Free Security Enhancements

Guys ,before you spend a dime on security , there are many precautions you can take that will protect you against the most common threats .
Check Windows Update and Office Update regularly ( _http ://office .microsoft .com/productupdates ) ; have your Office CD ready . Windows Me , 2000 , and XP users can configure automatic updates . Click on the Automatic Updates tab in the System control panel and choose the appropriate options .
Install a personal firewall .SyGate ( www .sygate .com ) and ZoneAlarm ( www .zonelabs .com ) offer free versions .
Install a free spyware blocker . SpyBot is also paranoid and ruthless in hunting out tracking cookies .
Block pop-up spam messages in Windows NT , 2000 , or XP by disabling the Windows Messenger service ( this is unrelated to the instant messaging program ) . Open Control Panel | Administrative Tools | Services and you'll see Messenger . Right-click and go to Properties . Set Start-up Type to Disabled and press the Stop button . Bye-bye , spam pop-ups ! Any good firewall will also stop them .
Use strong passwords and change them periodically . Passwords should have at least seven characters ; use letters and numbers and have at least one symbol . A decent example would be f8izKro@l . This will make it much harder for anyone to gain access to your accounts .
If you're using Outlook or Outlook Express , use the current version or one with the Outlook Security Update installed . The update and current versions patch numerous vulnerabilities .
Buy antivirus software and keep it up to date . If you're not willing to pay , try Grisoft AVG Free Edition ( Grisoft Inc . , www .grisoft .com ) . And doublecheck your AV with the free , online-only scanners available at

Linux Security

Linux is an amazing operating system considering how it was originally created. It was a modest program written for one person as a hobby  – Linus Torvald of Finland. It has grown into a full-fledge 32-bit operating system. It is solid, stable and provides support for an incredible number of applications.  It has very powerful capabilities and runs very fast and rarely crashes.

Unfortunately Linux machines are broken almost every day. This happens not because it is an insecure operating system. It contains all the necessary tools to make it very secure.  But the truth is. It hasn’t become significantly more secure with the increase in popularity. On the other hand, our understanding of the hackers methods and the wide variety of tools and techniques available contributed to help system administrators to secure their Linux computers.

Our goal in this article is to list the most critical situations, and how to prevent an invasion with simple measures.

1-    Weak passwords – By far the first and most used   method used by hackers to try penetrating a Linux system is cracking a password, preferently of the user root. Usually they will target a common user first, and then, using his/her access to the operating system, try to get a privileged access cracking the root password. Good password policy, and good passwords are absolutely critical to the security on any computer.   Some common mistakes when selecting a password:
A- use “password” as password.
B- use the name of the computer.
C- a well-know name from science, sports or politics.
D- reference to movies.
E- anything that is part of the user web site.
F– references associated with the account.

The latest version of Linux offer shadowed passwords. If a cracker can see an encrypted password, crack it would a simple task. So, instead of storing the password in the passwd file, they are now stored in the shadow file which is readable only for root. Before a hacker can crack a password he needs to figure out an account name.  So, simple accounts names must be avoided as well. Another security measure is to apply a “no login” to the account in the passwd file. This must be done to all the accounts that don’t need to log in to the system. Examples are: apache, mysql, ftp and other.

Limit which terminals root may log in from. If the root account is allowed to log in only in certain terminals that are considered secure, it will be almost impossible for a hacker to penetrate the system. This can be done listing the allowed terminals on /etc/security. The login program will consider insecure any terminal that is not listed on this file, which is readable, only by root.

2-    Open Network Ports


Any Linux default installation will provide the Operating System with tons of software and services. Several of them are not necessary or even wanted by the administrator. Removing these software and services will close the path to several attacks and improve security.  The /sbin/chkconfig program can be used to stop services from automatically starting at run levels 3, 4 and 5. Log in as root and type /sbin/chkconfig --list to view all the services set to start automatically. Select the ones you don’t need and type /sbin/chkconfig 345 name_of_service off. You must do that to all services you don’t want to keep running. Also, the xinetd server can be used to disable other services as well.


3-    Old Software Versions


Everyday vulnerabilities are found in programs, and most of them are fixed constantly. It is important, and sometimes critical, to keep up with the changes. There are mailing lists for every Linux distribution where one can have security related information’s, and the latest vulnerabilities found.
Some place to watch for security holes are:
·    http://www.redhat.com/mailman/listinfo/redhat-announce-list
·    http://www.debian.org/MailingLists/
·    http://www.mandrakesecure.net/en/mlist.php
·    http://www.suse.com/us/private/support/security/index.html
·    http://www.freebsd.org/security/index.html
·    http://www.linuxtoday.com/
·    http://www.lwn.net/
It is crucial to insure that the security released patches are applied to the programs as soon as they area available. The hacker community will be aware of the discovered holes and will try to explore them before the fixes are applied.

4-    Insecure and Badly Configured Programs

There are some programs that have a history of security problems. To name a few IMAP, POP, FTP, port map and NFS, are the most known. The good thing is that most of these programs can be replaced by a secure version like spop, sftp or scp.

It is important that,  before deploying any service,  the administrator investigate its security history. Sometimes simple configuration measures can prevent serious headaches in the future.



Some advices regarding a web server configuration are well worth to mention:

-    Never run the web server as a privileged user;
-    Do not keep clients’ confidential data on the web server – Credit card numbers, phone numbers, mailing addresses, must be recorded on a different machine.
-    Make sure the privileged data that a user supplies on a form does not show up as a default for the next person to use the form;
                  -     Establish acceptable values for data that is supplied by web clients.
                  -     Check vulnerabilities on CGI programs.



