Home arrow Security
Friday, 03 September 2010
Main Menu
Home
Web Hosting
Security
VoIP
Shopping
Free Software
Contact Us
About Us
Privacy Policy
Links
Technology Picks
Security
White Hat Security Guide "How To Hack With Telnet" PDF Print E-mail

White Hat Security Guide "How To Hack With Telnet"

This is a White Hat computer security training guide. To use this guide you must have your own TCP/IP network. This can be as simple as two computers connected over a single wire connection or as complex as a network with thousands of routers. Casual readers are advised that if you use these procedures on any network, such as the networks connected to the Internet, without the permission of the owner that it could be a violation of national or international law. If you are responsible for the security of one or more Internet networks this guide can significantly enhance your understanding of how exploitation of networks is accomplished using the very simple hacker Telnet protocol.

Telnet is an Internet Network Virtual Terminal (NVT) protocol that is easier to use than to explain. The Telnet protocol is used by other Internet applications, such as the Control Connection in FTP, so knowledge of Telnet is useful within multiple applications. This general applicability of Telnet within the Internet enables a hacker to reap lots of information and potentially exert control over many applications. By using Telnet, a human hacker can emulate any number of Internet applications disguising the human as just another Internet computer.

Within the Internet, each application (Well Known Port) is assigned a number in accordance with Internet Standard 002. A few of these numbers are enumerated below:
Read more...
 
What is a Hardware Firewall and Which Hardware Firewall is Best? PDF Print E-mail

f you have more than three computers in your home or business that share the same internet connection, a hardware firewall is something you may want to consider. A hardware firewall is a device that sits in between the internet and your network, protecting all computers on the inside from dangerous intruders on the outside.

As opposed to a software firewall (also known as a personal firewall), a hardware firewall is designed to protect ALL the computers on a network instead of just one PC. It is generally more efficient and cost-effective to purchase a hardware firewall (as opposed to several software firewalls) if you have three or more computers you need to protect.

A hardware firewall is a special device that is designed to prevent outside intruders from getting you’re your network (where they can then easily get into your PC’s and servers). Firewalls can be configured to prevent access to certain types of applications that are considered dangerous (like P2P file-sharing programs) by blocking the communication ports that these applications use. A firewall will also provide some protection against hidden spyware infections, as it can help stop outgoing data packets that an infected PC may be sending to a cyber-criminal.

A firewall is considered to be the first line of defense in protecting computers from unwanted “visitors” such as hackers, worms, and remote control applications via hidden spyware. Without firewall protection your network is an “open door” to the internet, and anyone (or anything) can easily come in and out. Even if you don’t have any important files to protect, hackers and curious intruders can easily kill all your computers, take control of your network, or damage hardware beyond repair. The small investment in a firewall is nothing compared to the cost of replacing or repairing computer equipment as the result of an intruder’s visit.

Hardware firewalls use various techniques to protect your network against intruders and other internet threats. All firewall rules can be configured to apply to outbound or inbound traffic, so giving you a lot of flexibility and control in how the firewall works. Hardware firewalls can be simple or very complex, depending on the size of the network they are designed to protect. High-end corporate firewalls should be installed by a certified technician, but most home office and small business firewalls can be set up by anyone with a general understanding of networking and good technical ability.

Most hardware firewalls use some form of packet filtering, which is somewhat like a "checklist". Certain types of data packets are allowed through, and others may be blocked. If a packet attempting to travel in or out of a network meets the criteria set for "blocked", it is not allowed to pass.

Another technique that is often used with hardware firewalls is called Stateful Packet Inspection, also known as SPI. With SPI, a hardware firewall analyzes additional characteristics of the data packet in order to determine what to do with it. It checks to see where the packet came from, if it was sent as a response to a user request for information, if it just "appeared" out of nowhere, etc... Combined with packet filtering, SPI really makes a firewall appliance "smart", as it can make decisions whether to block or allow data packets based on logical analysis.

