Tuesday, December 9, 2008

Fretting about POWER COSTS... Help is here..-> LANDesk Power Manager



Don't fret and fume over those rising power costs....

Don't worry about Green I.T. initiative audits???

Want to know how... just click on the image and you will learn the solution implemented by Venky..

Tuesday, November 11, 2008

Worried About Handling those numerous network devices...Wish that you had a single window to control them... Hitch on to NAC


What is Network Access Control?
Network Access Control is a set of protocols used to define how to secure the network nodes prior to the nodes accessing the network.
It is also an approach to computer network security that attempts to unify endpoint security technology (such as antivirus, host intrusion prevention, and vulnerability assessment), user or system authentication and network security enforcement.
Network Access Control (NAC) aims to do exactly what the name implies: control access to a network with policies, including pre-admission endpoint security policy checks and post-admission controls over where users and devices can go on a network and what they can do.

Benefits of Network Access Control

Some of the key benefits are:
• Automatic remediation process i.e fixing non-compliant nodes before allowing access.
• Allowing the seamless integration of network infrastructure such as routers, switches, back office servers and end user computing equipment to ensure the information system is operating securely before interoperability is allowed.
• Mitigation of zero-day attacks
The key value proposition of NAC solutions is the ability to prevent end-stations that lack antivirus, patches, or host intrusion prevention software from accessing the network and placing other computers at risk of cross-contamination of network worms.
• Policy enforcement
NAC solutions allow network operators to define policies, such as the types of computers or roles of users allowed to access areas of the network, and enforce them in switches, routers, and network middleboxes.
• Identity and access management
Where conventional IP networks enforce access policies in terms of IP addresses, NAC environments attempt to do so based on authenticated user identities, at least for user end-stations such as laptops and desktop computers.

To know more on “The options available”, please contact Ms. Leela on (+91) 97314-00693.
Alternatively you could drop in a word at: leela@22by7.in , sigma@22by7.in and we would be glad to touch base with you.

Tuesday, October 28, 2008

Unified Storage... Simplified for YOU


What is Unified Storage?

Unified storage (sometimes termed network unified storage or NUS) is a storage system that makes it possible to run and manage files and applications from a single device. To this end, a unified storage system consolidates file-based and block-based access in a single storage platform and supports Fibre Channel SAN, IP-based SAN (iSCSI), and NAS (network attached storage).

How is it implemented in practice?

Unified storage is often implemented in a NAS platform that is modified to add block-mode support.

Benefits:

· Simultaneously enables storage of file data and handles the block-based I/O (input/output) of enterprise applications.

· Reduced hardware requirements – Instead of separate storage platforms, like NAS for file-based storage and a RAID disk array for block-based storage, unified storage combines both modes in a single device.

· Easy to administer since there is only a single device to be deployed.

· Lower Capital expenditures for the enterprise.

· Simpler to manage.

· Advanced features like storage snapshots and replication.

· Unified storage systems generally cost the same and enjoy the same level of reliability as dedicated file or block storage systems

Tuesday, September 30, 2008

Data loss is inevitable... R U Ready For It


No organization that depends on technology and stores data can afford to be without a Disaster Recovery strategy and a backup infrastructure.

Disaster recovery is the process, policies and procedures of restoring operations critical to the resumption of business, including regaining access to data (records, hardware, software, etc.), communications (incoming, outgoing, toll-free, fax, etc.), workspace, and other business processes after a natural or human-induced disaster.

A disaster recovery plan (DRP) should also include plans for coping with the unexpected or sudden loss of communications and/or key personnel. Disaster recovery planning is part of a larger process known as business continuity planning (BCP). With the rise of information technology and the reliance on business-critical information the importance of protecting irreplaceable data has become a business priority in recent years. Hence there is a need to backup your digital information to limit data loss and to aid data recovery.

Knowing what you need is half the battle and you can't know what you need until you have an understanding of what is critical. The basic question must be, "If the business has to run on a minimal set of applications and infrastructure, what would those applications and support systems be?"

Weigh the amount of risk you're willing to take against the kind of damage a disaster could do to business against the cost of varying levels of disaster readiness.

Accurate baseline information about your systems will get you on the road to Disaster Recovery. Once there, consider your options. If you have multiple, geographically diverse offices, consider having them back up one another. A little extra hardware and some form of disk-to-disk replication will set you up. Remember to budget time and resources for testing--when you need it is not the time to find out your data isn't replicating.

How long can you afford to be down? Get an idea, of the cost of downtime to cost of restoration. Don't forget to account for whether you have to restore from tape, or are willing to allow disk-to-disk backups to your provider. Disk-to-disk will make your recovery a lot faster than if you have to courier tapes from your tape storage location to the Disaster Recovery site.

Disaster Recovery Strategies
Mentioned below are a few of the most common strategies for data protection.
• Backups made to tape and sent off-site at regular intervals (preferably daily)
• Backups made to disk on-site and automatically copied to off-site disk, or made directly to off-site disk.
• Replication of data to an off-site location, which overcomes the need to restore the data (only the systems then need to be restored or synced). This generally makes use of Storage Area Network (SAN) technology
• High availability systems which keep both the data and system replicated off-site, enabling continuous access to systems and data.

Organizations must also implement precautionary measures, some of which are listed below with an objective of preventing a disaster situation in the first place:

• Local mirrors of systems and/or data and use of disk protection technology such as RAID
• Surge Protectors — to minimize the effect of power surges on delicate electronic equipment
• Uninterruptible Power Supply (UPS) and/or Backup Generator to keep systems going in the event of a power failure
• Fire Preventions — more alarms, accessible fire extinguishers
• Anti-virus software and other security measures

References
1. Buchanan, Sally. "Emergency preparedness." from Paul Banks and Roberta Pilette. Preservation Issues and Planning. Chicago: American Library Association, 2000. 159-165. ISBN 978-0-8389-0776-4
2. Hoffer, Jim. "Backing Up Business - Industry Trend or Event." Health Management Technology, Jan 2001

Tuesday, September 23, 2008

Handle Daily Internet Usage cost effectively... with Link Balancers.

Link Balancing commonly referred to as dual WAN routing or Multihoming, Network Load Balancing is the ability to balance traffic across two WAN links without using complex routing protocols.

A Link Balancer is an affordable and powerful solution for routing and managing traffic across multiple Internet connections. Designed to scale for high bandwidth requirements and provide business continuity for an organization of any size, it optimizes the use of multiple Internet links, such as T1s, T3s, DSL and cable connections from one or multiple Internet service providers. Capable of automatic failover in the event of link failure, the Link Balancer helps assure that your network is always connected to the Internet.

This capability balances network sessions like web, email, etc over multiple connections in order to spread out the amount of bandwidth used by each LAN user, thus increasing the total amount of bandwidth available. Example: A user has a single WAN connection to the Internet operating at 1.5Mbit/s. They wish to add a second broadband (Cable, DSL, Wireless) connection operating at 2.5Mbit/s. This would provide them with a total of 4Mbit/s of bandwidth when balancing sessions.

Advantages to your Business/Organization:



• Aggregates Internet connection links
• Automated failover
• Bandwidth management
• Quality of Service (QoS) for Internet applications
• Traditional firewall
• Reduces the need to purchase multiple high speed and high cost links to handle the daily Internet usage.
• Provides Network Redundancy.

References: Wikipedia
Barracuda Networks Inc.

Image Reference: www.searchsecurity.de

Thursday, September 18, 2008

Outstanding Performance - Technical Support



Mr.Amarnath Reddy,Senior Engineer - Security Solutions has been awarded with the "Outstanding Performance - Technical Support" National Award from FORTINET INC for the year 2007-08.

