Experiencing connection problems and slow transfer of data may occur at any given time for most networks. While most would immediately identify the network cards, computers, cabling or network configuration at first, the presence of unknown processes of the operating system or possible intrusions such as DOS or Ping attacks can also be considered as possible factors for the deteriorating speed issues for network administrators.

Such instances are only normal, especially for wide area networks, or networks exposed to the Internet. The mischief caused by such people can be expected, especially for people who love to try their talent in hacking and network intrusions. The prize of which is that of creating discomfort and headaches for companies that thrive on networks for business and profit.

While there are network monitors available, it would be best to get the best firewall software there is today. Some do not value the firewalls and their use until such issues arise, but just like the war on terrorism, it would be best to take on security measures before they occur to avoid bigger problems once their mischief succeeds.

Tags: IT Security Basics, Network Security, Operating Systems, Physical Security, Programming, Real-World Issues, Security Policies, Wireless Security

Categories: IT Security Basics, Network Security, Operating Systems, Physical Security, Programming, Real-World Issues, Security Policies, Wireless Security

Comments Off

The complete commands and processes to which a computer operates cannot be covered in a day nor will be remembered in one sitting. Ideally, only the important things for consideration such as that of user friendly commands to allow proper interface between the computer and the user behind the keyboard will always be the only know-how that would remain.

Computer operating systems such as Linux and Windows offer a wide variety of benefits for people, especially in maximizing the capabilities of a computer and the installed software. Speed and reliability are among the important aspects that computer owner will always want and to be able to perform them, proper identification and references would need to be researched on.

It is a given that most people would not spend time studying all the aspects of a computer system. However, there will be instances when such accidental discoveries from exploring the computer operating system and its resources would ignite interest and push a person into further exploring information surrounding the issue and perhaps look at other benefits that operating systems provide but are not given much attention.

[tags]windows, linux, secrets, system hints, system resources[/tags]

Tags: Cryptography, IT Security Basics, linux, Operating Systems, Programming, secrets, system-hints, system-resources, Tips, windows

Categories: Cryptography, IT Security Basics, Operating Systems, Programming, Tips

Comments Off

Day-in and Day-out, people surf the web for possible downloads in the form of drivers, security stand alone cleaners, and free programs that will help them in their specific needs. One drawback is the potent threats and reliability of such sites since everyone is aware that such malicious Spyware or Trojans may be present in these programs which are usually compressed in zip files prior to free downloading.

Majorgeeks.com is one site that contains a lot of the helpful tools to aid computer users in their everyday issues and improvements for their overall operating system and performance. One notable thing that most users are aware about is that of intrusions in their system from the usual cookies and attachments that people get from the Internet. With the mischief going around, no one really knows how safe their computer is and what files are needed and not on their hard drives.

Tags: IT Security Basics, Malware, Network Security, Programming, Review, Spyware, Storage, Tips

Categories: IT Security Basics, Malware, Network Security, Programming, Review, Spyware, Storage, Tips

Comments Off

Most software tools that are used today are not perfect. Weaknesses and loopholes that may encounter system operation conflicts and problems will only be natural, especially for programs that are either not immediately compatible or are prone to breakdowns every now and then. The need for a continuous development as far as applying patches and updates towards such software, such as programming languages and operating systems like Windows and Linux, is a necessity.

This is only normal considering that chinks in the armor of anything will always be revealed at times when people least expect it. This is a continuing and ongoing trend that all software developers and administrators need to attend to, considering that as the height of demand for accurate programs are increasing, the same holds true for the need to provide features and flexibility on the programming aspect of installed systems for smooth flow of automations in most business organizations and entrepreneurial undertakings.

[tags]programmer, patch updates, systems, operating system, windows, linux [/tags]

Tags: IT Security Basics, linux, Operating Systems, operating-system, patch-updates, programmer, Programming, Security Policies, Storage, systems, Tips, windows

Categories: IT Security Basics, Operating Systems, Programming, Security Policies, Storage, Tips

Comments Off

Anyone would often be advised to regularly change his password in any access points such as e-mails, log on servers and websites. Reason for this is to increase the need for security as far as gaining access and safeguarding files and pertinent information that is usually stored.

With the large number of hackers that have been cropping up one by one, various means to steal passwords,also known as phishing, or hack accounts have been their main course of action. While some would disregard such acts, the real pain begins once important messages, attachments and relevant information are tampered. True that some would not need to change passwords regularly, but just to be on the safe side, it is best to maintain a regular schedule of updating password security and make it a combination of numbers and letters to establish a more secure and harder way of being cracked or accessed by anyone today.

