SEARCH
Four Tips For Increasing Wireless Network Security
Posted in: Security by thirdoctet on August 23, 2007 | No Comments
Passwords aren’t enough to protect home wireless networks, and they’re particularly poor security choices for networks of larger organizations, according to a University of Maryland assistant professor.
Michel Cukier, assistant professor of mechanical engineering and affiliate of the A. James Clark School of Engineering Center for Risk and Reliability and Institute for Systems Research, said that many users who link to an organization’s network from home do so through their own unmanaged wireless networks. He released a paper Wednesday explaining the risks and outlining steps that wireless users can take to increase security.
“If these secondary connections are not secure, they open up the entire network to trouble,” Cukier said in a prepared statement. “Unsecured wireless access points pose problems for businesses, cities, and other organizations that make wireless access available to customers, employees, and residents. Unsecured connections are an open invitation to hackers seeking access to vulnerable computers.”
Cukier said there are several steps that wireless network owners and administrators can take to improve security and discourage “parasites” trolling for access and unsecured connections.
First, he suggests limiting the strength of wireless networks so they cannot be detected beyond the walls of a home or office. Cukier advises disabling the Service Set Identifier broadcasting. SSID is a code attached to packets on a wireless network. It identifies each packet as part of that network and allows all wireless clients within range to spot the network. When it’s disabled, it’s more difficult for unauthorized users to spot the network.
Cukier said that regularly changing encryption keys may increase network protection. He said Wi-Fi Protected Access should be used when possible, because Wired Equivalent Privacy can be decrypted with special software.
Cukier said that MAC addresses can also increase protection if the wireless access point is set up to only accept connections from a known MAC address.
Encryption strategies for preventing laptop data leaks
Posted in: Deskside, Security by thirdoctet on August 21, 2007 | No Comments
A recent poll by vendor Credant Technologies Inc. found that 88% of employee laptops carry sensitive information; everything from patient, customer and employee records to intellectual property, financial data and passwords. Between business risks, security breach headlines and regulatory compliance, companies have plenty of motivation to use encryption as a last line of defense against data leaks that result from laptop theft or loss. But which laptop encryption approach would work best for your company’s workforce? Read more…
159 million people affected by data breaches in under three years
Posted in: Security by thirdoctet on August 20, 2007 | No Comments
Data breaches at universities, government agencies, and corporations have become so common that only the most egregious even make the news anymore. Just how common are they? The Privacy Rights Clearinghouse, which tracks major breaches, now says that 159,105,898 people have been affected by data leaks over since 2005.
The number was noted in a recent Computerworld article by Robert Scheier as part of a larger piece on just how bad identity theft has become, but it’s mentioned only in passing. That’s too bad, because the PRC list makes for fascinating reading.
You might suspect that after the widespread publicity regarding identity theft and data breach issues over the last few years, every organization which collects personally-identifiable information would treat it like gold. Unfortunately, it’s too often still treated like a pile of scrap iron. Breaches are still occurring at an alarming rate, and they come in more flavors than Baskin-Robbins ice cream.
Storm Botnet Behind Canadian DoS Attack
Posted in: Security by thirdoctet on August 16, 2007 | No Comments
Researchers are blaming the virulent Storm worm for a widespread denial-of-service attack that hit Canadian Web sites over the weekend. The attack may have been unfocused and unsuccessful, but it could have been an early test of the denial-of-service power that the Storm worm botnet now holds.
Johannes Ullrich, chief research officer at the SANS Institute and CTO for the Internet Storm Center, said in an interview that while sites in Canada were “pounded” over the weekend, he doesn’t think it was a targeted denial-of-service attack. The attacks weren’t aimed at any particular Web sites. It was just spread across a wide swath of the Internet.
“The DoS part was basically an unintentional side effect,” said Ullrich. “It was a whole lot of spam — enough to make the servers slow down. Once [that much spam] is set loose, it’s hard to tell what’s going to happen.”
This weekend’s attack veered off the norm.
The Storm worm has been buffeting the Internet for the past several months, sending out historic levels of spam e-mail. Much of it has been in the form of phony electronic greeting cards, luring unsuspecting users to malicious Web sites where their machines are infected with malware that turns them into bots. The individual zombie machines are then added to the massive botnet that the Storm worm authors have been putting together.
This latest attack, though, didn’t use the e-card ruse. The e-mails in the attack also didn’t carry any malware and didn’t link to or point users to any malicious Web sites. The limited amount of text in the e-mails was little more than gibberish, according to Ullrich.
“They may have been trying something but it didn’t work,” said Ullrich. “Sure. It definitely could be a test [of a DoS attack]. That’s what you’d expect. They generally try a test-run first.”
