Basic internet security tips

Basics, Guides, Security 1 Response »
Jun 262011

With the current state of the Internet, it is important to be as secure as you can while browsing it. I have listed some tips for people who need to start learning the basics. This is by no means technical or exhaustive (I’m writing this for friends as well) and is aimed primarily at windows users.

I will start with the Router, this device stands between you and the Internet. It is therefore quite important to make sure it is as secure as possible. This isn’t as important if you are connected through a Mobile Broadband 3g stick, but is still good to know. If you are connected to a public wireless network, make sure you read the section on VPNs.

  • Admin Password: Chances are you haven’t changed the default admin password, this is something that should be remedied as default passwords are quite well known.
  • Firewall: You should explore what options the router gives you for a firewall, they can be tricky to set up right but most routers should come with pre-defined settings. The best word of advice here is to experiment, if you break something try it differently, or search the internet for help.
  • Wireless: If you don’t need it, turn it off. Otherwise make sure you use WPA2, have a decent preshared key and use a non standard SSID
  • RTFM: Some routers come with more involved security options, read the manual and discover what they are.

Now that you’ve taken some reasonable measures to make the router more secure it’s time to focus on the computers attached to it.

  • Anti-Virus: This goes without saying, just be aware there are perfectly good free options out there such as AVG, Avira, or Avast!. Additionally a good complementary program to have is MalwareBytes AntiMalware.
  • Firewall: Make sure it is multi-directional, this means it inspects traffic going in and out. one good example is Comodo. Just a note on this as well, get used to popups asking if you you want traffic to be blocked or not, once trained this should be occasional, but it is worth putting up with if you get malware that gets exposed by these prompts.
  • Patch your Systems: Keep everything up to date, good windows tools for this are Secunia’s PSI, filehippo.com’s update checker, and ninite.com. Also make sure you remove programs you no longer require, avoid using end of life software or programs known to be easy to exploit such as Shockwave, Adobe Reader, or Flash.
  • Be Normal: Don’t use the admin account if you don’t need to. Also use protective features like User Account Control if you can.
  • Sandbox: This is something that separates your browser from windows, if the browser is compromised, malware will have a more difficult time to escape into the system. Avast! and Comodo come with sandbox features, but you can also get standalone programs.
  • Host Based Intrusion Detection System: This is a program that monitors network traffic and tells you if something on your computer is acting unusual or suspiciously, detecting malicious activity. Comodo includes one with Defence+, but as stated before get used to naggy popups until it learns what is normal for your system .

Next on the agenda is to start developing a security conscious mind. This is the most important aspect as you can apply this anywhere.

  • Encryption: Whenever possible use encryption, it prevents your data from being intercepted and comes in various forms some of which I have listed below.
    • HTTPS: This is for normal internet traffic, good websites allow you to specify to use it exclusively, and you can force it by using various browser plugins; HTTPS Everywhere for Firefox and KB SSL Enforcer for Chrome
    • VPN: You can use a VPN to encrypt your network traffic from your computer to the VPN server, this is good as anyone trying to intercept your traffic in between (such as a wireless hotspot) can only see the encrypted traffic. You need to shop around for a good VPN provider, and generally you get what you pay for.
  • Common Sense/Skepticism: Use it, question everything. Learn to recognize SPAMPhishing attempts, and other forms of Social Engineering attacks. Also don’t store privileged information in random accounts, this can include storing financial information (such as credit cards or banking details) on online stores, sure it might make it convenient next time you shop, but that same convenience works both ways if your account is ever compromised either through social engineering or insecurity on the shop’s part.

If you learnt something new from these tips then you have increased your level of security. But this is only the start, ignorance is certainly not an option if you are serious about your security online.

Posted by Alex Gardner on June 26, 2011 Tagged with: , , , , , , ,

What is a DDOS?

