I thought I would do a review on this plug in available for most web browsers the plug in is called HTTPS everywhere
This plug in was created by the creators of the Tor network and the EFF what this plug in does is when you visit a HTTP website that supports HTTPS it will redirect the browsing session to the HTTPS part of the site which make your browsing more secure due to the fact that the session is now fully secure with the HTTPS protocol
now this wont work for every website as some websites may not have HTTPS enabled at all but it ads that peace of mind that you have a automated way to be as secure as possible at all times
Where can you get the plug-in ?
See links below
Here is the link for chrome
this plugin can be useful for businesses and home users to protect thier experince online
have any thoughts of the plugin ?
Leave a comment and tell me what you think !
In this post I will go over what I think should be part of every businesses security process
What is establishing a base line ?
the purpose of establishing a baseline is to know what is normal and what is not normal activity
on your network for example
if you have a website www,mysite.com you should know how much traffic you get to your site
how many logins a day how much server resources are needed to run this website
this helps with security and troubleshooting example
if your site is really slow you check your servers logs and you have 100+ logins per hour and your CPU usage is high
if you have no baseline what do you compare to ? is this simply regular traffic and your server needs to be upgraded or are you being attacked ?
without a simple baseline you would never know
Also a baseline means rolling out servers and network equipment with a security configuration that adheres to security best practices
for example Microsoft has a tool called MBSA or Microsoft security baseline analyzer this tool make sure
your server are configured to meet the security needs of you servers and your clients
making sure your systems are patched and are following best practices for password security
how else can you establish a baseline ?
1.) check your servers and network equipment regularly for trends in activity
2.) keep a minimum security baseline by following security best practices i.e password with at least 8 characters
3.) run automated tools like Microsoft baseline security analyzer for your windows server
These are just some examples
you can also reference this document by the NIST http://csrc.nist.gov/publications/nistpubs/800-27A/SP800-27-RevA.pdf
which recommends other ways to establish a baseline security policy
So all in all remember maintaining a baseline is just as important as the firewall you rely on to
secure your network
That’s all for this article
If you have any comments or suggestions please let me know !
as always stay secure !!!
In this post I will talk about drive by downloads what they and the risks they pose and how to stop them
First off what are drive by downloads?
Drive by downloads are downloads that occur when a web browser surf to a page that hosts a script to download unwanted software on a user’s computer without the user knowing this usually is a popup or an ad that when clicked sends the user to the site that hosts the malware
The way it works in the background is the script on the webserver is looking for the type of request that the webserver receives for instance if the request comes from a Firefox browser the request would look like this
Request Header set User-Agent “Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
with the above header we can tell that the browser is Mozilla version 4.0 on a windows system the webserver uses this information to run a exploit that it has in its database to exploit the web browser this is extremely effective since it is running a targeted attack against the browser instead of attacking a Firefox browser with a exploit that is used for internet explorer
This type of attack also analyzes what plugins are available and enabled on the browser for example java and flash to also run attacks on outdated plugins
This type of threat comes with risk of having unwanted software that can spy on your activities (spyware) and install malware on your computer (viruses) that can take control of your system and exploit other systems on your network businesses need to be especially careful from this type of attack
How do you stop it?
In order to stop this type of attack you can use the following layers of security
1.) Run up to date plugins make sure all you plugins on your browser are up to date
2.) Have firewall and antivirus software installed
3.) Enable web filtering when you enable web filtering some software actually has a database that is
Updated via online sources that identify know rouge hosts and block your browser from surfing to that
4.) Keep your browser up to date
5.) Do use the administrator account if you are logged in as administrator you leave yourself open to even more attacks as rouge software can exploit the privileges you are logged in with instead login as a user that has no rights to install software which adds another layer of security
6.) Beware of the sites you surf to make sure to surf to trusted websites
7.) use a webrep plugin for instance avast has a webrep software that when you do a google search can cross reference each link to a database to see of the link is on a black list similar to a web filtering software but its runs a recheck before you even click on the link rather than after
8.) Run anti-spyware software
9). disable scripting in your web browser for example no script for Firefox does not allow scripts to run in the background and require you to run each script manually this can also be a pain
All in all the idea to stop these types of attacks are common sense and making sure you have up to date software and making sure to have the most basic of protection
That’s all for now
Until next time stay secure!!!
And as always if you have any questions/comments /suggestions please let me know!
