22by7 TechBlog-->Information Security, Network Security, Storage, Software, Bangalore

The Virtues of Virtualization

2010-10-14T15:44:00.000+05:30

Most of you must have already heard about “VIRTUALIZATION” and may already be in the know about the way it functions.

With all the technical literature, subject matter etc shrouding your mind; you may not remember all the virtues of virtualization.

Below is a small effort from us to help you remember the Virtues of Virtualization and its associated benefits:

Improve the efficiency and availability of IT resources and applications.
Eliminate “One Server, One application” model and enjoy complete multitasking by running Multiple virtual machines on each physical machine.
Free your IT administrators from spending too much time managing different physical servers and giving them time to innovate.
Respond faster to the market dynamics with much more efficiency.
Run multiple operating systems on a single computer including Windows, Linux and more.
Reduce capital costs by increasing energy efficiency and requiring less hardware while increasing your server to admin ratio
Ensure your enterprise applications perform with the highest availability and performance
Build up business continuity through improved disaster recovery solutions.
Improve Enterprise Desktop management and control with faster deployment of desktops and fewer support calls due to application conflicts
Manager your resources with the lowest TCO
Arm and enable your staff to handle double or triple the number of servers, giving users access to the services they need while retaining centralized control.
Deliver built-in availability, security, and performance across the board, from the desktop to the datacenter.

And last but not the least, SAVE UPTO 50-70% ON OVERALL IT COSTS by consolidating your resource pools and delivering highly available hardware services and applications.

Fibre Channel over Ethernet (FCoE)...demystified and simplified for you

2010-10-05T18:29:00.001+05:30

“ FCoE”….You probably have come across this term numerous times in the past couple of days.

In all likely-hood, you will continue to hear it in the coming days too.

So what is this FCoE? How does it work? How would it benefit you?

Below is a small effort from us to demystify and simplify this new Buzzword for you.

Fibre Channel over Ethernet (FCoE) is an encapsulation of Fibre Channel frames over Ethernet

networks. This allows Fibre Channel to use 10 Gigabit Ethernet networks while preserving the Fibre

Channel protocol. FCoE maps Fibre Channel natively over Ethernet while being independent of the

Ethernet forwarding scheme. By retaining the native Fibre Channel constructs, FCoE allows a seamless

integration with existing Fibre Channel networks and management software.

FCoE replaces the bottom Fibre Channel (FC) layers F0 and F1 with Enhanced Ethernet layers,

enabling the same network port on a server to carry Fibre Channel frames to an FC storage device

and Ethernet frames to the local network. Rather than regular Ethernet adapters, FCoE requires

Enhanced Ethernet adapters on all nodes that support FCoE, and these adapters are called

"converged network adapters" (CNAs). Regular Ethernet can lose packets under heavy congestion,

but Enhanced Ethernet prevents packet loss by providing flow control.

FCoE consolidates fabrics, simplifying the overall data centre infrastructure, while ensuring leverage

of existing FC SANs. FCoE would enable SAN traffic to be natively transported over Ethernet networks,

while protecting and extending the investment that customers have made in FC storage networks.

With FCoE, network (IP) and storage (SAN) data traffic can be consolidated using a single network switch.

This consolidation can:

§ reduce the number of network interface cards required to connect to disparate storage and IP networks

§ reduce the number of cables and switches

§ Unified Management

§ High Performance

§ Reduced Power Consumption and cooling costs.

In Conclusion:

FCoE is an evolutionary approach to I/O consolidation by preserving all Fibre Channel constructs,

maintaining the latency, security, and traffic management attributes of FC while preserving

investments in tools, training, and SANs. Fibre Channel over Ethernet extends, rather than replaces

Fibre Channel, allowing you to seamlessly integrate your Ethernet and Fibre Channel networks at the

pace and path that works best. FCoE combined with enhancements to Ethernet will allow data centers

the ability to consolidate their I/O and network infrastructure, saving both capital and operational

expenses and increasing flexibility and control.

This is an intro to FCoE: http://www.youtube.com/watch?v=EZWaOda8mVY

Think that it would be a tad difficult to add a Native FCoE Hot Add, Just see how easy it is:

http://www.youtube.com/watch?v=6S3PJZGzSXU

Sources: Wikipedia, other FCOE related sites.

How to select a SIM solution?...Read on

2010-10-05T18:03:00.001+05:30

You want to put in place an enterprise-class Security Information Management and compliance solution
that can address a broad range of regulatory compliance requirements.

You also want such a solution to have superior flexibility, functionality, scalability and ease of use.
Yet, you do not want it to burn a hole in your pocket.

There are so many offerings in the market…but which one is the best suited for you.

How to choose the right one?

Confused...Following is a list of evaluation best practices that would assist you in making the right choice…J

Compliance is an ongoing activity that is done constantly. Hence, when selecting a SIM solution for
compliance, take time to understand exactly how each product can make your department more effective
by proactively helping you manage your compliance efforts on an ongoing basis.

It is not enough to be compliant, you must also prove it. Ensure that workflow and the richness
of audit trail are carefully evaluated. A common point includes proving processes have been followed
and controls have been executed. The ability to execute and report on a closed loop workflow
and the ability to retrieve information from the audit trail in an ad-hoc manner is critical.
Compliance best practices and audit procedures are constantly evolving. Make sure that Your SIM system
can adapt to new compliance requirements easily and can grow with your organization.
Place a premium on data collection. The system must be able to collect all the data from events that are
relevant for compliance purposes and must support quite a large number and varied sources of data.

It is important to understand what approach your vendor has taken with pre-developed compliance
solutions, the granularity of the methodology that has been used to ensure best practices and the level
of research that they have applied to the solution.

Look for a system that can be deployed quickly with out-of –the box intelligence and collection capabilities
to deliver immediate results. This will save you a lot of your consulting dollars.

Compliance should improve security. Choose a system that not only enables you to achieve compliance
but also protects your business at the same time.

Correlation is the key to compliance. A robust solution should have both pre-configured correlation rules
as well as customizable rules that meld to your compliance policies.

Focus on the regulated Business process. The solution must be able to map your technical information
and log data to your regulated business processes, and then map your business process to your specific
regulations.

