• Embed Doc
  • Copy Link
  • Readcast
  • Collections
  • CommentGo Back
Download
 
General Security Guide
 
2003.02.12 10:58 EST byPhilip
 
Introduction
Let's start with the basic presumption that no system is completely secure. The only wayto secure your system completely is by turning it off, locking it in a safe and throwingaway the key... The only way you can completely prevent remote exploits is todisconnect from the network. All Operating Systems have some security flaws, with themore complex OSes having more potential vulnerabilities.Keeping that in mind, we can come very close to a completely secure level and stillmaintain a working system by following a few basic principles, described bellow.
 
General Guidelines
1. Don't turn on services you don't need.
Turning off services you don't use is simply common sense and can greatly reduce therisks while online. File and Print Sharing is probably the single most common Windowssecurity vulnerability. Don't use it unless you really need it. You can check if it's turnedon (In Win 9x) under "
Control Panel > Network > File and Print Sharing
". If, on theother hand you have aLANand need to share files, follow the guidelines below:
Unbind File and Print Sharing and Client for MS Networks fromTCP/IP- you willneed to check allTCP/IPEntries in "Control Panel > Network".
Install NetBEUI and bind File and Print Sharing to it.
Turn access on just for the necessary directories/drives and make it read-only.
Use strong passwords for all your shares.
Install a software/hardwarefirewall.
2. Use strong passwords
- whenever you use paswords, being an online bankinginterface, network share or even a forum, common sense dictates you should make themhard to guess/crack. Although some of the suggestions below might seem trivial, theyare not followed by many users and it might be a huge security risk. Use the followingguidelines with passwords:
use both lower and upper case letters
 
use some non-alphanumeric characters as well
 
don't base your passwords on a dictionary word, name, place or date.
 
use long passwords
 
use different passwords for different places.
3. Stay current with updates
- download and install all available security patches foryour OS, as well as new anti-virus definitions, etc. For example, all Windows-basedcomputers should have the latest service pack installed. Also check theWindows Update site on a regular basis (or use automatic updates) for the latest security updates.
4. Use theencryptionavailable to you
-FTP
 
 /SMTP/HTTP and many other protocolswidely used on the Internet transmit information inASCII(clear text). What that meansis, all information transfered to/from servers, including your passwords is transmitted in
 
clear text, and is readily available to any network device it passes through to get to itsdestination. When possible, use the secure variations of those protocols to avoidpersonal information being transmitted unencryted.
 
Multi-Layered Security Approach
1. HardwareFirewall( and/or optional softwarefirewall)
Firewalls basically filters all network traffic, block ports and inspect packets in order toprotect your PC orLANfrom unauthorized entries. Somefirewallsolutions include additional functionality that allows you to detect and gather information about anyintrusions. There are different types of firewalls of different complexities, however mostof them allow for you to close unused ports from being accessed externally. Computerswith always-on Cable Modem,DSLor similarbroadbandconnections to the Internet have mostly static IP addresses and are online much longer than those with dialupconnections, which by itself increases the security risks and justifies installing afirewall for protection. For reference, some established brandnames are SonicWall, ZyXELZyWALL, ZoneAlarm, BlackICE, etc.
2. Anti-Virus Software
- with the increasing popularity of the Internet, viruses andtrojanhorses have become more common simply because of people's ignorance and PCsbeing interconnected in a network, communicating with each other much more easily.Some viruses have caused havoc on the Internet, spreading with alarming rates throughemail or other similar means. Installing a good Anti-virus software (and maintainingvirus-definitions current) is a must, or you are bound to become a victim of somevirus/trojan horse at some point in time. I'd recommend installing one of the leadingproducts, such as Norton Anti-virus for compatability, ease of use, eficiency and fastresponse to new threats.
3. Anti-Spyware Software
- your every action online could be recorded withour yourexplicit permission ! The least we can do is bring this to your attention, so you have thechoice and are well aware before giving away personal information.The issue begins with marketing, companies trying to collect consumer information,demographics, or in some cases personaly identifiable informaton about users. It'saccomplished through their software installing Spyware, or Trojans on your computer,usually without your knowledge or consent, and then forwarding the collected personalinformation to their data collection facilities... The gathered information isthen potentially being sold and combined with other databases to build up profiles of individual web users, usually for direct marketing purposes.It might sound like sci-fi to the uninitiated, but it is real, and it is happening every dayonline. Your privacy is being invaded.For anti-spyware software solutions, you might want to look up: Lavasoft Ad_Aware,Gibson Research OptOut, SpyCop, WinTasks Pro, etc.Many such anti-spyware programs block advertisements on websites as side-effect of protecting your privacy.... I'd also like to bring up the fact that not all advertising isevil. Many websites, including ours rely on banner advertising as a source of revenue,thebandwidthused in serving you with free information costs money and it is paid for byadvertising. Blocking ALL ads just hurts independent websites sponsored by banner
 
advertising.
 
Conclusion
One should be aware of all the major security threats, especially when connected to alarge network, such as the Internet. With all the above precautions in mind, the Internetcan be a fun, (almost) safe place to explore ;)
5 Ways to Improve your Wireless Network
 
2007.09.28 15:19 EST byComtrad
 
While installing a wireless network may seem trendy, it makes good business sense. You have theflexibility and convenience of working untethered, plus you won't have to pay someone to come inand reroute network cables if you hire new employees or reconfigure your office floor plan.Setting up a wireless network requires thought and planning. We spoke with Doug Potts, a securityspecialist at CDW, to find out what you can do to ensure their network works as smoothly and assecurely as possible. The five steps to improving your wireless network are listed in order of theircost and complexity. Whether you take one or all five depends on the size of your budget and thelevel of security you need. 
1. Set Up WirelessEncryption
Encrypting your network makes it difficult for hackers to crack in and use your wireless connection,access your data or other perform other malicious actions. "Encryption's an effectivehacker  deterrent," said Potts. "The thought of trying to hack a 128-bit or 256-bitcipheris enough to senda hackerpacking — and looking for an easier target." You have two types of encryptionfrom which to choose:WEP andWPAwithAES encryption. Potts likened 128-bitWEP encryption to a barking dog that frightens off a burglar. "NowAES, that's 256- bit — an even tougher type of encryption," Potts said. "That's like having the dog, an alarm systemand a guard out front."According to Potts, the 128-bitWEP encryption can be cracked, but it can take up to four hours of  work to do it To date, he says, 256-bitAES has never been cracked. Most wireless access points (APs) support bothWEPandWPA standards, but not all client cards (theWi-Ficard that plugs into your laptop) supportAES encryption, which requires a dedicated chip."At the very minimum," said Potts, "everyone running a wireless network should haveWEPinstalled and turned on."
of 00

Leave a Comment

You must be to leave a comment.
Submit
Characters: ...
You must be to leave a comment.
Submit
Characters: ...