Elamb Cybersecurity

Blog

  • Are the Friendly Skies Still Friendly? Air Travel Post 9/11

    “Good afternoon sir. How are you today? I need to see your boarding
    pass and ID please. Please remove your outermost garment. You’ll need
    to take your laptop out of the case and place it separately in the bin.
    Sir, I would recommend removal of your shoes. They look like they will
    set off the metal detector. Yes, I would also recommend removing your
    belt, as well. Do you have any other metal or foil in your pockets,
    sir? Keys, cell phone, money clip, coins, gum wrappers, cold medicine,
    batteries, lottery tickets, cigarettes? Sir, I’ll need you to place
    your newspaper and bagel in the bin please. No, I’m sorry cigarette
    lighters and Swiss army knives are prohibited items. You will not be
    allowed to bring those on the aircraft. You may voluntarily relinquish
    these items; you may return them to your vehicle; give them to a
    non-traveling companion or mail them home to yourself. Thank you, have
    a great flight, please step through the metal detector now.”

    If you’ve flown the friendly skies since 9/11, you’ll notice some
    major changes at the airport checkpoints. At times you’d think you were
    stepping into a third world country with the dozen or more federal
    security screeners herding you through the process of merely getting to
    the gate prior to boarding the aircraft. Due to heightened security,
    new safety measures were implemented November 19, 2001. These measures
    should not be looked upon as invasive or time consuming, but rather
    offer peace of mind knowing all others on the aircraft are screened in
    the thorough manner.

    Following these tips will help you reduce your wait time at the
    security checkpoint. Do not pack or bring Prohibited Items to the
    airport. Place valuables such as jewelry, cash and laptop computers in
    carry-on baggage only. Tape your business card to the bottom of your
    laptop. Avoid wearing clothing, jewelry and accessories that contain
    metal. Metal items may set off the alarm on the metal detector. Avoid
    wearing shoes that contain metal or have thick soles or heels. Many
    types of footwear will require additional screening even if the metal
    detector does not alarm. Put all undeveloped film and cameras with film
    in your carry-on baggage. Checked baggage screening equipment will
    damage undeveloped film. Checkpoint x-ray will not damage any
    undeveloped film under 800 speeds. Declare firearms & ammunition to
    your airline and place them in your checked baggage. If you wish to
    lock your baggage, use a TSA-recognized lock. Do not bring lighters or
    prohibited matches to the airport. Do not pack wrapped gifts and do not
    bring wrapped gifts to the checkpoint. Wrap on arrival or ship your
    gifts prior to your departure. TSA may have to unwrap packages for
    security reasons.

    Most importantly arrive at least 60-90 minutes prior to the
    departure of your flight to allow adequate time to check in and to be
    screened. The screening process cannot be expedited. The employees will
    do a thorough, consistent job regardless if your flight leaves in an
    hour or in 3 minutes.

    Following these simple tips will ensure a safe, peaceful flight. Further information can be found at the tsa.gov website.

  • Cisco forces Lynn presentation taken down.. oh.. here it is

    Mike Lynn publicly released flaws to Cisco routers and presented at the
    Black Hat and Defcon 13. Cisco and ISS obtained a court order barring
    Lynn and the Black Hat organization from further disseminating of his
    presentation.

    Heres is how to find it.

    read more | digg story

    Here is a video of Cisco actually tearing pages out of the Black Hat books: http://downloads.oreilly.com/make/cisco.mov

    Why is Cisco doing this?

    Apparently, they were going to release the product with the same flaw.

    Appearently hackers are not happy.

  • 5 Simple ways to keep your computer secure and virus free

    These simple tips will help you stay virus and spyware free, even if you're connected to the internet 24 hours a day.

    1. Protect yourself

    Good protection on the Internet these days consists of 3 components: anti-virus software, anti-spyware software and a firewall.

    Good virus protection doesn't need to cost you a fortune. You can get excellent free anti-virus software at www.grisoft.com. Even the professional version of their software is very affordable.

    For spyware protection, go to www.lavasoft.de and download Ad-Aware SE Personal, also free. This will zap the most common spyware and adware found on the Internet.

    As for a firewall, Windows XP ships with a decent enough firewall. Just make sure it is always enabled. Alternatively you can visit a site like www.download.com and search for Zone Alarm, which has an excellent free version.

