Showing posts with label Network Security. Show all posts
Showing posts with label Network Security. Show all posts

Wednesday, January 23, 2013

10 System Admin Tools to Help You Secure Your Network


System admins are frequently bombarded with security concerns, requests, alerts, news items, “did you see this?!” emails, and more. Keeping up with all the aspects of network security can seem like an overwhelming task, but in this post we’re going to look at ten tools a system admin can use to help secure their network. Some you may be familiar with, like network security software, while others may come as a surprise, like your email client; but all will help you to stay ahead of the bad guys, keep yourself informed of the latest threats, and maintain the security of your network.

1. Network security software
When we talk about network security software, we’re talking about a class of product more than any specific tool, and how important it is for you to have an application or small group of applications that can help you to accomplish most of your tasks. There are simply too many things for any one admin to do by hand, and network security software applications help to automate the heavy lifting and ensure that you can keep up with the workload. Look for network security software that multitasks. Think about it as a Swiss Army knife of software packages that includes many of the other items on this list.

2. Vulnerability scanner
A good vulnerability scanner is a key part of any toolkit, and should be used by server admins and security engineers alike. The top network security software apps will include a scanner that has a database of the thousands of vulnerabilities that could exist on your network, so that you can quickly, easily and regularly scan your network to ensure you systems are up-to-date, configured properly and secured.

3. Port scanner
A port scanner is another regular tool that should be in your network security software application. Attackers regularly scan your Internet connection looking for ways in and so should you. But you should also scan internally so you can find unauthorized services or misconfigured systems, and to validate your internal firewalls are set up correctly.

4. Patching software
Patching operating systems and third party applications is one of the most important, regularly recurring tasks a sys admin has. Network security software that can automate this, and handle the hundreds of other applications on your network, is the only realistic way you can keep up with this.

5. Auditing software
Auditing software may strike you as a strange recommendation at first, but consider all those apps you are trying to patch. How can you be sure you have no vulnerabilities on your systems if your users can install anything on your systems? How are you going to maintain licensing compliance if you don’t know who has installed what from \software? Network security software may also include software and hardware inventory components to help you stay informed and secure.

6. Secure remote clients
Telnet, older versions of PCAnyWhere and several of the web-based remote access apps that are out there all have a common issue - they’re not secure. Use SSH v2 or later for secure access to all CLI-based systems, and the most secure versions of Remote Desktop Protocol to manage Windows boxes. Using strong encryption, good passwords, lockout policies and, when possible, mutual authentication between client and host, will help to ensure no one sniffs credentials or brute-forces their way into a system. If you have two-factor authentication in your environment, ensure that every system possible uses it to further reduce your risk from unauthorized access.

7. A good network analyzer
Whether you like the open source WireShark, the free Microsoft tool NetMon, or one of the many other commercial network analysis tools, having a good “sniffer” is key to helping secure and analyze systems. There is simply no way that’s more effective to figure out just what is going on between networked systems than to see the traffic first hand.

8. Network tools
Whenever you are dealing with connections from foreign systems, you will find the need to check network addresses, routes and more. Having good tools like DIG, WHOIS, HOST, TCPING and others close at hand makes network evaluation a breeze.

9. Log parsing software
Securing systems means going through logs; lots of them. Web logs, access logs, system logs, security logs, SNMP logs, syslog logs – the list goes on and on. Having software that can quickly and easily parse through logs is critical. Everyone has their favorite. Some install locally like LogParser, while others run on servers like Splunk. Whichever you prefer, get a good log parser to help wade through what can be millions of entries quickly and easily so you can find events you need to check.

10. Your email client
Knowledge is power, and the best way to amass that knowledge is to stay informed. Whether you subscribe to email bulletins, security alerts, or RSS feeds, your email client can provide you the first indications that something new is out there, and also what you need to do to protect your systems from the threat. Zero day exploits, out of band patches, best practices and more, can all be yours if you simply join the right distribution lists and subscribe to the right lists.

These 10 system admin tools are a great start towards building your toolkit for security. Network security software plays a major role in this toolkit, which you supplement with other tools and the information you need to maintain a secure environment.

This guest post was provided by Emmanuel Carabott on behalf of GFI Software Ltd. Learn more about the importance of a secure business network by downloading the free eBook: A first aid kit for SysAdmins. All product and company names herein may be trademarks of their respective owners.
Continue   Reading>>

Friday, November 4, 2011

Find If A Website Is safe To Open or not using Online sites and Tools



In last post, we explained how to check if the site is safe or not using the McAfee Advisor.  Now i am going to introduce some other sites and tools for testing the site is safe to open or not.

Websites To check sites:

Norton Safeweb:
Norton Safeweb is free online application provided by Norton Security. It works same in way as McAfeeAdvisor.
You can check the site safety here:
http://safeweb.norton.com/

Google Safe Browsing:
Google safe browsing will analyze the site for malware.  It will also report the status of site in past months.
URL to Check:
www.google.com/safebrowsing/diagnostic?site=www.google.com
replace the www.google.com with your target site.

If you manually find any sites spreading malware, you can report here:
http://www.google.com/safebrowsing/report_badware/

AVG Link Scanner:
AVG Link Scanner is free tool that also works like a McAfeeAdvisor.

  • Checks each web page in real time before it opens on your computer
  • Automatically updates whenever a new threat is discovered 
Download it from here:
http://linkscanner.avg.com/

Don't forget to check your own site frequently. Attackers can inject malicious script in your site also.
Continue   Reading>>

How to check if a website is safe to use or not? | McAfee SiteAdvisor


Cyber world is most risky world.  Here you may not know you are being attacked until your system completely destroyed or your data stolen.

if you trust whatever you website you see in Internet, then your data and system are in risk.  Website can spread malwares , this malware can infect your system without your knowledge.  In order to get protection from those sites, we have to identify harmful sites.  Here i am going to introduce McAfee SiteAdvisor. 

