Wednesday, March 29, 2006

Essential Software - Firewalls

A firewall is a protective system that lies, in essence, between your computer network and the Internet. When used correctly, a firewall prevents unauthorized use and access to your network.

For individual home users, the most popular firewall choice is a software firewall. Software firewalls are installed on your computer (like any software) and you can customize it; allowing you some control over its function and protection features. A software firewall will protect your computer from outside attempts to control or gain access your computer.

Internet [software] firewalls are a hot commodity and there are an increasing number of products coming to market. In the past, there were only about five firewall vendors. There are now ten times that number and more appear every day. The response from the firewall customer community has been, predictably, confusion. Customers who want to purchase a firewall, who are not familiar with all the ins and outs of the technology are justifiably worried that they may be buying something that is not right for them - so they are asking for a way of making their decision easier.

Firewalls right now are a highly competitive market place. Vendors and their sales teams are constantly asked to differentiate their products against those of their competition, and the pressure is intense. The end result is that things which are very similar are touted as very different, and some types of technologies are cast as inadequate while others are positioned as superior. It's difficult to sort out the hype from the substance.

See the results of the latest tests for the major brands of firewalls :

Monday, March 27, 2006

USB Flash Drive Security

A USB flash drive is a great resource for carrying around important documents. However, that portability introduces some problems. The biggest problem is that you could lose your flash drive with all of that important data. In addition, if you use your flash drive on other PCs, you increase the chance that you could pick up a virus or other malware.

Kingston Technology has introduced the world’s first USB Flash drive that secures 100% of data on-the-fly via 128-bit hardware-based AES encryption, ensuring fail-safe security best practices without IT intervention.
Offering up to 4GB of secure storage, DTE Privacy Edition is a plug-and-play USB device specifically targeted to meet enterprise-level security and compliance requirements. If the drive is ever lost or stolen, data on the DTE Privacy Edition device remains secure.

Visit the website HERE.

There are security solutions available now for USB flash drives. Cryptainer encrypts every kind of file format, whether it is textual, tabular, graphical, organized in a database, audio or video. They work on all media including external devices such as a CD, USB, Floppy.

You will find the mobile feature of Cryptainer very useful.Cryptainer can be installed directly on a USB / removable drive as a "stand alone" install.

Footnote : A BIG problem with USB flash drives is that they can easily become corrupted. Usually this is because the drive was removed while Windows was writing data to the drive. The first thing to remember is that you should always use the "Unplug or Eject Hardware" wizard when you remove your drive. To do this, you simply right click on the USB icon in the system tray (bottom right of screen), and select "Safely Remove Hardware."

Sunday, March 26, 2006

Take precautions in Wi-Fi zones

Connect to a legitimate service provider and make sure the paid service you tap into is the one advertised for that location.

Resist using a free signal; it could be a hacker nearby waiting for people to use the decoy Internet access.

Read the original article HERE.

Critical Alert : New I.E. Zero Day Exploit

Another critical security vulnerability in Internet Explorer was reported this week. It was discovered and reported by Secunia Research and confirmed by Microsoft. The bug affects fully patched Windows XP systems with Service Pack 2 applied.

The currently active IE zero-day exploit can be avoided by turning off Active Scripting.
ZDNet have posted a step-by-step instruction on how to do that.

Saturday, March 25, 2006

Essiantal Software - Acronis True Image 9.0

Acronis True Image 9 moves well ahead of its bitter rival Norton Ghost 10 with this new release. Disk imaging backup option enables you to create an image of your entire hard disk drive, including the operating system, applications, user settings, and all data. Use the image to restore your PC to a known working state without any reinstallation.

A new file-based backup option which enables you to backup and restore individual files and folders, like your My Documents folder or a specific file, like your latest tax return. A software wizard walks you through all of the steps.

Read a full review of the product HERE.

Essiantal Software - CCleaner

CCleaner is a freeware system optimization and privacy tool. It removes temporary internet files, cookies, history, recent urls, application MRUs from your system - allowing Windows to run faster and freeing up valuable hard disk space. But the best part is that it's fast (normally taking less that a second to run) and contains NO Spyware or Adware!

