gmail security

gmail security

gmail security

Gmail is one of my favorite email products.  Its free, its extremely good at collecting and organizing data (in-line with google’s vision of world information organization domination) and its so intuitive.

The gmail security features are kind of tucked away to bring the organization and search functions to the foreground.  But once you know where they are, its easy.

1. First, browse into your email and sign in.

 

2. Inside your email under your name, click privacy.

3. Under Account Privacy, hit Security and add alternate recovery email and mobile number.   This will allow gmail security to alert you of any suspicious activity such as someone attempting to access your account.

gmail security

gmail security

reset-password

Windows Password Recovery: ONTPRE

Offline NT Password & Registry Editor (ONTP&RE)

Did you lock yourself out of your Windows system?  Forgot your Windows password?  What is the best Windows password recovery?

The best way is to have a Windows Recovery disc ready.  But this is something you must do BEFORE you get locked out.

reset-password

reset-password

There are tools you can use to get into your system, but the first think you should try is to use “Administrator” as the user with no password.  “Administrator” is a default account on Windows systems.  On Windows 7 it is disabled by default but if someone has used the account you may be able to use it as backdoor into the system.

If their is not Administrator account and no Windows Recovery disc you will have to use a Windows password recovery tool.  ONTP&RE is a password recovery tool that allows quick access to windows systems.

Reset Password : Windows 7

1.  Download ONTP&E: First, download the Windows password recovery software from pogostick.net . pogostick.net/~pnh/ntpasswd/cd110511.zip

2.  Unzip ONTP&E:  Files are compressed into 1 folder named ( cd110511.zip).  Unzip the file.

3.  Create CD with ISO:  Set the cd disc creator into ‘image to  disc’’. Burn the image to the cd.  Each CD burner software is different, so you will have to figure out how to create a CD from the ISO.  Sometimes its as easy as double clicking the ISO but it depends on the type of software.

4.  Reboot & Insert:  Actually, you need to make sure your Windows system is able to boot from the CD.  Once its done , insert the cd back to the CD ROM  and reboot your computer.

5.   Computer Boot from CD:  As your computer reboots, keep hitting F2 to go through the BIOS.  Select “Boot Options”.  Some versions of BIOS call this “Boot”.  But the idea is the same.  Go into the BIOS and make sure CDROM is on the top of the list for boot options.  This means that the computer first looks at the CD before going to the Hard Drive.  Instructions on modifying BIOS settings will be listed on the page.

6.  Boot into ONTRE:  Once the BIOS boot option is set, save and exit.  Your system will boot into your ONTRE disc.  Software will start running. Just follow the steps.  “Press enter” to boot into the “Offline NT Password & Registry Editor” CD.

windows password recovery

screen shot of Offline NT Password & Registry Editor

7.  Select an Account:  It will ask you to select an account.  If you hit “Enter” it will automatically boot into the [Administrator] account.

*note: Anything in [brackets] is the default value, so if you hit “Enter” it will auto-magically choose that [bracket] value.. its a linux thing.. you wouldn’t understand.

If you choose the “Administrator” account, you may need to Enable the account since the built-in Administrator account is  disabled by default in certain versions of Windows.

8.  Enable Built-in Administrator Account:  The Windows account  needs to be enabled.  Select 4  and enter ‘to Unlock and enable user Account’.

windows ontpre menu enable

windows ontpre menu

9.  Clear (blank) User Password:  After selecting 4-Unlock and Enable user account, you will be sent back to the User Edit Menu. If you want to clear the Administrator password (if it has one) then hit enter or type Administrator and Select 1 and “Enter” – to clear the user password.

10.  Save Changes:  Once you have made all the changes you want (enabled the Administrator account & cleared any passwords), you are ready for the next step.  Hit  ‘!’ and enter.

Windows Password save changes

Windows ONTP&RE password save change

On the screen it asks ‘What to do’?  hit q to quit. You will see:

Step FOUR:  Writing back changes

“About to write file(s) back.  Do it ?’’

Hit   Y  and enter to save changes.

11.  Last Step:  Hit “Ctrl-Alt-Del” to reboot and eject the cd quickly.  This will allow the system to boot into Windows on the Hard drive.

