I like Sony as a company but when I heard that they install spyware onto your computer to hid their protection scheme without users knowing, thats shady. If you try to delete it, it will disable your CD-ROM drive! Amazing. There trying to make it hard for people to burn music CD's which is illegal. Copy protection is and will continue to be breakable. That is just my opinion.
F-secure and Symantec have put out updates to remove this spyware.
Orange County Computer Consultant
- Orange County Computer Security Consultant
- Orange County Computer Consultant helps small businesses with networking, installations and small business software.
Wednesday, November 16, 2005
Home Computer Security
This is a paper about securing your home computers and networks.
The goal of computer security is to keep unauthorized users from using your resources. This can be anything from your computer to your printer or even your web camera. Detection is another important aspect that should be monitored as well.I often get asked "Why should I worry?"
Maybe you shouldn’t. If you are concerned about any of your files or the possibility of losing them you should care. There is also online banking that many people use to watch their accounts. Malicious users can also use your computer to launch attacks against other networks, or put files on your computer as a means of storage. Even if you have the computer just to send email to Grandma don’t think that you are not at risk. Attackers like to hide there tracks by jumping thru multiple locations such as your computer.
Malicious users can take over your webcam and watch and even listen to you!Attackers like to use multiple systems to launch denial of service attacks-sending tons of packets to bring a network to its knees.
Identity theft is huge right now. Your credit report should be reviewed frequently. Identity thieves can gain allot of information from your home computers. FTC said there are approximately over 10 million victims a year. If your ID is stolen or think it is visit www.consumer.gov/idetheft. Never send out your personal information in email it is not secured.The risk is getting greater daily as more people connect to the Internet. Script Kiddies download tools that make breaking into computers as easy as pressing a button. Security patches are offered thru vendors but most people do not bother to patch there systems or have the time.Do people in your household use file sharing programs? I cannot believe the amount of Spy ware and viruses that are hidden in some of those files. I removed over 600 different Malwares from a home computer who thought they were just downloading music.
The system was always freezing and changing homepages in Internet Explorer. Not to mention these file sharing programs can be sharing your financial data, medical records, secret recipes or your last tax return.Key loggers can be on your system recording every keystroke and emailing it to an attacker, enemy or even your spouse. This includes IM's, Emails, and passwords anything.
There are Anti-Virus software that will detect most of these programs.Anti-Spyware can also detect allot of MalWare or malicious code.
Use strong passwords that are alphanumeric or use a password strength tool. I would not use anything in a dictionary American or Foreign as those can be cracked easily thru Brute Force.
Don’t use the same password for every account. Change your passwords regularly, and don’t write them down.I recommend making regular backups of at a minimum your critical system files. Back up to a CDR to ensure that your data cannot be overwritten.
Please monitor your children’s surfing habits and teach them about the dangers of the Internet.
I recommend installing filtering software to keep their curious minds out of the wrong sites.Staying abreast of Anti-Virus updates.Don’t open email attachments that can contain viruses or other malware.
Don’t run programs if you don’t know where they came from than can have Trojan horses. Trojan Horse is a program that appears to be a regular program such as Solitaire buts its actually sending your bank account information to an email address. Attackers can also take over your computer have .mp3 file ran at 3AM in the morning to scare you, even open and close your CD-DRIVE door.
Disable JAVA, JavaScript and Active X
Keep up to date on patching your operating systems and applications. In Windows you can set up automatic updates. You can also visit the Windows Update site.
Microsoft releases patches even second Tuesday of the month this is known in IT as black Tuesday, there is always allot of patches. Upgrade to Service Pack 2.
Internet Explorer always has security issues.
There are Open Source browsers like Firefox http://www.firefox.org which is a great browser and has more security feautures. Firefox has allot of great add ons as well that can make researching more effective amongst other utilities
Disable scripting in emailEnable NAT Network Address Translation on your router. This will hide your private IP address from the Internet. While still allowing computers to access the Internet. Most network firewalls have IP NAT masquerading where multiple device on the Internet appear as one IP address.Make sure you are not enabling shares on your computer for any of your drives. This will look like a hand holding a drive in Microsoft Windows.
