Archive for the 'Certification/Security+/Communication Security/Internet' Category
Firewall Part 1: Firewall List (Internet Security At Work)

     The term “firewall” comes from what was once
an innovation in the fire safety of buildings.  It was a wall
running all the way up from the structural floor to the structural
ceiling to prevent potential fires from spreading from one area to
another. 

Today, if you were to type “firewall” into a search engine you would
only see the term refer to the protection of information systems. 
Sans.org defines a firewall as a system
or combination of systems that enforces a boundary between two or more
networks. Gateway that limits access between networks in accordance
with local security policy.

A firewall configuration might consist of an inexpensive Unix box kept
clean of critical data, with many modems and/or Network Interface cards
with public network ports on it, but just one carefully watched
connection back to a “trusted” private network.
    The exponential growth of the Internet has an
equally growing rate of threats from thieves, cyber terrorists and
black hat hackers with malicious intent.  The newly formed
frontier of cyberspace is a world of anarchy where people are
redefining the words debauchery and greed.  Only the most
knowledgeable and prepared patrons of the Internet will log off 
unscathed from the all malware, cons and Spam trash floating around the
Internet. 

    Network security is paramount to business and even
personal use of the Internet.  Firewalls are “walls running all
the way up from the structural floor to the structural ceiling” of your
network separating your interests from the chaotic lake of fire that is
the Internet.

    For many high end Firewalls supporting large scale
enterprises, Unix has become the center piece for security.
          
Source: Network Security Store – www.networksecuritystore.com
Monday, March 24, 2003
 
Here is a list of popular firewalls for Internet Security:

Blue Coat
Offers: With Blue Coat Director, you can rapidly deploy and configure
new devices. Using flexible configuration templates, administrators can
standardize devices easily-and still customize them based on region or
device-specific settings.

FireGuard 520 is an intelligent
load balancer for scaling multiple firewalls that increases
availability and efficiency of Internet Traffic for Enterprises and
Service Providers.

Nokia BIG-IP FireGuard    
Typically when security is added to the network, the result can be poor
or sluggish performance. Nokia BIG-IP FireGuard ensures the network
firewalls are operating at maximum efficiency, can scale to meet these
increasing needs, and are intelligently balanced to handle traffic
across security appliances to ensure smooth, uninterrupted access to
information for users. The BIG-IP FireGuard 520 provides consistent
site availability by utilizing Extended Content Verification (ECV)
which tests firewall availability beyond a standard ping test and
routes traffic away from a downed firewall.

Check Point
 Enterprise-class security for branch offices and MSPs that
includes web-based management and seamlessly integrates with Check
Point´s Enterprise Management Console, Provider-1 and SiteManager-1.

Cisco Systems
 The Cisco PIX 515E “Restricted” (PIX 515E-R) model provides an
excellent value for organizations looking for robust Cisco PIX Firewall
services with minimal interface density and VPN throughput
requirements. It includes 32 MB of RAM and support for up to three
10/100 Fast Ethernet interfaces (nomenclature has been upgraded).

McAfee
 Protect yourself while online with the advanced security of
McAfee Firewall. Easy-to-use, yet highly configurable, McAfee Firewall
secures your PCs connection to the Internet whether you connect via
DSL, cable modem or dial-up. With intrusion detection, color coded
security alerts, customizable audible alerts, detailed logging, and an
application scan for Internet enabled applications, McAfee Firewall
gives you the power you need to control the communications into and out
of your PC, ensuring that your online experience is as safe as it is
enjoyable  $27.00

NetScreen
NetScreen 5XP is an Internet security appliance integrating firewall,
virtual private networking (VPN) and traffic shaping functionality. It
features wire-speed Ethernet performance for remote offices and
telecommuters. The NetScreen-XP enables enterprises and service
providers to deliver secure, cost-effective Internet connections to
remote offices and telecommuters.

Nokia
Supports Check Point VPN-1/FireWall-1 SmallOffice software
     * Low total cost of ownership – setup and
configured from a remote central
location         thorough a
unique restricted shell
     * Flash based appliance – very reliable for
large deployments, no chance of
disk         failure
     * High performance VPN – will saturate T1 and
DSL lines for seamless LAN
like         connectivity for
remote offices
·    The IP71 runs a “Nokia Secured Operating System” (customized Linux)
·    $800

Norton
NetScreen 5XP is an Internet security appliance integrating firewall,
virtual private networking (VPN) and traffic shaping functionality. It
features wire-speed Ethernet performance for remote offices and
telecommuters. The NetScreen-XP enables enterprises and service
providers to deliver secure, cost-effective Internet connections to
remote offices and telecommuters.

