There are many different firewall vendors some of the bigger names are Cisco, Symantec, and Checkpoint. The difficult part is configuring the firewall.This is where many intruders bypass security, because the firewall is poorly
configured.

I would like to mention that there are many Open Source programs and operating systems that offer great firewall software. I personally believe that OpenBSD has one of the most secure operating systems and firewall configurations if done right. FreeBSD also has firewall software, it is called IPTABLES.IPTABLES offers packet filtering, NAT and you can even change packets in Linux. I have to say you can do anything you want in Linux, because the source code is right
there. It’s a beautiful thing. Linux also uses this; you can build a firewall with the old system sitting in your garage and two Linux compatible network cards.Linux can be hardened, this means to make the operating system more secure. I like the tool Bastille Linux its is developed by Jeff Beale.

To really get a grasp on firewalls you need to understand TCP/IP and allot of different protocols to know if you should allow or deny them into your network. IP addresses identify hosts on the Internet they look like this 127.214.234.54. Firewalls can block IP addresses, ports, protocols and even keywords that come into packets. Hackers that want into you network have many different tools at their disposal to try to bypass firewalls. One common attack is known as
Denial Of Service or DOS attacks. The attacker simply floods your network, firewalls with so many packets that it cannot handle them and sometimes crashes. Firewalls are available with DOS filtering to keep these attacks low, and start dropping packets.

Firewalls do not protect you from internal threats such as employees bringing in viruses from home. Or remote users using VPN's (virtual Private Networks) bypassing your firewall. Think about if you bring your son to work and he downloads music on your fast company internet connection only to introduce your corporate network with a worm or even worst a Trojan horse. Service ports that are open to the public such as Port 80 HTTP, have know vulnerabilities on the Internet. FTP has many vulnerabilities as well.

Are there different types of firewalls?

Yes. There are hardware and software firewalls. You might be even using Zone Alarm or Black Ice Defender. These are software based firewalls, the more I
study firewall technology I realize that everything truly is a software firewall. A computer is nothing without software to tell it what to do.

Packet Filters

Packet Filters look at source and destination addresses. This is where firewall rule sets come in to play. The firewall administrator must determine which source and destination ports and addresses to allow or deny. The security administrator needs to keep up to date with alerts on vulnerabilities as new holes are found and created daily. A technique known as spoofing can sometimes fool firewalls but making it appear that a packet is coming from inside the protected
network when in fact it is an attacker changing the source address.


Application Gateways

Application Gateways are like errand boys. You request a file and the application gateway grabs it for you.This is great for logging connections, and setting
up authentication as well.


Statefull Packet Inspection

Statefull Packet Inspection is a technique used by Cisco PIX firewalls and Checkpoint Firewalls these firewalls look at the data coming across the network.It can also authenticate connections, users can usually not notice that the firewall is in place. Allot of firewalls now allow you to configure VPN's which is awesome if you have remote workers and satellite offices and need to transfer data securely.

Intrusion Detection is also something to consider, I like SNORT. SNORT can detect known attacks against your system and does a great job at logging them if set up correctly. There are thousands of different software and hardware solutions you can purchase for you home or network. I happen to like Open Source, because I like learning and knowledge and the Open Source community has taught me more than the corporate world ever will. A book I would like to recommend that is great for learning about firewalls is called simply enough Building Internet Firewalls, it is by O'reilly. That is all for now. One last tip, backup, backup, backup.

WEP VS WPA

I came across this article it is a interesting read, I feel all keys are breakable it's just a matter of time.

Steve Gibson weighs in on WPA-PSK keys by ZDNet's George Ou -- Brute forcing cryptographic keys is only interesting from a top secret or academic standpoint. Brute forcing a random 8 character alphanumeric WPA-PSK key for a home is a fool's errand because there are infinitely cheaper and easier ways to penetrate a home network by some other means.

Look out Network Admins

I know alot of IT admins that dont stay up on alerts, so the more the beter. It time to upgrade to the newest IOS version as many flaws are found in the current version. This was announced at the previous BlackHat Conference which caused alot of controversy.