A compliance program should address your unique needs. The solution should consider the uniqueness
of your organization including how you exchange information, what technology architecture you use
for your networks and systems and how your IT security organization is arranged.

The points mentioned above are our understanding abstracted from TOP 10 Regulatory Compliances by ARCSIGHT.

What is Services Oriented Storage Solution?

2009-07-21T10:55:00.001+05:30

Services Oriented Storage is a strategy that aligns storage resources with business needs. It's an approach that creates a flexible, adaptive storage platform. In the services oriented approach, technologies like storage virtualization and common management tools enable the deployment of Storage Services, such as disaster recovery, data classification, search, and archiving, across a multivendor storage environment. IT can deliver these services whenever and wherever requested, meeting user and application requirements for performance, scalability, availability, data security and affordability.

Why Services Oriented Storage Solutions?

Value Proposition

Services Oriented Storage can help businesses:

* Simplify storage management

* Improve service levels

* Increase storage utilization

* Lower costs

* Scale up and integrate easily, while protecting their investment

"Being Support Oriented is what keeps you in Business"

2009-07-08T11:10:00.001+05:30

IN the current slowdown, the business mantra should be focusing on survival and consolidating company resources. The reason the solution provider industry is hit is because most of the customer purchases is being made through capex,” feels M Venkat, Prime Mover of 22by7, specializing in IT solutions for storage and security.

To read the complete article, please click here

Proxy Caching_Wan Optimization

2009-04-20T17:15:00.001+05:30

WAN optimization is one of the techniques to improve the speed of functional tools so as to maximize the business performance and to proactively solve the problems.

WAN optimization products seek to accelerate a broad range of applications accessed by distributed enterprise users via eliminating redundant transmissions, staging data in local caches, compressing and prioritizing data, and streamlining chatty protocols (e.g., CIFS).

Improving the application response time is the main benefit that is accrued out of WAN optimization and this is essential where there is centralization of servers and IT resources. When you optimize WAN, you are also saved from the cost of upgrading the band widths.

WAN Optimization is a superset of WAFS in that it also addresses:

SSL-encrypted ASP and Intranet applications
Multimedia e-learning applications

Component techniques of WAN Optimization include WAFS, CIFS proxy, HTTPS Proxy, media multicasting, Web caching and bandwidth management.

A few WAN/Internet Optimization techniques:

Compression - Relies on data patterns that can be represented more efficiently. Best suited for point to point leased lines.

Protocol spoofing - Bundles multiple requests from chatty applications into one. Best suited for Point to Point WAN links.

Traffic shaping - Controls data usage based on spotting specific patterns in the data and allowing or disallowing specific traffic. Best suited for both point to point leased lines and Internet connections.

Equalizing - Makes assumptions on what needs immediate priority based on the data usage. Excellent choice for wide open unregulated Internet connections and clogged VPN tunnels.

Connection Limits - Prevents access gridlock in routers and access points due to denial of service or peer to peer. Best suited for wide open Internet access links , can also be used on WAN links.

Simple Rate Limits - Prevents one user from getting more than a fixed amount of data. Best suited as a stop gap first effort for a remedying a congested Internet connection or WAN link.

Proxy caching accelerates service requests by retrieving content saved from a previous request made by the same client or even other clients. Caching proxies keep local copies of frequently requested resources, allowing large organizations to significantly reduce their upstream bandwidth usage and cost, while significantly increasing performance. Most ISPs and large businesses have a caching proxy. These machines are built to deliver superb file system performance (often with RAID and journaling) and also contain hot-rodded versions of TCP.

Beware of a disease called FORWARDITIS

2009-04-15T14:26:00.000+05:30

As an organization that is into managing Information Security and Network Security, it is our duty to warn every Email user about the hazards involved in forwarding mails without “cleaning” them up.

Typically people who have the urge to share mails tend to hit the “forward” button without cleaning up the mails.

What we mean is, the email ids of all of the recipients and the mail ids within the mail itself get forwarded to the recipients.

The problem lying herein is that the scamsters capture all these Mail ids and sell it on the internet to other scamsters, Viagra dealers, marketers etc.

When a mail is sent with lots of mail IDs in the CC list, Internet Service Providers’ and the Mail Servers of organizations automatically send these mails to junk folders. And subsequently they have the option to Blacklist the sender.

Also it is very annoying for the receiver to keep scrolling down to reach the actual content.

If you need to send a mail to multiple recipients, then insert their Mail Ids in the BCC column. And remove all the mail Ids from the content, CC field.

Also when a mail arrives,typically you should get suspicious when:

· A mail/greeting comes with an attachment from an unknown sender.

· A mail which says you should forward it to as many people as you can in order to help a cause.

· A mail that asks for help ( Like the one about a long suffering girl who will get funds if you forward mails etc.)

· A mail that says URGENT, IMPORTANT.

· A mail that claims Authenticity by referring to agencies like CNN, BBC, NASA, FBI etc. without furnishing reference links.

If all this is confusing and if you want to find out if a message is true or not, just copy the subject line and Google it or better still, visit dedicated sites like www.snopes.com that maintain an updated database of such scams.

Alternatively, if you would like more technical help, get in touch with us.

Please do communicate and spread this message to your friends so that they too don’t fall prey to the disease called “Forwarditis”.

"The Unified Move"- Embracing a unified approach with UTM

2009-04-03T12:28:00.000+05:30

Below is an excerpt from the article " The Unified Move - The security market is increasingly embracing an integrated approach with UTM" by Shanteri Mallaya appearing in the Security Feature section of ChannelWorld.

Enterprises in India are showing willingness to leverage technology at their disposal to protect their most vital corporate assets from external and internal trouble. As a result, IT security has become and will continue to remain de facto. The challenge lies in using the right security component in warding off threats, filtering content, and keeping organizations safe. As companies are in pursuit of the panacea to their security requirements, there is a tilt towards looking at a holistic, cost-effective, durable solution instead of a makeshift approach.