Mr Vinay M.S-Principal Architect-Security Solutions is seen receiving the award at Kuala Lumpur, Malaysia on his behalf.

Friday, August 29, 2008

Walking the Network Tight Rope made easier... With Load Balancers


Load Balancing is defined as a process and technology that distributes site traffic among several servers using a network based device. This device intercepts traffic destined for a site and redirects that traffic to various servers.
It is a technique to spread work between two or more computers, network links, CPUs, hard drives, or other resource. in order to get optimal resource utilization, throughput, or response time. Using multiple components with load balancing, instead of a single component, may increase reliability through redundancy. The balancing service is usually provided by a dedicated program or hardware device (such as a multilayer switch). It is commonly used to mediate internal communications in computer clusters, especially high-availability clusters. This process is completely transparent to the end user.

Benefits of Load Balancing:

- Optimal resource utilization
- Better throughput and response time
- Increases reliability through redundancy
- Streamlining of data communication
- Ensures a response to every request
- Reduces dropping of requests and data.
- Offers content aware distribution, by doing things such as reading URLS, intercepting cookies and XML parsing.
- Maintains a watch on the servers and ensures that they respond to the traffic. If they are not responding, then it takes them out of rotation.
- Priority activation: When the number of available servers drop below a certain number, or load gets too high, standby servers can be brought online.
- SSL Offload and Acceleration reduces the burden on the Web Servers and performance will not degrade for the end users.
- Distributed Denial of Service (DDoS) attack protection through features such as SYN cookies and delayed-binding to mitigate SYN flood attacks and generally offload work from the servers to a more efficient platform.
- HTTP compression: reduces amount of data to be transferred for HTTP objects by utilizing gzip compression available in all modern web browsers.
- TCP buffering: the load balancer can buffer responses from the server and spoon-feed the data out to slow clients, allowing the server to move on to other tasks.
- HTTP caching: the load balancer can store static content so that some requests can be handled without contacting the web servers.
- Content Filtering: some load balancers can arbitrarily modify traffic on the way through.
- HTTP security: some load balancers can hide HTTP error pages, remove server identification headers from HTTP responses, and encrypt cookies so end users can't manipulate them.
- Priority queuing: also known as rate shaping, the ability to give different priority to different traffic.
- Client authentication: authenticate users against a variety of authentication sources before allowing them access to a website.
- Firewall: Direct connections to backend servers are prevented, for security reasons

References: Server Load Balancing by Tony Bourke
Wikipedia

Image Reference: http://images.newsfactor.com/images/id/4443/story-data-012.jpg

Monday, August 25, 2008

Keep unwanted mail away with Email filtering


Email filtering is the processing of e-mail to organize it, according to specified criteria. Most often this refers to the automatic processing of incoming messages, but the term also applies to the intervention of human Intelligence in addition to anti-spam techniques, and to outgoing emails as well as those being received.

Email filtering software takes emails as input. For its output, it might pass the message (though unchanged) for delivery to the user's mailbox, redirect the message for delivery elsewhere, or even throw the message away. Some mail filters are able to edit messages during processing.

Common uses for mail filters include removal of spam and of computer viruses. A less common use is to inspect outgoing e-mail at some companies to ensure that employees comply with appropriate laws. Users might also employ a mail filter to prioritize messages, and to sort them into folders based on subject matter or other criteria.

Advantages:

1. Defend against inbound threats

2. Prevent data leakage through emails

3. Encrypt sensitive information

4. Help in analyzing messaging infrastructure.


References: Wikipedia
Inputs from Gerry Tucker. Director- Sales, APAC Proofpoint systems

Monday, August 18, 2008

Increase Productivity.... Implement a SSL VPN



What is a SSL-VPN?

SSL-VPN stands for Secure Socket Layer Virtual Private Network. It is a term used to refer to any device that is capable of creating a semi permanent encrypted tunnel over the public network between two private machines or networks to pass non-protocol specific, or arbitrary traffic. This tunnel can carry all forms of traffic between these two machines meaning it is encrypting on a link basis, not on a per application basis.

It is a mechanism provided to communicate securely between two points with an insecure network in between them.

Benefits of using SSL VPN:

· Improves work force productivity since Employees and contractors can perform tasks even when not physically present in their usual work facilities.

· Easy deployment since it does not require any special client software to be installed.

· Provides more security options.

· Improved manageability due to highly configurable access control capabilities, health checks etc.

· Lowers costs because of the Increased self-service capabilities for conducting business with outside parties such as suppliers and customers. Employees can work remotely on a regular basis (e.g., IT consulting) thereby allowing the organization to maintain less office space (and save money).

· Increased self-service capabilities for suppliers improve their efficiency, yielding better-negotiated service/product rates.

· If remote access is used as part of business-continuity strategy, fewer seats may be necessary at disaster-recovery/business-continuity facilities than if all workers must work at the secondary site.

References: http://www.sans.org/reading_room/whitepapers/vpns/1459.php
http://sslvpnbook.packtpub.com/chapter6.htm

Thursday, August 14, 2008

Identify ME!! Securing Your Future with Two- Three Factor Authentication



What is Authentication?

Authentication (from Greek αυθεντικός; real or genuine, from authentes; author) is the act of establishing or confirming something (or someone) as authentic, that is, that claims made by or about the thing are true. This might involve confirming the identity of a person or assuring that a computer program is a trusted one.

What is an Authentication Factor?
An authentication factor is a piece of information and process used to authenticate or verify a person's identity for security purposes.

What is Transactional Authentication?
Transaction authentication generally refers to the Internet-based security method of securely identifying a user through two or three factor authentication at a transaction level, rather than at the traditional Session or Logon level.

Types of Factor Authentications:

1. Two Factor Authentication: Two-factor authentication is a security process in which the user provides two means of identification, one of which is typically a physical token, such as a card, and the other of which is typically something memorized, such as a security code. In this context, the two factors involved are sometimes spoken of as something you have and something you know. A common example of two-factor authentication is a bank card: the card itself is the physical item and the personal identification number (PIN) is the data that goes with it.

2. Three Factor Authentication: is a security process in which
the user has to provide the following three means of identification:
• Something the user has (e.g., ID card, security token, software token)
• Something the user knows (e.g., a password, pass phrase, or personal identification number (PIN))
• Something the user is or does (e.g., fingerprint or retinal pattern, DNA sequence, signature or voice recognition, unique bio-electric signals, or any other biometric identifier)

A few examples of the factors that could be used as SOMETHING THE USER HAS:

Tokens: The most common forms of the 'something you have' are smart cards and USB tokens. Differences between the smart card and USB token are diminishing; both technologies include a microcontroller, an OS, a security application, and a secured storage area.
Biometrics: Vendors are beginning to add biometric readers on the devices, thereby providing multi-factor authentication. Users biometrically authenticate via their fingerprint to the smart card or token and then enter a PIN or password in order to open the credential vault.
Phones: A new category of T-FA tools transforms the PC user's mobile phone into a token device using SMS messaging or an interactive telephone call. Since the user now communicates over two channels, the mobile phone becomes a two-factor, two-channel authentication mechanism.
Smart cards
Smart cards are about the same size as a credit card and perform both the function of a proximity card and network authentication. Users can authenticate into the building via proximity detection and then insert the card into their PC to produce network logon credentials. They can also serve as ID badges.
Universal Serial Bus
A USB token has different form factor; it can't fit in a wallet, but can easily be attached to a key ring. A USB port is standard equipment on today's computers, and USB tokens generally have a much larger storage capacity for logon credentials than smart cards.
OTP Token: Some manufacturers also offer a One Time Password (OTP) token. These have an LCD screen which displays a pseudo-random number consisting of 6 or more alphanumeric characters (sometimes numbers, sometimes combinations of letters and numbers, depending upon vendor and model). This pseudo-random number changes at pre-determined intervals, usually every 60 seconds, but they can also change at other time intervals or after a user event, such as the user pushing a button on the token. Tokens that change after a pre-determined time are called time-based, and tokens that require a user event are referred to as sequence-based (since the interval value is the current sequence number of the user events, i.e. 1, 2, 3, 4, etc.). When this pseudo-random number is combined with a PIN or password, the resulting pass code is considered two factors of authentication (something you know with the PIN/password, and something you have from the OTP token). There are also hybrid-tokens that provide a combination of the capabilities of smartcards, USB tokens, and OTP tokens.