    The most important thing to keep in mind is that you need to keep your anti-virus software up to date. An anti-virus program that uses definitions that are months old is just about useless.

    Update your anti-virus and anti-spyware software at least once a week.

    2. Stop opening every attachment you receive.

    Most of the devastating worms and viruses of recent times were distributed via email. These viruses feed on the curiosity and also the ignorance of a huge number of email users. People will get an email from fakename@weirdsuspiciousdomain and they'll just open whatever file is attached to it.

    If you don't know the sender, don't open the attachment – just delete it. It doesn't matter if the subject promises you'll see Britney Spears dancing nude on the kitchen table, just delete it.

    If the email is from someone you know, always scan any attachments first before downloading or opening them.

    If every email user in the world followed these simple guidelines the distribution of viruses via email will grind to a halt.

    3. Stay clear of pornographic and illegal software sites

    *I know, I know… Why on earth go on the Internet if you can't have your porn and download it too?!  There are safe Porn sites but we will not address those in this blog… sorry.. Fark has some pretty good links to decent smutt.*

    If you want to pick up viruses and spyware quickly, visit some pornographic web sites. One wrong click on a subtle little pop-up or security warning window (which you'll run into often on these type of sites) and you'll have infested yourself with trojan horses, spyware, dialers and other unfavorable software that could leave your computer wide open to further attacks.

    The same goes for web sites distributing software, serial codes and cracks illegally (warez).

    Simply put – keep out of the dark side of the web and the odds of keeping your computer clean shifts decidedly in your favor.

    4. Watch out what you download

    Spyware is embedded in a lot of software on the Internet – especially those related to ripping, converting and playing music and videos. That free MP3 player or DVD Ripper you just downloaded may have installed a bunch of harmful spyware without you even knowing about it.

    5. Keep yourself informed

    Major anti-virus software developers like Symantec and Grisoft updates their sites regularly with the latest virus alerts. Visit these sites frequently to keep yourself aware of what threats are doing the rounds and how to avoid them.

    Using these simple and software I have kept my computer virus-free for the past 3 years. It's not rocket science. Just stay alert, use some common sense and you too can stay bug free while still enjoying your Internet experience.

     

    Tips on Broadband Security –>

    http://elamb.blogharbor.com/blog/BroadbandInternetSecurity

    Get rid of Trojans Smithfraud/HWclock.exe

  • Hackers vs terrorists: online anti-jihad

    MI5 and patriotic hackers have formed an unlikely alliance to close down their sites.

    Its about time.  The best Defense is a good offense.  I agree with Bruce Schreier.  Their are too many soft targets to protect.  We need to find the source and deal with these murderers.  That is where the money should be spent.  Don't want to get too political on this blog but its something I feel strongly about.

    read more 

  • Defcon's Infamous Wall of Sheep

    One of my favorite traditions at the Defcon is the “Wall of
    Sheep.”  It displays all the “sheeple” that have not secured there
    systems yet feel compelled to get on the Defcons Wi-Fi. 
    During Defcon 11 one guy was there doing his
    taxes!!  Needless to say he was tripped naked and paraded
    around the conference like an apple stuffed Luau Pig.  At least
    they didn't display his Tax ID.       

    Take K. Rose's advice… If you're going to Defcon, don't turn on your laptop.

    read more | digg story

  • A Comparison of Windows vs. LINUX

    Many of you who are reading this article are using Windows as most of the other internet users do. There is a huge difference between the number of users of LINUX and Windows. Some say Windows is much better than LINUX because it gives you an easy handling of the hardware and software. Some say LINUX is much better because it started as Open Source software and that’s why it is much more flexible than Windows. Then why there is a huge market difference between these operating systems?

    The answer to this question is quite easy. Since 1985, computer users and programmers became so accustomed to using Windows, even for the changing capabilities and the appearances of the graphical interface of the versions, therefore it always stayed as the product of Microsoft. On the other hand, LINUX has so many different versions from a variety of companies some of which are namely Lycoris, Red Hat, SuSE, Mandrake, Knoppix, Slackware, Lindows. These companies release their own versions of the operating systems with slight changes, and yet always with the same kernel. This variety and the fact that none of these companies are even close to competing with Windows, mostly causes the difference in the market. Nevertheless, this reality might drastically change after Novell’s purchase of SuSE.