Agrees Venkata Ramana Murthy, prime Mover at 22by7, "the individual, niche component of UtM functionality — say a component filtering mechanism may not necessarily be superior in performance to that of a niche vendor." Nevertheless, the channels are fairly receptive to the UtM idea. This is an emerging technology that throws up new business opportunities for them at a time when conventional technologies are not getting them sufficient margins or giving cross-selling opportunities anymore.

Mr. Murthy of 22by7 adds, "UtM is a successful single point alternative that i can pro-pose to customers."

Venkata Ramana Murthy of 22by7 concludes, “Globally, there is a trend towards the virtual machine, so all security standards have to evolve towards this. Businesses providing security solutions have to look at this seriously and evolve best of breed solutions."

For the full article, please read the issue of ChannelWorld dated Feb 15 2009.

What is Application Acceleration?

2009-03-31T16:08:00.000+05:30

Image source: devcentral.f5.com
References: Wikipedia, devcentral.f5.com

Fretting about POWER COSTS... Help is here..-> LANDesk Power Manager

2008-12-09T12:30:00.000+05:30

Don't fret and fume over those rising power costs....

Don't worry about Green I.T. initiative audits???

Want to know how... just click on the image and you will learn the solution implemented by Venky..

Worried About Handling those numerous network devices...Wish that you had a single window to control them... Hitch on to NAC

2008-11-11T12:27:00.000+05:30

What is Network Access Control?
Network Access Control is a set of protocols used to define how to secure the network nodes prior to the nodes accessing the network.
It is also an approach to computer network security that attempts to unify endpoint security technology (such as antivirus, host intrusion prevention, and vulnerability assessment), user or system authentication and network security enforcement.
Network Access Control (NAC) aims to do exactly what the name implies: control access to a network with policies, including pre-admission endpoint security policy checks and post-admission controls over where users and devices can go on a network and what they can do.

Benefits of Network Access Control

Some of the key benefits are:
• Automatic remediation process i.e fixing non-compliant nodes before allowing access.
• Allowing the seamless integration of network infrastructure such as routers, switches, back office servers and end user computing equipment to ensure the information system is operating securely before interoperability is allowed.
• Mitigation of zero-day attacks
The key value proposition of NAC solutions is the ability to prevent end-stations that lack antivirus, patches, or host intrusion prevention software from accessing the network and placing other computers at risk of cross-contamination of network worms.
• Policy enforcement
NAC solutions allow network operators to define policies, such as the types of computers or roles of users allowed to access areas of the network, and enforce them in switches, routers, and network middleboxes.
• Identity and access management
Where conventional IP networks enforce access policies in terms of IP addresses, NAC environments attempt to do so based on authenticated user identities, at least for user end-stations such as laptops and desktop computers.

To know more on “The options available”, please contact Ms. Leela on (+91) 97314-00693.
Alternatively you could drop in a word at: leela@22by7.in , sigma@22by7.in and we would be glad to touch base with you.

Unified Storage... Simplified for YOU

2008-10-28T12:32:00.000+05:30

What is Unified Storage?

Unified storage (sometimes termed network unified storage or NUS) is a storage system that makes it possible to run and manage files and applications from a single device. To this end, a unified storage system consolidates file-based and block-based access in a single storage platform and supports Fibre Channel SAN, IP-based SAN (iSCSI), and NAS (network attached storage).

How is it implemented in practice?

Unified storage is often implemented in a NAS platform that is modified to add block-mode support.

Benefits:

· Simultaneously enables storage of file data and handles the block-based I/O (input/output) of enterprise applications.

· Reduced hardware requirements – Instead of separate storage platforms, like NAS for file-based storage and a RAID disk array for block-based storage, unified storage combines both modes in a single device.

· Easy to administer since there is only a single device to be deployed.

· Lower Capital expenditures for the enterprise.

· Simpler to manage.

· Advanced features like storage snapshots and replication.

· Unified storage systems generally cost the same and enjoy the same level of reliability as dedicated file or block storage systems

Data loss is inevitable... R U Ready For It

2008-09-30T12:08:00.000+05:30

No organization that depends on technology and stores data can afford to be without a Disaster Recovery strategy and a backup infrastructure.

Disaster recovery is the process, policies and procedures of restoring operations critical to the resumption of business, including regaining access to data (records, hardware, software, etc.), communications (incoming, outgoing, toll-free, fax, etc.), workspace, and other business processes after a natural or human-induced disaster.

A disaster recovery plan (DRP) should also include plans for coping with the unexpected or sudden loss of communications and/or key personnel. Disaster recovery planning is part of a larger process known as business continuity planning (BCP). With the rise of information technology and the reliance on business-critical information the importance of protecting irreplaceable data has become a business priority in recent years. Hence there is a need to backup your digital information to limit data loss and to aid data recovery.

Knowing what you need is half the battle and you can't know what you need until you have an understanding of what is critical. The basic question must be, "If the business has to run on a minimal set of applications and infrastructure, what would those applications and support systems be?"

Weigh the amount of risk you're willing to take against the kind of damage a disaster could do to business against the cost of varying levels of disaster readiness.

Accurate baseline information about your systems will get you on the road to Disaster Recovery. Once there, consider your options. If you have multiple, geographically diverse offices, consider having them back up one another. A little extra hardware and some form of disk-to-disk replication will set you up. Remember to budget time and resources for testing--when you need it is not the time to find out your data isn't replicating.

How long can you afford to be down? Get an idea, of the cost of downtime to cost of restoration. Don't forget to account for whether you have to restore from tape, or are willing to allow disk-to-disk backups to your provider. Disk-to-disk will make your recovery a lot faster than if you have to courier tapes from your tape storage location to the Disaster Recovery site.

Disaster Recovery Strategies
Mentioned below are a few of the most common strategies for data protection.
• Backups made to tape and sent off-site at regular intervals (preferably daily)
• Backups made to disk on-site and automatically copied to off-site disk, or made directly to off-site disk.
• Replication of data to an off-site location, which overcomes the need to restore the data (only the systems then need to be restored or synced). This generally makes use of Storage Area Network (SAN) technology
• High availability systems which keep both the data and system replicated off-site, enabling continuous access to systems and data.