Advantages Of using 2/3 Factor Authentication:
1. Drastically reduce the incidence of online Identity Thefts, phishing expeditions and other online frauds.
2. Ensures that you have a very strong authentication method in place.
3. Increases the confidence and trust levels of the users interacting with your network.
4. Adheres to the compliance rules of various standards especially if you are in the financial domain.
5. Ensures that you have sufficient levels of security to thwart any attacks on your network.
6. It allows you to provide secure remote access to your network.

Reference: Wikipedia.
Image Source: www.koshatech.com/images/solutions_img.jpg
www.info.gov.hk/.../images/2_factors.jpg

Tuesday, August 5, 2008

Keeping Away the Peeping Toms...With Mail Encryption



KEEP AWAY PEEPING TOMS… WITH EMAIL ENCRYPTION.
If you are mailing a Cheque/DD to somebody or a very important document to a family member or to your customer, do you send it by ordinary post? NO, in all probability you would either send it by courier or by registered post to ensure that the packet reaches the hands of the right and intended person only. Moreover, you will ensure that the envelope holding these items is not transparent or easily tamperable. This will help you to obfuscate or hide the contents even better. To ensure that it has been received by the intended person, you ask for an acknowledgement, the date when the delivery has taken place etc.

Why then would you send personal or confidential information in an unprotected email?

Why do I need to encrypt my emails?

Sending information in an unencrypted email is the equivalent of sending a cheque/DD in an unsealed envelope or writing confidential information on a postcard for all to see. This will allow anybody and everybody to take advantage of such information and use it to defraud us. We are all sure that none of us would like to encounter such a situation.

While in transit, e-mail messages are sent through one or more mail transfer agent servers until it reaches the destination e-mail server. Someone with access to this server can easily intercept and read the e-mail message. In addition, e-mail messages that travel through these mail transfer agent (mta) servers are very likely stored and backed up even after delivery to the recipient, and even if the recipient and the sender have deleted their copies of the message. This stored copy of the e-mail may be subject to snooping in the future, and persist indefinitely.
Additionally, the internet makes it easy to “spoof” the sender field of an email message, allowing nefarious individuals to misrepresent their identities. This has led to a phenomenon known as “phishing” and other forms of attacks over e-mail, underscoring the importance of the recipient being able to reasonably authenticate the sender's identity. That is the reason why we need to ENCRYPT OUR MAILS.

Techniques used to encrypt emails:
1. Symmetric Crypts: both recipient and sender share a common key or password that is used to decrypt/encrypt the message.

2. Asymmetric Crypts: here there are two keys used. One is a public key that can be shared with everyone and to encrypt the message. The other is the private or secret key known only to the recipient and used to decrypt the message. Both the keys are required in a transaction here.

E-mail encryption design approaches

1. The Client-Based Method suggests that the sender of the email should be responsible for e- encryption.

2. The Gateway-based Method suggests that the organization is responsible for e-mail security, and encryption should be performed on a server operating on the corporate network, based on the security and regulatory compliance needs of the company and its industry vertical.

Methods of Message Retrieval
1. The “in box” delivery model: the encrypted e-mail is delivered to the user’s email inbox, where they can open the encrypted message after providing the appropriate password or credentials.

2. The “mail Box” model: the user receives an e-mail with a hyperlink to the encrypted message. The user then follows the hyperlink to arrive at a website where they submit their credentials and are then able to view the decrypted message.

Standard approaches to e-mail encryption
The need for e-mail encryption has lead to a variety of solutions – some from standards bodies, and some from the marketplace. Below are a few of these approaches:

1. S/MIME : S/MIME (Secure/Multipurpose Internet Mail Extensions) is a standard for public key encryption signing e-mail. S/MIME was developed by RSA Data Security, Inc. S/MIME provides the cryptographic security services for authentication, message integrity, and non-repudiation by combining a digital signature with encryption. Before S/MIME can be used in an application, the user must obtain and successfully install a unique key/certificate from a Certificate Authority (CA) or from a public CA. Encryption requires storing the destination party's certificate, a process that is typically automated when receiving a message from the party with a valid signing certificate attached.
2. PGP and OpenPGP: Pretty Good Privacy (PGP) is a standard that delivers cryptographic privacy authentication. The first version of PGP, by designer and developer Phil Zimmermann, was released as an open standard. Zimmermann and others have developed subsequent versions. Eventually, the PGP secure e-mail offering was adopted as an Internet standards-track specification known as OpenPGP. OpenPGP is now an open standard with PGP. PGP and OpenPGP require a client or plug-in. PGP uses both public-key cryptography and symmetric key cryptography.
3. PostX Registered Envelope Encryption and Security: The PostX Registered Envelope is a secure delivery model for PostX Envelope. The Registered Envelope uses online authentication for decryption key retrieval to provide secure auditable message delivery. The Registered Envelope delivers both the encrypted payload and necessary decryption code via an e-mail attachment to the recipient. E-mail payload is encrypted with a unique (per message) secure random session key. The session key is stored in the PostX KeyServer (and is not sent with the message itself).
4. Identity-Based Encryption: In the 1980’s, identity based encryption (IBE) methods were developed for e-mail by RSA and others to communicate securely in ad hoc environments. In this model, the e-mail address of the recipient is used to perform the e-mail encryption. In order to provide the strength of a password or authentication, identity-based encryption requires client software.
5. Pull solution: In this model, the recipient is pulled into a secure message inbox. In this inbox, the recipient can perform all of the e-mail functions in a branded environment.

Advantages:

1. Encrypting your email will keep all but the most dedicated hackers from intercepting and reading your private communications.

2. Using a personal email certificate, you can digitally sign your email so that recipients can verify that its really from you as well as encrypt your messages so that only the intended recipients can view it. This will help stem the tide of spam and malware being distributed in your name.

3. When your contacts receive an unsigned message with your email id spoofed, they will realize that its not from you and will delete it.

4. Protect your integrity and confidentiality.

5. It will also help you to adhere to the compliance rules of most standards.



Reference: Wikipedia, About.com.

Image Source: http://images.teamsugar.com/

Friday, July 25, 2008

PC LCM----> Your Virtual Assistant…

Are you a Sys Admin perplexed and tired of running around maintaining your systems…
Are you worried that the right patches have not been downloaded and installed….
Are you not aware of which licenses are about to expire and when?

Do not Despair… Just adopt a PC Life Cycle Management Solution and put all your fears to rest… Relax and Relish your work…

Properly managing an IT environment requires expertise and often takes significant amounts of time and effort. System administrators are responsible for providing their organizations with access to critical applications and services while ensuring that systems perform optimally and remain secure. Unfortunately, keeping pace with the frequency of changes in an IT environment of any size can be a daunting task. The problem is often more pronounced in midsize organizations, where system administrators are forced to juggle many responsibilities.

