Day-in and Day-out, people surf the web for possible downloads in the form of drivers, security stand alone cleaners, and free programs that will help them in their specific needs. One drawback is the potent threats and reliability of such sites since everyone is aware that such malicious Spyware or Trojans may be present in these programs which are usually compressed in zip files prior to free downloading.

Majorgeeks.com is one site that contains a lot of the helpful tools to aid computer users in their everyday issues and improvements for their overall operating system and performance. One notable thing that most users are aware about is that of intrusions in their system from the usual cookies and attachments that people get from the Internet. With the mischief going around, no one really knows how safe their computer is and what files are needed and not on their hard drives.

Tags: IT Security Basics, Malware, Network Security, Programming, Review, Spyware, Storage, Tips

Categories: IT Security Basics, Malware, Network Security, Programming, Review, Spyware, Storage, Tips

Comments Off

Most software tools that are used today are not perfect. Weaknesses and loopholes that may encounter system operation conflicts and problems will only be natural, especially for programs that are either not immediately compatible or are prone to breakdowns every now and then. The need for a continuous development as far as applying patches and updates towards such software, such as programming languages and operating systems like Windows and Linux, is a necessity.

This is only normal considering that chinks in the armor of anything will always be revealed at times when people least expect it. This is a continuing and ongoing trend that all software developers and administrators need to attend to, considering that as the height of demand for accurate programs are increasing, the same holds true for the need to provide features and flexibility on the programming aspect of installed systems for smooth flow of automations in most business organizations and entrepreneurial undertakings.

[tags]programmer, patch updates, systems, operating system, windows, linux [/tags]

Tags: IT Security Basics, linux, Operating Systems, operating-system, patch-updates, programmer, Programming, Security Policies, Storage, systems, Tips, windows

Categories: IT Security Basics, Operating Systems, Programming, Security Policies, Storage, Tips

Comments Off

At the rate that hackers and more people are becoming wiser as far as discovering technology and its flaws today, the best way is to have ready back-up procedures for databases and important documents and spreadsheets just in case of system intrusion and crashes. While it is true that most companies are continuously developing software to be able to limit such malicious intentions, it cannot be discounted that the safest way is to have ready back-ups which can be easily restored at any time of their liking.

The question is when to back-up and what to back up. For most people, backing up periodically is the common practice. But for more important documents and reference materials, archiving them as often as possible is the safest way to be sure. People should not wait for the last minute to back-up their files since with the fast pace of technology comes the fast pace development of hackers today.

[tags]backup,archiving,network security[/tags]

Tags: archiving, backup, Backups, IT Security Basics, Network Security, Security Policies, Storage, Tips

Categories: Backups, IT Security Basics, Network Security, Security Policies, Storage, Tips

Comments Off

802.11 Wired Equivalent Privacy (WEP) doesn’t provide enough security for most enterprise wireless LAN applications. Because of static key usage, it’s fairly easy to crack WEP with off-the-shelf tools. This motivates IT managers to use stronger dynamic forms of WEP.

The problem to date, however, is that these enhanced security mechanisms are proprietary, making it difficult to support multi-vendor client devices. The 802.11i standard will eventually solve the issues, but it’s not clear when the 802.11 Working Group will ratify the 802.11i standard.

As a result, the Wi-Fi Alliance has taken a bold step forward to expedite the availability of effective standardized wireless LAN security by defining Wi-Fi Protected Access (WPA) while promoting interoperability. With WPA, an environment having many different types of 802.11 radio NICs, such as public hotspots, can benefit from enhanced forms of encryption.
Inside WPA

WPA is actually a snapshot of the current version of 802.11i, which includes Temporal Key Integrity Protocol (TKIP) and 802.1x mechanisms. The combination of these two mechanisms provides dynamic key encryption and mutual authentication, something much needed in WLANs.

As with WEP, TKIP uses the RC4 stream cipher provided by RSA Security to encrypt the frame body and CRC of each 802.11 frame before transmission. The issues with WEP don’t really have much to do with the RC4 encryption algorithm. Instead, the problems primarily relate to key generation and how encryption is implemented.