Earlier this month, researchers at SecureWorks reported that the Storm authors had a botnet about 2,815 strong in the first half of this year. That number had skyrocketed to 1.7 million by the end of July.
Researchers at both SecureWorks and Postini said they think the Storm worm authors are cultivating such an enormous botnet to do more than send out increasing amounts of spam. All of the bots are set up to launch DoS attacks and that’s exactly what they’re anticipating. Denial-of-service attacks are designed to pound each computer with countless questions that flood its ability to respond, effectively taking the machine down.
Ullrich said on Monday that he too is concerned about what a botnet of this size could do if the Storm worm authors decide to target a DoS attack. However, he said the authors seem very focused on making money and unless they plan on extorting a company with threats of a massive denial-of-service attack, where’s the financial motive?
Ullrich added that he’s been seeing Storm worm ads on various underground Web sites. The authors are advertising their ability to send out pump-and-dump and pharmaceutical spam with their global botnet.
Microsoft releases super bundle of security patches
Posted in: Security by thirdoctet on August 14, 2007 | No Comments
Microsoft has released what security experts are calling one of it most significant security fixes this year. On Tuesday morning, the software maker pushed out nine sets of patches, called updates in Microsoft parlance, fixing a total of 14 bugs in its software. Six of these updates are rated critical by Microsoft, meaning that attackers could exploit the flaws with no user action required. The other three updates are rated important.
It is the largest set of updates released by Microsoft since February.
“People should definitely cancel their dinner plans and make sure they take this one seriously because both the breadth and impact of these are important,” said Don Leatham, director of solutions and strategy with PatchLink. “This is an intense month.”
Five virtual world security worries for business
Posted in: Security by thirdoctet on August 11, 2007 | No Comments
Companies need to think about security and risk management before they get too excited about virtual worlds, according to analyst group Gartner.
The risks businesses face as a result of getting involved in virtual worlds can be significant, according to Gartner vice president Steve Prentice. These risks shouldn’t be ignored, he said – but neither should the potential opportunities and benefits that arise from using these new environments for corporate collaboration and communications.
Intrusion detection and prevention: More than a firewall
Posted in: Security by thirdoctet on August 10, 2007 | No Comments
Intrusion detection systems (IDSes) and their nearest relative, intrusion prevention systems (IPSes), are the burglar alarms of network security. Unlike firewalls, which just block traffic, an IDS is set off by malicious traffic and sends warnings to system administrators or the IT security staff — if there is one. An IPS has the added benefit of not only warning about breaches but also trying to fix them.
For large companies with complex and intricate networks, installation and placement of IDSes and IPSes come naturally. It’s usually part of the larger network security architecture and is done alongside firewall setups.
But for small and medium-sized businesses (SMBs) with much smaller networks and thin IT staffs, IDS can seem like a costly luxury. For one, you need on-call staff 24×7 so the IDS has someone to page. Unfortunately, firewalls alone are not enough protection.
Assume Your Laptop Will Be Stolen
Posted in: Deskside, Security by thirdoctet on August 9, 2007 | No Comments
IT and end users should plan for the worst when it comes to portable data and computing. Another wave of laptop thefts and losses is causing major headaches for enterprises this week. But experts say that in the end, technology can only solve part of the problem.
Enterprises face plenty of potential downsides when a laptop’s lost: public embarrassment, fines, a decline in share price, loss of customers, and damage to the brand name. But none of these possible penalties has stopped employees from losing their laptops — as the latest headlines will attest.
Network perimeter security: Managing endpoint security
Posted in: Security by thirdoctet on August 8, 2007 | No Comments
These days, it seems like the majority of network perimeter security concerns are related to telecommuters, remote access and VPNs. Hardening these areas is clearly of great concern as the mobile workforce serves as a treasure chest for clever hackers if they can take advantage of an unsuspecting remote user.
But what about physical endpoint security like laptops, desktops and removable storage devices? Just because these types of hardware might represent a more traditional network perimeter, physical endpoint security is no less important today than it ever was. If a hacker finds a way to get his hands on a laptop that has important files from your network on it, you could be facing disaster. Learn about endpoint security best practices by checking out the tips below.
Exchange Server E-Mail Compliance Guide
Posted in: Messaging, Security by thirdoctet on | No Comments
mail-compliance management is a messaging security issue that every Exchange Server administrator needs to understand, along with the many regulations and litigation concerns that drive it. Get your company’s email-compliance efforts up-to-date with these articles, tips and tutorials. Learn how Sarbanes-Oxley Act (SOX), HIPAA and other important federal regulations work, how to plan and set up corporate email-archiving policies, and how to shop for and implement email-compliance software tools.