Depending on the type of network they are designed for, hardware firewalls can cost anywhere from $100 for a home firewall appliance up to several thousand dollars for an enterprise-class device. Simple (easy to install and configure) hardware firewalls designed for home use are offered by D-Link, Lynksys, and NetGear. SonicWall and HotBrick are very popular hardware firewalls for small and medium businesses.

For more information, see my Hardware Firewalls page. Another good resource for firewall information is Virus&Spam at bellonline.com
 
How to Secure Your Wireless Network PDF Print E-mail

If you use a wireless network, chances are good it is not secure. If you don’t make some important configuration changes on your wireless router after installing it, your wireless network is wide open to hackers, curious neighbors and people who would rather use your broadband internet service instead of buying their own.

Several of my neighbors have a wireless network set up in their home, and from my living room I can connect to three different networks in addition to my own. I do this easily, using no special skills, software or equipment. All I do is click on my wireless networking icon and select “view available wireless networks”. I choose one, click “connect”, and in an instant I am using my neighbor’s internet connection instead of my own. Kind of creepy, isn’t it?

Following are 6 things you can do to make your wireless network invisible and impenetrable to the majority of intruders.

  • Change the default password of your wireless router. This makes it harder for a would-be intruder to access the router administration controls.
  • Change the name of your SSID. The SSID (service set identifier) is the name of your wireless network, and by default is usually the brand name of your wireless router (like Linksys). Change this to a unique name of your choice. A good rule of thumb to follow when setting up any type of network is to always change the default settings to something else, which makes it harder for an intruder to get in.
  • Use an encryption key. Most wireless routers have WEP encryption capability (Wireless Equivalent Protocol), and the newer ones also have WPA (Wi-Fi Protected Access). WEP is an older standard and less secure than WPA, so if you have both, choose WPA. Even WEP is probably good enough, and if this is all you have choose the highest bit encryption possible (usually 128 bit).
Once you set up encryption on your wireless router, write down the method you are using as well as the key (a long string of cryptic-looking characters), because you will need this to set up encryption on each of your computers that will use the wireless network.
  • Disable broadcasting of your SSID. By default, the SSID (your wireless network’s name) is broadcast to anyone with a wireless network card. Although this makes it easy to configure your computers to access your network, it also makes it easy for outsiders to know about your network. By disabling SSID broadcast, no one will ever see your network.
  • Limit the number of IP addresses your wireless router allows on the network. By default, your wireless router will assign an IP address to as many computers that request one. If you limit the number of addresses that the router’s DHCP server assigns to just the number that you need, you will “block” all other computers that try to connect to your network.
  • Use MAC address filtering. You can configure your wireless router to only allow certain computers on the wireless network by including each computer’s MAC address in the list of “allowed” users. A MAC address is a unique physical address that is hard coded onto each network interface card. It is much like a serial number, as every MAC address is unique.
Find your network card’s MAC address by opening up a command prompt and typing in ipconfig /all. Look for something that says “physical address”, and the series of letters and numbers following this is your MAC address. It will look something like this: 00-06-5B-CE-DA-B5. Key this information into the wireless router’s MAC address filtering setup under MAC address 1. Repeat this process for every computer on your network, using MAC address 2, 3, and so on.

In addition to securing your wireless network, there is one more thing you need to do to make sure your wireless network is safe:

  • Install a personal firewall on each of the computers on your wireless network. If an intruder does happen to get into your network, a personal firewall (also known as a software firewall) will keep him out of your computer. With a personal firewall running, the most an intruder can do is use your internet connection and your bandwidth; he will not be able to access your data.
 
 
Spam Firewall PDF Print E-mail

What is a Spam Firewall?

A spam firewall is a hardware device that sits between your internet firewall and LAN. It is called a "firewall" because it provides data filtering of email packets, and blocks the packets that meet the criteria of "spam". Spam firewalls can also provide anti-virus protection, anti-spyware, anti-spoofing and anti-phishing services, depending on the model you choose. A spam firewall is not designed to protect your network against intruders such as hackers - you will need a regular internet firewall for that.

How Does a Spam Firewall Appliance Work?