TKIP adds the following strengths to WEP:

48-bit initialization vectors. WEP produces what’s referred to as a “keyschedule” by concatenating a shared secret key with a randomly-generated 24-bit initialization vector (IV). WEP inputs the resulting keyschedule into a pseudo-random number generator that produces a keystream equal to the length of the 802.11 frame’s payload. With a 24 bit IV, though, WEP eventually uses the same IV for different data packets. In fact, the reoccurrence of IVs with WEP can happen within an hour or so in busy networks. This results in the transmission of frames having encrypted frames that are similar enough for a hacker to collect frames based on the same IV and determine their shared values, leading to the decryption of the 802.11 frames. WPA with TKIP, however, uses 48-bit IVs that significantly reduce IV reuse and the possibility that a hacker will collect a sufficient number of 802.11 frames to crack the encryption.

Per-packet key construction and distribution. WPA automatically generates a new unique encryption key periodically for each client. In fact, WPA uses a unique key for each 802.11 frame. This avoids the same key staying in use for weeks or months as they do with WEP. This is similar to changing the locks on a house each time you leave, making it impossible for someone who happened to make a copy of your key to get in.

Message integrity code. WPA implements the message integrity code (MIC), often referred to as “Michael,” to guard against forgery attacks. WEP appends a 4-byte integrity check value (ICV) to the 802.11 payload. The receiver will calculate the ICV upon reception of the frame to determine whether it matches the one in the frame. If they match, then there is some assurance that there was no tampering. Although WEP encrypts the ICV, a hacker can change bits in the encrypted payload and update the encrypted ICV without being detected by the receiver. WPA solves this problem by calculating an 8-byte MIC that resides just before the ICV.

For authentication, WPA uses a combination of open system and 802.1x authentication. Initially, the wireless client authenticates with the access points, which authorizes the client to send frames to the access point. Next, WPA performs user-level authentication with 802.1x. WPA Interfaces to an authentication server, such as RADIUS or LDAP, in an enterprise environment. WPA is also capable of operating in what’s known as “pre-shared key mode” if no external authentication server is available, such as in homes and small offices.

An issue that WPA does not fix yet is potential denial of service (DoS) attacks. If someone, such as a hacker or disgruntled employee, sends at least two packets each second using an incorrect encryption key, then the access point will kill all user connections for one minute. This is a defense mechanism meant to thwart unauthorized access to the protected side of the network.

You will be able to upgrade existing Wi-Fi-compliant components to use WPA through relatively simple firmware upgrades. As a result, WPA is a good solution for providing enhanced security for the existing installed base of WLAN hardware.

The eventual 802.11i standard will be backward compatible with WPA; however, 802.11i will also include an optional Advanced Encryption Standard (AES) encryption. AES requires coprocessors not found in most access points today, which makes AES more suitable for new WLAN installations.

Tags: IT Security Basics, Network Security, Real-World Issues, Security Policies, Storage, Tips, Wireless Security

Categories: IT Security Basics, Network Security, Real-World Issues, Security Policies, Storage, Tips, Wireless Security

Leave a Comment

Often we think of security in terms of applications that can be used to safeguard our data, but there can always be different approaches to the same problem. Encrypting the data in your hard drive may be the key to keeping it safe in these days of laptop theft.

Data encryption for hard drives can come in two forms. You can either use a software to encrypt your data, or have a drive that required password identification before gaining access to the files inside. The first method can be performed with a selection of open source and licensed software. The files are protected even when the Operating System is not on. This works in different ways. Some software create a virtual drive inside the hard drive to store the data. the virtual drive will take up an allotted amount of space in the drive, but it cannot be accessed unless the password or set of passwords have been given. This type of data encryption can also be performed on drives that had no form of security encryption originally like the computer you’re currently or even thumb drives.

Hard drives with encryption has been available for the past year, most often in the form of external drives that can be brought to different places and handled by more than one user. These hard drives operate with full encryption, where the data in the whole disk is encrypted. Some of them combine password identification with biometrics to give double security to the files inside them. These drives come with a chip containing special software that does the decrypting and encrypting without taking too much time. The problem with this method is that if the password is forgotten, the data can’t be recovered. Seagate had recently announced that they will be shipping hard drives with an improved full disk encryption they call DriveTrust on January. These two methods will protect the files in the hard drive, and it’s only a matter of choosing which suits you best.