Issues such as deployment, monitoring, and updating computers can have a significant impact on organizations’ budgets (not to mention system administrators’ blood pressure).

While it might be possible to complete some tasks manually, the number of devices and applications that must be managed can quickly become overwhelming. Add in priorities unrelated to desktop lifecycle management, and help is sure to be welcome. The best solution for managing IT environments that are increasing in size and complexity is through automation.

It is here that PC Life Cycle Management Solutions step in and help you mitigate all the associated complications.

A typical PC Life Cycle Management Solution will do the following for you:

• Sophisticated MSI packaging
• Unattended remote client resets
• Comprehensive inventory-based distribution
• Global scheduling of jobs and executing them
• Intelligent multicast replication
• Complete system repair

• Drag and drop configuration management
• Backup/restore of user personality and locally saved data from a single PC
• Centralized reporting functions
• Native integration with the Directory services.
• Patch management to distribute patches and virus updates
• Bandwidth throttling
• Mandatory (push) and software request (pull) distribution
• Wake on LAN
• OS deployment
• A single Management console to manage all your devices
• Security Management
• Define process workflows to dynamically manage the devices on the network right from purchase to retirement

How does my organization and I benefit if we opt for a PC LCM?
• Reduces I.T. Labour and Asset ownership costs
• Adherence to both internal and external compliance standards.
• Consistent User Experience
• Centralized and Single Management Console reduces the strain on the Sys Admin
• Know what you have in your network and where in a jiffy.
• Up to date and current information about the health of your devices allows you to undertake preventive measures.
• Streamline the existing process and ensure that there is a common policy to handle unforeseen circumstances.
• Automatically update, deploy and manage the software on the clients.

References:
1. www.Microsoft.com : White paper on PC Life Cycle Management
2. www.Pactech.net/wininstall

Thursday, July 24, 2008

BACK UP, For The Sake Of Your Critical Data



Critical data is the lifeline of any business and hence needs to be archived. But what is the best way to do so? How long can this data be stored? And can lost data be recovered?

We look at some answers.

Key BenefITs

• Don’t lose any essential data.
• Comply with all audit and government requirements.
• Reduce storage costs, by moving data across a hierarchy of media.

Back up, For The Sake Of Your Critical Data

Every day, a huge amount of critical data is created in any business through its daily transactions with dealers, distributors, customers, employees, etc. There are also records like contracts, taxes, client contact details, etc, which are of immense importance. All this critical data needs to be preserved/archived for future reference. This is done by making a back-up of the data regularly, based on the requirements of the company. Most firms take daily back-ups of critical data. The back-up helps them when they need access to a file that was used a few months, or even years, ago.

“The business data, be it in paper or digital form, is the lifeline for any organisation. So, storing and backing it up carefully is of utmost importance to keep the lifeline always up,” justifies Arun Attri, IThead, Barista Coffee Company

Storage options

There are various methods of storing critical data. In general, back-ups are done to tape, with multiple back-up sets. Critical data is often backed up to disk storage and then moved to tape. When backed up to disk, the data restore time is less. The use of disk-based storage improves recovery time objectives (the time and service level within which a business process must be restored after a disaster), offers superior reliability and improves the efficiency of WAN Wide Area Network)-based remote back-up and replication. Disk storage is the best way to preserve data for longer periods of time. With data de-duplication in use, disk storage can offer the same economies as tape storage. “Data de-duplication is one emerging solution to the challenge of backing up exponentially growing volumes of data and preserving it for extended periods of time. Data de-duplication is a process that eliminates redundant data from the total volume of data that needs to be backed up. In doing so, it reduces both secondary storage requirements and network bandwidth needs,” adds P K Gupta, director, Asia Pacific & Japan (back-up, recovery and archive solutions), EMC Global Services. For example, when an e-mail with an attachment is received by multiple recipients within the organisation, data de-duplication ensures that only the first instance of the attachment is backed up. All other back-ups simply point back to the previously stored instance of the file.

For network-based solutions, the recommended method is using a centralised storage solution—the user’s data is stored to NAS (network attached storage) and then backed up to tape. Disks are expensive, so data is stored in tapes with multiple copies. Most firms use disks and tapes for critical data storage. “Tapes as well as disks are used for storage. We use HP-Tape Library (Ultrium-3)”, says Attri. Renny V Mathew, systems administrator, Avio Helitronics Infosystems, reveals, “We use LTO (linear tape open—a high performance magnetic tape storage technology) Gen 3, Symantec Backup exec 11d for server software, and Tandberg T24 Tape Library Single Drive with 12 tape slots.”

The frequency of back-ups

Daily and weekly back-ups of crucial data are the need of the hour. There are two main back-up methods: daily incremental and weekly full back-ups. “We take daily incremental and weekly full backups,” says Mathew. The daily, weekly or monthly back-up is stored and also tested regularly. Attri asserts, “We take incremental (daily) as well as full back-ups (weekly) of our critical data in our Backup Tape Library using HPData Protector software. On a monthly basis, the copy of the full back-up is also replicated to separate disks for storage. We even do restore tests for old tapes after some interval to check the health of the data and media.”

Software like Buffalo’s Memeo Auto Backup help users to take regular back-ups by setting instructions for daily or weekly back-ups. The EMC Avamar data de-duplication solution provides daily back-ups that can be quickly recovered in just one step — eliminating the hassle of restoring full and subsequent incremental back-ups to reach the desired recovery point.

Backed up for years and years

The time period for data storage depends on company policies, regulations and guidelines. “We can store data to tape for a period of 2-3 years. And we can store data to disk depending on the life of the disk. Using RAID (Redundant Array of Independent Disks) technology (that uses two or more hard disk drives to achieve greater levels of performance and reliability for large volumes of data) we can store data for over a 100 years,” says Kamal Kannan, engineer storage, 22by7 Solutions Pvt Ltd.

This is an excerpt from the article "Critical data Storage" published in the July 2008 issue of BenefIT magazine.


Source: ManageIT section from BenefIT magazine July Edition.

Monday, July 21, 2008

Guaranteed!!! Peace of mind... with Disk Encryption


“700 laptops with crucial, sensitive Military secrets have been stolen in U.K.” ….. This was reported by a leading news daily on Saturday 19th July 2008.

Imagine the threat of this data falling into the wrong hands….

Imagine a similar situation befalling your organization?

Are you prepared to thwart such an eventuality?

If the answer to the above question is no, then DISK ENCRYPTION will help you overcome such situations and will ensure your peace of mind.

What is Disk Encryption?

Disk encryption is a special case of data at rest protection when the storage media is a sector-addressable device (e.g., a hard disk, USB drive, Zip drive or a flash card/drive). It is a technique that allows data to be protected even when the OS is not active, for example, if data is read directly from the hardware as compared to access restrictions commonly enforced by an OS.

What are the types of Encryption?