[tags]password theft, passwords, hacking, cracks, codes, security[/tags]

Tags: codes, cracks, Cryptography, hacking, IT Security Basics, Network Security, password-theft, passwords, Programming, Real-World Issues, security, Security Policies

Categories: Cryptography, IT Security Basics, Network Security, Programming, Real-World Issues, Security Policies

Comments Off

Electronic mail has become the buzz of the town in recent years and while some use e-mail as a means of cheaper and faster ways of sending messages and files over the Internet, it cannot be discounted that some use e-mail as a form of exploit as well, by send unrecognized files to various recipients who in the same way may not know the harmful effects that such files would bring to their personal workstations.

While there are various means of supplying computer protection such as firewalls and anti-virus protection for single and networked computers, some harmful file just tends to get past them. That is why there are specific softwares used for specific infections, particularly the Trojan developed files that do their work unnoticed.

So the next time you get mail from someone who has an attachment with questionable file name extensions, better think twice before clicking or opening it. It may cause more pain than enjoyment in most cases.

[tags]spyware,malware,trojans,security[/tags]

Tags: IT Security Basics, Malware, security, Security Policies, Spyware, Tips, trojans

Categories: IT Security Basics, Malware, Security Policies, Spyware, Tips

Comments Off

With the vast number of viruses and spyware that most people contract in their everyday exposure to the web, the need for consistent and reliable anti-virus protection software is the foremost concern of most people. To date, the awareness for such deceiving acts done over the Internet without the user even noticing it is rampant. Such viruses have caused discomfort and havoc in more cases than one and it has been the battle cry of most security software developers to adhere and answer such miscues that usually occur everyday.

[tags]malware, spyware, virus, security, anti-virus[/tags]
Network and workstation security has always been the subject of most people, especially the vulnerability that most computer stations are prone to. Updates and patches are usually the way to update reliable anti-virus software partners, but in most cases, there will always be a loophole to which hackers and advanced technology harassers would be able to come up with. Hence the needs to find a reliable software partner that can truly protect a workstation from such harmful intrusions evolve and change in time. It is just a matter of being up to date with regards to their reliability and efficiency in providing a safe surfing and exposure level once they are logged on to the World Wide Web.

Tags: anti-virus, IT Security Basics, Malware, Network Security, Programming, Real-World Issues, security, Security Policies, Spyware, virus

Categories: IT Security Basics, Malware, Network Security, Programming, Real-World Issues, Security Policies, Spyware

Comments Off

At the rate that hackers and more people are becoming wiser as far as discovering technology and its flaws today, the best way is to have ready back-up procedures for databases and important documents and spreadsheets just in case of system intrusion and crashes. While it is true that most companies are continuously developing software to be able to limit such malicious intentions, it cannot be discounted that the safest way is to have ready back-ups which can be easily restored at any time of their liking.

The question is when to back-up and what to back up. For most people, backing up periodically is the common practice. But for more important documents and reference materials, archiving them as often as possible is the safest way to be sure. People should not wait for the last minute to back-up their files since with the fast pace of technology comes the fast pace development of hackers today.

[tags]backup,archiving,network security[/tags]

Tags: archiving, backup, Backups, IT Security Basics, Network Security, Security Policies, Storage, Tips

Categories: Backups, IT Security Basics, Network Security, Security Policies, Storage, Tips

Comments Off

802.11 Wired Equivalent Privacy (WEP) doesn’t provide enough security for most enterprise wireless LAN applications. Because of static key usage, it’s fairly easy to crack WEP with off-the-shelf tools. This motivates IT managers to use stronger dynamic forms of WEP.

The problem to date, however, is that these enhanced security mechanisms are proprietary, making it difficult to support multi-vendor client devices. The 802.11i standard will eventually solve the issues, but it’s not clear when the 802.11 Working Group will ratify the 802.11i standard.

As a result, the Wi-Fi Alliance has taken a bold step forward to expedite the availability of effective standardized wireless LAN security by defining Wi-Fi Protected Access (WPA) while promoting interoperability. With WPA, an environment having many different types of 802.11 radio NICs, such as public hotspots, can benefit from enhanced forms of encryption.
Inside WPA

WPA is actually a snapshot of the current version of 802.11i, which includes Temporal Key Integrity Protocol (TKIP) and 802.1x mechanisms. The combination of these two mechanisms provides dynamic key encryption and mutual authentication, something much needed in WLANs.

As with WEP, TKIP uses the RC4 stream cipher provided by RSA Security to encrypt the frame body and CRC of each 802.11 frame before transmission. The issues with WEP don’t really have much to do with the RC4 encryption algorithm. Instead, the problems primarily relate to key generation and how encryption is implemented.

