If you are using Linux and you have been wondering what you can use to make your system secure via a firewall, you could try out tools with graphical user interface and all those other stuff. In any case, there’s also another method: using iptables.

What are iptables?

iptables are used by system administrators in creating rules for packet filtering, as well as NAT modules. It might seem a little too weird for those who have not much experience on the command line but this is essential so that people would be able to make sure that they are secure, especially if they are connected. Sometimes you never know what’s going on in the background, right? But with tools like this, you’d manage.

There are different states of connection and the nice thing about iptables is that it monitors the state of the connection. It could do redirects and modify or stop data packets. Because of its ability to detect the state of the connection, it is considered as better compared to ipchains.

Making rules

The system administrator makes the rules for the iptables. These rules determine how to deal with network packets. They are grouped into chains.

a. filter table – For filtering packets, obviously.
b. nat table – This sets up how rewriting ports and packets.
c. mangle table – Does it sound terrible? Mangle? But as the name implies, there is some mangling involved because it adjusts packet options.

The thing about these chains, these rules is that the packets that go through these chains would be evaluated according to the rules.

As one of the people I know have told me, you must make sure that you check out the settings of your computer first. Before you even think about downloading anything, make sure you are not vulnerable to some attacks that could happen. Make sure that the important ports are closed and that you’re in stealth. Stay tuned for more IT security tips and news to help you in your everyday life.

Tags: computers, IT Security Basics, Network Security, networking, security

Categories: IT Security Basics, Network Security

Comments Off

In every office, you have to have some policies when it comes to sharing of files and downloading of files. Why? For one thing, those computers are the company’s resources. And it should be that during work hours, people ought to limit their downloads except for materials that are necessary for their work to get done.

How do you formulate your policies when it comes to these matters?

If you are working in a creative environment, anything could be used as your inspiration. That is why there are companies who allow surfing within office hours and it does not really matter what sites you visit. Although some of them do block some sites that are mainly of the personal nature like Friendster, My Space and other similar sites. There are also some that ban blogging services like Blogger. They would even issue memos regarding the matter.

If you work in a strictly confidential project, it would be difficult to try to make sure that nothing leaks out. If you are connected via the Internet, chances are your works could be intercepted in one way or another by hackers. So you have to be careful that you have firewall activated. As others would say, just block off everything except interoffice email.

Employees must be briefed carefully so that they will not be surprised in case they were surfing the ‘net one time and they find out that there are blocked sites. Also, you have to make sure you observe how the employees work. Those in the financial business would have to guard a lot of information. They would have to ensure that the employees understand the policies and that they would follow them in order to ensure that everything will be secure. After all, it is better to be safe than sorry. You would not want to lose your valuable clients.

Tags: internet, office, Real-World Issues, security, Security Policies, work

Categories: Real-World Issues, Security Policies

Leave a Comment

Living at home means that you have to share your computer with other people. In some companies, people also share workstations in case that they have different work shifts. In any case, it is important for you to make sure that your files are safe. Especially those that you use for work and those that contain confidential information.

Here are some tips for you:

• Make sure you are using a password that is not easy to guess.
  If people know you well enough, they could probably figure out what password you will use. People tend to use passwords based on words, names and dates that important to them. Examples are pets‘ names and anniversaries. If you do this, chances are those who know you will be able to log in your computer using your account. Try changing your passwords every so often and make sure that they will be easy for you to remember but difficult to guess. Think of some cipher for it.
• Set permissions on your files and directories.
  You could set that your files and directories will only be accessible to you. Do a chmod on them. Then again, whoever has root access will be able to get through. Maybe it would be easy for you to do this if you are the one with root access.
• Protect your files with passwords.
  Although not everyone agrees with this, some people do this for their own sake. They feel better to have password protected files. A drawback, of course, is that if it has a difficult password to remember, you might as well have deleted your files.
• Log out of your account or profile.
  If you have set your file permissions that you are the only one who can view, edit and execute the files, it will be pointless if you don’t log out. When you are the one who is still logged on, you leave your entire session open for intrusion.

Hopefully these tips have helped you deal with some of your dilemmas with regards to sharing your computer with other users.

