For bloggers and writers, using pen names has been a normal scenario, some of which who would want to keep their identities apart for privacy reasons. While some would not care and would want to gain the due recognition for their work, it entirely depends on what the blog or composition is all about.

Privacy over the Internet is only normal. Who would want to be cited for something which may become a means of ruining their reputation online? Risky is the right term for most people, but upon voicing opinions, making a stand and living by what you believe in despite what critics may eventually say is something that people would want to be known for.

For sure, this may draw varied criticisms and comments, but the bottom line of it all is that it depends on how daring a person can get and up to what extent he is willing to push himself.

[tags]privacy online, identities, pen names[/tags]

Tags: identities, pen-names, Privacy-&-Anonymity, privacy-online, Tips

Categories: Privacy & Anonymity, Tips

Comments Off

Day-in and Day-out, people surf the web for possible downloads in the form of drivers, security stand alone cleaners, and free programs that will help them in their specific needs. One drawback is the potent threats and reliability of such sites since everyone is aware that such malicious Spyware or Trojans may be present in these programs which are usually compressed in zip files prior to free downloading.

Majorgeeks.com is one site that contains a lot of the helpful tools to aid computer users in their everyday issues and improvements for their overall operating system and performance. One notable thing that most users are aware about is that of intrusions in their system from the usual cookies and attachments that people get from the Internet. With the mischief going around, no one really knows how safe their computer is and what files are needed and not on their hard drives.

Tags: IT Security Basics, Malware, Network Security, Programming, Review, Spyware, Storage, Tips

Categories: IT Security Basics, Malware, Network Security, Programming, Review, Spyware, Storage, Tips

Comments Off

Ordinarily, all computers would evidently slow down owing to the number of programs installed and running and exposure over the web which injects some files for proper browsing of sites. At some point, boot-up speed of most computers as well as immediate shutdowns as performed by users may encounter some delays. These are only proper since the registry would be open to a lot of modifications from such activities.

This is why some companies have developed registry checkers and cleaners such as Registry Mechanic, to be able to determine the modifications and problems that have affected certain areas of the computer. Among the known issues would be improper deletion of shortcuts or programs without using the add/remove option on the control panel of the Windows operating system. This alone leaves a conflict that makes computers adjust to such occurrences.

Another thing is that of cookies gathered from the web. While cookies are stored in the temporary IE folder of a computer, some may tend to change some configurations on the machine and thus slow it down.

Registry cleaners are not guaranteed to speed up a computer speed at an instant. A user must also thoroughly evaluate if such modifications are okay for removal. A wrong decision may eventually make things worse, hence if a person is unsure, consulting computer experts or even the web for advice prior to action would be advisable.

Tags: Malware, Operating Systems, Programming, Spyware, Tips

Categories: Malware, Operating Systems, Programming, Spyware, Tips

Comments Off

Most software tools that are used today are not perfect. Weaknesses and loopholes that may encounter system operation conflicts and problems will only be natural, especially for programs that are either not immediately compatible or are prone to breakdowns every now and then. The need for a continuous development as far as applying patches and updates towards such software, such as programming languages and operating systems like Windows and Linux, is a necessity.

This is only normal considering that chinks in the armor of anything will always be revealed at times when people least expect it. This is a continuing and ongoing trend that all software developers and administrators need to attend to, considering that as the height of demand for accurate programs are increasing, the same holds true for the need to provide features and flexibility on the programming aspect of installed systems for smooth flow of automations in most business organizations and entrepreneurial undertakings.

[tags]programmer, patch updates, systems, operating system, windows, linux [/tags]

Tags: IT Security Basics, linux, Operating Systems, operating-system, patch-updates, programmer, Programming, Security Policies, Storage, systems, Tips, windows

Categories: IT Security Basics, Operating Systems, Programming, Security Policies, Storage, Tips

Comments Off

A lot of workstations and servers will always have the choice of selecting which operating system to used. Without question, Microsoft’s Windows Server Operating Systems is the first thing in mind to be used although Linux has had its share of being the best alternative operating system today.

The deal here would be efficiency and reliability. This is just the backend of most systems and the choice for which operating system to use would all depend on the programming language and database compatibility with regards to OS preference.

There has been a number of programming softwares that are developed and used today. For each one, like Sybase and Visual Basic, software developing companies have gone to the extent of even making special compatibility towards preferred OS of end-users. This serves as a basis for comparison in determining on which platform that preferred programming software would be entirely performing better. This allows flexibility for users and a wider array of possibilities for systems administrators and developers who compile useful executable programs today.