You can now login as “Administrator” with NO password.

Once you are in as Administrator you can change passwords of any local accounts in Control Panel | Users.

What is Autorun.inf?

What is AutoRun.inf?
What exactly is an autorun.inf? Is it a virus or just a file that needed by other application in our computer to run? Have you ever gotten alerted by your system anti-virus application that autorun.inf was detected as a threat to your computer?

AutoRun.inf is a primary instruction file associated with Autorun function. Autorun.inf is just a simple text-based configuration file that tells the operating system which executable to start or which icon to use. In other words, Autorun.inf simply tells the operating system how to deal on the programs or executable files and how the operating will treat the contents of a CD or any removable disks that is plug to your computer.

Autorun.inf is not a malware, but a virus might use autorun.inf to get access to your computer programs and files. Common virus like bacalid, ravmon.exe and even Trojan virus hides in autorun.inf to easily spread to your computer. These viruses save themselves in the root directory of the infected hard disks and will run themselves every time you double click the drive. Usually if a USB stick or a CD was infected by a virus, once it was plugged to your computer the device automatically runs itself especially with the device where autorun was enabled.

If autorun.inf was detected by your anti-virus as a threat to your computer but not yet tried to make an action then here are some tips to remove autorun.inf which are infected by virus.

You can disable autorun.inf for all drives by configuring the registry of your computer. First you need to open the registry by typing regedit.exe to the command prompt or you may execute it in run. Then look for this registry: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
Double-click the NoDriveAutorun DWORD entry and type the value HEX: FF (255 in Decimal). (If the NoDriveAutorun does not exists, you can create it by right-clicking the right side area of the regedit window, then click New->DWord Value -> type NoDriveAutorun) Close the registry and restart the computer. This procedure will disable all the autorun for all drives of your computer and at least will prevent the autorun function of infected USB drives or CDs and avoid the infection of viruses like the Bacalid and RavMon.exe.

Another procedure to disable or delete autorun.inf that has been infected by virus is by using the command prompt, type cd\ then press enter. You may type the letter of your USB drive or CD drive, for example F: then press enter. Type this attrib h r s autorun.inf then press enter, type del autorun.inf.Thats the easiest way to avoid spreading virus from your computer especially using sutorun.inf. If you have any questions, you can comment on this post, thank you!

Dangers of Surfing the Web with an Admin Account

If you bought a Dell or Gateway, more than likely you only have one account on your computer with no password. That account runs as the administrator. If your system has no user name or password applied, it is running as an administrator account.

This is how so many people get viruses. When you surf the web as an administrator is allows malicious applications (viruses, worms, Trojans and other malware) to download to your computer and run as the administrator. This means they can replace system files with viruses, create back doors and harm other computers on your network. They can also spy on you manipulate your browser or do anything else they want to do.

One way to greatly minimize the effects of viruses is to create accounts on your system and only use the administrator account when its necessary. Create a limited user account that you use when surfing the web, getting into your email or doing other small tasks that don’t require downloading or installing applications.

With a limited account, even if the malware is downloaded, it will not be able to install.

Challenges of Internet Security

The primary challenges of Internet security have everything to do with balancing accessibility and functionality with the three pillars of information security: confidentiality, integrity and availability.

The Internet has become an in disposable tool for research, commerce, art, education and virtually every part of modern life. It was the inquisitive, intelligent, intuitive and creative nature of humanity that created the Internet and its those same qualities that put individual systems linked directly to the Internet in peril. The three pillars of information security are at stake for all systems with connectivity to the Internet. The challenge is in the implementation of the necessary security controls to achieve those three pillars.

Confidentiality:

Confidentiality pertains to protecting sensitive information. Sensitive information can be anything from private user information to classified defense data. Many organization live and die by the protection of proprietary information from competitors. During wartime, the armed services literally LIVE or DIE based on how well certain sensitive information is guarded. In the US Department of Defense is called Operational Security. Since the Internet is a critical part of the DoD (and defense organizations around the world) the confidentiality is a HUGE challenge for their Information systems exposed to the Internet. Some of the threats to there systems include: social engineering, leaks of information and accidental release of sensitive data. All of these threats can be enabled via the Internet.

