- A user asks "is this a virus" - now you can not only be more confident, but you have got a nice looking report as well, thanks to virustotal.
- Looking like a hacker from the movies is easier than you think - network swiss-army-bazooka nmap (movie references here) has a nice graphical front-end, is easy to use and actually really handy, go get zenmap. Bump the shiny up another notch, and Overlook Fing is like a miniature nmap on android or iphone.
- Keeping up with the latest news and views in security is tough, but if there's one guy who's opinion it is always worth reading, it's Bruce Schneier. Luckily, he publishes a monthly newsletter, Cryptogram. Sign up here.
- We can't all keep a virtual machine knocking around to burn testing dubious looking links. Luckily, we can get a fair idea if a link is going to riddle us with zero-day hell, and a nice report to boot from the folks at wepawet.
- Many people thought I should have included this one at number one - a great looking packet analyzer with a cool name, Wireshark (or Ethereal as it was formerly known) can be used to find out a lot about your network, and is great for seeing what's really going on. Pulling unencrypted passwords and snippets of plaintext conversation off the wire - always a good demo. Remember you can use tcpdump (on your Smoothwall or other Linux-based firewall!) to pick up packets to look at later as well. One that takes a bit of learning, but well worth it. Get Wireshark here.
- Most of us are Windows users, but Linux has a lot to offer. Even if you don't run Linux all the time, there are a couple of live cds which will run without modifying your PC. For the security minded, there's the Trinity Rescue Kit, ever helpful for recovering "lost" passwords, and for the slightly more black-hatty among us, backtrack is the place to be. An unfamiliar and complicated looking interface will do your status with your users no end of benefit. Download and burn trk or backtrack.
Tuesday, May 31, 2011
Thursday, May 26, 2011
- Appearances can be deceiving: Don’t just look at the URL, but look deeper into a page and content-scan the words and phrases. This insures that all pages are categorized, and a page can’t hide itself as something it’s not. Make sure your filter can determine context, content and construction to block out those tricky bad guys.
- Look for “Just Right” blocking: IT administrators can be worn to a frenzy keeping up with the educators’ requests to unblock websites they need, while keeping a strong block in place. A smart filtering solution avoids over-or under-blocking and provides just the right level of blocking.
- Go for the Interception: Students have become increasingly savvy in finding their way around blocked websites using proxy anonomizers. Look for solutions that can intercept HTTPS traffic to catch HTTP proxies as well as HTTPS proxies. With the right solution, users trying to get around blocked sites will be intercepted- achieving your goal for a safe network.
- Be the all-seeing eye: IT administrators don’t have time to constantly scan the network. They need reporting functions that help make their life easier, not more difficult. During certain hours such as lunch or between classes, it may be good to keep a closer eye on network activity. Real-time content scanning provides valuable visibility, allowing IT administrators to nip potential problems in the bud.
- Network Security never sleeps: It’s not just the school grounds that must be protected. Users who rely on laptops, netbooks or even Mac portables must also be protected while away from the school's network. The full policy and profile safeguards that apply while those laptops are connected on campus must apply when taken home or on field trips, and while those units are connected to the Internet at the local airport or other wi-fi hotspots. Upon return to the school's network, all reporting and tracking of web activities should be aggregated to the reports the school's administrators and teachers receive on student (or staff) activities.
Thursday, May 19, 2011
What’s as bad as bedbugs for hotels today? Like bedbugs, this threat is invisible when guests check in and the consequences may not be evident until long after the guest leaves. It’s extremely costly, with loss of revenue and legal costs. (Yes, it’s so nasty that lawyers are involved.) It’s a growing trend: video downloads on your network.
It started off innocently enough. Once upon a time, hotels had a nice revenue stream from pay-per-view films. Travelers who wanted to relax in their room had a few options: the regular TV programming, the book they may have brought, or splurge for a pay-per-view movie.
Then the internet revolution came about. Hotels began offering internet access in response to demands from business travelers and others who wanted to keep up with emails and their favorite websites. Then the availability of high quality video downloads and new devices with higher resolution began to change the game. Instead of paying for pay-per-view movies, guests could download videos for free on their own notebooks or iPads.
What does this mean for hotels? Colliers PFK Hospitality Research reports that hotel revenue from pay-per-view films has shrunk by 39%. Their study shows that in 2000, each hotel room would collect approximately $288 in pay-per-view revenue annually. Today, the average hotel room collects only $175 annually. The likely cause of this decline in revenue is the many alternatives found on the Internet for videos, gaming and other on-line entertainment.