Time to patch your Cisco routers by ZDNet's George Ou -- While Cisco isn't alone in upgrade complexity, the end result is that most end users never patch their routers and switches and just assume they never needs patching. This probably won't change until a conventional PC worm makes the jump to attack IOS vulnerabilities and causes massive damage.

Windows 2000 Security

Windows 2000 Security
By Benjamin Hargis

I was asked recently to go to a car dealership and do a security analysis on their Windows Server 2000 machine.

This is what I recommend doing to any Windows 2000 machine where applicable.

Make sure that the guest account is disabled. It comes disabled by default.

A problem I notice allot is when I go to companies, lots of accounts are still active for employees who no longer work there. They should be removed when the employee is terminated or leaves on their own accord. Disgruntled employees have been known to wreck havoc.

Group policies can and should be implemented in a Windows 2000 environment and audited to make sure there are no extra accounts or accounts with weak passwords.

Password security is also important; if your password is weak it will be cracked. I have been in companies where your password is your initials. That is to simple. Implement password policies and account lockouts after multiple failed login attempts. WARNING this can create a denial of service attack. Create multiple admin accounts and give them different rights. A strong password policy for administrative tasks.

Run Net Share from the command line to view open shares on your network and shut those down unless needed.

Go into the BIOS and set a user password and disable the ability to boot from a floppy, USB, or CD. People can easily grab the SAM file which is a password hash stored on your system from a Linux boot CD or other tools. Then attempt to crack the hash.

Change the administrator account to a different name. That is usually a crackers first attempt. Rename it to something other than root as well.

Use NTFS on all partitions this gives you more control and security than using the FAT file system.

Make sure that the "Everyone" permission is not allowed on your resources, directories, etc.

Have the last user logged on turned off. This makes it easier for an attacker to guess passwords. There already half way there the have the username.

Apply appropriate access control lists.

Don’t forget about the people around you and either lock your workstation when you leave or have a screensaver enabled with a strong password. Insider threats are a reality.

You can enable EFS encryption file system; you can encrypt whole directories as well. I suggest if your really paranoid or smart to look into a utility that allows you to choose different encryption algorithms. I do not like encryption standards that are closed. Meaning we cant see the source code. I prefer open source its easier to look for holes and attacks.

Make backups of all your important files. This is the most important thing I learned in System Administration. Backup, Backup, Backup to something that cannot be overwritten such as a CD-R.

To configure Security Policies use the Security Configuration Toolset you can make your job allot simpler by using snap-ins.

I visited Microsoft’s site to see everything they had, I have to say there is plenty of information.

Shut down services that are not needed. The more ports that are open and the more applications running the more avenues of attack.

Restrict access to Local Security Authority only to admin.

Change log in warning to something like. Authorized Personnel only, "all activities are logged and monitored. Violators will be prosecuted to the fullest extent of the law."

Shut down individual ports, that are not used.

I personally like smartcards for two form authentication. I recommend RSA secure ID for machines that need more security.

Enable auditing to track what users and possible intruders are doing on your system.

Everything from login attempts to access of objects can be audited in Windows 2000.

Protect the registry from anonymous access.

Make sure the audit logs are locked down so they cannot be erased, or tampered with. Only the admin should have rights to these files.

Install service packs.

Make sure that your antivirus is up to date with the latest signatures.

Run a Spy-Ware utility.

You can also run an online vulnerability checker such as Shields Up by Gibson Research.

Get automated patch software.

Remember that security is not something that can be finished. Keep up to date.

Benjamin Hargis CEO & MCP

Phuture Networks

Visit us on the web! http://www.phuturenetworks.com

Article Source: http://EzineArticles.com/

Free Micorsoft Security Toolkit

Follow this link to get a informative newsletter and a free security CD from Microsoft.https://microsoft.order-7.com/sbsnewsletter/addrform.asp

A great article on Spyware definitions

Spyware definitions released by ZDNet's Suzi Turner -- The Anti-Spyware Coalition (ASC) released their definitions of spyware today, available at the website. The document includes a table of technologies that could be classified as spyware, depending on factors including control, notice and consent. Another document (PDF) is available, with a summary of the nearly 400 public comments and the ASC's response. The coalition also outlined their [...]