Basics, Security, What is? No Responses »
Apr 162011

A distributed denial of service (DDoS) is a method of attacking a website or service by preventing legitimate usage from using up the resources it has available. A DDoS is a denial of service (DoS) attack, but on a much larger scale, most commonly used to attack targets on the Internet.

These attacks are mostly performed by a group of malware infected computers which are controlled by a single entity using a series of command and control servers, these are known as botnets. Although there are tools such as the Low-orbit Ion Cannon (LOIC) that can be used to co-ordinate voluntary participation in DDoS attacks or botnets performing them. They can also happen inadvertently, for example when a highly popular link sharing website posts a link to a website, and it’s users overload the servers of the linked website.

Computers are not the only target though and there have been instances when phones have been targeted as well.

DDoS attacks can be performed using several different methods, the most common are listed below.

SYN Flood

This vector works by sending multiple SYN requests to the target all at once, attempting to use as much resources on the target system as possible. Normally when a TCP connection is requested it goes through what is know as the three-way handshake. This works as such;

  • The client sends a SYN (synchronise) request to the server
  • The server then acknowledges this by sending a SYN-ACK back to the client
  • The client responds with an ACK and the connection is started.

The SYN flood works by not responding with the ACK expected by the server, the server will wait for the ACK leaving the connection half open. As the attacker is sending a flood of SYN requests the server will quickly accumulate half open connections until it runs out of resources to make new connections.

TCP/UDP Flood

This vector is quite simple, the attacker literately floods the target with TCP or UDP packets which disrupt the service of the victim. The LOIC tool uses this method, and a DDoS is performed when multiple LOIC users target the same server.

ICMP Flood (ping of death)

This vector can be used in a few different ways, one is sending a continuous stream of ping packets. if the target has less bandwidth then the attacker they are overwhelmed by the requests and will have great difficulty responding to legitimate traffic. This method can also be used with a spoofed source IP address as the target and the attacker sending ping requests to everyone on the network, which in turn reply to the target IP address. These are not very useful now as ICMP traffic is mostly either blocked or given low priority.

It is important to remember that no matter the reasons for a DDoS attack, it is still viewed by law enforcement all around the globe as an illegal act. A sloppy DDoS attack can be traced quite easily.

Posted by Alex Gardner on April 16, 2011 Tagged with: , , , , , , , , , , , ,

A Basic Overview of Encryption

Basics, Security No Responses »
Dec 152010

Encryption is used to keep confidential or privileged data confidential and privileged, in order to provide an understanding of encryption we first need to know what it is.

Encryption is part of the discipline of Cryptology which is the practice and study of hiding information. Encryption is the process of altering or transforming information/data to make it unreadable to people who do not possess specific knowledge (this usually comes in the form of a key). This is achieved by using a mathematical algorithm (also called a cipher) and applying it to un-encrypted (or plain-text)information, the result is encrypted information (cipher-text) which contains nothing of value unless you are able to decrypt it by reversing the process of encryption. This usually requires the person decrypting to know the key, but if the cipher used is insecure, or if the key is weak then that is not always the case.

Now that we know what it is, we need to know how it is used.

Historically encryption has been used for thousands of years to enable secret communication, it is now commonly used in computer systems and networks to protect information. Encryption can be used in two ways, protecting data in transit and protecting data at rest (in various forms of storage). Data in transit is vulnerable to being intercepted by third parties, for example packet sniffing and capture. It is for these reasons that it is important for the data to be protected by encryption, however encryption is only useful in this context if the encryption happens from the point of origin to the end point. This makes sure that there is no possibility for it to be intercepted and potentially tampered with. Data kept in storage is only as secure as the computer it is kept on. If a laptop get stolen, or if a server is broken into, then any plain-text information stored on there is likely to be stolen, and should be considered compromised. Encryption protects against this by making the files unreadable.

One problem presented with encryption is that despite knowing that the information that is encrypted is confidential, there is no guarantee that the encrypted data came from a specific person. This can be addressed by the usage of data integrity and authenticity techniques, such as digital signatures.