Even more ruinous, many of these downloads are illegal downloads of copyright protected movies. Hollywood is becoming aggressive in pursuing perpetrators. Film producers are hiring law firms such as one known as The U.S. Copyright Group to issue subpoenas to internet service providers and get the names of individuals who downloaded these films. For hotels, that ISP address is under their name, and is their responsibility. Fines range from $1,500 to $2,900 or more per incident, or defendants could face even larger fines in court. While this type of tactic may not bear up under the scrutiny of higher jurisdictions or legal reviews, the risks remain the same, whether for an individual or a hotel management group: downloading of illegally-obtained copyrighted materials may be bad for your health and your wealth, if the lawyers have their way with you. (To see what one company is doing to offer hoteliers a sound solution go to: www.hotelpeertopeer.com)
Naturally, for hoteliers there’s the ongoing challenge of finding a way to provide the guest with good service, ample access to the Internet and still protect the institution from legal problems. Hotel IT administrators: this is your wake-up call. Make sure you are blocking illegal downloads on your network. Secure your network and sleep well at night: just don’t let the bed bugs bite.(that’s another worry for hoteliers, but not the topic of this post, by the way).
Thanks for reading, commenting and/or tweeting (www.Twitter.com/Smoothwall).
© Smoothwall, Inc., All rights reserved, 2011.
Wednesday, May 11, 2011
What’s a school to do? Education budgets, especially in the United States, are being cut while network security threats continue to grow. School administrators and IT managers must meet growing compliance requirements, as well as face down the threats posed by students who have grown up on-line and know their way around network filters and blocks. Teachers, staff and students all have varying needs for access to the Internet and Web resources, but must also be monitored, provided secure connections and prevented from time-wasting or inappropriate sites. What’s a school to do?
For many schools, the first step is assessing their current network security configurations. Some points to consider when assessing the current network security system:
· Does the system achieve full compliance- such as with CIPA and other Federal and State requirements in the U.S. or BECTA in the U.K.?
· What reporting systems are in place? Efficient reporting functions can help save time and resources, reducing network security costs. How long does it take to run reports?
· Is it easy to monitor live logs as well as what’s been happening over the last 24 hours?
· Can you identify websites that might be potential time-wasters for staff and students, to save resources for those sites that promote instruction in the classroom?
Network security, when done right, should be a cost-saver. Likewise, when done right, network security is a productivity-booster. And, without a doubt, the risks and costs of an unsecured network are far greater than the expense of protection. So, while Benjamin Franklin (U.S. patriot, publisher, inventor, statesman and all-around intellectual) was famous for proving that lightning can strike a kite and shed light on the nature of electricity, he also famously said, “An ounce of prevention is worth a pound of cure.”
Which does your school prefer? To be struck by lightning or to be protected from the viruses, worms, spies and dangers that lurk around the edge of your network? Network security is worth every penny, every pound and every dollar you invest in it.
Thanks for reading. Care to comment? Please do so, or tweet us at: www.Twitter.com/Smoothwall
© Smoothwall, Inc., All rights reserved, 2011.
Thursday, May 5, 2011
You didn’t realize it at the time, but your mother taught you everything you need to know about network security--or at least the important highlights. After all, mom’s goal is the same as ours as network security administrators: to keep us all safe.
Does any of this advice sound familiar?
1. Be suspicious, trust nobody. That goes for users on your network, as well as messages you receive from friends. Make sure users aren't allowed to download anything without permission. Be wary of suspicious links or invitations to join new social networks. These could be phishing attacks in disguise.
2. Lock the door. You wouldn’t let strangers into your house, so why would you let them onto your network?
3. Do your homework. Threats change daily. Keep up on newest threats so you can make sure your network is prepared for them.
4. Keep things clean. What she meant (in addition to clean socks and washing your hands regularly) was to make sure your PC, network protection and malware detection software is always up to date. Updated software and network protection will help keep the bad guys out.
5. Always be aware. Look before you cross the street, even if you don’t hear a car, and don’t assume some websites are safer than others. Sometimes the most “trusted” sites can be more dangerous. Educate other users on your network to inform them of the risks.
So let’s hear it for Mom. The network security savvy we have today originates in her good advice. It’s one more reason to thank her for all that she’s done for us. Oh, by the way, Happy Mothers’ Day!
We appreciate you reading our posts. Feel free to comment or post a tweet: www.Twitter.com/Smoothwall
© Smoothwall, Inc., all rights reserved, 2011.