Tags: Operating Systems, Privacy-&-Anonymity, Programming, Tips

Categories: Operating Systems, Privacy & Anonymity, Programming, Tips

Comments Off

More and more companies have geared towards technology as far as using it to aid their daily operations and storing transactions for records of individual transactions. Most users are given certain privileges and rights for access towards the main server that holds the programs altogether. User policies and access are defined and declared, so that each can have specific access and user restrictions to avoid any discrepancies and problems that may occur. Such would only be natural for technology relying companies, since developed and installed programs would usually be prone to modifications and debugging along the way.

It is the duty of the appointed administrator in close relation with department heads to determine the level of access to provide to the users who will be using the system. Levels are meant to define with regards to finding up to which level access will be granted to most users who will be inputting and referring data into the system. Besides, access levels and security policies are a good way to safeguard information and avoid eventual sabotage for the entire systems in unlikely situations both internally and externally.

Tags: Network Security, Operating Systems, Programming, Security Policies, Tips

Categories: Network Security, Operating Systems, Programming, Security Policies, Tips

Comments Off

Electronic mail has become the buzz of the town in recent years and while some use e-mail as a means of cheaper and faster ways of sending messages and files over the Internet, it cannot be discounted that some use e-mail as a form of exploit as well, by send unrecognized files to various recipients who in the same way may not know the harmful effects that such files would bring to their personal workstations.

While there are various means of supplying computer protection such as firewalls and anti-virus protection for single and networked computers, some harmful file just tends to get past them. That is why there are specific softwares used for specific infections, particularly the Trojan developed files that do their work unnoticed.

So the next time you get mail from someone who has an attachment with questionable file name extensions, better think twice before clicking or opening it. It may cause more pain than enjoyment in most cases.

[tags]spyware,malware,trojans,security[/tags]

Tags: IT Security Basics, Malware, security, Security Policies, Spyware, Tips, trojans

Categories: IT Security Basics, Malware, Security Policies, Spyware, Tips

Comments Off

At the rate that hackers and more people are becoming wiser as far as discovering technology and its flaws today, the best way is to have ready back-up procedures for databases and important documents and spreadsheets just in case of system intrusion and crashes. While it is true that most companies are continuously developing software to be able to limit such malicious intentions, it cannot be discounted that the safest way is to have ready back-ups which can be easily restored at any time of their liking.

The question is when to back-up and what to back up. For most people, backing up periodically is the common practice. But for more important documents and reference materials, archiving them as often as possible is the safest way to be sure. People should not wait for the last minute to back-up their files since with the fast pace of technology comes the fast pace development of hackers today.

[tags]backup,archiving,network security[/tags]

Tags: archiving, backup, Backups, IT Security Basics, Network Security, Security Policies, Storage, Tips

Categories: Backups, IT Security Basics, Network Security, Security Policies, Storage, Tips

Comments Off

802.11 Wired Equivalent Privacy (WEP) doesn’t provide enough security for most enterprise wireless LAN applications. Because of static key usage, it’s fairly easy to crack WEP with off-the-shelf tools. This motivates IT managers to use stronger dynamic forms of WEP.

The problem to date, however, is that these enhanced security mechanisms are proprietary, making it difficult to support multi-vendor client devices. The 802.11i standard will eventually solve the issues, but it’s not clear when the 802.11 Working Group will ratify the 802.11i standard.

As a result, the Wi-Fi Alliance has taken a bold step forward to expedite the availability of effective standardized wireless LAN security by defining Wi-Fi Protected Access (WPA) while promoting interoperability. With WPA, an environment having many different types of 802.11 radio NICs, such as public hotspots, can benefit from enhanced forms of encryption.
Inside WPA

WPA is actually a snapshot of the current version of 802.11i, which includes Temporal Key Integrity Protocol (TKIP) and 802.1x mechanisms. The combination of these two mechanisms provides dynamic key encryption and mutual authentication, something much needed in WLANs.

As with WEP, TKIP uses the RC4 stream cipher provided by RSA Security to encrypt the frame body and CRC of each 802.11 frame before transmission. The issues with WEP don’t really have much to do with the RC4 encryption algorithm. Instead, the problems primarily relate to key generation and how encryption is implemented.