I liked this article and thought it provided good information.

Google Base

Google Base: What might Google be up to? by ZDNet's Garett Rogers -- Google is smart, they know what they want, and more importantly they know what people want. The answer to both is "information" and "money". Looking at both of these "wants", they must decide how they can do this and stick to their "do no evil" guns.

Google has alot of information this is a good thing but also a concern about privacy. I like Google, they have great technology and I cant wait to see whats going to happen know that they are partnered with one of my favoite companies Sun Microsystems.

Open Source Firewall Scripts

I came across Bill Stearns website today. I have to say I'm quite impressed. Been doing research on open source software security solutions. This site has scripts for rulesets and IP Table configuration.

Ezine Directory

I put up some more articles this time on Wireless Security.

Service Pack 2 For Micorosft Exchange Server Released

Microsot unleashed Service Pack 2 for Microsoft Exchange Server, some improvements are email push capability for BlackBerry and larger mailbox storage. Which can be more of a nightmare than added feauture. Spent most weekend studying Firewalls, packet inspection and ACL's. Learning about chokepoints, DMZ, dual homed servers.

Microsoft Security

It amazes me that Microsoft has already released nine patches this month alone. These vulnerabilities range from remote execution to tampering with your FTP clients. Some of the vulnerabilities allow attackers to take complete control of your system as well. All I can say is backup, backup, backup. I recommend turning on automatic updates as well. I also suggest reading Micrsoft Security Advisories.

Ezine Directory

I got published on Ezine directory for some of my articles on security.They even gave me expert author status. I like this. I plan to continue writing articles to help home users and small businesses with security issues. Im currently reading Practical Unix and Internet Security.

LISA '05

Im stoked. I will be going to San Diego for Large Installation System Administration conference. Ill be booking a room at the hotel and I'm thinking of becoming a member of . I will proabably be going to Sea World as well.

Im also looking forward to Southern California Linux Expo in Feburary:

Website Development

I'm still working on my company website Phuture Networks http://www.phuturenetworks.com figuring out front page extensions. I'm thinking of creating a security alert newsletter for home users. I have been writing content for the site on almost a daily basis and plan to do this for a year straight. I'm happy to announce that I'm a soon to be father, with my lovely lady Jenny. Between work, studying, baby and Phuture Networks I dont understand how I manage and it fires me up to do even more. There is great site I would like to mention that offers SEO information its . This is my friends site. Thats all for today.

Microsoft releases new security product.

Microsoft released "Microsoft Client Protection" It's supposed to protect you from Spyware, Viruses and worms. There is also MS Antispyware in build 615 released on Monday. They also offer a Enterprise addition. I think Microsoft should focus more on designing a secure OS and not needing to produce addons and SP's IMHO.

Phuture News

I've been extremely busy. Studying FreeBSD
Its a UNIX operating system based on the BSD Berkely System Development kernel.It works on Pentium x86 and RISC based processors also Alpha Chips.Unix was designed by Dennis Ritchie and Ken Thompson. I've been working on my website and analyzing good keywords for more traffic. I own a computer security consulting business. It's called Phuture Networks. We can also perform search engine optimization and do consulting on hardware and software. Currently reading alot of psychology and talking to my friend about affiliates.

My company website

I have started working on my company website and I can say its coming along nicely. http://www.phuturenetworks.com
Ive been real busy lately studying books for MBA, learning all I can about marketing prospecting, search engine optimization.Its awesome. I got my IPOD Nano, I love it it is well designed and simplistic the way hardware and software should be. My time and life is consunmed with devouring material on finances, real estate, technology and girlfriend. I love educating myself college taught me to learn and I can cover more material on my own rather than class. I will be enrolling back into college to pursue degrees.

Organic Search Engine Results

It is possible for real estate agents to rank high in the search engines organically. It takes time and effort. But it can be done. It does take a while for the sites to be indexed by search engines. Anybody looking for higher SERP's search engine reults should focus on content, reciprocated and unreciporcated links. Google and Yahoo both pay attention to these. If you want to see immediate traffic, instant gratification I would use PPC or pay per click thru Overture or even Google Adwords. Once you get people visiting your site you need content and fresh content to keep them interested, and hopefully they will fill out a form that will turn into a lead, which could lead to more sales for you.