Encryption can happen at the following levels:
1. Full Disk encryption- ideal for devices on the move like laptops, notebooks, palmtops, USB sticks.
2. Partition level encryption
3. Encrypted Containers stored in the regular file system also called as HIDDEN VOLUMES
4. File System level Encryption

Most Disk Encryption systems use a combination of the below mentioned techniques:
• Cipher Block Chaining(CBC)

• Electronic Code Book(ECB)
• Cipher Feedback(CFB)
• Output Feedback(OFB)
• Counter(CTR)
• Cryptographically Secure Pseudorandom number generators(CSPRNG)
• Message Authentication Codes(MAC)

Advantages of Disk Encryption:
1. Assures that intellectual property and sensitive or legally protected information is accessible only to authorized users.
2. Meet regulatory compliance requirements through strong, centrally managed encryption
3. Ensures confidentiality of data
4. Protects data even when OS is not in use.
5. Ensures that data cannot be accessed by unauthorized users
6. Makes the disk/data unusable in the event of unauthorized access.
7. Encryption/Decryption is done transparent to the users.

Monday, July 14, 2008



The Storage Disk Space you bought recently is soon exhausting. Are you considering buying more disk space?

Ever thought of reducing your Backup Window?

Read on…


Data De-Duplication often called "intelligent compression" or "single-instance storage" is a method of reducing storage needs by eliminating redundant data, operating at the file, block, and even the bit level. Only one unique instance of the data is actually retained on storage media, such as disk or tape. Redundant data is replaced with a pointer to the unique data copy. Hence only one instance of the data is saved.

Why do you need it?

Data de-duplication helps to improve data protection, speed up service and reduce cost.

Where does de-duplication take place?

De-duplication can happen at:

1. The Host or Source: Here, the data is checked for duplicate matter at the client itself before sending the data to the storage system.

2. The Destination: Here, the complete data is sent over the network to the designated storage system. Then the De-duplication system starts working at the disk device or on the virtual tape library as a process after the data is received.

Host Based systems are significantly advantageous over the Destination based systems because they send only one instance of the data over the network, thereby ensuring that the network bandwidth is not clogged. Also, since only the unique data is received by the storage system, it makes it easier and faster to store the data and create recovery points.



What are the Key business benefits of data de-duplication?

The following are the benefits derived by an organization that implements data de-duplication:

· Increasing overall data integrity and end with reducing overall data protection costs.

· Lower storage space requirements – it reduces the amount of disk space needed by users for backup by 90 percent.

· Longer disk retention periods

· Reduced power, space and cooling requirements

· Higher restore service levels

· Media Handling errors are reduced

· Availability of more recovery points on fast recovery media

· Efficient use of disk space

· Better recovery time objectives for a longer time

· Reduces the need for tape backups

· Reduces the data to be sent over a WAN for replication, remote backups and disaster recovery, which in turn ensures that the network bandwidth is not choked.

Say Good Bye to Data Leakage--



A recent survey of top security professionals carried out by a leading Consultancy firm revealed some scary but realistic statistics:

1 in 3 companies investigated a breach of confidential data last year.

1 in 4 companies experienced an “embarrassing” leak of confidential information.

1 in 5 emails contains a legal, financial or regulatory risk.

If you are like most corporations, you are finding yourself in the midst of an information explosion. Sensitive data is no longer controlled under lock and key in data centres or file cabinets. Sensitive data is everywhere. This data is an easy prey to leakage which will hamper the competitive advantage that you may have in the market.

This is where Data Leak Prevention (DLP) technology/products come to your rescue.

What is DLP?

DLP is nothing but the use of various techniques to prevent critical data from unnecessarily leaving the organization. DLP products can be defined as:

“Products that, based on central policies, identify, monitor, and protect data at rest, in motion, and in use, through deep content analysis.”

Some of the most common techniques used in these products to detect and prevent unauthorized extrusion of data are:

1. Rule bases/ Regular expressions

2. Database fingerprinting

3. Exact File Matching

4. Partial Document Matching

5. Statistical Analysis

6. Conceptual/Lexicon

7. Predefined Categorization.

What are the main features to look out for in a DLP solution?

In this day and age, it is impossible to expect your employees to be fully cognizant and ready to comply with all data protection compliance rules. Hence look for a DLP technology that can:

1. Protect sensitive data without slowing down your business or frustrating employees trying to do their job.

2. Meet data protection compliance guidelines through the ability to encrypt, redact, block or quarantine sensitive data before it damages your business.

3. Real time performance

4. Virtually zero false-positive rates.

Friday, June 20, 2008

Hackers get Shot in China



If you thought Bush's Patriot Act was bad news, count your lucky stars that you're not a hacker in the People's Republic of China.

The PRC has an interesting history regarding hackers. If they catch them they shoot them. In the late 1990s some employee at the Bank of China hacked into accounts and embezzled a large chunk of change. The hacker apparently experienced remorse and turned himself in. Bad call. He was summarily tried, found guilty, and shot. Then the hacker's family was sent a bill for the bullets expended.

Source: LiquidMatrix

Wednesday, June 18, 2008

Beware The Rise of e-Crime

The UK's Serious Organised Crime Agency [1] (Soca) has issued a warning about the increasing number of international online gangs stealing and trading personal details of web users.

A report issued by the agency says that groups of criminals - often comprising of an average of 30 specialists focused on areas ranging from phishing to data trading - are part of a market evolution geared at trading and exploiting data.

Information is often stolen through techniques such as phishing and key logging using malware sent via email. The stolen data is then used by the thieves for fraudulent purposes or sold to other cyber criminals over the web.

"As web-based technologies become increasingly diverse, e-criminals will use these services to access and exploit victims and conceal their activities," says the Soca report.

"Each group will typically have an inner circle of more technically advanced and/or experienced members who control access to the attack tools and are responsible for dividing up the work."

The tactics used by the criminals are constantly updated to keep ahead of protection offered by software vendors, according to Soca.

Last month, Soca completed the first phase of a five-year IT overhaul [2] to help in the battle against organised crime.

But the agency has admitted that it faced challenges in training staff to a level where the improvement will have a material effect on tackling criminals.

Soca's annual reports said the "challenges involved in increasing knowledge to a level that would facilitate a transformation of the impact on organised crime still remained significant."

So far the programme has given overseas staff secure access to IT systems, improved the internal management of information and upgraded software to improve the collection of Suspicious Activity Reports a mechanism allowing the public to electronically report financial crime.

- Angelica Mari

Source:Computing

Wednesday, June 11, 2008

Protect your identity online

The best ways to protect your identity online
Rosemary Haworth


June 09, 2008 (PC Advisor) With identity theft on the rise and personal information at a premium, it's never been more important to be cautious about what you reveal online.

Social networking sites such as Facebook have largely usurped chatrooms and forums -- at least in the grown-up world -- as fun places to hang around online and engage in harmless distractions. Unfortunately, they've also replaced chatrooms in the tabloid consciousness as the place where pedophiles go to pick up victims.

But while we conscientiously monitor our kids' Internet use and apply restrictions to the sites they can visit and the times they're allowed to go online, we may be putting ourselves in other sorts of danger.
Practice what you preach

Having taught your kids to chat only to people they know and to limit the amount of personal information they give out, consider whether you practice what you preach.

Announcing to the world (via your Facebook profile) that you're bungee-jumping at Victoria Falls tells us you're still game for a laugh. If your profile also states your birth date, hometown, address and phone number, along with a reference to your current and past employers, you've left yourself wide open to someone becoming the new you.

In the past, a tell-tale answering machine message stating that you're on vacation would have been brilliant news for an opportunist thief. The equivalent these days is the careless status update or unprotected online profile that enables a cybercrook to see your personal details.
Limit your exposure

Privacy options at such sites aren't always enabled by default, although Facebook has taken steps to make users' current security settings far more transparent. Even so, you should check who can see what. The Privacy option at the top right of Facebook's home page lets you dictate who can see details about you and who can search for you.