TKIP adds the following strengths to WEP:

48-bit initialization vectors. WEP produces what’s referred to as a “keyschedule” by concatenating a shared secret key with a randomly-generated 24-bit initialization vector (IV). WEP inputs the resulting keyschedule into a pseudo-random number generator that produces a keystream equal to the length of the 802.11 frame’s payload. With a 24 bit IV, though, WEP eventually uses the same IV for different data packets. In fact, the reoccurrence of IVs with WEP can happen within an hour or so in busy networks. This results in the transmission of frames having encrypted frames that are similar enough for a hacker to collect frames based on the same IV and determine their shared values, leading to the decryption of the 802.11 frames. WPA with TKIP, however, uses 48-bit IVs that significantly reduce IV reuse and the possibility that a hacker will collect a sufficient number of 802.11 frames to crack the encryption.

Per-packet key construction and distribution. WPA automatically generates a new unique encryption key periodically for each client. In fact, WPA uses a unique key for each 802.11 frame. This avoids the same key staying in use for weeks or months as they do with WEP. This is similar to changing the locks on a house each time you leave, making it impossible for someone who happened to make a copy of your key to get in.

Message integrity code. WPA implements the message integrity code (MIC), often referred to as “Michael,” to guard against forgery attacks. WEP appends a 4-byte integrity check value (ICV) to the 802.11 payload. The receiver will calculate the ICV upon reception of the frame to determine whether it matches the one in the frame. If they match, then there is some assurance that there was no tampering. Although WEP encrypts the ICV, a hacker can change bits in the encrypted payload and update the encrypted ICV without being detected by the receiver. WPA solves this problem by calculating an 8-byte MIC that resides just before the ICV.

For authentication, WPA uses a combination of open system and 802.1x authentication. Initially, the wireless client authenticates with the access points, which authorizes the client to send frames to the access point. Next, WPA performs user-level authentication with 802.1x. WPA Interfaces to an authentication server, such as RADIUS or LDAP, in an enterprise environment. WPA is also capable of operating in what’s known as “pre-shared key mode” if no external authentication server is available, such as in homes and small offices.

An issue that WPA does not fix yet is potential denial of service (DoS) attacks. If someone, such as a hacker or disgruntled employee, sends at least two packets each second using an incorrect encryption key, then the access point will kill all user connections for one minute. This is a defense mechanism meant to thwart unauthorized access to the protected side of the network.

You will be able to upgrade existing Wi-Fi-compliant components to use WPA through relatively simple firmware upgrades. As a result, WPA is a good solution for providing enhanced security for the existing installed base of WLAN hardware.

The eventual 802.11i standard will be backward compatible with WPA; however, 802.11i will also include an optional Advanced Encryption Standard (AES) encryption. AES requires coprocessors not found in most access points today, which makes AES more suitable for new WLAN installations.

Tags: IT Security Basics, Network Security, Real-World Issues, Security Policies, Storage, Tips, Wireless Security

Categories: IT Security Basics, Network Security, Real-World Issues, Security Policies, Storage, Tips, Wireless Security

Leave a Comment

Think of the impact that IT has on our society, let alone the workplace. There are so many things that we can do because of it and as a tool, things could go totally wrong sometimes. It is very tempting to get the company’s confidential documents and sell them to the competing company, client information could be tampered, and so on. Calum Macleod of Cyber-Ark has shared some tips in order to avoid this in your own company.

1. Do not expose your internal network
2. Make sure that intermediate storage is secure
3. Ensure that Data at Rest is protected
4. Protection from data deletion, data loss
5. Protection from data tampering
6. Auditing and monitoring
7. End-to-End network protection
8. Auditing is required to ensure that a detailed history of activities can be reviewed and validated.
9. Process Integrity

Think of the system you have in your company. Find out if your data is at the risk of being tampered. Ask yourself, are you auditing and monitoring? Maybe it could just be this one time of lapse wherein you let one person get out of your office with a lot of important documents. Now that is bad. You never know what this person will do with your data. Even if the person will not sell them to the competing company, the mere act of it being with that person. Are your computers safe from tampering or are they quite vulnerable? If they are quite vulnerable, it might be high time for you to change it.

You might end up having a very strict company policy when you find out that your company documents (among others) are at risk. You would want to keep your reputation when it comes to dealing with your clients. Another thing is that you would like to make sure that everything that you have is intact for your own sake (like filing away some papers). Once you have assessed the existing company policies, you could probably take a break and have a cup of coffee to help you relax a bit.

Tags: IT Security Basics, Network Security, Physical Security, Real-World Issues, Tips

Categories: IT Security Basics, Network Security, Physical Security, Real-World Issues, Tips

Comments Off