Be aware of Phishing these are Internet Con-Artist looking to catch a some fish. Emails are sent that look like Bank Emails, Amazon and PayPal, it amazes me how many people I work with think its the real thing.If your considered about security consider encryption. For Home users look into PGP or Pretty Good Privacy to secure your email, you can even encrypt your hard drive.When you think you have deleted your files they are still retrievable consider a file wiping utility.
Use a Surge Protector.
No firewall can stop all attacks.
The goal of computer security is to keep unauthorized users from using your resources. This can be anything from your computer to your printer or even your web camera. Detection is another important aspect that should be monitored as well.I often get asked "Why should I worry?"
Maybe you shouldn’t. If you are concerned about any of your files or the possibility of losing them you should care. There is also online banking that many people use to watch their accounts. Malicious users can also use your computer to launch attacks against other networks, or put files on your computer as a means of storage. Even if you have the computer just to send email to Grandma don’t think that you are not at risk. Attackers like to hide there tracks by jumping thru multiple locations such as your computer.
Malicious users can take over your webcam and watch and even listen to you!Attackers like to use multiple systems to launch denial of service attacks-sending tons of packets to bring a network to its knees.
Identity theft is huge right now. Your credit report should be reviewed frequently. Identity thieves can gain allot of information from your home computers. FTC said there are approximately over 10 million victims a year. If your ID is stolen or think it is visit www.consumer.gov/idetheft. Never send out your personal information in email it is not secured.The risk is getting greater daily as more people connect to the Internet. Script Kiddies download tools that make breaking into computers as easy as pressing a button. Security patches are offered thru vendors but most people do not bother to patch there systems or have the time.Do people in your household use file sharing programs? I cannot believe the amount of Spy ware and viruses that are hidden in some of those files. I removed over 600 different Malwares from a home computer who thought they were just downloading music.
The system was always freezing and changing homepages in Internet Explorer. Not to mention these file sharing programs can be sharing your financial data, medical records, secret recipes or your last tax return.Key loggers can be on your system recording every keystroke and emailing it to an attacker, enemy or even your spouse. This includes IM's, Emails, and passwords anything.
There are Anti-Virus software that will detect most of these programs.Anti-Spyware can also detect allot of MalWare or malicious code.
Use strong passwords that are alphanumeric or use a password strength tool. I would not use anything in a dictionary American or Foreign as those can be cracked easily thru Brute Force.
Don’t use the same password for every account. Change your passwords regularly, and don’t write them down.I recommend making regular backups of at a minimum your critical system files. Back up to a CDR to ensure that your data cannot be overwritten.
Please monitor your children’s surfing habits and teach them about the dangers of the Internet.
I recommend installing filtering software to keep their curious minds out of the wrong sites.Staying abreast of Anti-Virus updates.Don’t open email attachments that can contain viruses or other malware.
Don’t run programs if you don’t know where they came from than can have Trojan horses. Trojan Horse is a program that appears to be a regular program such as Solitaire buts its actually sending your bank account information to an email address. Attackers can also take over your computer have .mp3 file ran at 3AM in the morning to scare you, even open and close your CD-DRIVE door.
Disable JAVA, JavaScript and Active X
Keep up to date on patching your operating systems and applications. In Windows you can set up automatic updates. You can also visit the Windows Update site.
Microsoft releases patches even second Tuesday of the month this is known in IT as black Tuesday, there is always allot of patches. Upgrade to Service Pack 2.
Internet Explorer always has security issues.
There are Open Source browsers like Firefox http://www.firefox.org which is a great browser and has more security feautures. Firefox has allot of great add ons as well that can make researching more effective amongst other utilities
Disable scripting in emailEnable NAT Network Address Translation on your router. This will hide your private IP address from the Internet. While still allowing computers to access the Internet. Most network firewalls have IP NAT masquerading where multiple device on the Internet appear as one IP address.Make sure you are not enabling shares on your computer for any of your drives. This will look like a hand holding a drive in Microsoft Windows.