Real Estate Technology Analyst

I work for a large web deisgn company that specializing in providing website services to Realtors. I educate real estate agents on marketing strategies on the Internet. I also explain and implement things like Pay Per Click, Search Engine Optimization and webpage analysis. I learn daily about how to do more effective keyword analysis, and acheiving high results in organic search results. There is so much to this business. Analyzing Meta-Tags, Headers, Title names. Not to mention link popularity, inbound links and outbound links as well. These are some of my duties:
Skills in Search Engine Optimization, Page Rank, Link Popularity, SEO, PPC, drip systems.
Familiar with Multiple Listing Services, and paid directories.
Website optimization for search engines: HTML, site structure, and page layout issues.
Identify and implement strategies for increasing traffic through organic search listings without creating the risk of sites being blacklisted.
Tracking and Reporting
Continually monitor organic search rankings to maximize traffic and sales
Keyword research including cataloging and indexing target keyword phrases
Keyword research using Word Tracker, Overture, Google and internal tools
Plans, organizes, and implements sales programs for the region. Coordinate directly with outside sales reps. Responsible for marketing and booking appointments for outside sales reps.
Provide realtors with product and service information to assist them in determining appropriate website, e-marketing and hosting solutions

Basic Astronomy

Hipparchus came up with magnitude
The moon is 240,000 miles away.
Ptolemy is one of the most famous astronomers.
Nova means new in Latin.

Kepler's three laws of planetary motion.
1. Planets move ecliptically (egg shaped)
2. Planets do not move at constant speeds but speed up when closer to the sun.
3. A closer planet moves faster than one that is farther than the sun.

Hans Lippershy built first telescope.
Newton- gravitation, nature of light, color, calculus.

Labor Day Weekend

Not much going on. Same thing different day. Currently Reading: Stephen Hawking Universe in a Nutshell. Listening to Nirvana Very Ape, plan to code today and hang out with my lady, which we are working out relationship issues. Aww the wonderfull world of relationships . Have the ring two which I will watch today as well.

Python

Python is a programming language that looks very interesting. This is from Python.org site: What is Python?
Python is an interpreted, interactive, object-oriented programming language. It is often compared to Tcl, Perl, Scheme or Java.

Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems (X11, Motif, Tk, Mac, MFC). New built-in modules are easily written in C or C++. Python is also usable as an extension language for applications that need a programmable interface.

The Python implementation is portable: it runs on many brands of UNIX, on Windows, OS/2, Mac, Amiga, and many other platforms. If your favorite system isn't listed here, it may still be supported, if there's a C compiler for it. Ask around on news:comp.lang.python -- or just try compiling Python yourself.
Many of Google's engineers code in Python.

Friday Before Labor Day.

My mind is on three day weekend mode. WooHoo! Last night I did nothing, I caught up on some well deserved sleep. Seems like the only thing on my mind is Python and PERL . This weekend going to kick back with my lady and cook. Maybe code a little. Well have to see.

Open Source Security

Last night I played with Nessus which is a good vulnerabilty scanner. I also messed with Nmap and its graphical front end. I read alot about TCP, IP, UDP, and SYN, ACK, FIN Flags and different responses. I analyzed network protcols with EtherApe. It is even possible to craft packets to contain any source, destination port, or tunnel through any port i.e. 80. For instance if firewall blocks everything except the internet it is possible to tunnel to port 80 and issue commands as long as it is acting as a server. more on this later.

Blog Testing

Im currently testing different blogs to see which one I like the best, currently using http://www.blogger.com/ as my main one. Just started using Yahoo 360 Beta. Now open Source LiveJournal. Pretty cool so far. Im looking forward to attending Southern California Linux Expo in Feburary and thinking of joining my local LUG, to the uninformed that's Linux Users Group. I want to learn the most out of Unix and Linux. I have currently taken Linux and Linux network administration in college. Truthfully I think I learn alot more from books and my computer. Last semester I was giving my professor tips on how to secure our class web server as it had been hacked :) Whats really sad is he is an author of a popular Unix book.Here is good site for free submissions to search engines
FreeWebSubmission.com

Things I did over the weekend.