    Linux and Windows differ in many aspects. First of all, the Linux GUI is optional while the Windows GUI is an integral component of the OS; speed, efficiency and reliability are all increased by running a server instance of Linux without a GUI, something that server versions of Windows can not do. The detached nature of the Linux GUI makes remote control and remote administration of a Linux computer simpler and more natural than a Windows computer.

    Secondly the command prompts of these operating systems are quite different. In general, the command interpreters in the Windows 9x series are very similar to each other and the NT class versions of Windows (NT, 2000, XP) also have similar command interpreters. There are, however differences between a Windows 9x command interpreter and one in an NT class flavor of Windows. Linux, like all versions of UNIX, supports multiple command interpreters, but it usually uses one called BASH (Bourne Again Shell). Others are the Korn shell, the Bourne shell, ash and the C shell (pun, no doubt, intended).

    The costs are amazingly different. While you have to pay some hundred dollars for a new version of Windows, you can simply go and download Linux. As it comes from the nature of Linux, there are no manuals or simple installers for the free version, however. You really have to know what you are doing while using this free package. There are also some easy automated packages of Linux for low prices, as well.

    The security issues with Windows, as most of you already know, are the biggest cons of Microsoft. Most of the malicious files, spyware, adware programs deal with Windows. You generally do not deal with these kinds of unwanted circumstances unless you are working with Windows. The user-id and password protection for Windows can also be easily bypassed, whereas Linux offers a strong protection in releases such as the NSA's Linux-SE.

    The only area that Windows beats Linux in this “competition” is the software availability. As it was mentioned above, most of the software releases are configured for Windows. If you are using Linux, you have to emulate Windows with a special software and then you can use your windows based programs. Another option can be to install Windows as a subsystem to Linux which takes all administrative abilities of Windows and gives them to Linux.

    After mentioning some of the different aspects of these operating systems, it can be said that all Linux needs to compete with Windows is some user friendly interface and a strong company support which can provide the users with technical information and user manuals.

  • Keep Your Home Wireless Network Secure

    Wireless can be a huge risk to your personal life.  Wireless has been one of the most unsecured methods of computers. 

    Working from home while using a wireless local area network (WLAN) may lead to theft of sensitive information and criminal or virus infiltration unless proper measures are taken.  As WLANs send information over radio waves, someone with a receiver in your area could be picking up the transmission, thus gaining access to your computer. 

    Criminal hackers and spammers could load viruses on to your laptop which could be transferred to the company's network when you go back to work.

    Up to 40% of WLAN (see Wireless Attacks links below) users do not have standard security features installed, while 20 per cent are left completely open as default configurations are not secured, but made for the users to have their network up and running ASAP.

    It is recommended that wireless router/access point setup be always done though a wired client.

    Change default administrative password on wireless router/access point to a secured password.

    Enable at least 128-bit WEP encryption on both card and access point. Change your WEP keys periodically. If equipment does not support at least 128-bit WEP encryption, consider replacing it.

    Although there are security issues with WEP, it represents minimum level of security, and it should be enabled.

    But how secure is WEP:

    WEP Cracked in 10 Easy Steps (Video)

    WEP Cracked in 10 Minutes (Video)

    How to Crack WEP parts 1 & 2 (Tutorial)

    WEP is not very secure but it is better than nothing.  Without it neighbors can accidently access your network that is being broadcast for all with reception.

    Change the default SSID on your router/access point to a hard to guess name. Setup your computer device to connect to this SSID by default.

    Setup router/access point not to broadcast the SSID. The same SSID needs to be setup on the client side manually. This feature may not be available on all equipment.

    Block anonymous Internet requests or pings.

    On each computer having wireless network card, network connection properties should be configured to allow connection to Access Point Networks Only. Computer to Computer (peer to peer) Connection should not be allowed.

    Enable MAC filtering. Deny association to wireless network for unspecified MAC addresses. Mac or Physical addresses are available through your computer device network connection setup and they are physically written on network cards. When adding new wireless cards / computer to the network, their MAC addresses should be registered with the router /access point.

    Network router should have firewall features enabled and demilitarized zone (DMZ) feature disabled.

    You can test your hardware and personal firewalls using Shields Up test available at http://www.grc.com.