With the popularity of free public WIFI new precautions need to be taken when using your mobile device on the road free public wifi is a great public service but it can come with severe security risks
In this post I will show you how to protect your connection on a public wifi connection using free and paid for vpn services
To setup up a vpn connection you can use one of two ways
1.) Sign up for a VPN service
2.) Host your own VPN server or VPN router
But before we go into how to do it lets go over some of the security risks you can be exposed to when using a public wifi network
some of the security risks you would find on a public wifi is a lack of security measures to prevent accounts mac spoofing , packet sniffing for example since all of the computers are on the same broadcast domain and are all on the same network a hacker with a packet sniffer would be able to scan the open unencrypted wifi connection for packets over the air for example an application called driftnet would allow an attacker to scan the air for an open wifi connection and listen for tcp streams to contain jpeg images and display the content in a terminal window for the hackers viewing
Worms’s hackers with a laptop or device that hosts a worm can spread the worm and its payload through the network and infect the hosts attached to the network
Router security if you go to a small mom and pop cafe that is offering free wifi by simply ordering an internet connection and using a store bought router with default settings which happens more than you might think could allow an attacker to take it upon themselves to setup rouge dns server in the routers dhcp settings and would make all hosts connect to the infected dns servers which can then be used to hijack unsuspecting users connection and redirect to phishing website and malware sites etc. also a hacker can redirect certain networks and poison the routers routing table
VoIP security if you make a VoIP call it can be possible for an attacker to packet sniff on the wifi connection and record you voip call if your voip is unencrypted
The above are the most common there are of course may other threats that a host can be susceptible to on a public wifi connection
How does VPN secure my connection?
Vpn technology provided a virtual connection between your computer and you network a virtual encrypted tunnel is established over the internet which can be encrypted in many ways the most popular of ways are
PPTP encryption or IPsec VPN is a client server type connection which means that some servers require their own client software in order to connect for example OPENVPN uses its own client software tp connect but some vpn server don’t require a separate client software usually if you use l2tp windows/Linux/mac have a vpn client built in that is compatible with this type of connection
With a VPN connection your computer is essentially put on the network the vpn is hosted on which means you can access all of the networks resources for example shared drivers and printers
as the vpn connection is encrypted all of the traffic to and from the network and the host cannot be intercepted if you were to use a packet sniffer to sniff out a computer using vpn all you would see is l2tp traffic no matter what the traffic really is for instance if you were ion a VoIP call the the sniffer would not see the call in progress which is very useful in protecting yourself over a public network also if for instances someone did hijack the public wifi routers dns you would not be affected as the dns servers you would be using would be the ones on your network and not the public networks
How to use VPN
Ok so now we know public wifi is not safe and now we know how to protect ourselves let’s put it into practice
1.) subscribing to a vpn service
This way is the simplest of all however you lose on the benefits of accessing your home/business networks
Resources like your shared drives but you gain the aspect of speed and resilience of the company’s vpn servers
some of these services need their own client software to be installed I have personally used hide my ass and blacklogic with hide my ass you dont need software installed in order to use it and they have been very stable when i have the need to use it i have since moved on to hosting my own vpn
setup cisco ios router as vpn server
setup windows 7/vista as a von server
setup openvpn for windows/linux
the first way i feel if you have a cisco router using ios for your gear as i do is the best way
your router is serving 2 purposes for you in the same device and is fairly easy to setup follow these commands to setup a vpn server on your cisco ios router
vpdn enable << enables vpn service
vpdn-group 1 << creates a vpn group
accept-dialin << accept incoming vpn connections
protocol pptp << enables the pptp encryption type
ip local pool VPN ip pool 192.168.1.10 192.168.1.15 << allows 5 vpn connections at one time
interface virtual-template 1
peer default ip address pool test
ip unnumbered FastEthernet0/0 <<< use your wan interface
ppp encrypt mppe auto
ppp authentication pap chap ms-chap
Username your username password your password << create a vpn username/password combo
Use windows 7 as a vpn server
you can follow this YouTube video which illustrates this
Use open vpn as a vpn server
Things to remember when hosting your own vpn server
while hosting your own vpn server is an awesome way to gain experience in managing vpn services and the accomplishment of setting up something yourself for free in most cases you also need to know that your connection speed can hinder your performance and in some cases it would be better to sign up for a paid for service if you have less that 1mbps upload your internet connection when using the vpn connection will be slow because the information would need to be sent from your network to your device and if your upload is slow your connection can be hindered this may not be noticeable if all your doing is surfing the net though so i would definitely give it a try first
Thats all for this post
if your have any questions/comments/suggestions
please let me know
till then stay secure !!!
A blog for Helping users and professionals with their security questions and challanges !