In February, Facebook made a deal to make postings and profiles searchable via search engines. Fraudsters don't even have to be Facebook members to track you down and find out information about you.

Although there was plenty of outcry, the fact remains that Facebook's sign-up terms allow it to do this. Your profile may be all about you and acts as your online identity, but Facebook owns it. The point here is to ensure you read the terms and conditions before signing up.

Allowing friends to see your e-mail address, photo, status and musical tastes is fine, but we suggest you disable the search part. Also, if you allow friends of friends and "anyone in my networks" to see every online move you make, you've opened yourself up to an audience of thousands, if not millions. Anyone in your network could use what they can glean from your profile against you.

Be wary of seemingly "mutual" friends attempting to add you to their friends list. They may simply want to outdo their friends in how many online friends they have. Or they may want to be your friend to acquire further personal details via your profile.

Although this may sound far-fetched, there are plenty of reported instances of publicly and semipublicly posted personal information being exploited in this way.
Knowing me, knowing you

Similarly, assuming someone is trustworthy because they appear to know one of your friends can be a mistake. Last year, three teenage girls ended up being "groomed" and then stalked in person by a middle-aged man they met on the Bebo message boards. Each had trusted him because of his apparent online friendship with the others.

As one of the girls said after his arrest, the fact that he continued to be friendly to one of her friends led her to overlook his odd behavior -- including his comments on their shopping trips and other events that they had discussed together online.

The cyberstalker was eventually caught when he showed up at the Tate Modern gallery in London. He'd learned the girls were going there for a school trip and was recognized while covertly photographing one of the girls he'd met online. They were able to alert security and the police before he escaped.

Although this was a particularly nasty and dramatic case, it demonstrates another point. Reputation and the trust implicit in the apparent approval of someone by your peers is a powerful element of both our face-to-face and online interpersonal relations. It's also something that business networks such as LinkedIn and Plaxo trade on.

At LinkedIn, reputation ranking and feedback have now overtaken in importance the original goal of such sites: to build a circle of business associates and stay in touch with them as they flit from employer to employer. Be sure you keep tabs on who's saying what about you.

And reputation is all-important when convincing someone to buy goods from you online. Our own PC Advisor forums show that it's now de rigueur to find out what customers think of a company before buying from it online -- and it's even more important for small retailers.

Visit Broadband Advisor for the latest news and reviews about the Internet and Internet tools.
Romantic interludes

Let's return to our original warning about giving away your personal information freely, and the Internet acquaintances who have more than friendship in mind. This is something adults need to worry about just as much as kids and teenagers.

Internet dating is notorious as a means of disguising your true age, occupation, weight, gender and intentions -- that's why it's so popular. If you want to use the Web to meet people, then do so safely. Use a legitimate agency that's regulated and recognized, research what others who have used the service have to say about it and find out how the agency checks people before taking them on.

Expect some in-depth personal questions and to be asked for proof that you are who you say you are. A passport, driver's license, proof of address, and birth and divorce certificates were routinely asked for at the bricks-and-mortar dating agency where we used to help out.

Online agencies of good repute should insist on similar assurances. If they don't check you out thoroughly, what's to say they're checking up on your next date?

Acting on impulse and simply taking information supplied by potential dates at face value is more than foolish. It's dangerous in every sense.

Source: Computer World

Tuesday, June 10, 2008

Superfast mini tape from Tandberg

Tandberg touts superfast mini tape library
Bryan Betts


June 09, 2008 (Techworld.com) Tandberg Data is claiming to have the fastest 2U tape library on the market after upgrading its StorageLibrary line with the latest half-height LTO-4 drives.

Tandberg says the upgraded StorageLibrary product now provides up to 123TB of compressed storage — although the 2U model has 12 tape slots for a compressed total of perhaps 20TB.

The Norwegian storage vendor has also updated its eight-slot StorageLoader — a smaller tape autoloader — with half-height (HH) LTO-4.

The compact tape drives have been available for only a few weeks, and provide a high capacity — 800GB of uncompressed data per cartridge. They allow Tandberg to fit two drives into a 2U library, so the library is about double the speed of one with a single drive, at up to 1.7TB/hour. Tandberg's larger libraries with more drives are even faster, of course.

Compared with LTO-3, the LTO-4 HH has double the storage capacity, runs 50% faster and includes 256-bit AES encryption in hardware, said Bharat Kumar, vice president of marketing and development at Tandberg. It supports nonerasable WORM tapes for long-term archiving, he added.

Meanwhile, rival tape library developer Overland Storage has poured cold water on Tandberg's speed claims.

"Performance is a bit of an odd thing to talk about, because the LTO-4 won't be the limiting factor - the bottleneck will be elsewhere in the system," said Chris James, Overland's European marketing director. He argued that the only real way to improve performance is to put a disk-based VTL (virtual tape library) in front of the tape library.

Not so, countered Simon Anderson, Tandberg's tape product manager. He pointed to LTO-4's ability to adjust its streaming speed so it can work efficiently even when its host server can't feed it at its rated 120MB/sec.

Half-height drives are the future, he said. "If you look at the LTO road map, there is no full-height LTO-5 — it will be half-height only, planned for 2010."

James agreed that the introduction of LTO-4 HH is significant — not just because it allows a library to host twice as many LTO-4 drives, but also because it can store twice as much data.

"20TB in 2U is pretty chunky," he said. "Given that a tape library generates 2% of the heat and consumes 5% of the power of the equivalent in disk storage, there's significant space and cost advantages to be had from migrating data to tape as soon as possible."

Tandberg said that a 24-slot StorageLibrary with a single IBM LTO-4 HH drive and a SCSI interface (Fibre Channel and SAS versions are also available) would sell for under $6,300. The smaller StorageLoader, with one LTO-4 HH and two magazines, each holding four tape cartridges, will sell for around $4,500, the company added.

Source: Computer World

Thursday, June 5, 2008

New McAfee Research Names Hong Kong as Most Dangerous Country Domain; Finland is Safest

SANTA CLARA, Calif., June 4 /PRNewswire-FirstCall/ - Hong Kong (.hk) domain has jumped 28 places as the most dangerous place to surf and search on the web according to a new McAfee Inc. (NYSE: MFE) report called "Mapping the Mal Web Revisited" which is released today. Hong Kong takes the mantle from Tokelau, a tiny island of 1,500 inhabitants in the South Pacific.

"Just like the real world, the virtual threats and risks are constantly changing. As our research shows, Web sites that are safe today can be dangerous tomorrow. Surfing the Web based on conventional wisdom is not enough to avoid risk online," said Jeff Green, Senior Vice President of Product Development & Avert Labs.

The second annual McAfee "Mapping the Mal Web" report into the riskiest and safest places on the Web reveals that 19.2% of all Web sites ending in the ".hk" domain pose a security threat1 to Web users. China (.cn) is second this year with over 11%. By contrast, Finland (.fi) remains the safest online destination for the second year with 0.05%, followed by Japan (.jp).

The most risky generic domain from 2007's report became more dangerous with 11.8% of all sites ending in .info posing a security threat and is the third most dangerous domain overall while government websites (.gov) remained the safest generic domain. The most popular domain, .com, is the ninth riskiest overall. The full McAfee "Mapping the Mal Web Revisited" report is available for download at www.mcafee.com/advice

Using the award-winning McAfee® SiteAdvisor® technology, McAfee analyzed 9.9 million heavily trafficked Web sites found in 265 different country (those ending in country letters e.g. Brazil .br) and generic (those ending in .net or .info for example) domains.

More here: McAfee

Thursday, May 29, 2008

Pi Premiere League (PPL) is here!