    All computers should have a properly configured personal firewall in addition to a hardware firewall.

    Update router/access point firmware when new versions become available.

    Locate router/access point away from strangers so they cannot reset the router/access point to default settings.

    Locate router/access point in the middle of the building rather than near windows to limit signal coverage outside the building.

    While none of the measure suggested above provides full protection as countermeasures exist, a collection of suggested measures will act as a deterrent against attacker when other insecure networks represent easier targets.

    Another more recent method of securing your system is WI-FI Protected Access (WPA).  Newer routers will have a wizard to assist users in setting up the WPA security.  Although WPA is more secure than WEP, it can also be hacked:

    Crack WPA (WPA)

    WPA2, recently released, offers a new hope for a very secure and trusted Wireless solution.  Unfortunately it may not work with older routers.

     

     

    Wireless Attacks

    http://www.eweek.com/article2/0,1759,1605143,00.asp

    http://www.onlisareinsradar.com/archives/000624.php

    http://www.pcmag.com/article2/0,1895,2345,00.asp

  • Spam and Phishing, Europe and the USA against the scourge

    From the analysis of Trend Micro, a company that specializes in computer security, you can clearly see that the year 2004 was a record year for the distribution of computerized viruses: 30 attacks, 28 of which medium risk and two high risk. Three worms held the first position: Bagle, Mydoom and Netsky, which, together with their variants, were the cause of 25 of the registered attacks.

    Email was the preferred channel of diffusion of the several black hat hackers, but others chose to channel illegally to create more, serious damage. The indiscriminate sending of email messages and/or newsletters, Spam, without the consent of the receiver, is illegal. In some countries (the most developed ones), the authorities established that: to send email published without the consent of the receiver is illegal. If this activity is done systematically for profit, you also violate a criminal norm and could be reported to the judicial authorities.

    There are several sanctions, and in the worst case, imprisonment. The considerable damage that these activities have done to companies and people has been enormous moreover another tragedy called Phishing, the name given to the system that captures information, like passwords or other personal information, used by many criminal hackers and digital con artists pretend to be reliable people with a real need for information send false emails containing eBay, Pay Pal graphics and official logos and also offer Banking and Credit Card services, asking you to fill in a form enclose in the same email or on a web page with your personal data, and often with your passwords or Credit Card numbers. The form has nothing to do with the official organism imitated in the mail so the password or Credit Card number ends up in the data bank of the black hat who had sent the false email. The experts define this illegal practice as a form of “Social Engineering”.

    The latest news reported on this issue is that in order to fight the main threats coming through the web: Spam and Phishing, Europe and the United States have promoted two very distinct initiatives that will start at the same time. The intention is to defeat that virtual monster that has caused damage worth millions of Euro year after year, and according to the experts, will involve a considerable number of people. “Safer Internet Plus” is the project carried forward in Europe. The main target of the project is to beat Spam. The American project on the other hand is called “Digital PhishNet” and is based on the collaboration of several institutions, such as the FBI and private companies. The target is to identify and to bring to justice those people responsible for online fraud, thanks above all to the technique of Phishing.

    Glossary
    Computerized virus, means small programs able to change clone itself, self send in order to damage or make a network or a single machine vulnerable.

    Spamming means the indiscriminate sending of email and/or newsletter messages, without the consent of the receiver.

    According to the definition in “Wikipedia” the word Phishing is the capture of personal information, like passwords, personal information, the hacker hiding himself as a trustworthy person with a real need for that information. It is a form of “Social Engineering”.

    Social Engineering is the most simple and reliable means of obtaining information that you could not learn otherwise for example username or even your personal data (address, telephone number, etc).

    A Black Hat is a criminal hacker.

  • PGP creator cooks up Net phone protection

    PGP creator Zimmermann has developed a prototype of an Internet telephony application that encrypts calls to prevent eavesdropping. He plans to unveil the prototype on Thursday at the Black Hat Briefings security industry conference in Las Vegas.

    read more | digg story

  • Insecurity at Black Hat: antivirus vulnerabilities

    This is the reason I manually remove many of the viruses that I've gotten.  For one thing they sometimes don't recognize the virus and until the anti virus software creators update the signature file and for another thing experts are warning that the popularity of antivirus software could turn the defensive measure into a security risk.

    read more | digg story