Organizations must also implement precautionary measures, some of which are listed below with an objective of preventing a disaster situation in the first place:

• Local mirrors of systems and/or data and use of disk protection technology such as RAID
• Surge Protectors — to minimize the effect of power surges on delicate electronic equipment
• Uninterruptible Power Supply (UPS) and/or Backup Generator to keep systems going in the event of a power failure
• Fire Preventions — more alarms, accessible fire extinguishers
• Anti-virus software and other security measures

References
1. Buchanan, Sally. "Emergency preparedness." from Paul Banks and Roberta Pilette. Preservation Issues and Planning. Chicago: American Library Association, 2000. 159-165. ISBN 978-0-8389-0776-4
2. Hoffer, Jim. "Backing Up Business - Industry Trend or Event." Health Management Technology, Jan 2001

Handle Daily Internet Usage cost effectively... with Link Balancers.

2008-09-23T12:12:00.000+05:30

Link Balancing commonly referred to as dual WAN routing or Multihoming, Network Load Balancing is the ability to balance traffic across two WAN links without using complex routing protocols.

A Link Balancer is an affordable and powerful solution for routing and managing traffic across multiple Internet connections. Designed to scale for high bandwidth requirements and provide business continuity for an organization of any size, it optimizes the use of multiple Internet links, such as T1s, T3s, DSL and cable connections from one or multiple Internet service providers. Capable of automatic failover in the event of link failure, the Link Balancer helps assure that your network is always connected to the Internet.

This capability balances network sessions like web, email, etc over multiple connections in order to spread out the amount of bandwidth used by each LAN user, thus increasing the total amount of bandwidth available. Example: A user has a single WAN connection to the Internet operating at 1.5Mbit/s. They wish to add a second broadband (Cable, DSL, Wireless) connection operating at 2.5Mbit/s. This would provide them with a total of 4Mbit/s of bandwidth when balancing sessions.

Advantages to your Business/Organization:

• Aggregates Internet connection links
• Automated failover
• Bandwidth management
• Quality of Service (QoS) for Internet applications
• Traditional firewall
• Reduces the need to purchase multiple high speed and high cost links to handle the daily Internet usage.
• Provides Network Redundancy.

References: Wikipedia
Barracuda Networks Inc.

Image Reference: www.searchsecurity.de

Outstanding Performance - Technical Support

2008-09-18T13:00:00.000+05:30

Mr.Amarnath Reddy,Senior Engineer - Security Solutions has been awarded with the "Outstanding Performance - Technical Support" National Award from FORTINET INC for the year 2007-08.

Mr Vinay M.S-Principal Architect-Security Solutions is seen receiving the award at Kuala Lumpur, Malaysia on his behalf.

Walking the Network Tight Rope made easier... With Load Balancers

2008-08-29T11:37:00.000+05:30

Load Balancing is defined as a process and technology that distributes site traffic among several servers using a network based device. This device intercepts traffic destined for a site and redirects that traffic to various servers.
It is a technique to spread work between two or more computers, network links, CPUs, hard drives, or other resource. in order to get optimal resource utilization, throughput, or response time. Using multiple components with load balancing, instead of a single component, may increase reliability through redundancy. The balancing service is usually provided by a dedicated program or hardware device (such as a multilayer switch). It is commonly used to mediate internal communications in computer clusters, especially high-availability clusters. This process is completely transparent to the end user.

Benefits of Load Balancing:

- Optimal resource utilization
- Better throughput and response time
- Increases reliability through redundancy
- Streamlining of data communication
- Ensures a response to every request
- Reduces dropping of requests and data.
- Offers content aware distribution, by doing things such as reading URLS, intercepting cookies and XML parsing.
- Maintains a watch on the servers and ensures that they respond to the traffic. If they are not responding, then it takes them out of rotation.
- Priority activation: When the number of available servers drop below a certain number, or load gets too high, standby servers can be brought online.
- SSL Offload and Acceleration reduces the burden on the Web Servers and performance will not degrade for the end users.
- Distributed Denial of Service (DDoS) attack protection through features such as SYN cookies and delayed-binding to mitigate SYN flood attacks and generally offload work from the servers to a more efficient platform.
- HTTP compression: reduces amount of data to be transferred for HTTP objects by utilizing gzip compression available in all modern web browsers.
- TCP buffering: the load balancer can buffer responses from the server and spoon-feed the data out to slow clients, allowing the server to move on to other tasks.
- HTTP caching: the load balancer can store static content so that some requests can be handled without contacting the web servers.
- Content Filtering: some load balancers can arbitrarily modify traffic on the way through.
- HTTP security: some load balancers can hide HTTP error pages, remove server identification headers from HTTP responses, and encrypt cookies so end users can't manipulate them.
- Priority queuing: also known as rate shaping, the ability to give different priority to different traffic.
- Client authentication: authenticate users against a variety of authentication sources before allowing them access to a website.
- Firewall: Direct connections to backend servers are prevented, for security reasons

References: Server Load Balancing by Tony Bourke
Wikipedia

Image Reference: http://images.newsfactor.com/images/id/4443/story-data-012.jpg

Keep unwanted mail away with Email filtering

2008-08-25T16:58:00.000+05:30

Email filtering is the processing of e-mail to organize it, according to specified criteria. Most often this refers to the automatic processing of incoming messages, but the term also applies to the intervention of human Intelligence in addition to anti-spam techniques, and to outgoing emails as well as those being received.

Email filtering software takes emails as input. For its output, it might pass the message (though unchanged) for delivery to the user's mailbox, redirect the message for delivery elsewhere, or even throw the message away. Some mail filters are able to edit messages during processing.

Common uses for mail filters include removal of spam and of computer viruses. A less common use is to inspect outgoing e-mail at some companies to ensure that employees comply with appropriate laws. Users might also employ a mail filter to prioritize messages, and to sort them into folders based on subject matter or other criteria.

Advantages:

1. Defend against inbound threats

2. Prevent data leakage through emails

3. Encrypt sensitive information

4. Help in analyzing messaging infrastructure.

References: Wikipedia
Inputs from Gerry Tucker. Director- Sales, APAC Proofpoint systems

Increase Productivity.... Implement a SSL VPN

2008-08-18T13:03:00.001+05:30

What is a SSL-VPN?