22by7 is holding its Annual Sports Event - The PPL

Teams are working hard to come up with Media Campaign to grab mindshare. I belong to Team Omega and here is the Poster we came up with:



Best of luck to the other Teams!

Wednesday, May 28, 2008

Corporate Sniffing

Large companies snooping on employees' e-mails

Date: Tuesday, May 27, 2008

New York: If you are an employee in a large company and are thinking of using your work e-mail for job hunting or online dating, watch out.

A new survey finds that 41 percent of large companies (those with 20,000 or more employees) are employing staffers to read or otherwise analyse the contents of employees' outbound e-mail, technology website cnet.com reports.

In the study, which was commissioned by e-mail security provider Proofpoint and conducted by Forrester Research, 44 percent of the US companies surveyed said they investigated an e-mail leak of confidential data in the past year and 26 percent said they fired an employee for violating e-mail policies.

The companies also said they are worried about employees leaking company information on their blogs, message boards, and media-sharing sites like YouTube.

Eleven percent of the companies surveyed took disciplinary action against employees for improper use of blogs or message boards in the past year, and slightly more than that disciplined workers for social-network violations and for improper use of media-sharing sites.

And 14 percent of publicly traded companies investigated the leakage of material financial information, such as unannounced financial results, on blogs and message boards.

Source: Silicon India

Friday, May 23, 2008

Red Curtain - Free Sec App - Article Pick

Most web workers are hip to security software applications. You probably run anti-virus software, and perhaps you use a Virtual Private Network (VPN) application when working from a public hotspot. (If you don’t run these applications, you should.) Recently, though, I’ve been using a more unusual, but definitely useful, security application from computer forensics company Mandiant, called Red Curtain.

Red Curtain is free to download and use, and it’s designed for the analysis of possible malware. It “examines executable files (e.g., .exe, .dll, and so on) to determine how suspicious they are based on a set of criteria” and then assigns each examined file a score.

Red Curtain examines a number of specific aspects of an executable, looking at things such as the entropy (or the randomness), indications of packing, compiler and packing signatures, the presence of digital signatures, and other characteristics to generate a threat “score.” According to Mandiant, “this score can be used to identify whether a set of files is worthy of further investigation.”

I’ve found Red Curtain useful in conjunction with anti-virus and anti-spyware software. After I finish my scans, when anti-virus and anti-spyware applications will occasionally flag files as possibly presenting problems, I quickly run a scan on the flagged files using Red Curtain. As one might expect for an application created by a computer forensics firm, it does a very dependable job of confirming whether suspicious files ought to be deleted right away.

You can download Red Curtain free, here. If you, as I do, constantly add to your arsenal of security applications, this one is worth a try.

Original Article : Web Worker Daily

Thursday, May 22, 2008

Online Security tips for your kids

7 tips for keeping kids safe online
Andy Greenberg


Any parent who has spent a few minutes trying to decipher the abbreviations in his or her teenager’s online chat conversations knows that the web hosts a youth culture all its own. And that world doesn’t just have its own language, it also fosters the sharing of personal information among friends—and sometimes strangers—that can set off alarm bells for parents. Here are a few tips for keeping up with your kid in this quickly evolving space—and helping to draw the line between harmless socializing and dangerous breaches of privacy

1. Talk to your kids about the web: More important than trying to limit or control your kids’ web access is to educate them about what information-sharing and behaviour is smart and responsible on the net. Make it clear to your kids that everything they post to a social networking site, or even send in an email, could easily end up being widely distributed to anyone in cyberspace—including people they’d never talk with in person. On the list of details they should never share online: home addresses, phone numbers, any financial information, sensitive personal details or compromising pictures.

2. Use kid-oriented social networks: One easy way to limit the dangers of social networking is to sign up your preteen kids for social networking sites designed for safety. The social network Imbee.com, for instance, is built to replicate real world friendships online, not to help kids meet strangers. Users can only access profiles within a limited network of friends. All new connections are approved by parents. The kids’ networking site Club Penguin is even safer, albeit targeted at a very young audience—with certain settings, users can only chat using a set of harmless phrases.

3. Use content-locking tools sparingly: Programs like Net Nanny or Cybersitter can block objectionable content on the web and make tracking your children’s online behaviour easy. But Larry Magid, founder of Safekids.com and Connectsafely.org, suggests parents think twice before locking down internet use with these kinds of programs. For teenagers, these sorts of software are likely to inspire rebellion and tempt them to find other, less censored paths to blocked material. For younger kids, Magid suggests the filters are often a poor substitute for more long-lasting education about online safety.

4. Agree on good terms for web use: The internet is more widely accessible every day, so a kid given strict rules about online behaviour without his or her input is likely to find a less restrictive entryway to the web. Instead, come to an agreement with your kids about what you both consider acceptable behaviour in terms of balancing their privacy and their safety. Larry Magid suggests parents and children write and sign pledges for proper online behaviour and post them by the family computer.

5. Monitor Your Kids’ Online Profile: One of the dangers of social networking and blogging is that so much of it occurs on the public web, where it’s broadcast to the world. But if strangers can access kids’ profiles and blogs, so can parents. Just as you stay involved in your child’s friendships in the offline world, you can also keep tabs on his or her online socializing, either actively participating for younger kids or watching from a less intrusive distance for teenagers.

6. Pick your location for computer carefully: Setting up a desktop computer that’s tied to a certain location in the house, rather than buying a laptop and using a wireless internet connection, is one way to make keeping an eye on your child’s web use easier. Even better: Put that computer in a high-traffic area of the house, like the living room or family room, to ensure that web surfing stays public. Keeping the internet out of your child’s bedroom also helps you balance his or her online activity with a healthy mix of offline activities like sports and reading.

7. Monitor cellphone use: As phones get smarter, the line between a cellphone and a net-connected computer is beginning to blur. If your child has a phone with internet capabilities, you should be sure to include cellphone use in your discussion about safe online communication. Monitoring your phone bill is one way to keep tabs on the amount of web browsing your child is doing over a cellular network. FORBES

Source: Times of India

Wednesday, May 21, 2008

Top 10 free Network Tools

From sniffing to mapping to monitoring, these utilities perform surprisingly sophisticated tasks

Computerworld recently showcased 10 great free network management tools. Readers responded with some of their own favorites, so I'm going to take a look at those tools and report on their capabilities and usage from my perspective as an experienced network manager.

But first, let's address security. Readers mentioned the possible security implications of downloading free tools, which is a valid concern. What's to stop a coder from producing a neat network administration tool that secretly sends information about your network to a collection point for exploitation at a later date?

Read more here: ComputerWorld

Friday, May 9, 2008

Happy Secure Surfing - Article pick

Since you are reading this I’ll assume that you are aware that there are some fundamental precautions you need to take before you connect to the internet with your new machine. I’m hopeful that you are reading this on your old machine.

This is a good opportunity to review those precautions.

Patch your operating system. Download and install all available patches and service packs by connecting to Windows Update. According to Swedish security company Sophos, 50% of unpatched and unprotected systems will be infected with malicious code within 12 minutes of being connected to the Internet.

Install a firewall. Windows XP comes with a basic firewall, and if you are running Windows Vista, it does come with a more robust firewall (Windows Firewall) than XP, as well as anti-spyware utilities (Windows Defender). However, the consensus is; third party applications are usually more effective. Keep in mind that the XP firewall offers only minimal protection.

There are a number of free firewalls that are worth considering. The following are two that do the job particularly well.