Read a review of the product HERE.

Hacking - Tools of the Trade

Being in the computer security field means that you are always striving to stay current. You are always trying to learn new tools, and understand new exploits. That said there are also some tools that simply aren’t going to go away any time soon and are really necessary to learn. Over the course of this three part series we will look at some of the best known hacking tools. After all, it pays dividends to know just how your enemy works and more specifically with what.

This THREE part article begins HERE.

Agnitum Outpost Firewall 3.5

The latest version of Outpost Firewall Pro empowers users to share advice and configuration skills – automatically – with the ImproveNet security community network. Firewall configurations can now be created and updated automatically, with user consent, while the actual configuration of the firewall is handled remotely in the background by Agnitum security professionals.

Other improvements in the new version include an upgraded anti-spyware plug-in that ensures sensitive areas of users’ PC are constantly monitored for possible spyware activity, and a more intuitive, customizable logging system.

Two reasons for this link. First, I have used Outpost since its inception, and think it is the best software firewall available today. The second reason is the new option of remote configuration. A lot of users install a firewall, but from then on have no idea how to configure it so it performs to its maximum potential.

Read the Press Release HERE.

Friday, March 24, 2006

Laptops - Thief Magnets

It can not be stressed enough that a laptop requires a different mind set from your desk top PC. Laptops have become thief magnets, attracting everything from common thugs and dishonest housekeeping employees to sophisticated conmen, hi-tech crime rings, and industrial spies.

Physical security :
Unbelievably, almost 40% of laptop thefts occur in the office.
Laptop theft [outside the office environment] another 40%.

Lost laptop exposes almost 200,000 employees to identitytheft

Data Security :
It is the data that is most valuable. Whether it's a business or personal laptop, the loss of data may be devastating. The above link is a perfect example.

Is Your Laptop Telling Secrets?

Laptop Security Guidelines :
This is a "live" document that is updated periodically as new threats and security countermeasures are discovered. An excellent guide to get you stated in the right direction.

Thursday, March 23, 2006

Anonymity : Anonymous Operating System

Have added new item to Anonymity section, which also includes the download link.

Titled Anonym.OS, the system is a type of disc called a "live CD" -- meaning it's a complete solution for using a computer without touching the hard drive. Developers say Anonym.OS is likely the first live CD based on the security-heavy OpenBSD operating system.

To keep from standing out, Anonym.OS leaves a deceptive network fingerprint. In everything from the way it actively reports itself to other computers, to matters of technical minutia such as TCP packet length, the system is designed to look like Windows XP SP1.

Booting the CD, you are presented with a text based wizard-style list of questions to answer, one at a time, with defaults that will work for most users. Within a few moments, a fairly naive user can be up and running.

Read the full original article HERE.

New Trojan, rootkit have 'frightening capabilities'

The Trojan and rootkit, which remain hidden from the operating system task manager and avoids AV detection, were discovered by the San Mateo, Calif.-based enterprise security software provider's Sana Labs team during an investigation into the new Alcra worm. As of today, only a handful of security companies had created a way to detect the worm, the company reported.

Sana Security Inc. is warning of a highly evasive kernel-level rootkit associated with a data-stealing Trojan that can survive a reboot and doesn't run as a separate process. The malware also can detect previously used passwords on a machine, not just those logged after a PC is infected.

Read the original article HERE.

Wednesday, March 22, 2006

Useful Firefox security extensions

If you’re a Firefox user, you may already know about this site.
It’s a great listing of security extensions for Firefox.

Link HERE.

Sunday, March 19, 2006

Hacking Made Easy

Automated Tools Gather Victims' Keystrokes
Upload Passwords to Illicit Database

When Graeme Frost received an e-mail notice that an expensive digital camera had been charged to his credit card account, he immediately clicked on the Internet link included in the message that said it would allow him to dispute the charge. As the 29-year-old resident of southwestern England scoured the resulting Web page for the merchant's phone number, the site silently installed a passwordstealing program that transmitted all of his personal and financial information.
Read this very interesting article HERE.