Tags: computers, General, IT Security Basics, omputers, people, Privacy-&-Anonymity, Real-World Issues, security, Tips

Categories: General, IT Security Basics, Privacy & Anonymity, Real-World Issues, Tips

Leave a Comment

To date, Facebook is perhaps the most successful and widespread social networking site. It has transcended age and race, and practically everyone I know has an account. It has so much to offer, hence the amount of time that the average person spends on Facebook has skyrocketed in the past months. Even businesses and employers use Facebook to make their presence felt online!

But in spite of the allure and usefulness of Facebook, it does have some security issues. All the information that one enters can be accessed by the site AND its third party partners. With each application a user “allows,” his information is accessed, probably even shared with others. Unless a user changes the default privacy settings, practically anyone can access his information. This is something that not everyone really thinks about.

But the Canadian government found these issues important. In fact, the pressured Facebook to create some changes with regard to security. Thanks to them, several tweaks have been enacted. PCWorld featured this move and outlined the fixes.

One, Facebook had to fix the way applications access users data:

Apps will have to tell the user what information it wants and get express consent from the user beforehand. Information will be split into categories, which the user can check off before installing. Developers will also have to explain how that personal data will be used.

Two, what happens to a user’s information if he deactivates his account?

Users will be given an option to either deactivate or delete their accounts. Upon deactivation, they’ll be notified of the option to delete, and can elect to do so should they want all their data gone for good.

Three, what will happen to your account if you die?

Facebook will explain in its privacy policy what happens to an account after its owner passes away.

My thoughts – one and two are quite valid. Three, I am not so sure. You’ll be dead, why would you care? In any case, I wonder if Facebook will apply these fixes to the whole system or just for their Canadian users?

Tags: facebook, privacy settings, security, Social Networking, web sites

Categories: News, Privacy & Anonymity, Real-World Issues

Leave a Comment

One click is all it takes to be infected and for the avid PC user, it would be wise to make sure that you look before you click. Malware issues can come in different forms like:

1. Emails
2. Popups
3. Links via Instant Messaging

In fact, even if you know the person who sent you the link, you cannot entirely rely on your relationship and trust with them as the main reason for clicking on the link. This was done before but today, people have to be aware that there are some accounts that can be easily hacked or even impersonated.

Much of these issues have plagued us through the years. Some have had their share of problems dealing with Malware and Trojans. They are different from viruses but sometimes, they can do more harm compared to the traditional viruses.

Even having anti-virus or anti-spyware protection is not guarantee from being contaminated with them. Remember, a click is all that it takes and all hell will break loose. For most, it is easy to remedy since they can reformat their computer. But think about the files you may lose from the moment you click on these links.

It may be hard to save these files since chances are they have already been infected. With that said, your files and PC are practically good as dead. So the moral of the lesson is, don’t be trigger happy with clicking. You are just raisin the stakes of being infected by doing so.

Tags: Malware, security, Spyware, trojans

Categories: Malware, Spyware

Leave a Comment

For most companies, the computer room where the company servers containing the delicate data originating from daily transactions is the most important place in the office. So while the people here are trying to figure out ways to safeguard these servers, it would be likewise important to consider external security measures such as placing locks and monitoring the activities with the use of spy cams.

Why is this important? The right question should be geared on how well do you trust you IT personnel. Evaluate their personality and see the extent to which they may betray the company and place operations in jeopardy. This not of course to discredit them but in reality, a lot of people use their knowledge and access as leverage towards being able to command salaries and money-related deals that many of us know as blackmail.

Also, physical intrusion is always a possibility. No matter how secure your area would be, it can be breached at anytime if you do not address the right measure to make it harder for them to gain access to the computer room. In short, the harder it is to get in to you computer room, the better it is. This only means you have prepared on the physical aspect of securing your IT area which is a good approach the sake of safeguarding hardware and data.

Tags: Physical Security, security, spycams

Categories: Physical Security, Real-World Issues

Leave a Comment

If you are in charge of network security, one thing you may want to consider as far as laying down the law in safeguarding your network is the regular change of user passwords to avoid potential hackers and cracks based on how their passwords can be easily guessed.

For some users, it is easy to figure out their passwords. The normal passwords that people use include:

1. Birthdays
2. Anniversaries
3. Car Plate Numbers
4. Mobile Phone Numbers
5. Adding 123 to their names, or
6. Using “PASSWORD” as their password

Now there will be a lot of potential combinations depending on the length of the password. That is why the longer passwords (8 alphanumeric characters) are encouraged for users who access the network.