Spam firewalls use a variety of methods for determining what is considered spam and filtering it out. Normally a form of blacklisting is used, which automatically filters out email from known spammy addresses. A whitelist may also be used, which allows the administrator to identify addresses or domains that should never be blocked. Keyword scanning may also be used, allowing the administrator or individual user to block emails containing certain keywords or keyword combinations. A form of message authenticity checking is also normally used to identify valid "from" addresses, check details of the entire SMTP process, or validate legitimate IP addresses. Many spam firewall appliances also use bayesian algorithm filtering, which help the firewall block more spam over time as it "learns" what is considered spam based on message history, user input and other analysis. Incoming message flow filters also look at the number of incoming messages and where they are from, allowing them to quickly spot and stop a sudden barrage of spam emails that have been mass-distributed from the same source. Spam firewalls are very "smart" and good at eliminating the majority of spam email that comes into a network. They are not 100% effective, but many come close.

Are Spam Firewalls Expensive?

Spam firewall appliances range in price from around $2000 up to $20,000 or more, depending on the number of users it needs to protect and features. Many spam firewalls have optional features like antivirus or anti spyware. Spam firewalls need to be kept up to date with the latest data on known spam sites, new algorithms, updated filters, etc... This is normally handled by the firewall manufacturer as an auto-update feature. As with most network appliances, an annual maintenance plan is usually purchased for the purpose of keeping the firewall up to date and performing it's best.

What About False Positives?

Spam firewall appliances use many sophisticated techniques to identify and block spam, generally with very good success. Because spammers are constantly change their techniques in order to get their junk mail past the latest and greatest spam filtering technologies, spam firewalls must continually monitor patterns and make filtering corrections. Spam firewall manufacturers are also constantly make corrective configuration changes to keep up with the battle against spammers. For this reason, even the best spam firewall is going to filter out "good" mail from time to time. This is called a "false positive", and administrators (and users) must always be on the lookout for this. Most spam firewalls have sensitivity thresholds that can be adjusted by an administrator to help overcome false positives.

A spam firewall appliance is not your typical "set it and forget it" firewall, but the advantage of having such an appliance on your network far outweighs the need for some administrative work. If your organization experiences a lot of spam mail - get a spam firewall and experience the difference!

DJ is a corporate IT Manager and author of the following sites covering information technology topics: Computer Security for Everyone, Save on Phone Service with VoIP, Internet Phone Service - The Future is Here!
 
Computer Security Authentication by Kent Pinkerton PDF Print E-mail

Computer security authentication means verifying the identity of a user logging onto a network. Passwords, digital certificates, smart cards and biometrics can be used to prove the identity of the user to the network. Computer security authentication includes verifying message integrity, e-mail authentication and MAC (Message Authentication Code), checking the integrity of a transmitted message. There are human authentication, challenge-response authentication, password, digital signature, IP spoofing and biometrics.

William Stallings Network Security Essentials

Human authentication is the verification that a person initiated the transaction, not the computer. Challenge-response authentication is an authentication method used to prove the identity of a user logging onto the network. When a user logs on, the network access server (NAS), wireless access point or authentication server creates a challenge, typically a random number sent to the client machine. The client software uses its password to encrypt the challenge through an encryption algorithm or a one-way hash function and sends the result back to the network. This is the response.

Two- factor authentication requires two independent ways to establish identity and privileges. The method of using more than one factor of authentication is also called strong authentication. This contrasts with traditional password authentication, requiring only one factor in order to gain access to a system. Password is a secret word or code used to serve as a security measure against unauthorized access to data. It is normally managed by the operating system or DBMS. However, a computer can only verify the legality of the password, not the legality of the user.

The two major applications of digital signatures are for setting up a secure connection to a website and verifying the integrity of files transmitted. IP spoofing refers to inserting the IP address of an authorized user into the transmission of an unauthorized user in order to gain illegal access to a computer system.

Biometrics is a more secure form of authentication than typing passwords or even using smart cards that can be stolen. However, some ways have relatively high failure rates. For example, fingerprints can be captured from a water glass and fool scanners.
 
[ Back ]
©2010 iTechGuide Canon Publishing, LLC

Powered by Commercial WebMasters WebRing.