McAfee SiteAdvisor:
McAfee SiteAdvisor is free tool provided by McAfee to test the site safety against malware. It notifies you about potential threats and dangerous websites (adware, spyware, spam, viruses and even scams)

Install the SiteAdvisor Addon from here(chrome,Firefox):
http://www.siteadvisor.com/download/windows.html

How to use?
Whenever you search in Internet, Use McAfee Secure Search.  This will display list of sites with rating icons.  This will helpful to identify potentially dangerous sites.

If you don't like to use Addon, you can manually check the site in this site:
http://www.siteadvisor.com


Alert:
An attacker can infect your trusted websites. In internet, you should not blindly trust websites. Even facebook can be infected my malware( it is not going to happen ). So be careful. if you want proof, then check this news: 350,000 sites infected
Continue   Reading>>

Thursday, November 3, 2011

How to Hide email address when sending mail to Multiple Recipients


Recently, i got mail from my Institute(where i learned Java) regarding the Interview. when i look into the To address, it includes other email address (including girls email address).  This is not big matter when you send mail within organization. What if suppose you send to others.

Just for fun:
Just imagine you have two girl friends.  Forwarding some interesting mail to both.  If anyone notice the To address, then you will end up in hospital. 

 If you like to hide email address from other recipients while sending to multiple recipients, this article will explain how to do.  I believe this will helpful for organization and those who concerned about Security.

How to do?
It is very simple.

Whenever you send mail to group of mails, fill the mail address in BCC field instead of To field (leave the To field empty).

BCC is expanded as Blind Carbon Copy.



The receiver will see sender and his address.
He can't see others address.
Continue   Reading>>

Wednesday, November 2, 2011

Could Your Bad Password Habits Come Back To Haunt You?



According to Business Insider, the CEO of a major social network used its trusted database of user passwords in order to hack into one of its user’s email accounts. The hack was based on the guess that this user probably accessed all of their accounts using the same password.

Although the cloud has provided us with some amazing new tools, it’s also created the need for increased end-user education and policy enforcement.

Yes, it’s true that nearly all cloud providers act ethically. They invest heavily in security as a means of protecting their reputations. But also, there are laws which strictly dictate how they must handle and protect their client data.

In fact, most data leaks and privacy breaches are the result of “insider jobs” by people who had physical access to the victim’s computer or storage media. (It would be much easier for me to steal your laptop from your home, than for me to break into Google’s datacenter and steal the hard drive that stores your Gmail content).  But it only takes one bad apple or one security leak to put your password into the wrong hands. And once that happens, then all of the other accounts which depend on this password will be compromised.

There are a number of ways that you can protect yourself from the possibility of having your password stolen in this manner.

One simple way would be to make use of sites which feature single sign-on (such as OpenID), or where a single login would let you access multiple services (like your Google account). There are also a number of specialized apps which let you manage multiple online accounts from a single interface.This has the advantage that your credentials are only stored in a single central repository. (Every time you make a copy of a password, the chances of a data breach go up).  Of course, this still leaves you open to a breach in the event that someone steals your password, but at least it makes such breaches more difficult. Also, such a breach might leave suspicious activity patterns that could get flagged and blocked. (ex: Many SaaS providers can block or flag access coming in from a anonymizing proxy)

The ideal scenario would be to have some sort of multi-factor authentication that requires access from a specified IP address. At the moment, only a few SaaS apps offer this ability.

If you choose to aggregate your credentials in this manner, you should only do so for low-priority online services. Any services that require the handling of sensitive information should have their own dedicated unique highly-random passwords.

Another method for managing multiple accounts using a single set of credentials would be to use a single password which is scrambled using a hint that is unique to the account in question. For example, a user whose password is “pUpp1e5” could combine this password with the web site name and create an MD5 hash where the first 10 characters would be the new password.  So the password+site string “pUpp1e5 salesforce.com” might hash to “50f49dd6f3f838fb74ca1b7de5898c48”. And the new password would be 50f49dd6f3.
But the absolute best way to prevent you passwords from being used against you would be to generate and memorize completely random passwords for every account you open. Although this takes a bit of discipline, it’s not as hard as it sounds.

Many people will rely on mnemonic systems which turn these passwords into easy-to-visualize sentences.
For example:
“Y!14gtP” could be turned into “Yolanda surprised 14 green turtles named Peter”
Although these mnemonic systems are ok for short-term memorization, I’ve found that their effectiveness is overrated. For a number of reasons - which would take too long to go into for this article – I find that there’s no substitute for good old-fashioned memorization through repetition.

Here is a technique that works for me.
  • Step 1: Generate a random password and memorize it mnemonically or write it down somewhere safe. (Maybe an encrypted file)
  • Step 2: Log in and out 5 times in a row to build muscle memory.
  • Step 3: The next day, log in and out again 5 times using the new password.
  • Step 4: One week later, log in and out again 5 times using the new password.
You can now go ahead and destroy the written or saved copy of the password. By this point, you should have the password memorized for life. (Or until you’re ready to change it again)
Now that we’re living in the “cloud age”, users need to be more aggressive than ever when it comes to maintaining effective password management habits.
About The Author:
For over ten years, Storagepipe has been providing online server backup services that help companies maintain the safety, security and confidentiality of their private data.

Continue   Reading>>
Older Post Home
 

© Break The Security. Copyright 2008 All Rights Reserved Revolution Two Church theme by Brian Gardner Converted into Blogger Template by Bloganol dot com