Jeff Orloff's Blog
Posted by Jeff Orloff
In a previous article, I addressed the issues of Social Engineering and how to secure a computer network. But as more and more people ask me about netowrk security, I realized that many of them don't understand the basic terms I am using.
I put together a short list of terms that come up in conversations that center around security. I figure if this can help lay a foundation for non-technical people to build from, they may be more inclined to learn more about network security practices.
You can read the list of terms here here. Feel free to request any terms you may be unsure about in the discussion area and I'll have their definition posted asap.
Posted by Jeff Orloff
A more recent TV for Apple portrays the Windows operating system as a man plagued by viruses and other problems. They are not the only ones who portray Windows in a negative light. Read up on some of the more technical blogs and you will find a host of postings blasting Windows approach to security.
Trus, networks running Windows are much more prone to have issues from patch Tuesdays to Blue Screens of Death, however much of the security related issues can be resolved for home networks by simply taking a few minutes to protect your computers.
When people first bring a new computer into the home, most are so anxious to get on the Internet that they don't realize what they are doing is connecting to the most unsecured computer network in the world. In response to this, Microsoft has turned on the firewall feature on every computer since its release of Service Pack 2. But what of the millions of computers that are running XP without SP2?
For them, my most recent article [a href="http://computernetworking.suite101.com/article.cfm/the_windows_xp_firewall">The Windows Firewall may offer a bit of help. Here, I walk the user through the steps necessary to turn on the Windows firewall and better secure their computers.
Posted by Jeff Orloff
"The free Debian-based Ubuntu distribution of Linux, launched in 2004 by South African dot-com billionaire Mark Shuttleworth, has already attracted millions of individual desktop users. But with the "Dapper Drake" release of Ubuntu set to ship next month, Ubuntu will make its first foray into the enterprise data center. That release will now support Sun's "Niagara" T1000 and T2000 servers in addition to Intel and Advanced Micro Devices Inc.'s x86 servers and IBM's Power-based servers." -IDG New Service
Looks like the enterprise computing arena just grew by leaps and bounds. Recently, I wrote about Sun's power saving servers in this post. Now it looks like we have to expand a bit. Ubuntu Linux from Canonical Ltd. is not only the fastest growing distribution of Linux for home users, but now is poised to steal some of Linux heavyweight Red Hat's thunder.
What does this mean for enterprise networks? Well, Ubuntu has promised on thier website that their software will always be free. And every 18 months, rain or shine, there is an update published. Look for more on this development in the coming weeks!
Posted by Jeff Orloff
Working in computer networking, the though of running out of IP (internet protocol) addresses never crossed my mind. I can honestly say I never thought about it. Reading up on IPv6, I see how this has become a big concern. In a recent article, IPv6 I discuss how given there are 6.5 billion people in the world, IPv4 simply cannot handle the addressing demands that are being placed on it.
Enter IPv6. IPv6 not only alleviates the stress on the addressing demands, but promises to make computer networks run faster, and require less maintenance.
Posted by Jeff Orloff
It seems like every day at least one story pops up in the news about cybercrime. Recently, the FBI has estimated that cybercrim costs us $67 Billion a year. Legislation tries to put a halt to the rise in cybercrime, yet since many of the perps come from overseas (predominately eastern europe), the costs to prosecute and extradite those under investigation are too high for law enforcement to incumber.
That is where we come in. As businesses and consumers, the cost of these crimes gets passed on to us. Everytime a corporate network installs a security device that runs in the tens of thousands, every time they bring on a high priced security consultant, every time they suffer a breach, we wind up paying for it. It would be easy to blame corporate greed for this, but in actuality, it is end user carelessness.
In the computer networking section, there are currently two articles that help users understand how to be less careless. By taking the time to utilize network resources properly, we put our organization, and others, at less risk.
In Secure the Network we look at ways that a computer network can be protected against malicious intruders. End users can find this helpful in knowing what defenses their network may have in place.
In Social Engineering, we look at ways end users are taken advantage of and what they can look out for when a malicious hacker tries to solicit vital information from them.
Posted by Jeff Orloff
Recently, Sun Microsystems released its newest chip on the block, the UltraSPARC T1. The UltraSPARC makes use of multithreading technology (the ability to run more than one part or "thread" of a program at a time) having the ability to run four threads per core. Their new server, the T2000 using a processor with 8 cores can run up to 32 threads simultaneously. To those who I lost at the term multithreading, that's alot of computing power. Database servers, multimedia content servers, application servers, anything that runs labor intensive services, is going to be much happier running on this technology.
Not only is this server a power house, but it also appears to be a power saver. Running on 70 watts of electricity compared to the 150 watts utilized by IBM and Intel chips, the UltraSPARC seems to be easier on the wallet as well.
It will be interesting to see where this goes in the future. Any comments are welcomed!
Posted by Jeff Orloff
Computers and networks infected with the Cryzip/Zippo.a virus run the risk of having Word documents (.doc) and 43 other files types locked until the owner pays a $300 ransom to one of 99 bank accounts. Once the ransom is paid, the user receives a password to unlock the files.
This type of malware, referred to as Ransomware, is rare but is starting to show itself more and more. Last May, a California based company found a piece of ransomware demanding a $200 fee.
Users infected with the Cryzip/Zippo.a trojan can use the following password to unencrypt their files:
C:\Program Files\Microsoft Visual Studio\VC98
This password was verified by both Sophos and LURHQ anti-virus vendors. Removal tools for the trojan and other information can be found:
Posted by Jeff Orloff
One way that I used to find information about Event IDs and Knowledge Base articles was using Google or another search engine. Just the other day I was turned on to a tip that lets me type the Event ID or Knowledge Base number into my Internet Explorer bar. Rather than having to sift through all of the other "findings" that a search engine gives me, this tip takes me directly to the article I am looking for.
Open up the registry for editing and scroll down to:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl
Create a new subkey called KB and under this subkey create a new string value with the folowing data:
http://support.microsoft.com/?kbid=%s
Close the registry editor and open up Internet Explorer. In the address bar type KB 875357 (or any other Knowledge Base number) and the page will open. You can do the same thing for other search queries, for example EventID.net. Copy and paste the following into Notepad and save as SearchURL.reg and then import it into your registry.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\KB]
@="http://support.microsoft.com/?kbid=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\ID]
@="http://eventid.net/display.asp?eventid=%s"
Hope this helps!
CAUTION - This tip involves making changes to the Windows Registry. If you are not familiar with doing this, please read up on this process prior to attempting to perform this edit. Making changes to the Windows Registry can cause problems for your computer.
Posted by Jeff Orloff
In a recent article, I discuss the problems that arise from zombies and botnets. A zombie being a computer that has been comprimised by a malicious hacker to preform malicious actions against other computers. A collection of these zombies are referred to as botnets.
The link here is fromteh Washington Post and provides a great graphical step-by-step on how these botnets are created. Is it a tutorial on comprimising network computers? Not at all. What it does provide is a reference on how one mistake could wind up comprimising a network of computers.
http://www.washingtonpost.com/wp-dyn/content/custom/2006/02/17/CU2006021701353.html