SSL-VPN stands for Secure Socket Layer Virtual Private Network. It is a term used to refer to any device that is capable of creating a semi permanent encrypted tunnel over the public network between two private machines or networks to pass non-protocol specific, or arbitrary traffic. This tunnel can carry all forms of traffic between these two machines meaning it is encrypting on a link basis, not on a per application basis.

It is a mechanism provided to communicate securely between two points with an insecure network in between them.

Benefits of using SSL VPN:

· Improves work force productivity since Employees and contractors can perform tasks even when not physically present in their usual work facilities.

· Easy deployment since it does not require any special client software to be installed.

· Provides more security options.

· Improved manageability due to highly configurable access control capabilities, health checks etc.

· Lowers costs because of the Increased self-service capabilities for conducting business with outside parties such as suppliers and customers. Employees can work remotely on a regular basis (e.g., IT consulting) thereby allowing the organization to maintain less office space (and save money).

· Increased self-service capabilities for suppliers improve their efficiency, yielding better-negotiated service/product rates.

· If remote access is used as part of business-continuity strategy, fewer seats may be necessary at disaster-recovery/business-continuity facilities than if all workers must work at the secondary site.

References: http://www.sans.org/reading_room/whitepapers/vpns/1459.php
http://sslvpnbook.packtpub.com/chapter6.htm

Identify ME!! Securing Your Future with Two- Three Factor Authentication

2008-08-14T19:17:00.000+05:30

What is Authentication?

Authentication (from Greek αυθεντικός; real or genuine, from authentes; author) is the act of establishing or confirming something (or someone) as authentic, that is, that claims made by or about the thing are true. This might involve confirming the identity of a person or assuring that a computer program is a trusted one.

What is an Authentication Factor?
An authentication factor is a piece of information and process used to authenticate or verify a person's identity for security purposes.

What is Transactional Authentication?
Transaction authentication generally refers to the Internet-based security method of securely identifying a user through two or three factor authentication at a transaction level, rather than at the traditional Session or Logon level.

Types of Factor Authentications:

1. Two Factor Authentication: Two-factor authentication is a security process in which the user provides two means of identification, one of which is typically a physical token, such as a card, and the other of which is typically something memorized, such as a security code. In this context, the two factors involved are sometimes spoken of as something you have and something you know. A common example of two-factor authentication is a bank card: the card itself is the physical item and the personal identification number (PIN) is the data that goes with it.

2. Three Factor Authentication: is a security process in which
the user has to provide the following three means of identification:
• Something the user has (e.g., ID card, security token, software token)
• Something the user knows (e.g., a password, pass phrase, or personal identification number (PIN))
• Something the user is or does (e.g., fingerprint or retinal pattern, DNA sequence, signature or voice recognition, unique bio-electric signals, or any other biometric identifier)

A few examples of the factors that could be used as SOMETHING THE USER HAS:

Tokens: The most common forms of the 'something you have' are smart cards and USB tokens. Differences between the smart card and USB token are diminishing; both technologies include a microcontroller, an OS, a security application, and a secured storage area.
Biometrics: Vendors are beginning to add biometric readers on the devices, thereby providing multi-factor authentication. Users biometrically authenticate via their fingerprint to the smart card or token and then enter a PIN or password in order to open the credential vault.
Phones: A new category of T-FA tools transforms the PC user's mobile phone into a token device using SMS messaging or an interactive telephone call. Since the user now communicates over two channels, the mobile phone becomes a two-factor, two-channel authentication mechanism.
Smart cards
Smart cards are about the same size as a credit card and perform both the function of a proximity card and network authentication. Users can authenticate into the building via proximity detection and then insert the card into their PC to produce network logon credentials. They can also serve as ID badges.
Universal Serial Bus
A USB token has different form factor; it can't fit in a wallet, but can easily be attached to a key ring. A USB port is standard equipment on today's computers, and USB tokens generally have a much larger storage capacity for logon credentials than smart cards.
OTP Token: Some manufacturers also offer a One Time Password (OTP) token. These have an LCD screen which displays a pseudo-random number consisting of 6 or more alphanumeric characters (sometimes numbers, sometimes combinations of letters and numbers, depending upon vendor and model). This pseudo-random number changes at pre-determined intervals, usually every 60 seconds, but they can also change at other time intervals or after a user event, such as the user pushing a button on the token. Tokens that change after a pre-determined time are called time-based, and tokens that require a user event are referred to as sequence-based (since the interval value is the current sequence number of the user events, i.e. 1, 2, 3, 4, etc.). When this pseudo-random number is combined with a PIN or password, the resulting pass code is considered two factors of authentication (something you know with the PIN/password, and something you have from the OTP token). There are also hybrid-tokens that provide a combination of the capabilities of smartcards, USB tokens, and OTP tokens.

Advantages Of using 2/3 Factor Authentication:
1. Drastically reduce the incidence of online Identity Thefts, phishing expeditions and other online frauds.
2. Ensures that you have a very strong authentication method in place.
3. Increases the confidence and trust levels of the users interacting with your network.
4. Adheres to the compliance rules of various standards especially if you are in the financial domain.
5. Ensures that you have sufficient levels of security to thwart any attacks on your network.
6. It allows you to provide secure remote access to your network.

Reference: Wikipedia.
Image Source: www.koshatech.com/images/solutions_img.jpg
www.info.gov.hk/.../images/2_factors.jpg

Keeping Away the Peeping Toms...With Mail Encryption

2008-08-05T16:47:00.000+05:30

KEEP AWAY PEEPING TOMS… WITH EMAIL ENCRYPTION.
If you are mailing a Cheque/DD to somebody or a very important document to a family member or to your customer, do you send it by ordinary post? NO, in all probability you would either send it by courier or by registered post to ensure that the packet reaches the hands of the right and intended person only. Moreover, you will ensure that the envelope holding these items is not transparent or easily tamperable. This will help you to obfuscate or hide the contents even better. To ensure that it has been received by the intended person, you ask for an acknowledgement, the date when the delivery has taken place etc.

Why then would you send personal or confidential information in an unprotected email?