Be aware of Phishing these are Internet Con-Artist looking to catch a some fish. Emails are sent that look like Bank Emails, Amazon and PayPal, it amazes me how many people I work with think its the real thing.If your considered about security consider encryption. For Home users look into PGP or Pretty Good Privacy to secure your email, you can even encrypt your hard drive.When you think you have deleted your files they are still retrievable consider a file wiping utility.
Use a Surge Protector.
No firewall can stop all attacks.
Article I wrote on Firewalls
It seems nowadays if you are not online, you don’t exist. It really does not matter what type of company you run, you should have an online presence to let your prospects and clients know about your company and services. When you decide to take the leap onto the Internet there are some precautions you should take. I have friends who say all the time, I really have nothing to hide or worry about. This may be true, but malicious users like to deface websites.Which
can ruin you and your businesses reputation.
This is a paper about firewalls protecting your company from outside threats and unauthorized access.
A firewall is a great start. Firewalls can be both hardware and software based. There are many different firewall vendors some of the bigger names are Cisco, Symantec, and Checkpoint. The difficult part is configuring the firewall.This is where many intruders bypass security, because the firewall is poorly
configured.
I would like to mention that there are many Open Source programs and operating systems that offer great firewall software. I personally believe that OpenBSD has one of the most secure operating systems and firewall configurations if done right. FreeBSD also has firewall software, it is called IPTABLES.IPTABLES offers packet filtering, NAT and you can even change packets in Linux. I have to say you can do anything you want in Linux, because the source code is right
there. It’s a beautiful thing. Linux also uses this; you can build a firewall with the old system sitting in your garage and two Linux compatible network cards.Linux can be hardened, this means to make the operating system more secure. I like the tool Bastille Linux its is developed by Jeff Beale.
To really get a grasp on firewalls you need to understand TCP/IP and allot of different protocols to know if you should allow or deny them into your network. IP addresses identify hosts on the Internet they look like this 127.214.234.54. Firewalls can block IP addresses, ports, protocols and even keywords that come into packets. Hackers that want into you network have many different tools at their disposal to try to bypass firewalls. One common attack is known as
Denial Of Service or DOS attacks. The attacker simply floods your network, firewalls with so many packets that it cannot handle them and sometimes crashes. Firewalls are available with DOS filtering to keep these attacks low, and start dropping packets.
Firewalls do not protect you from internal threats such as employees bringing in viruses from home. Or remote users using VPN's (virtual Private Networks) bypassing your firewall. Think about if you bring your son to work and he downloads music on your fast company internet connection only to introduce your corporate network with a worm or even worst a Trojan horse. Service ports that are open to the public such as Port 80 HTTP, have know vulnerabilities on the Internet. FTP has many vulnerabilities as well.
Are there different types of firewalls?
Yes. There are hardware and software firewalls. You might be even using Zone Alarm or Black Ice Defender. These are software based firewalls, the more I
study firewall technology I realize that everything truly is a software firewall. A computer is nothing without software to tell it what to do.
Packet Filters
Packet Filters look at source and destination addresses. This is where firewall rule sets come in to play. The firewall administrator must determine which source and destination ports and addresses to allow or deny. The security administrator needs to keep up to date with alerts on vulnerabilities as new holes are found and created daily. A technique known as spoofing can sometimes fool firewalls but making it appear that a packet is coming from inside the protected
network when in fact it is an attacker changing the source address.
Application Gateways
Application Gateways are like errand boys. You request a file and the application gateway grabs it for you.This is great for logging connections, and setting
up authentication as well.
Statefull Packet Inspection
Statefull Packet Inspection is a technique used by Cisco PIX firewalls and Checkpoint Firewalls these firewalls look at the data coming across the network.It can also authenticate connections, users can usually not notice that the firewall is in place. Allot of firewalls now allow you to configure VPN's which is awesome if you have remote workers and satellite offices and need to transfer data securely.