This weekend I studied electronics, mostly about capacitors, resistors and inductors. Ohm's law and the different measurements for electronics. I want to go for my HAM license and this is what I need to study.
I reviewed some Python source code for a program that you can craft packets to contain a source port and destination port of your liking as well as put in the payload of your choice. More research on buffer overflows and how memory is arranged.
Zen- To really live in the moment and focus, concentrate extensively on that second or what your doing. I have been playing Xbox quite a bit this weekend as well. Planning to set up a *nix server.

Current Books

I started reading many books today after visiting my local library, they include Secrets of Executive Success, which has 56 chapters on business tactics and strategies, enjoyable reading so far.

The Radio Amateurs handbook. So far I've learned that Marconi invented radio. Nuclear fission is splitting atoms. Batteries produce DC current and all dry cells produce 1.5 v. Although Lithium batteries produce 3 volts and have a 10 year shelf life.

Zen Mind a book about Zen meditation and practice. This book has really got me thinking about my way of thinking :)

Power and influence (Mastering the art of persuasion) I got this book to learn how to get more sales and business appointments. I quote my sister as she told me "it's just common sense, i dont understand why your read those books."

Beside that it is Saturday night, and Im reading and anxious to set up my Linux box in the living room tommorow.

What's New

It seems that there are new worms floating around the net. Rbot and zotob.d it seems they are bots. Virus writers are having wars with each other right now. These exploit plug and pray vulnerability. Here is a technical description http://www.f-secure.com/weblog/#00000553
The new issue of Insecure magazine is out. This magazine is awesome: http://www.insecuremag.com/.
The article I found particularly intriguing was how easily a PDA could create a backdoor into your network. IT should be more stringent with PDA access inside the corporation.
I received the new catalog from http://www.tektronix.com tools from measurements good for signal analysis.

Motorola V330

Overall Im pretty impressed with this phone, I enjoy the capability to take pictures and record video. I like the fact it uses Java. I want to see the source code on my phone. The picture is sharp and clear on the screen. The animations even look good.

On a different note, I purchased a used XBOX, with Tom Clancys Splinter Cell, Im still getting used to the controls, but am moving right along.

Technology addiction

Havent posted in a while, been busy studying Java learning about javac, objects, functions, associations. Pretty interesting stuff, I want to code some apps for my website. I finally ordered my XBOX, and my cellphone. I got the Motorola V330 because of its bluetooth capabilities. I got a bag to drag along all my gear.

Another day gone.

I dont know if it is that Im getting older, but the things I used to consider cool or important are not. The only thing that seems to matter now are 1)God 2)Family 3)My Lady 4)Friends 5)books. All I want to do is learn and be a good son, boyfriend and friend. I had a good day today. Work was the same as usual. I cant wait to get a Motorola V330, XBOX and IPOD these are the toys I want currently. Im such a technology geek, its an expensive habit, but at least its not drugs :)

Funny

Open SSH

This is a free version of Secure Shell, you should use this to encrypt all traffic going over your network. For instance I can create a VPN from my workstation to my server at home without having to worry that my information is going out plain text i.e. Telnet. You can securley issue commands, transfer files and monitor your servers.

Open BSD

This is a Secure Unix operating system, it is constanly being audited. There are about twelve developers who go over the source continiously to search for more holes. It is secure by default with most services disabled to begin with. Personally I would run this OS if I had a ISP or hosting ccompany.

NMAP- Open source scanner

This application is awesome for port detection, OS identification and you can even set flags in TCP/IP packets.

My Public PGP key

Support Cryptography and Encryption if you want privacy.