Why do I need to encrypt my emails?

Sending information in an unencrypted email is the equivalent of sending a cheque/DD in an unsealed envelope or writing confidential information on a postcard for all to see. This will allow anybody and everybody to take advantage of such information and use it to defraud us. We are all sure that none of us would like to encounter such a situation.

While in transit, e-mail messages are sent through one or more mail transfer agent servers until it reaches the destination e-mail server. Someone with access to this server can easily intercept and read the e-mail message. In addition, e-mail messages that travel through these mail transfer agent (mta) servers are very likely stored and backed up even after delivery to the recipient, and even if the recipient and the sender have deleted their copies of the message. This stored copy of the e-mail may be subject to snooping in the future, and persist indefinitely.
Additionally, the internet makes it easy to “spoof” the sender field of an email message, allowing nefarious individuals to misrepresent their identities. This has led to a phenomenon known as “phishing” and other forms of attacks over e-mail, underscoring the importance of the recipient being able to reasonably authenticate the sender's identity. That is the reason why we need to ENCRYPT OUR MAILS.

Techniques used to encrypt emails:
1. Symmetric Crypts: both recipient and sender share a common key or password that is used to decrypt/encrypt the message.

2. Asymmetric Crypts: here there are two keys used. One is a public key that can be shared with everyone and to encrypt the message. The other is the private or secret key known only to the recipient and used to decrypt the message. Both the keys are required in a transaction here.

E-mail encryption design approaches

1. The Client-Based Method suggests that the sender of the email should be responsible for e- encryption.

2. The Gateway-based Method suggests that the organization is responsible for e-mail security, and encryption should be performed on a server operating on the corporate network, based on the security and regulatory compliance needs of the company and its industry vertical.

Methods of Message Retrieval
1. The “in box” delivery model: the encrypted e-mail is delivered to the user’s email inbox, where they can open the encrypted message after providing the appropriate password or credentials.

2. The “mail Box” model: the user receives an e-mail with a hyperlink to the encrypted message. The user then follows the hyperlink to arrive at a website where they submit their credentials and are then able to view the decrypted message.

Standard approaches to e-mail encryption
The need for e-mail encryption has lead to a variety of solutions – some from standards bodies, and some from the marketplace. Below are a few of these approaches:

1. S/MIME : S/MIME (Secure/Multipurpose Internet Mail Extensions) is a standard for public key encryption signing e-mail. S/MIME was developed by RSA Data Security, Inc. S/MIME provides the cryptographic security services for authentication, message integrity, and non-repudiation by combining a digital signature with encryption. Before S/MIME can be used in an application, the user must obtain and successfully install a unique key/certificate from a Certificate Authority (CA) or from a public CA. Encryption requires storing the destination party's certificate, a process that is typically automated when receiving a message from the party with a valid signing certificate attached.
2. PGP and OpenPGP: Pretty Good Privacy (PGP) is a standard that delivers cryptographic privacy authentication. The first version of PGP, by designer and developer Phil Zimmermann, was released as an open standard. Zimmermann and others have developed subsequent versions. Eventually, the PGP secure e-mail offering was adopted as an Internet standards-track specification known as OpenPGP. OpenPGP is now an open standard with PGP. PGP and OpenPGP require a client or plug-in. PGP uses both public-key cryptography and symmetric key cryptography.
3. PostX Registered Envelope Encryption and Security: The PostX Registered Envelope is a secure delivery model for PostX Envelope. The Registered Envelope uses online authentication for decryption key retrieval to provide secure auditable message delivery. The Registered Envelope delivers both the encrypted payload and necessary decryption code via an e-mail attachment to the recipient. E-mail payload is encrypted with a unique (per message) secure random session key. The session key is stored in the PostX KeyServer (and is not sent with the message itself).
4. Identity-Based Encryption: In the 1980’s, identity based encryption (IBE) methods were developed for e-mail by RSA and others to communicate securely in ad hoc environments. In this model, the e-mail address of the recipient is used to perform the e-mail encryption. In order to provide the strength of a password or authentication, identity-based encryption requires client software.
5. Pull solution: In this model, the recipient is pulled into a secure message inbox. In this inbox, the recipient can perform all of the e-mail functions in a branded environment.

Advantages:

1. Encrypting your email will keep all but the most dedicated hackers from intercepting and reading your private communications.

2. Using a personal email certificate, you can digitally sign your email so that recipients can verify that its really from you as well as encrypt your messages so that only the intended recipients can view it. This will help stem the tide of spam and malware being distributed in your name.

3. When your contacts receive an unsigned message with your email id spoofed, they will realize that its not from you and will delete it.

4. Protect your integrity and confidentiality.

5. It will also help you to adhere to the compliance rules of most standards.

Reference: Wikipedia, About.com.

Image Source: http://images.teamsugar.com/

PC LCM----> Your Virtual Assistant…

2008-07-25T17:54:00.000+05:30

Are you a Sys Admin perplexed and tired of running around maintaining your systems…
Are you worried that the right patches have not been downloaded and installed….
Are you not aware of which licenses are about to expire and when?

Do not Despair… Just adopt a PC Life Cycle Management Solution and put all your fears to rest… Relax and Relish your work…

Properly managing an IT environment requires expertise and often takes significant amounts of time and effort. System administrators are responsible for providing their organizations with access to critical applications and services while ensuring that systems perform optimally and remain secure. Unfortunately, keeping pace with the frequency of changes in an IT environment of any size can be a daunting task. The problem is often more pronounced in midsize organizations, where system administrators are forced to juggle many responsibilities.

Issues such as deployment, monitoring, and updating computers can have a significant impact on organizations’ budgets (not to mention system administrators’ blood pressure).

While it might be possible to complete some tasks manually, the number of devices and applications that must be managed can quickly become overwhelming. Add in priorities unrelated to desktop lifecycle management, and help is sure to be welcome. The best solution for managing IT environments that are increasing in size and complexity is through automation.

It is here that PC Life Cycle Management Solutions step in and help you mitigate all the associated complications.