Comodo Firewall


The definitive free firewall, Comodo Firewall protects your system by defeating hackers and restricting unauthorized programs from accessing the Internet. I have been using this application for 8 months and I continue to feel very secure. It resists being forcibly terminated and it works as well, or better, than any firewall I’ve paid for. This is one I highly recommend. Amazing that it’s free!

ZoneAlarm



The free version of ZoneAlarm lacks the features of ZoneAlarm Pro’s firewall. Its program control asks you regularly whether to allow programs; for some this can be intrusive and annoying. But it’s been around forever it seems, and it can’t be shut down, or out, by mal-ware.

Install anti-virus software. There is no doubt that an unprotected computer will become infected by viruses and malware within minutes of first being connected to the internet. There are many free versions of anti-virus software available and the programs that have a well justified reputation are listed below.

avast! 4 Home Edition


This anti virus app is a real fighter, scanning files on demand and on access, including email attachments. Let’s you know when it detects mal-ware through its shield function. An important feature is a boot-time scan option which removes mal-ware that can’t be remove any other way.

AVG Anti-Virus Free Edition


Similarly, this program scans files on access, on demand, and on schedule. Scans email; incoming and outgoing. For those on Vista, your in luck, it’s Vista-ready. I have been using this application since its release and it now forms part of my front line defenses. I recommend this one highly.

Install Spyware and Adware Software. It’s not only a virus that can put your computer down for the count, but a multitude of nasties freely floating on the Internet. Listed below are a number of free programs that offer very good protection against malware.

SpyCatcher Express


SpyCatcher does a good job of cleaning out spy-ware and at stopping further infestation.

Ad-Aware 2007



Many software reviewers consider Ad-Aware 2007 Free as the best free spyware and adware remover available. It does a relatively good job of protecting against known data-mining, Trojans, dialers, malware, browser hijackers and tracking components. The only downside with the free version is real-time protection is not included.

WinPatrol


Do you want to get a better understanding of what programs are being added to your computer? Then WinPatrol is the program for you. With WinPatrol, in your system tray, you can monitor system areas that are often changed by malicious programs. You can monitor your startup programs and services, cookies and current tasks. Should you need to, WinPatrol allows you to terminate processes and enable, or disable, startup programs. There are additional features that make WinPatrol a very powerful addition to your security applications.

ThreatFire 3


ThreatFire 3 blocks mal-ware, including zero-day threats, by analyzing program behavior and it does a stellar job. Again, this is one of the security applications that forms part of my front line defenses. I have found it to have high success rate at blocking mal-ware based on analysis of behavior. I highly recommend this one!

If you are now on the Internet, and you have not yet taking the precautions as outlined above, you are extremely vulnerable and it is critical that you take the following precautions:

Stop surfing the Web and patch your operating system. Only then download the protective software as noted above, or software that you are familiar with that will do an appropriate job of protecting your computer.

Do not visit any other websites until you have done this!

Additional security precautions:

Establish a password for the administrator account. Only you should have access to the administrator settings on your PC. Unfortunately, XP installs with open access to the administrator’s account. Be sure to change this.

Create a new password protected user account. Using this account for your general day-to-day activities adds another layer of protection to your computer. A user account does not have the same all-access permissions as your administrator account, and in many cases this extra layer of protection will restrict malware from gaining a foothold on your PC.

Good luck and safe surfing.

Source

Tuesday, May 6, 2008

Spammers & Scammers


How spammers manage to make money

Kavita Kukday | TNN 
Spam is undoubtedly one of internet miscreants’ oldest tricks. With the internet security community stopping just short of putting up hoardings screaming not to touch those “Make money for nothing” emails, one can safely assume that anyone with even half a clue won’t touch them with a bargepole. So how does the spamming community survive and thrive when no one who is even tad bit tech savvy admits to doing business with them? Would there be hoards of poverty-stricken spammers out there that are slowly, but surely, starving to death?

    The answer is unfortunately a big No.

    Studies have found that the business of spam is spinning more money by the day. So how do these spammers make money?

    Well, contrary to popular belief, a significant number of spammers apparently aren’t at all interested in whether anyone buys their wares. They will, in fact, keep minting money even if you never click on any of the spam emails. How? They simply feed off other spammers in a bizarre cannibalistic pyramid scheme of spinning money.

    The math is simple: most spammers make money selling email addresses to other spammers, who then sell those same addresses to others and so on, say security experts.

The numbers game: According to a study by IronPort Systems, Cisco’s security division, the spam volume currently stands at a whopping 98 billion per day worldwide. And it’s growing at 12% month over month since June 2007.

    “And why ever not? It makes you a lot of easy money. Spam masters make $10,000+ a week,” said Ambarish Deshpande, regional director, IronPort Systems, adding, “and they don’t do anything except mine for more and more legitimate addresses and sell them for money.”

    Obviously then, the profession is gaining popularity with young hackers, especially those in third world countries. The study found that the internet had an entire sub-industry supported by spammers alone. For instance, a test conducted on pharmaceutical spammers showed that four days of access to a spam server network, which simply gives you an infrastructure to dish out spam, gives these professionals $6,800.

    The study also found that replying to spam will always result in more spam. In fact, you would find that maximum percent of the spammers never even reply to your requests for more information on their product or service. That’s because they make money on customers’ email address, which is sold to other spammers who in turn again simply pass along the address to still other spammers.

    Funnily, some of these addresses finally also land them into actual legitimate business—people with a real product to sell who were actually interested in selling them. Since there are several layers to this spam scam, most of these legitimate business people don’t even know that the recipient hadn’t requested their sales pitch, because whoever sold them the email addresses in the first place had assured them the recipients wanted the information.

Hidden risks: The biggest number, of course, was found to be that of spam mails with offers for pornography, which consistently delivered exactly the sort of materials they promised. But even these came with nasty pop-up adproducing spyware, and the inbox was crammed with Xrated spam that would singe the retinas of all but the most jaded viewer. Worse, they opened up a backdoor to the computers with various codes that did everything from copying important data from your PC to turning your PC into a zombie that delivered more spam to random addresses all over the world.

    However, if this has led you to think you are safe because you never fell into the trap of clicking on those emails with pornographic content, think again. According to a Google study conducted in May 2007, “One in 10 web pages are infected with malicious code. 70% of web-based infections were found on ‘legitimate’ websites. An estimated 5% of heavily trafficked websites have some sort of threat associated with them—ranging from adware to malicious spyware.”

    For instance on Indian websites, malicious content was found embedded in sites like Delhi Tourism (www.delhi-tourism-india.com/culture), www.zeeinternational.co.in, Business Management Association (www.bmaindia.com) and also some well known banks who have since taken down the culprit script, said a security professional from one of the top security companies.

Scam spam: Finally, there is a good percent of spam messages that obviously still turn out to be brilliant scams. One such example Iron-Port Systems came across was where the ads spoke about a Canadian pharmacy. This sold $129.95 bottle of the ‘Erection pack’, which consisted of two packs of sexual stimulants, ‘viagra’ and ‘cialis’. The best part was a slick legitimate-looking pharmacy site called ‘My-CanadianPharmacy’. This came with a legitimate address and ‘contacts us’ sections.

    The spammers had not only gone to the trouble of making a legitimate looking website, but had also actually set up a delivery system which was traced back to a garage in India. A smalltime company in India was hired to package some tablets that were crammed with enough herbal stimulants to keep a person generally charged up for days. The package even included the return address of this place in Goregaon, Mumbai.

    “It was a brilliant business strategy because this way the spammers actually made the customers believe that they were on to something legitimate and got repeated business from them,” said Deshpande.