TKIP adds the following strengths to WEP:

48-bit initialization vectors. WEP produces what’s referred to as a “keyschedule” by concatenating a shared secret key with a randomly-generated 24-bit initialization vector (IV). WEP inputs the resulting keyschedule into a pseudo-random number generator that produces a keystream equal to the length of the 802.11 frame’s payload. With a 24 bit IV, though, WEP eventually uses the same IV for different data packets. In fact, the reoccurrence of IVs with WEP can happen within an hour or so in busy networks. This results in the transmission of frames having encrypted frames that are similar enough for a hacker to collect frames based on the same IV and determine their shared values, leading to the decryption of the 802.11 frames. WPA with TKIP, however, uses 48-bit IVs that significantly reduce IV reuse and the possibility that a hacker will collect a sufficient number of 802.11 frames to crack the encryption.

Per-packet key construction and distribution. WPA automatically generates a new unique encryption key periodically for each client. In fact, WPA uses a unique key for each 802.11 frame. This avoids the same key staying in use for weeks or months as they do with WEP. This is similar to changing the locks on a house each time you leave, making it impossible for someone who happened to make a copy of your key to get in.

Message integrity code. WPA implements the message integrity code (MIC), often referred to as “Michael,” to guard against forgery attacks. WEP appends a 4-byte integrity check value (ICV) to the 802.11 payload. The receiver will calculate the ICV upon reception of the frame to determine whether it matches the one in the frame. If they match, then there is some assurance that there was no tampering. Although WEP encrypts the ICV, a hacker can change bits in the encrypted payload and update the encrypted ICV without being detected by the receiver. WPA solves this problem by calculating an 8-byte MIC that resides just before the ICV.

For authentication, WPA uses a combination of open system and 802.1x authentication. Initially, the wireless client authenticates with the access points, which authorizes the client to send frames to the access point. Next, WPA performs user-level authentication with 802.1x. WPA Interfaces to an authentication server, such as RADIUS or LDAP, in an enterprise environment. WPA is also capable of operating in what’s known as “pre-shared key mode” if no external authentication server is available, such as in homes and small offices.

An issue that WPA does not fix yet is potential denial of service (DoS) attacks. If someone, such as a hacker or disgruntled employee, sends at least two packets each second using an incorrect encryption key, then the access point will kill all user connections for one minute. This is a defense mechanism meant to thwart unauthorized access to the protected side of the network.

You will be able to upgrade existing Wi-Fi-compliant components to use WPA through relatively simple firmware upgrades. As a result, WPA is a good solution for providing enhanced security for the existing installed base of WLAN hardware.

The eventual 802.11i standard will be backward compatible with WPA; however, 802.11i will also include an optional Advanced Encryption Standard (AES) encryption. AES requires coprocessors not found in most access points today, which makes AES more suitable for new WLAN installations.

Tags: IT Security Basics, Network Security, Real-World Issues, Security Policies, Storage, Tips, Wireless Security

Categories: IT Security Basics, Network Security, Real-World Issues, Security Policies, Storage, Tips, Wireless Security

Leave a Comment

A virtual private network (VPN) is the extension of a private network that encompasses links across shared or public networks like the Internet. A VPN enables you to send data between two computers across a shared or public internetwork in a manner that emulates the properties of a point-to-point private link. The act of configuring and creating a virtual private network is known as virtual private networking.

To emulate a point-to-point link, data is encapsulated, or wrapped, with a header that provides routing information allowing it to traverse the shared or public transit internetwork to reach its endpoint. To emulate a private link, the data being sent is encrypted for confidentiality. Packets that are intercepted on the shared or public network are indecipherable without the encryption keys. The portion of the connection in which the private data is encapsulated is known as the tunnel. The portion of the connection in which the private data is encrypted is known as the virtual private network (VPN) connection.

VPN connections allow users working at home or on the road to connect in a secure fashion to a remote corporate server using the routing infrastructure provided by a public internetwork (such as the Internet). From the user’s perspective, the VPN connection is a point-to-point connection between the user’s computer and a corporate server. The nature of the intermediate internetwork is irrelevant to the user because it appears as if the data is being sent over a dedicated private link.

VPN technology also allows a corporation to connect to branch offices or to other companies over a public internetwork (such as the Internet), while maintaining secure communications. The VPN connection across the Internet logically operates as a wide area network (WAN) link between the sites.

In both of these cases, the secure connection across the internetwork appears to the user as a private network communication—despite the fact that this communication occurs over a public internetwork—hence the name virtual private network.

Tags: IT Security Basics, Network Security, Privacy-&-Anonymity

Categories: IT Security Basics, Network Security, Privacy & Anonymity

Comments Off