Web and FTP Servers

Every network that has an internet connection is at risk of being compromised. Whilst there are several steps that you can take to secure your LAN, the only real solution is to close your LAN to incoming traffic, and restrict outgoing traffic.

However some services such as web or FTP servers require incoming connections. If you require these services you will need to consider whether it is essential that these servers are part of the LAN, or whether they can be placed in a physically separate network known as a DMZ (or demilitarised zone if you prefer its proper name). Ideally all servers in the DMZ will be stand alone servers, with unique logons and passwords for each server. If you require a backup server for machines within the DMZ then you should acquire a dedicated machine and keep the backup solution separate from the LAN backup solution.

The DMZ will come directly off the firewall, which means that there are two routes in and out of the DMZ, traffic to and from the internet, and traffic to and from the LAN. Traffic between the DMZ and your LAN would be treated totally separately to traffic between your DMZ and the Internet. Incoming traffic from the internet would be routed directly to your DMZ.
Read the full story

Bundling software applications together is a practice much abused by purveyors of adware. The potential for sneaking unwanted software into a bundle of desirable software is obvious. The benefits of bundling software aren’t so obvious. Isn’t it time to consider dumping the practice of bundling software altogether?

Bundled Software: When Is It Not Adware?

If a user wants a piece of software, why can’t he or she be allowed to install it separately? If the bundled software were essential to the functioning of the original software (excluding generic functions such as install, un-uninstall, and documentation), why wouldn’t the developer build its functions directly into the original software?

Sure, sometimes there’s a software application that clearly complements another application. But for users who do not want the complementary software, having it just means a bloated install file and a needlessly long installation process.
Read the full story

Adware and Spyware have become familiar terms in the lexicon of Internet jargon. Their definitions range from helpful cookies that many people choose to have on their computer to programs that can actually steal your identity. That’s a pretty big area. That’s why any information of these important subjects needs to include definitions of exactly what actually encompasses both adware and spyware.

Adware is software that provides advertising, usually in the form of pop ups, and gathers general information, by using cookies, through the user’s Internet connection. Adware is often packaged with free downloaded programs. By definition, adware, by itself, is not dangerous, but can fall into the annoying category. Adware can generate constant pop up advertising when the downloaded program is running. It can also place cookies on your computer that will provide information about you when you click on the pop ups or log on to the original program download site. If users register the downloaded program, usually games, and pay the registration fee, the adware disappears. If you download a free program, there is a reasonable probability it will contain some form of adware. So far, that’s not necessarily a bad thing. Many people happily trade payment for enduring a few pop up advertisements and don’t care if their general Internet surfing habits are being tracked. The problem begins when they become intrusive.
That’s when adware becomes spyware.

When adware is expanded to use your computer’s resources to steal information, it becomes spyware. Spyware is like the Trojan horse that is discussed on our Virus article. Computer users who are installing a program or swapping files (i.e. music downloads) may also be installing a spyware program whose purpose is to monitor your computer activity and gather your private and confidential information. This includes e-mail addresses, user passwords and certainly any credit card numbers you enter when making a purchase on-line. They can also happily install other spyware programs, hijack your web browser by changing your home page and your browser’s search engine. All the time it is sending back information to the bad guys, who will use it for their own advertising purposes, sell it to other bad guys or use it to steal your identity. To do all this, spyware uses your computer’s memory resources and bandwidth. This can slow your computer to a crawl, especially if you use memory intensive programs. Spyware is not
good.
Read the full story

There are more and more individuals opting to work from home than ever before. The advantages to this are many including avoiding the morning and evening rush hours, being able to spend time with your kids and significant other, and doing everything on your own time. Though the pitfalls are many, the one that I will be focusing on in this article is that of setting up a secure wireless network for your home based business. Right now somewhere out there, there is someone with a receiver waiting to pick up on an unsuspecting person’s wireless local area network. Their hope is to garner some sensitive information that may lead to identity theft, and stolen proprietary business information.

Most businesses owners are not technically inclined, though they may be power users, in general security settings is not one of the first things they want to mess around with in their day to day operations. This makes most wireless LANs a great target for information predators.
Read the full story

To the information security professional wireless networking may be thought of as a four letter word to be avoided at all costs. Regardless of the security implication wireless networking can provide cost efficiency, and because of that wireless technologies are here to stay. While many in the profession believe that wireless networks can be easily compromised, this class will show how the appropriate wireless architecture with the proper security controls can make your wireless network as secure as any other remote access point into your network.

In this three day, wireless security workshop, we will examine the cutting edge of wireless technologies. The purpose of the course is to give you a full understanding of what wireless (802.11) networks are, how they work, how people find them and exploit them, and how they can be secured. This hands-on course is based on real world examples, solutions, and deployments. In this course we will actually set up and use wireless networks, determine the tools to uncover wireless networks, and also look at how to defeat the attempts to secure wireless networks.

Course Completion
Upon the completion of our CISM course, students will have:

Constructed a wireless network architecture
Install and configure 802.1x authentication using Microsoft Windows IAS and Server 2000
Install a wireless access point
Distinguish between 802.11x standards
Defeat Wired Equivalent Privacy
Key Take Aways:

An understanding of wireless networks
A CD of common tools and documentation
An ability to search the internet for updates and more information on wireless networks
Detail of Course Content The following topics will be covered:

Wireless History
Radio Frequency (RF) Fundamentals
WLAN Infrastructure
802.11 Network Architecture
802.1X Authentication
Extensible Authentication Protocol (EAP)/(LEAP)/(PEAP)
Detection Platforms
WLAN Discovery Tools
Kismet
Wireless Sniffers
Conventional Detection
Antennas
Exploiting WLANs
Securing WLANs
Other Wireless Options
Legal Issues including GLBA and ISO-17799
Future
Resources