-----BEGIN PGP PUBLIC KEY BLOCK-----Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com/>
mQGiBELe6ZQRBADDy9X6cILqN8Pea6CNhq7ShbR4Xqy7YvqWyRGf0w8G/RCHkEB+ejEccXy
ThyFJvFKpTgkayY6i/Aomnj6g5a4iIwy4C7fTqrPcXsFxtT5GxzktYwFmGfDDjaoDFqju5FpB1b7w
F5xRIl5IASewuUMm6BkbmupNNfcCx52cQ10V3wCg/++OZ1MziD7PVXzhskQigSkamjkEAKwbm
qEDFvU5DVBXtcU5z60XqjDmfsYBoHHnmTc1s8wQYKSdaLyIIIqWyiK/vWcnoxmHMZzJgvxusfb
koGcOjaJ3yB0Y4DWLEXkwpQkioMlpAF0Fu6vluJ8hVx+eawdpP/Vn9FIgYsrUvEftSkWk6Kb060
6i144BSz+6set1/jXbA/wMJ9mzhPoJlx5u89x01QGXaM92gmq4XZtOdY3nPpQCQFQs/qe0zsHwg
yzakHNoF5xy5+Kwr+1UG1nQxFbceeJnpgUWQhoponHAQxE1QFa6e9zS1Y8GcP9YYGJLLT7kqz
zeMWwh3IipLmT5OGfx2TDIil+smW1+21OwPsbhTz5KkbQpQmVuamFtaW4gSGFyZ2lzIDxwaH
V0dXJlZ2VuaXVzQHlhaG9vLmNvbT6JAE4EEBECAA4FAkLe6ZQECwMCAQIZAQAKCRBAwsu
N8euVp057AKCtE83gHw1Kcx6I/O9JBJ5bsBjLLQCfQmhEHlMi9ZpQ2VLtgU0zFaK4f0u5BA0
EQt7plBAQAPkYoH5aBmF6Q5CV3AVsh4bsYezNRR8O2OCjecbJ3HoLrOQ/40aUtjBKU9d8Ah
ZIgLUV5SmZqZ8HdNP/46HFliBOmGW42A3uEF2rthccUdhQyiJXQym+lehWKzh4XAvb+ExN
1eOqRsz7zhfoKp0UYeOEqU/Rg4Soebbvj6dDRgjGzB13VyQ4SuLE8OiOE2eXTpITYfbb6yUOF/
32mPfIfHmwch04dfv2wXPEgxEmK0Ngw+Po1gr9oSgmC66prrNlD6IAUwGgfNaroxIe+g8qzh9
0hE/K8xfzpEDp19J3tkItAjbBJstoXp18mAkKjX4t7eRdefXUkk+bGI78KqdLfDL2Qle3CH8IF3Ki
utapQvMF6PlTETlPtvFuuUs4INoBp1ajFOmPQFXz0AfGy0OplK33TGSGSfgMg71l6RfUodNQ+
PVZX9x2Uk89PY3bzpnhV5JZzf24rnRPxfx2vIPFRzBhznzJZv8V+bv9kV7HAarTW56NoKVyOt
Qa8L9GAFgr5fSI/VhOSdvNILSd5JEHNmszbDgNRR0PfIizHHxbLY7288kjwEPwpVsYjY67VYy
4XTjTNP18F1dDox0YbN4zISy1Kv884bEpQBgRjXyEpwpy1obEAxnIByl6ypUM2Zafq9AKUJsC
RtMIPWakXUGfnHy9iUsiGSa6q6Jew1XrPdYXAAICD/9IBbk/+K6TpPOWE44u5ftJ6q+EUXqf
p8ei/8uyxD908pemOmavxHpBdHq0e2Y9eD0eNYvNuLiBLQsr9TPlCtI+SRHj950cbp9sNIFxt
UeygiB6VJzt7SoWnxaTB3e9P94/WSfY1gId/Ug7HvMHRVbHf08L1SdPkguubV8SQcvc/KarFtk
Buu9g7OdvDZFrALhciX27o3FW+dZ6/tTq9yxnY97bRBLhyD4wzXnoaY08Yd0CM4dfTN390uN
2Z5rcfWhpKWsJ8ry/TQ7TdcJluE6CCbRaQRupeh6SAaSpHL+y6iBOL8i+YXa6tLjCuxHfM2am
i7L5H0o1Mr1NiQl2yZCcV7DB4uPDPF6og6TNQVy5M2WmOYB9aSBBtJXb2H8WRjUEjCChQO
EnkMdLnDEhpGzpdlfX+pI3t463H/jtdgZzRMUyy36pEVlnRdOLhyV0nnQXu1PiZJWkePWWS0
DdfSX84QVqbnCsmMYFIGHseQwf5vfZHVUnI5TMpfq1gjAVzqkBzadHH54GxXVBC2oLN7J8+
DlyrESqgySOpzqumZrw1++oYJqEyefC3PrVviu0gRKgkl0kkDTwq6qpOVSC0vpIju7B0xjuT+47
0nw/OKHPv8lwUBOGNmyQQ5KZre7Tu40HiggSbQOnXLyUKoO7MbEINsgspOUdSr1w+74oQ
53ybYkARgQYEQIABgUCQt7plAAKCRBAwsuN8euVp+bGAKDE+7yTowV6VMh/L1UEae3qkL
JCXgCfdrKSJbD7llBeladW6eikcgaFko0==JnsO-----END PGP PUBLIC KEY BLOCK-----