Organizations must educate their user who have access to sensitive information. I’ve heard some security professionals say that educating users is bad.

But if your users have access to sensitive information (and need to have that access to do their jobs) it is imperative that they not only know WHAT is sensitive, but WHO it can be give to, WHEN it can be shared, HOW it can be share and WHY it can be shared.


Integrity:

Data integrity is very important to all systems passing data on the Internet. Integrity has to do with whether or not the message on the other end of your connection is the same one you actually sent. Whether its your passwords being passed to your bank or the DoD passing data over the Internet, the integrity of the data is imperative. Its often taken for granted until, we are sending an email and the receiver says they got the email but the message can’t be read. Sometimes if the messages integrity is garbled or malformed it simply won’t reach its destination. If the integrity of a message can not be protected in some way or verified and checked, it is possible for someone to intercept your message, alter it, and send it on its way. Integrity is especially critical in banking and financial transactions which is why encryption and authentication take on such an important role for sensitive transactions such as ATM withdrawals, and online banking.

The challenge to maintaining Internet integrity is to ensure that link is encrypted when necessary.


Availability:

If there is no availability there is no mission, no business, no functionality. One of the major challenges of Internet security has been Denial of Services attacks. A Denial of Service attack is when your system on the Internet (or within a network) is flooded with useless traffic such that no one else (not even you) can use it. With a misconfiguration, a denial of service can happen by accident. Its important to test the availability of an online system. Its also a good practice to see what kind of availability and access you are giving. After all, too much availability can compromise the security of your system.

Most challenges of Internet security can tie into one or more of the big three: confidentiality, confidentiality or availability. With those in mind most challenges can be overcome. But the double edged sword of security.. the very nature of it on the Internet is to constantly change and evolve with the Internet. The constant change of threats to those three aspects of security is perhaps the biggest over arching challenge.

Why is Internet Safety Important

Dangers on the Internet
The amazing freedom and availability of the Internet lends itself to a few major dangers: Pr0n, malware and how to perform illegal and/or dangerous activities.

Whether it is a curious person seeking these things out or the child accidentally clinking the wrong link and getting bombard with explicit pop-ups, the items lists can be harmful to an impressionable mind. Policies must be enforced.

There are a few groups that should have limited exposure to certain types of information on the Internet. Children, mentally handicapped or psychologically damaged people in settings such as schools, homes, rehabilitation or correctional facilities and group homes should be blocked, tracked and monitored while accessing the Internet. Certain information could destroy them if they don’t yet have the capacity to understand or put certain information in the proper context.


Protection from Pornography & Malware

In a professional setting there should be a written policy against accessing and/or downloading unacceptable material such as pornography. These items should be actively blocked whether in a working environment or at home among minors accessing the same system. Allowing impressionable or fragile minds unlimited access to certain graphic material is irresponsible. The law is also a good reason why Internet safety is important. If you are the owner or charged with immediate control of the system being used for illegal activity, you could be partially or wholly liable for the activity. An example is substitute teacher Julie Amero

On October 19, 2004, Julie Amero was substituting for a seventh-grade language class at Kelly Middle School in Norwich, Connecticut. The teacher’s computer was accessed by pupils while the regular teacher, Matthew Napp, was out of the room. When Julie took charge, the computer started showing pornographic images.

On January 5, 2007, Amero was convicted in Norwich Superior Court on four counts of risk of injury to a minor, or impairing the morals of a child. Her sentencing was delayed four times after her conviction, with both the prosecution and judge not satisfied that all aspects of the case had been assessed.[1] The felony charges for which she was originally convicted carry a maximum prison sentence of 40 years

– wikipedia

The Kelly Middle School systems were actually infected with malware that allowed the explicit pictures to pop up.

Access to Dangerous information

From the Columbine shooters to the Virginia Tech massacre, most of the killers had a recorded history of mental illness and/or psychologically instability. In many cases, they used public and/or home computers belonging to their parents to research bomb making or even purchase guns.

Controlling access is the best way to get on the Internet safely. Maintaining privacy of users is another important step in Internet safety, however that is a matter of educating users particularly if the frequent Social networks such as facebook or myspace. They need to be instructed about the dangers of stalkers, perverts and predators looking specifically for impressionable minds.