[tags]data encryption, data, security, drive encryption[/tags]

Tags: Cryptography, data, data-encryption, drive-encryption, Privacy-&-Anonymity, security, Storage

Categories: Cryptography, Privacy & Anonymity, Storage

Comments Off

At Internet Security Systems Inc. (ISS) they have discovered fatal flaws in web conferencing products. The one from WebEx included. It is the first flaw that they have shared publicly. They are closely working with vendors so that they could patch it already.

The WebEx flaw
This flaw that was discovered could be used to run unauthorized software on a computer. It has something to do with the ActiveX component it uses. As such, it is imperative that those who use it update the software as soon as possible. If you are one who does not have automatic updates on, you could download the patch from the WebEx site itself.

For those who use VoIP regularly and are concerned with their data, flaws in the software used must be checked and patched immediately, if there are available ones. The possibility of an attacker to run unauthorized software on your own computer is terrible. It could different things which might compromise the integrity of the data on your computer.

The idea that there are security flaws which are yet undiscovered in VoIP is something that makes some companies reluctant to adopting the technology. That is why some companies are still waiting for it to become more secure and stable. The convenience of communicating via such software would be nice. The thing is that it might be more costly to do damage control, in case the time when it is necessary. Hopefully, other flaws will surface and be patched immediately.

Tags: IT Security Basics, Operating Systems, Programming, Real-World Issues, Storage

Categories: IT Security Basics, Operating Systems, Programming, Real-World Issues, Storage

Comments Off

Whether you are a home computer user, a blogger, a freelancer, an office employee, making backups is an important task that you ought to schedule. After all, you never know what will happen. That is the dilemma that we all have. The moment a computer virus hits our systems or maybe some natural disaster or maybe even theft of our hardware, we could lose every bit of data.

There are different needs for each case. Take freelancers, for example. If you think about it, they have different clients, peak season for projects, etc. If you are a freelancer, how do you make backups? I know someone who makes backups every month, just to make sure that the articles are all together. There are even checklists to make sure they are intact.

For some companies that are involved mainly with graphics, they make weekly backups. It is to make sure that when their clients look for the materials, they have them immediately. They burn the files on discs so that they are handy. Aside from that, there are also some companies that have dedicated file servers. In case you have a setup wherein people could save their files on to the servers, make sure that those are the important files which are critical for your operation. It might be difficult to create a policy for such but it’s the best way to go about it.

Backups are practical. There are also news about developments in terms of optical storage media so stay tuned. These new kinds of optical storage media would impact not only those who are heavily into downloading but more importantly, the ones who are making sure that the data could be recovered in case of a security breach.

[tags]security,storage[/tags]

Tags: Backups, IT Security Basics, Physical Security, security, Storage

Categories: Backups, IT Security Basics, Physical Security, Storage

Comments Off

Greg Schulz of Computerworld shared some guidelines of tape virtualization. Tape virtualization is one of the popular topics when it come to storage. Some of the said advantages of making virtual tape libraries would include improvement of the performance of the back up, archiving and other related processes and smooth transition (from tape-based to disk-based).

Here are the ten points he raised in his article:

1. Integration of VTL in your business continuity, conditions of your site/location.
2. Storage devices to be attached to the VTL.
3. Projected storage capacity needed in the future.
4. Backup, archiving, etc. software supported.
5. Support of differencing or single-instance repository capabilities.
6. Determine if you are looking for a turnkey solution.
7. Resiliency and redundancy needed.
8. Security level needed.
9. Tape device and library emulation for your environment.
10. Necessary changes to your current setup.

The questions he raised in his article really make you consider your needs and the conditions of your system. All these questions will help you evaluate if you would use virtualization. You cannot just decide right away if you will use VTL because it could affect your system in a major way.

It is always good to look at the possibilities before arriving at some decisions like this one. It is best to do a full study before you spend on it. One of the important things you also have to consider would be the people who would be in charge of this project in your company. Who will be the ones in charge of the study and the follow up in case you do push through with it. Your data will be at stake so it is better to be safe than sorry.

Tags: Backups, Physical Security, Storage, Tips

Categories: Backups, Physical Security, Storage, Tips

Leave a Comment