But while the probabilities of guessing or cracking passwords offer a lot possibilities, employing a regular maintenance as far as changing them is indeed something ideal to combat these hackers or malicious people from gaining access to the network and the programs in use.

Once cannot avoid the fact that some people’s curiosity and call for fame are the main reasons for wanting to be a hacker or code cracker. It is evident in people who are looking to try out their skill. They don’t think of the outcome which can cause a lot of problems.

So one good tip to avoid being hacked is to think like one. Once you do, think of security policies that can make it hard for you to breach a system. That is the best way to stay efficient in your line of duty in any organization.

Tags: network, passwords, security, systems

Categories: IT Security Basics, Network Security, Security Policies

1 Comment

Emails are supposed to make life easier but sometimes, it may be wise to choose who you give out your email to. Today, a lot of mischief can be done and normally this comes in forms of email attacks or email bombs. In such scenarios, don’t be surprised if you find your email downloading hundred to a thousand emails in one sitting. That is not the best part. You would be lucky if this was done only once since others would schedule it daily.

Why do they do it? One is for trials of these foolish software and the other can perhaps be for malicious reason. It is a fact that while many people on the web cannot be harmed physically, they can create headaches for you in the form of discomforts from the privileges you get from the web. One of the main elements an online user would need to use is his email and by doing these email attacks, it burdens the person on how to get important information usually sent through the web.

One cannot avoid such instances. But the best way to prevent it is to choose the people you give it too. For people you meet on the web, it would be wise to use free mail accounts from Gmail or Yahoo over your personal one. Avoid the troubles of such since it will not only be a discomfort, but a forgettable experience as well.

Tags: emal, explosion, security, spam

Categories: IT Security Basics, Malware, Security Policies, Spyware, Tips

Leave a Comment

If you are apprehensive regarding the competence of your current anti-virus software, do not fret. You can replace it with another one as long as you want but eventually you will grow tired of choosing which is really reliable. With that said, what would be a good alternative?

Online scanning has been around and while many don’t trust them, at least there is a separate device that can thoroughly check your computer and see if there are issues as far as viruses and malware is concerned. For sure, you will be getting reports on which files may need scrutiny. There will be definitely some high risk files, normally found in the cookies or temporary Internet folder, that can be detected.

Now comes the hard part. When they detect these malicious files, they can clean it as well. But before that happens, you have to pay them a hefty sum to do it. The scanning part is the freebie, it is the cleaning that will really cost you.

It is a familiar site we see from trialware software. Before you can enjoy the full protection, you have to register and pay for it. The same is the concept of online scanning services. Panda Software, McAfee and so on have been offering this service and they are surely better and safer.

Accuracy is not a problem. You can even see for yourself by basing the performance after it has been cleaned. You may be surprised to find that your computer operates faster than before. Perhaps because the malicious files are gone which are slowing your computer? You Bet!

Tags: online scanning, panda, security

Categories: IT Security Basics, Malware, Network Security, Security Policies, Tips

2 Comments

Perhaps the leading software companies of Kaspersky and AVG have finally gotten sick of being ripped off. If you will notice today, they have tightened their main flagship carrier, the virus definition updates and unless you have a truly certified copy, you will be blocked from enjoying the actual usefulness of the software for full-protection against viruses and Trojans online.

Apparently, some online users have used other mediums to be able to download and wisely crack full versions of anti-virus software. But while the program is easily downloadable, unless you have proper virus definitions, you are not really that protected. In fact, they are just additions to your system to which you may eventually be better off without them due to the load that they carry.

Download agents like file-sharing online has become a good source for most. Torrents are famous for this but this includes being susceptible to malware and Trojans, files familiar if you are fond of getting them free. These said files come complete with cracks and serial code generators, initially making users believe that they saved a lot of money from the official and licensed versions.

But today, you may see that certain updates are monitored and while you may have more than one serial for full version capability, you will be eventually blocked by their network, showing you that your serial has been blacklisted and place you in the trial version state.

Anti-virus protection is important. But to get supreme protection, you have to pay for it. So if you want to worry free protection, it would be best to get the licensed version. Say goodbye to the freebies and of course the Trojans.

Tags: anti-virus, security, software, updates, virus definition files

Categories: IT Security Basics, Network Security, Spyware

1 Comment