NetScreen firewall
The Netscreen range of firewall appliances combine firewall, virtual
private networking (VPN), and traffic management functions. Every
NetScreen firewall appliance provides hardware accelerated IPSec
encryption, even for 3DES encryption, and very low latency, allowing
them to seamlessly fit into any network. Installing and managing a
Netscreen firewall appliance is easily accomplished using a built-in
WebUI, command line interface, or the NetScreen Global Pro central
firewall management system.

Netscreen firewall security
The NetScreen firewall appliance product line provides a scalable
security solution, ranging from protecting broadband telecommuters to
large corporate offices and e-business sites. NetScreen is a
full-featured firewall using technology based on stateful inspection,
securing against intruders and denial-of-service attacks.

 

RSA Security
Security Features
RSA ACE/Server software utilizes industry-leading RSA encryption
expertise and technology designed to provide a hacker-proof solution.
  

Sidewinder
SecureOS™ with patented Type Enforcement™ technology
* Hybrid firewall combines application proxies and stateful packet filtering
* Advanced filtering mechanisms; Network Address Translation NAT
250 users  5000$
SonicWall
WatchGuard

www.sans.org

Google Hacking Part 1

I love Google.  It is changing the entire Internet for
the better.  The only problem is that their search engine is TOO
effective. 

If  webmasters, security professionals and even home computer
users aren't careful in securing their websites they could end up
posting more information than they bargained for. 

Here is an examples [ copy and paste the code in your browser ]:

http://www.google.ca/search?q=inurl:password+intitle:index-of&num=100&hl=en&lr=&output=search
Results 1 – 100 of about 4,030 for inurl:password intitle:index-of

If you look through the websites you will actually see usernames and passwords.

There are many groups on the Internet that find web site vulerabilites as a
hobby. 
They are called Google Dorks:
www.ihackgoogle.com
http://jn0x00.com
http://linuxweblog.com/node/147

With google hacking ALL roads lead to Johnny Long – iHackgoogle.com

Google Hacking Documents:
Hacking Primer
Google Honey Pot
Google Hacking

Another cool  site I  found among Mr. Longs  Links:
Google Cooking
http://www.researchbuzz.org/cookin_with_google.shtml

Remove the HWCLOCK.EXE/W32.Hwbot-A Trojan

I got the HWCLOCK.EXE when I was testing my new Internet connection.  I noticed it when my Internet DSL connection started feeling like a  56K dialup. 

I removed it by going into Showing all files, going into Safe Mode and deleting the HWCLOCK.exe/W32.Hwbot-A Trojan.

This is a trojan that can actually steal your passwords and other personal data.  On my system is was attacking other system.

I've got more detail instructions on how to remove the HWCLOCK.exe at http://elamb.blogharbor.com/hacked/hwclock.htm

If you found this post or others useful, feel free to donate to

elamb – Home Computer Security.  No amount is too low (or high).

Securing Internet Explorer

Securing Internet Explorer:
Step 1.  Turn Security WAY UP
   Tools | Internet Options | select the Security tab | Move the
“security levels for this zone” to HIGH

Step 2. Turn off and Delete All Cookies.
   The first thing you should do is clear out all your cookies.
   Tools | Internet Options | select the Privacy tab | Move the slider in the Settings area to a higher level of security.  Keep in mind that if you block ALL cookies some sites will be limited or even unaccessable.. but you can always go back and change it.

Limiting the number of cookies you except can increase your privacy

Step 3. Disable Java and Active X
THIS IS PRETTY EXTREME.  YOU WILL NOT BE ALOWED TO LOG ON TO WEB BASE EMAIL ACCOUNTS AND OTHER SITES REQUIRING A LOG IN.  BUT YOU WILL BE ABLE TO SURF. I personally Can not use this because it is TOO restricting.   
   Jave and Active X are know as mobile code because they download software from a remote source (or run from a remote source) to your computer.  Some of the most effective malware are mobile code.
   Tools | Internet Options | select the Security tab | Select the “Costum Level” button which will open up “security settings.”
   Once in Security Settings disable everything under “Active X” and “Scripting.”

What I do is Highten the Security Tab and use Internet Explorer as little as possible.  I use Firefox.  It is also very important to update these (and all other applications) with the latest patches.  This, combined with my router firewall, seems to work really well. 

Neither Firefox or Internet Explorer are secure if you don't take the appropriate measures.

If you do use cookies you should delete them all about twice a week.

http://elamb.blogharbor.com/hacked/igothacked.htm –> get rid of malware
http://elamb.blogharbor.com/broadband/broadband.htm –> secure your broadband connection