Category Archives: Security Software

Protecting your self online during the holidays !

Hello everyone

With the Christmas season in full swing that time of year where hackers and scam artists try to exploit the holiday season with new tricks to steal your identity and try their new scams here are some tips when shopping online

When shopping online

1.) Beware of too good to be true offers

this sounds like a simple one if you are online and reach a site you have not heard of before offering too good to be true prices like a Xbox one for 100$ when they are currently retailing for much more this should set off some red flags in your mind I would research the site your are on remember Google is your friend a quick search of the URL on Google will usually bring up reviews of that site

2.) Is the site secure

Checking for basic security features like HTTPS:// indicates the site is using a secure connection between you and the server does the server have a badge that shows its secure an example would be secured by verisign badge when you see this badge click it you should be brought to a page showing the registration info of the domain make sure it matches the site your on

3.) Forms of payment

What types of payment is the merchant looking for PayPal is a trusted source and usually offers buyer protection if the site is asking for credit card information I would strongly suggest to make sure you are on a HTTPS site during the transaction

Email security during the holidays

1.) Read over emails carefully if you don’t trust the sender click the mark as spam button and delete the email
2.) Don’t click any links that are embedded into the email
3.) if you receive offers via email make sure they check out again Google or the vendors website are good indications if the email is legit
4.) Keep passwords strong use 8 characters with upper and lower case and include at least a number and a special character

Tips for Securing your PC during online shopping

1.) Keep your antivirus up to date
2.) use anti-spyware software
3.) use browser plugin HTTPS everywhere which I have review on this site
4.) keep your web-browser up to date

Protecting your identity

1.) Don’t give you credit card to someone over the phone
2.) Monitor all accounts for abnormal transactions after purchases online
3.) Don’t post credit card information online

I hope this information is helpful to all online shoppers

If you have any questions leave them in the comments section below

Until next time stay secure !

DNS amplification attack …. What is it ?

Latley we have been seeing in the security news of a newer type of attack called ” DNS amplification attack” or what was know as a SMURF attack

How does it work ?

The attack works when a attacker finds a open dns server that accpets look ups from outside its network (aka misconfiguration) and spoofs the udp request to the DNS server to make it appear as it has originated from another IP for example

Attackers computer 1.1.1.1 send a DNS lookup to a misconfigured DNS server 2.2.2.2 but spoofs the source ip address to be of victims computer 3.3.3.3 the lookup data and traffic then get send to the victims computer which amplifies the amount of traffic as a lookup may bey about 30-60 bytes of data but a response to a dns lookup is larger

see in this example you run the following command

dig google.ca

gives you the following response

;; Query time: 52 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Aug 13 02:02:34 2013
;; MSG SIZE rcvd: 75

we see the received size of the request is 75 byte request so the original request traffic has now been amplified because the response traffic is greater than the source traffic

Mitigation …

Due to the nature of this attack there are only a few mitigation techniques and there is not a all in one solution

1.) One way that has been suggested is to filter DNS request from the untrusted network ( RED network ) to your internal LAN if you are not host a public DNS server you should be able to block and or filter DNS requests from entering your network you can do this either on your edge router or have your provider do this for you

2.) Black hole network

Another way you can mitigate this attack is having a separate segment on your network with a edgde router with a configure null interface you can through a routing protocol that can move the victims ip address to the non-production network

see example below

Screenshot from 2013-08-13 02:27:03

3.) Use webservices such as cloudfire which have networks that are built to protect webservers from DDOS attack now this only helps for attacks agains your webserver and not your LAN

4.) You can look over RFC 2827 with respect to ingress filtering

5.) Internet providers can employ source address verification using URF ( Unicast reverse path forwarding)
You can see this article which is great explanation on what can be done on the ISP side http://www.sanog.org/resources/sanog8/sanog8-ip-spoofing-akinori-maz.pdf

6.) Also another mitigation step would be to rate limit the amount of requests per ip to the dns server if the requests become more the allotted then the request should be dropped and or blocked

What can DNS server admins do ?

1.) Rate limit DNS responses to a single ip
2.) if you are not running a pubic dns server deny access from outside your network by using access-lists etc
3.) regularly tests your dns servers for security holes
4.) Use best practices for server management

In summary DNS amplification attacks can be a heavy hitter attack as the amount of eigress traffic that can be generated from only a small amount of ingress traffic is amazing

Until next time
Stay secure !

HTTPS everywhere webbrowser plugin

Hey Everyone !,

I thought I would do a review on this plug in available for most web browsers the plug in is called HTTPS everywhere

This plug in was created by the creators of the Tor network and the EFF what this plug in does is when you visit a HTTP website that supports HTTPS it will redirect the browsing session to the HTTPS part of the site which make your browsing more secure due to the fact that the session is now fully secure with the HTTPS protocol

now this wont work for every website as some websites may not have HTTPS enabled at all but it ads that peace of mind that you have a automated way to be as secure as possible at all times

Where can you get the plug-in ?
See links below

Here is the link for chrome

Firefox

this plugin can be useful for businesses and home users to protect thier experince online

have any thoughts of the plugin ?
Leave a comment and tell me what you think !

until next time
Stay secure !