Techie Tips

I read through this article by Dark Reading and thought it was a rather up in your face and common sense.  I also felt it was worth sharing with anyone who was interested.  It references company data, but is just as valid for personal data.  In this day and age where we are part if so many groups and clubs with our data being shared by us…we become our own worst enemy.  Best way to see what is out there about us is to Google ourselves, personally I prefer Startpage (https://www.startpage.com/) as it is third party confirmed security for privacy and they yield the Google results without recording your IP address.

Just some food for thought.

http://www.darkreading.com/insider-threat/167801100/security/security-management/232301074/protect-insider-data-by-googling-first-often.html?nomobile=1

Advertisements

Malware Part 2

As mentioned in part 1, there are a great number of people out there who want your information…its not personal, its just business.  The only way to protect yourself is to keep your anti-virus software, anti-spyware, and anti-malware up-to-date.  And unfortunately that is not always enough!

We each must take greater control of the reins, so-to-say.  There are a plethora of sites out there with information on all of the latest viruses, spyware, and malware out there.

At the command prompt you can run a “netstat -an”: the a option displays all connections and listening ports; the n option displays IP addresses and port numbers in numerical order for easier readability.

You will see something similar to Figure 1 [refer to Malware Figures:Figure1] which will yield the status of your network with relation to your computer.  NetBIOS networking ports (135, 137, 138, 139, & 445) and an HTTP connection (port 80), telnet port (23), and FTP session port (20 and 21).  Hackers and malware can use common ports to infiltrate your network and computer(s).  I found an interesting ports list which is quite extensive.  It gives you a good amount of information and what specific malware or virus may use that port.  Use of the “netstat -at” allows you to view active network connections. [refer to Malware Figures:Figure2]

And there is the “net use” command at the command prompt which shows you what drives are mapped to an external system. [refer to Malware Figures:Figure3]

You can also find a variety of free tools via McAfee to aid in detection, removal, or personal training and knowledge.  One that is tauted as being very useful is Vision which is a port mapping utility.  Just perform a search on the internet, but I would be careful as to which you download to use.  The best thing to do is to check on various sites such as PC World, C|Net, and other reputable informative sites.

Your Task Manager is a wealth of information (CNTL + ALT + DEL) which shows you what processes are taking place and their memory consumption. [refer to Malware Figures:Figure4]

And the performance tab will show how it is performing with all of the extras running in the background. [refer to Malware Figures:Figure5]

There is quite a bit at your disposal to determine what is going on.  The internet, blogs, and many of the how to sites contain a wealth of information and everything you ever wanted to know about either your computer problem or how to understand what is happening and how to fix it.  YouTube.com is also another great tool for how to’s and Wikipedia is a good source of info – PROVIDED THAT YOU RESEARCH THE FOOTNOTES AND SOURCES! Take nothing for granted on that site, as it can change with the wind.

Malware Figures

Malware Part 1

Malware (or Malicious Software), in all of its forms, seems to be the greatest threat to everyone’s computer and every network.  Malware shows up in a variety of forms: Trojan Horses, Viruses, Worms, Rootkits, Logic Bombs, and Spyware.  Generally speaking, malware attacks exploit vulnerabilities that could be prevented if we would just automatically our computers and anti-virus software.  It is also a great idea to use both anti-virus software and anti-malware software.

Trojan Horses is a malware that is a reference to the Greek horse perceived to be a gift to the city of Troy, but was used to infiltrate the city defenses.  Same idea applies, this malware is generally sent via email and is executed when you open the email, or execute the program.

Viruses are usually self-replicating programs which are attached to executable files and essentially chew up all your useable memory.

Worms are self-propagating programs which load up into memory, exploit known specific software vulnerability and often are a main cause of computer crashes.

Rootkits are applications that are used to control a computer, where the grand prize is the crashing of your machine or the theft of personal information.  Rootkits can do a number of things all of which are destructive to the machine and the information which it possesses.

Logic Bombs more often than not are programs left behind by disgruntled employees to go off at a future time, event, or a specific person logs in to their account.

Spyware generally spy on your computer and retrieve data by sending it via email in the form of a screen shot, or as a keylogger – sending all keystrokes to an email or saving it to a device.  Adware is quite similar but not as intrusive as it places an advertisement on your computer.  Programming interfaces that can be maliciously manipulated are:  Java applets, Microsoft .NET applications, ActiveX controls, and VBScripts, Windows Script Host, and JavaScript programs.