A good weekend.

I spent most this weekend reading about and coding in HTML, DHTML, CGI and PERL. I looked at alot of javascript and am amazed at it's simplicity compared to Java. Im going to strat coding in both. Im looking for a second job to make more cash. Technology is an expensive hobby, but I love it. Next on my list IPOD and XBOX.

Open Source Solutions

Companies could save up to 90% on their database TCO by using MySQL, instead of Microsoft products. It is the fastest growing database in the industry. Its reliable and fast to deploy and fully customizable. Check it out here http://www.mysql.com.

Links

Here are some good scanning references:

http://www.freqofnature.com/
http://www.radioreference.com/
http://www.cityfreq.com/ca/orange/

Computer:
http://undeadly.org/
http://sagewire.sage.org/
http://www.f-secure.com/weblog/#00000553
http://www.procata.com/blog/archives/2005/05/10/expert-programmers/
http://technet.microsoft.com/default.aspx
http://www.sun.com/
http://slashdot.org/
http://www.newsforge.com/
http://www.unixreview.com/
http://www.43folders.com/

News

Risk Digest is now over 20 years old, a online zine about computer risks to us:
http://catless.ncl.ac.uk/Risks/

Cisco in the news again password protection for their website compromised!

From Cisco:*IMPORTANT NOTICE:*
* Cisco has determined that Cisco.com password protection has been compromised.* As a precautionary measure, Cisco has reset your password. To receive your new password, send a blank e-mail, from the account which you entered upon registration, to cco-locksmith@cisco.com. Account details with a new random password will be e-mailed to you.* If you do not receive your new password within five minutes, please contact the Technical Support Center.* This incident does not appear to be due to a weakness in Cisco products or technologies.

Rumour that astronauts travelling to Mars would be bombarded with radiation and about 10% would end up with cancer and die http://www.newscientist.com/article.ns?id=dn7753

Thats it for right now :)

Book I want to read about Nanotechnology

Here is a company I feel will do good in the future with nano: http://www.nantero.com

Current research areas

These are subjects I'm currently studying or have been studying: Algorithms,artificial intelligence,computer architecture computer graphics, data mining,design, file system design genetic algorithms,geographical information systems,grid computing, information retrieval,languagues,machine learning,natural language processing,operating systems,pattern matching, profiling,regular expressions, robotics,security, signal analysis,text processing,user interface design,unix programming,web information retrieval.

Scanner Frequencies

FRS Frequencies
FRS (Family Radio Service)
Channel 1 (462.5625)
Channel 2 (462.5875)
Channel 3 (462.6125)
Channel 4 (462.6375)
Channel 5 (462.6625)
Channel 6 (462.6875)
Channel 7 (462.7125)
Channel 8 (467.5625)
Channel 9 (467.5875)
Channel 10 (467.6125)
Channel 11 (467.6375)
Channel 12 (467.6625)
Channel 13 (467.6875)
Channel 14 (467.7125)

Finished Reading

I finished this book a while ago, its about Quantum Computing, Qunatum Cryptography and time travel. It is pretty heady when it comes to the physics and math but a good read.

Currently Reading

This book is also about the NSA. AI, and the goverment trying to control a corporation.


This book is awesome, NSA, algorithims, intelligence, and cryptography.