Encryption is achieved by using cryptographic software and/or hardware and applicable standards, some of which are widely available. The main challenge with encryption is “doing it right”, any flaws in planning or execution can undo the protection, and allow adversaries to obtain the information being protected. One example of “doing it right” as far as encryption goes is the Brazillian Banker who used the open-source truecrypt program to secure hard-drives which were seized in police raids. Local authorities, and even the FBI, failed to crack the passphrase that was used.

Posted by Alex Gardner on December 15, 2010 Tagged with: , , , , , ,

How to easily make a strong password

Basics, Guides, Security No Responses »
Nov 102010

One problem with IT security is that users do not usually have strong passwords.

There is no better proof of this then a real-word study, and a hack of Rockyou.com exposed 32 million passwords. This was a great opportunity to study password used in the real-world, and Impervia did just that. The most common password? “123456″, you might laugh at that but exactly 290,731 people thought that it was a good idea. The full report on this can be found at the following link.

http://www.imperva.com/docs/WP_Consumer_Password_Worst_Practices.pdf

You can use the following websites to see how secure your current password really is. Even if these sites flag your password as secure still read the rest of this, knowledge is power.

https://www.microsoft.com/protect/yourself/password/checker.mspx
http://www.passwordmeter.com/

So now that we have that truth out the way, how can we make a strong password you ask?

Follow these steps and you’ll have something that is much more secure then what you have now.

  1. Don’t include any personal information or anything else that can be used to identify you. It is very easy for someone to guess things like your last name, pet’s name, child’s birth date and other similar details.
  2. Don’t use any words. It’s too easy to brute force every word in the dictionary and their variants.
  3. Mix it up a bit. It’s much harder to crack a password that uses a combination of uppercase, lowercase, numbers, and special characters.
  4. Length matters. The difference in cracking a 5 character password and a 14 character password, on an average computer, is over 154,640,721,434 millennia. See the table in the link for more info.http://onemansblog.com/2007/03/26/how-id-hack-your-weak-passwords/
  5. Now if you’ve followed the last tips you probably have a better idea of what makes a more secure password, but how do you create something you can remember?Very Simple.Get a quote you like or a phrase your likely to remember, for example “I was born here in Australia in 1989″. Now reduce that to its acronym, so now we have “IwbhiAi1989″. Simply mix it up a bit and add a couple of special characters, and it’s now “IwBhI@i1989!”.How easy was that?
  6. Well now you have a good password so everything is fine right? No, you will probably still use it at all the sites you visit, for banking, email, etc.. So how can you make a unique password for each site? Simple. Take the password you have and include a part of the website its for in the mix, so for Facebook the above example password would become something like “IwBhI@i1989!_FB”.You can even become more elaborate with it by mixing where you add the website addition. For example “FB_IwBhI@i1989!” or “F_IwBhI@i1989!_B”. To make it less likely that your generation method will be detected (if several of your passwords are compromised) you can put the website addition inside the password or use different characters in place of normal letters, for example “IwBhIF@Bi1989!” or “IwBhI@i1989!_f3″

Of course the best way to have a unique, extremely secure password is to use a Password Manager like Keepass or Lastpass. Password Managers are able to generate very strong random passwords to any length you specify. You can also modify the complexity of those passwords for websites that have restrictions on what you can use in a password. One attraction is that you can also use a Password Manager to auto-type your passwords, making it even more convenient for you.

http://keepass.info/
https://lastpass.com/

However be aware that you need to make the master password as secure as you can, use the tips above and you should have something that would require significant effort to bypass conventionally.

That said you still need to keep the machine you’re on as secure as possible, so basic things like a Firewall, Antivirus, Antimalware, and Common sense are essential (even if you are running on Linux or a Mac!).

Posted by Alex Gardner on November 10, 2010 Tagged with: , , , , , ,
Creative Commons License
This website is licensed under a Creative Commons License.		 Powered by Wordpress with Suffusion theme