There are a number of things to be done in order to protect yourself and your computer, as well as your network.  Keep an eye on what is happening in the IT World through internet based subscriptions (most are free), such as Information Technology, Emerging Threats, Dark Reading, Slahdot, and the list goes on and on.  Just complete a search on lists for Trojan Horses, Viruses, Worms, Rootkits, Logic Bombs, or Spyware and you will find a plethora of information as to what exactly is out there.  Regardless if it was created for a good reason, there is always someone who will use it for ill purposes.  Unfortunately it is inherent in man to do so!  Consider hacking, for instance…there are ethical hackers (White Hat Hackers – the proverbial good guys) and there are those with unethical intentions (the Black Hat Hackers – the bad guys always wore black hats in the old westerns.)

The internet is a great tool, just like a computer, a Smartphone, a tablet, or even a virus for that matter.  They are tools in an arsenal to allow you to accomplish specific tasks.  This shows the beauty of the Smartphone as a tool, you can set up all of your subscriptions on the device and many of which have applications available.  A virus can be a tool to see if your anti-virus software is working properly; your security software is either working properly and you are safe, or IT ISN’T!

Perhaps some countermeasures will be next, we shall see.  Until the next time…

Resources:  http://www.ethicalhacker.net/, https://www.eff.org/, http://slashdot.org/, http://www.bitpipe.com/, http://it.toolbox.com/topics/, http://www.cnet.com/, http://www.infotoday.com/, http://www.darkreading.com/, http://www.secureidnews.com/, http://www.cybersecurityhome.com/

Bibliography

Beaver, K. (2004). Hacking For Dummies. Hoboken, NJ: Wiley Publishing, Inc.

Ciampa, M. (2009). Security+ Guide to Network Security Fundamentals. Boston, MA: Course Technology.

Book Review

Hacking For Dummies by Kevin Beaver, CISSP

I am reading through the book “Hacking For Dummies” which is a platform to assert ethical hacking exercises. Keep in mind that even the good have a tendency to turn to the dark side, at times. It is a 21 chapter book with appendices. I have made it through to chapter 10 (“Wireless LANs”). Each chapter has many great suggestions on penetration testing of your network, free & costly tools to assist in doing so; however, it also puts forth ideas to countermeasure and prevent an attack. I have never attempted anything as such, before. Although, I do believe it is a necessary evil to be understood in order to truly be a proficient IT Specialist, Technician, or Manager.

Using Wireshark on your network can assist in your troubleshooting woes, determine weaknesses, etc. Also, the use of Netstumbler can be a troubleshooting aid, by locating and mapping your network as well as locating weaknesses. Is important data stored in clear text format, or encrypted? This is very important to know.

Attempting to understand the basics of how a hacker does his, or her, job will aid you by leaps and bounds in protecting your network. This book, overall – regardless if you use these tips or not, yields great ideas to protect your network! Better to implement before hand rather than after the fact.

Techie Tips

Facebook accessing tip.  You can determine if your account is being logged on to by someone who does not belong by receiving an email or text message making you aware of those computers accessing your account.  You set up log in approval which Facebook would require you to enter a security code.  You can view the activity and stop unwanted access.

It can be cumbersome and quite the hassle for accessing your account, but the ending note is this:  WHAT IS YOUR ACCOUNT SECURITY, PERSONAL INFORMATION, AND CONNECTIONS WORTH TO YOU??

http://howto.cnet.com/8301-11310_39-57339833-285/find-out-if-someones-logging-in-to-your-facebook-account/

Techie Tips

The Staysafeonline.org site has a plethora of interesting tips and strategies for the kids, high school and university students, and especially for the parents – just so they can be in the know.  It is all so basic that it could not be so bothersome for the IT professional to review them; perhaps, save a copy of these pdf files for themselves.  They are great information to be passed out to all.  The old adage stands true, “repetition is the mother of skill!”

Whether in the home, at a business, in the classroom, whatever and where ever – the information is intended to protect you, your devices, networks, and most of all YOUR DATA!  It is through Social Engineering where hackers gain most of their information to gain access to your network, computer, or data.

Many people that I went to classes with spoke of some of their roommates and their antics when they left their computer unattended and wide open, they would change his password and log out.  He of course would not have access to his homework which was due the next day.  In this aspect, this is what you must concern yourself with on a daily basis.  Hackers are always pinging and searching for an open network.

Check the site out for basics in the protection of your network and data.  You keep ever vigilant in the protection of your property, your most prized possession is your personal information and the data entrusted to you!  Considering the fact that there are an estimated 175 million users on Twitter and an estimated 800 million user on Facebook worldwide (these are estimated Registered Users, which indicates active accounts not necessarily active users.)  Keep that in mind while you consider the fact that there are an estimated 6.9 Billion people in this world.  Someone has got to be up to something fishy, don’t you think?

http://www.staysafeonline.org/sites/default/files/resource_documents/