5-    Stale and Unnecessary Accounts

When a user no longer uses his /her account, make sure it is removed from the system. This stale account won’t have this password changed periodically leaving a hole.  Publicly readable or writable files owned by that account must be removed. When you remove an unnecessary service make sure you remove or disable the correspondent account.

Security Resources in the web

Bugtraq – Includes detailed discussions of Unix security holes
http://www.securityfocus.com/

Firewalls – Discuss the design, construction, operation, and maintenance of firewall systems.

http://www.isc.org/services/public/lists/firewalls.html

RISKS Discuss risks to society from computers

http://www.risks.org/

Insecure.org

http://www.insecure.org/

Network Security

You work in a corporate environment in which you are, at least partially, responsible for network security. You have implemented a firewall, virus and spyware protection, and your computers are all up to date with patches and security fixes. You sit there and think about the lovely job you have done to make sure that you will not be hacked.

You have done, what most people think, are the major steps towards a secure network. This is partially correct. What about the other factors?

Have you thought about a social engineering attack? What about the users who use your network on a daily basis? Are you prepared in dealing with attacks by these people?

Believe it or not, the weakest link in your security plan is the people who use your network. For the most part, users are uneducated on the procedures to identify and neutralize a social engineering attack. What’s going to stop a user from finding a CD or DVD in the lunch room and taking it to their workstation and opening the files? This disk could contain a spreadsheet or word processor document that has a malicious macro embedded in it. The next thing you know, your network is compromised.

This problem exists particularly in an environment where a help desk staff reset passwords over the phone. There is nothing to stop a person intent on breaking into your network from calling the help desk, pretending to be an employee, and asking to have a password reset. Most organizations use a system to generate usernames, so it is not very difficult to figure them out.

Your organization should have strict policies in place to verify the identity of a user before a password reset can be done. One simple thing to do is to have the user go to the help desk in person. The other method, which works well if your offices are geographically far away, is to designate one contact in the office who can phone for a password reset. This way everyone who works on the help desk can recognize the voice of this person and know that he or she is who they say they are.

Why would an attacker go to your office or make a phone call to the help desk? Simple, it is usually the path of least resistance.  There is no need to spend hours trying to break into an electronic system when the physical system is easier to exploit. The next time you see someone walk through the door behind you, and do not recognize them, stop and ask who they are and what they are there for. If you do this, and it happens to be someone who is not supposed to be there, most of the time he will get out as fast as possible. If the person is supposed to be there then he will most likely be able to produce the name of the person he is there to see.

I know you are saying that I am crazy, right? Well think of Kevin Mitnick. He is one of the most decorated hackers of all time. The US government thought he could whistle tones into a telephone and launch a nuclear attack. Most of his hacking was done through social engineering. Whether he did it through physical visits to offices or by making a phone call, he accomplished some of the greatest hacks to date. If you want to know more about him Google his name or read the two books he has written.

It’s beyond me why people try and dismiss these types of attacks. I guess some network engineers are just too proud of their network to admit that they could be breached so easily. Or is it the fact that people don’t feel they should be responsible for educating their employees? Most organizations don’t give their IT departments the jurisdiction to promote physical security. This is usually a problem for the building manager or facilities management. None the less, if you can educate your employees the slightest bit; you may be able to prevent a network breach from a physical or social engineering attack.

Importance Of Using A Vulnerability Scanner For Security

One aspect of network security is often overlooked is to check a network problem using a vulnerability scanner. The vulnerabilities are the problems, shortcomings or errors in the software configuration that the attacker can exploit to gain unauthorized access to the sacrificial system. Using a vulnerability scanner, such issues are identified and reported to the administrator.

Perhaps the main reason for the vulnerability analysis assumes, because the vulnerability is seen as being corrected with the patch management. It is a common misconception that a patch management strategy, the vulnerabilities that exist in the network will also be discussed. This is partly true if we consider how a piece of vulnerabilities are actually software problems are resolved by patching, but it is not always the case. The vulnerabilities are caused by incorrect settings, the software is problematic in itself a software problem or if the seller has not released a patch.

What can we do for vulnerabilities?

The first step is to see if the system is not actually a weakness. To do this, you must use a vulnerability scanner, or even if it is not recommended if your budget is limited, you can run a manual vulnerability scan.

The execution of the vulnerability scan:

And 'possible to assess the vulnerability without any software, even if this is an inherent amount of blur, and that takes time. And 'network vulnerabilities using a vulnerability scan manually, you must first obtain a list of applications / services installed on the network. When a list is available on the official website of each software, if you see problems / uncertainties stated by the seller. Some manufacturers also offer guides for their application should be determined safely. In general, these guides also contain information about the settings to avoid. This information is very useful, and it is certainly a good idea to read them. The next step is to check the vulnerability database lists the latest sites. Sites such as the National Vulnerability Database, and Bugtraq are well known vulnerabilities in a central location - check these sites regularly in relation to what software is on a network is very important.

Perform a vulnerability scan using a vulnerability scanner:

A more efficient way to do a vulnerability scan using a vulnerability scanner. These scanners are vulnerabilities in the database, which are automatically updated vulnerability scanner vendor when a new vulnerability is discovered. The system administrator can configure the scanner to automatically scan the network on a regular basis, and publish reports every time a new vulnerability is discovered. It 'can also select the repair options, or a detailed description of the reasons for the vulnerability and what you should do to solve this problem.

No matter if you run a manual vulnerability scan, or a vulnerability scanner, monitor network vulnerabilities. Most of the vulnerabilities will lead to compromise the system a degree that in turn can lead to serious consequences for the company. Vulnerability scanning is a preventive measure that could save a company's reputation and assets.