We are the keepers of these impressionable and fragile minds. That is the reason Internet safety is important and why we must be mindful of these subjects.

Which Is Faster Wireless Router Or Wired Internet

Wireless Routers vs Wired Router
fig. 1, which is faster wireless router or wired internet

Overview: Routers, switches and hubs (1) (a.ka Internetworking devices) give you access to the Internet (2) via some sort of ISP device (broadband modem, DSL ect) (3). The speed onto the actual Internet depends on the service you have purchased with your local ISP (4). They are the gatekeepers (AT&T, Comcast, Verison, Local ISP ect). This usually creates a bit of a bottleneck because your local area network (LAN) is much faster than your connection to the actual Internet. You actual connection to the Internet is controlled by your ISP. Wired LANs will allow you to get from 100-1000Mb/second, Wireless will get from from 10-250Mb (depending on how far from the wireless router you are and what type you get).

ISPs allow you to go anywhere from 56Kbs – 12Mbs:

Dial-up: 56Kbs – (4 minutes to download 1.7MB file)

DSL: up to 6Mbs – (2 seconds to download 1.7MB file)

Cable: up to 12Mbs – (1 second to download 1.7MB file)

*the math: 1.7 Mega Bytes is 13,600,000 bits (per second) of data divided by n, where n is your speed (i.e. 56K = 56,000 bits per second)
**There is a technology called WiMax Worldwide Interoperability for Microwave Access (802.16e) coming out that will allow wireless to go directly in your home from the ISP at 70Mb/second and that will beat every currently on the market.

If you have a home LAN (more than one computer in your home linked together connected to the Internet), your network is passing data at about 100Mb/second – which is really fast for even really large files. But this is where the Wireless vs. Wired Internet comes in. Don’t confuse your internal network speed with your connection to the Internet (see overview).

Should you go with a wireless or a wired router?
Any wireless router you get will have both options available, so you are better off getting a wireless. The cost isn’t usually that different unless you want a high end wireless which will usually be between $20-$50 more.

Which Switch is Faster, wireless or wired?
It really depends on what kind you get. However, the fastest wired router will beat the pants off of the fastest wireless. Wired routers go up to 100-1000Mb. Of course, I high end wireless can have everything a high end router has (including those super 1000Mb speeds).

SUPER HIGH END HOME ROUTER

Prevent Computer Viruses

In the last three years or so I haven’t had a single computer virus on my main system unless I put it there on purpose.  I use a very simple method to prevent computer viruses and malware from ever getting on my system. 

check it out here: http://elamb.org/hacked/how-to-prevent-computer-virus.htm

 

Spy on Co-workers, Spouse and Kids

a message to a reader.

A personal note about monitoring: I spied on my wife and I’ll just say that there are somethings you may not want to know. Now, I know that a spouse and a child are totally different issues, I would just like you to realize the power of these tools. You must also take great care in making absolutely CERTAIN they don’t find out you are spying, because trust is sometimes impossible to get back. It can be like throwing gas on a candle flame. There are also tools that can counter the spying tools.

With all that being said: I’ve got two beautiful little girls and when they are old enough I will DEFINITELY spy on them. Its not so much my lack of trust on them, as it is my knowledge of predators on the Net.

Terms for you to know:

keylogger – software or device that monitors every key stroke. Used by parents, spouses, bosses and covert, subversive spying. Typically only for a local machine (you install it on a system then have to get on that machine to get the data off of it when they are gone.)

network keylogger – keylogger for every computer on a network managed from a primary computer. These are more expensive but can give real-time spying.

Stealth mode – keyloggers/spy software usually has a key stroke like Ctrl+Alt+6 that will allow you to make the application run completely undetected.

Tools:

These tools range from 30-day free demos to $300 for some of the better tools. I won’t spend less than $29 dollars if you are not computer savy. There are $10 one that are created by independent hackers but you have to know computer well to use them.

Review of spy tools
(look through this list – look for fairly priced software that looks easy to use and have the ability to send information to you via network, email or share drive. If you can get the spy data when they go to school or work then you don’t need it emailed or networked.
Don’t worry about technical stuff, they will usually tell you exactly how to use it unless you get some 10 dollar product made for hackers.
)

1 2 3 6