A typical PC Life Cycle Management Solution will do the following for you:

• Sophisticated MSI packaging
• Unattended remote client resets
• Comprehensive inventory-based distribution
• Global scheduling of jobs and executing them
• Intelligent multicast replication
• Complete system repair

• Drag and drop configuration management
• Backup/restore of user personality and locally saved data from a single PC
• Centralized reporting functions
• Native integration with the Directory services.
• Patch management to distribute patches and virus updates
• Bandwidth throttling
• Mandatory (push) and software request (pull) distribution
• Wake on LAN
• OS deployment
• A single Management console to manage all your devices
• Security Management
• Define process workflows to dynamically manage the devices on the network right from purchase to retirement

How does my organization and I benefit if we opt for a PC LCM?
• Reduces I.T. Labour and Asset ownership costs
• Adherence to both internal and external compliance standards.
• Consistent User Experience
• Centralized and Single Management Console reduces the strain on the Sys Admin
• Know what you have in your network and where in a jiffy.
• Up to date and current information about the health of your devices allows you to undertake preventive measures.
• Streamline the existing process and ensure that there is a common policy to handle unforeseen circumstances.
• Automatically update, deploy and manage the software on the clients.

References:
1. www.Microsoft.com : White paper on PC Life Cycle Management
2. www.Pactech.net/wininstall

BACK UP, For The Sake Of Your Critical Data

2008-07-24T10:51:00.000+05:30

Critical data is the lifeline of any business and hence needs to be archived. But what is the best way to do so? How long can this data be stored? And can lost data be recovered?

We look at some answers.

Key BenefITs

• Don’t lose any essential data.
• Comply with all audit and government requirements.
• Reduce storage costs, by moving data across a hierarchy of media.

Back up, For The Sake Of Your Critical Data

Every day, a huge amount of critical data is created in any business through its daily transactions with dealers, distributors, customers, employees, etc. There are also records like contracts, taxes, client contact details, etc, which are of immense importance. All this critical data needs to be preserved/archived for future reference. This is done by making a back-up of the data regularly, based on the requirements of the company. Most firms take daily back-ups of critical data. The back-up helps them when they need access to a file that was used a few months, or even years, ago.

“The business data, be it in paper or digital form, is the lifeline for any organisation. So, storing and backing it up carefully is of utmost importance to keep the lifeline always up,” justifies Arun Attri, IThead, Barista Coffee Company

Storage options

There are various methods of storing critical data. In general, back-ups are done to tape, with multiple back-up sets. Critical data is often backed up to disk storage and then moved to tape. When backed up to disk, the data restore time is less. The use of disk-based storage improves recovery time objectives (the time and service level within which a business process must be restored after a disaster), offers superior reliability and improves the efficiency of WAN Wide Area Network)-based remote back-up and replication. Disk storage is the best way to preserve data for longer periods of time. With data de-duplication in use, disk storage can offer the same economies as tape storage. “Data de-duplication is one emerging solution to the challenge of backing up exponentially growing volumes of data and preserving it for extended periods of time. Data de-duplication is a process that eliminates redundant data from the total volume of data that needs to be backed up. In doing so, it reduces both secondary storage requirements and network bandwidth needs,” adds P K Gupta, director, Asia Pacific & Japan (back-up, recovery and archive solutions), EMC Global Services. For example, when an e-mail with an attachment is received by multiple recipients within the organisation, data de-duplication ensures that only the first instance of the attachment is backed up. All other back-ups simply point back to the previously stored instance of the file.

For network-based solutions, the recommended method is using a centralised storage solution—the user’s data is stored to NAS (network attached storage) and then backed up to tape. Disks are expensive, so data is stored in tapes with multiple copies. Most firms use disks and tapes for critical data storage. “Tapes as well as disks are used for storage. We use HP-Tape Library (Ultrium-3)”, says Attri. Renny V Mathew, systems administrator, Avio Helitronics Infosystems, reveals, “We use LTO (linear tape open—a high performance magnetic tape storage technology) Gen 3, Symantec Backup exec 11d for server software, and Tandberg T24 Tape Library Single Drive with 12 tape slots.”

The frequency of back-ups

Daily and weekly back-ups of crucial data are the need of the hour. There are two main back-up methods: daily incremental and weekly full back-ups. “We take daily incremental and weekly full backups,” says Mathew. The daily, weekly or monthly back-up is stored and also tested regularly. Attri asserts, “We take incremental (daily) as well as full back-ups (weekly) of our critical data in our Backup Tape Library using HPData Protector software. On a monthly basis, the copy of the full back-up is also replicated to separate disks for storage. We even do restore tests for old tapes after some interval to check the health of the data and media.”

Software like Buffalo’s Memeo Auto Backup help users to take regular back-ups by setting instructions for daily or weekly back-ups. The EMC Avamar data de-duplication solution provides daily back-ups that can be quickly recovered in just one step — eliminating the hassle of restoring full and subsequent incremental back-ups to reach the desired recovery point.

Backed up for years and years

The time period for data storage depends on company policies, regulations and guidelines. “We can store data to tape for a period of 2-3 years. And we can store data to disk depending on the life of the disk. Using RAID (Redundant Array of Independent Disks) technology (that uses two or more hard disk drives to achieve greater levels of performance and reliability for large volumes of data) we can store data for over a 100 years,” says Kamal Kannan, engineer storage, 22by7 Solutions Pvt Ltd.

This is an excerpt from the article "Critical data Storage" published in the July 2008 issue of BenefIT magazine.

Source: ManageIT section from BenefIT magazine July Edition.

Guaranteed!!! Peace of mind... with Disk Encryption

2008-07-21T15:57:00.000+05:30

“700 laptops with crucial, sensitive Military secrets have been stolen in U.K.” ….. This was reported by a leading news daily on Saturday 19th July 2008.

Imagine the threat of this data falling into the wrong hands….

Imagine a similar situation befalling your organization?

Are you prepared to thwart such an eventuality?

If the answer to the above question is no, then DISK ENCRYPTION will help you overcome such situations and will ensure your peace of mind.

What is Disk Encryption?