Intrusion Detection is also something to consider, I like SNORT. SNORT can detect known attacks against your system and does a great job at logging them if set up correctly. There are thousands of different software and hardware solutions you can purchase for you home or network. I happen to like Open Source, because I like learning and knowledge and the Open Source community has taught me more than the corporate world ever will. A book I would like to recommend that is great for learning about firewalls is called simply enough Building Internet Firewalls, it is by O'reilly. That is all for now. One last tip, backup, backup, backup.
can ruin you and your businesses reputation.
This is a paper about firewalls protecting your company from outside threats and unauthorized access.
A firewall is a great start. Firewalls can be both hardware and software based. There are many different firewall vendors some of the bigger names are Cisco, Symantec, and Checkpoint. The difficult part is configuring the firewall.This is where many intruders bypass security, because the firewall is poorly
configured.
I would like to mention that there are many Open Source programs and operating systems that offer great firewall software. I personally believe that OpenBSD has one of the most secure operating systems and firewall configurations if done right. FreeBSD also has firewall software, it is called IPTABLES.IPTABLES offers packet filtering, NAT and you can even change packets in Linux. I have to say you can do anything you want in Linux, because the source code is right
there. It’s a beautiful thing. Linux also uses this; you can build a firewall with the old system sitting in your garage and two Linux compatible network cards.Linux can be hardened, this means to make the operating system more secure. I like the tool Bastille Linux its is developed by Jeff Beale.
To really get a grasp on firewalls you need to understand TCP/IP and allot of different protocols to know if you should allow or deny them into your network. IP addresses identify hosts on the Internet they look like this 127.214.234.54. Firewalls can block IP addresses, ports, protocols and even keywords that come into packets. Hackers that want into you network have many different tools at their disposal to try to bypass firewalls. One common attack is known as
Denial Of Service or DOS attacks. The attacker simply floods your network, firewalls with so many packets that it cannot handle them and sometimes crashes. Firewalls are available with DOS filtering to keep these attacks low, and start dropping packets.
Firewalls do not protect you from internal threats such as employees bringing in viruses from home. Or remote users using VPN's (virtual Private Networks) bypassing your firewall. Think about if you bring your son to work and he downloads music on your fast company internet connection only to introduce your corporate network with a worm or even worst a Trojan horse. Service ports that are open to the public such as Port 80 HTTP, have know vulnerabilities on the Internet. FTP has many vulnerabilities as well.
Are there different types of firewalls?
Yes. There are hardware and software firewalls. You might be even using Zone Alarm or Black Ice Defender. These are software based firewalls, the more I
study firewall technology I realize that everything truly is a software firewall. A computer is nothing without software to tell it what to do.
Packet Filters
Packet Filters look at source and destination addresses. This is where firewall rule sets come in to play. The firewall administrator must determine which source and destination ports and addresses to allow or deny. The security administrator needs to keep up to date with alerts on vulnerabilities as new holes are found and created daily. A technique known as spoofing can sometimes fool firewalls but making it appear that a packet is coming from inside the protected
network when in fact it is an attacker changing the source address.
Application Gateways
Application Gateways are like errand boys. You request a file and the application gateway grabs it for you.This is great for logging connections, and setting
up authentication as well.
Statefull Packet Inspection
Statefull Packet Inspection is a technique used by Cisco PIX firewalls and Checkpoint Firewalls these firewalls look at the data coming across the network.It can also authenticate connections, users can usually not notice that the firewall is in place. Allot of firewalls now allow you to configure VPN's which is awesome if you have remote workers and satellite offices and need to transfer data securely.
Intrusion Detection is also something to consider, I like SNORT. SNORT can detect known attacks against your system and does a great job at logging them if set up correctly. There are thousands of different software and hardware solutions you can purchase for you home or network. I happen to like Open Source, because I like learning and knowledge and the Open Source community has taught me more than the corporate world ever will. A book I would like to recommend that is great for learning about firewalls is called simply enough Building Internet Firewalls, it is by O'reilly. That is all for now. One last tip, backup, backup, backup.