Disk encryption is a special case of data at rest protection when the storage media is a sector-addressable device (e.g., a hard disk, USB drive, Zip drive or a flash card/drive). It is a technique that allows data to be protected even when the OS is not active, for example, if data is read directly from the hardware as compared to access restrictions commonly enforced by an OS.

What are the types of Encryption?

Encryption can happen at the following levels:
1. Full Disk encryption- ideal for devices on the move like laptops, notebooks, palmtops, USB sticks.
2. Partition level encryption
3. Encrypted Containers stored in the regular file system also called as HIDDEN VOLUMES
4. File System level Encryption

Most Disk Encryption systems use a combination of the below mentioned techniques:
• Cipher Block Chaining(CBC)
• Electronic Code Book(ECB)
• Cipher Feedback(CFB)
• Output Feedback(OFB)
• Counter(CTR)
• Cryptographically Secure Pseudorandom number generators(CSPRNG)
• Message Authentication Codes(MAC)

Advantages of Disk Encryption:
1. Assures that intellectual property and sensitive or legally protected information is accessible only to authorized users.
2. Meet regulatory compliance requirements through strong, centrally managed encryption
3. Ensures confidentiality of data
4. Protects data even when OS is not in use.
5. Ensures that data cannot be accessed by unauthorized users
6. Makes the disk/data unusable in the event of unauthorized access.
7. Encryption/Decryption is done transparent to the users.

2008-07-14T16:26:00.000+05:30

The Storage Disk Space you bought recently is soon exhausting. Are you considering buying more disk space?

Ever thought of reducing your Backup Window?

Read on…

Data De-Duplication often called "intelligent compression" or "single-instance storage" is a method of reducing storage needs by eliminating redundant data, operating at the file, block, and even the bit level. Only one unique instance of the data is actually retained on storage media, such as disk or tape. Redundant data is replaced with a pointer to the unique data copy. Hence only one instance of the data is saved.

Why do you need it?

Data de-duplication helps to improve data protection, speed up service and reduce cost.

Where does de-duplication take place?

De-duplication can happen at:

1. The Host or Source: Here, the data is checked for duplicate matter at the client itself before sending the data to the storage system.

2. The Destination: Here, the complete data is sent over the network to the designated storage system. Then the De-duplication system starts working at the disk device or on the virtual tape library as a process after the data is received.

Host Based systems are significantly advantageous over the Destination based systems because they send only one instance of the data over the network, thereby ensuring that the network bandwidth is not clogged. Also, since only the unique data is received by the storage system, it makes it easier and faster to store the data and create recovery points.

What are the Key business benefits of data de-duplication?

The following are the benefits derived by an organization that implements data de-duplication:

· Increasing overall data integrity and end with reducing overall data protection costs.

· Lower storage space requirements – it reduces the amount of disk space needed by users for backup by 90 percent.

· Longer disk retention periods

· Reduced power, space and cooling requirements

· Higher restore service levels

· Media Handling errors are reduced

· Availability of more recovery points on fast recovery media

· Efficient use of disk space

· Better recovery time objectives for a longer time

· Reduces the need for tape backups

· Reduces the data to be sent over a WAN for replication, remote backups and disaster recovery, which in turn ensures that the network bandwidth is not choked.

Say Good Bye to Data Leakage--

2008-07-14T16:17:00.000+05:30

A recent survey of top security professionals carried out by a leading Consultancy firm revealed some scary but realistic statistics:

1 in 3 companies investigated a breach of confidential data last year.

1 in 4 companies experienced an “embarrassing” leak of confidential information.

1 in 5 emails contains a legal, financial or regulatory risk.

If you are like most corporations, you are finding yourself in the midst of an information explosion. Sensitive data is no longer controlled under lock and key in data centres or file cabinets. Sensitive data is everywhere. This data is an easy prey to leakage which will hamper the competitive advantage that you may have in the market.

This is where Data Leak Prevention (DLP) technology/products come to your rescue.

What is DLP?

DLP is nothing but the use of various techniques to prevent critical data from unnecessarily leaving the organization. DLP products can be defined as:

“Products that, based on central policies, identify, monitor, and protect data at rest, in motion, and in use, through deep content analysis.”

Some of the most common techniques used in these products to detect and prevent unauthorized extrusion of data are:

1. Rule bases/ Regular expressions

2. Database fingerprinting

3. Exact File Matching

4. Partial Document Matching

5. Statistical Analysis

6. Conceptual/Lexicon

7. Predefined Categorization.

What are the main features to look out for in a DLP solution?

In this day and age, it is impossible to expect your employees to be fully cognizant and ready to comply with all data protection compliance rules. Hence look for a DLP technology that can:

1. Protect sensitive data without slowing down your business or frustrating employees trying to do their job.

2. Meet data protection compliance guidelines through the ability to encrypt, redact, block or quarantine sensitive data before it damages your business.

3. Real time performance

4. Virtually zero false-positive rates.

Storm Warning!!

2008-06-24T09:11:00.000+05:30

Security researchers Friday warned of a new, massive spam campaign that tries to convince users to install the long-running Storm bot Trojan on their PCs.

This new spam is difficult to characterize since nearly 40 different subject heads are being used by the spammers.

Whatever may be the subject head the spam mail has a link to Porntube.com, a Youtube look alike. Once reaching the site a pop-up message appears requesting that an activex control need to be installed. But the trick is instead of the activex control a variation of Storm Trojan is installed in the Machine.

If you any such mail - Hit the "Del" button,Pronto!

Here is the list of some of the subject heads:

Batman latest movie bombs at box office?
Britney found hanged in locker room?
Celtics disqualified from NBA title?
China Earthquake claims 1 million lives?
Dan Brown's latest novel?
David Cook American Idol - latest NEW single?
"Donald Trump missing, feared kidnapped?"
Egypt Giza pyramids rocked by massive earthquake?
Eiffel Tower damaged by massive earthquake?
"Eiffel Tower suffers structural damage, collapse possible?"
Find out about Harry Potter's last novel?
Ford unveils latest 2 door design hatch?
Get Smart -- movie premiere?
Get star wars photos?
Get the latest discount plan from Ford Cars?
Great Wall of China damaged by earthquake?
Hiliary admits past failures?
Hillary Clinton reveals husband's scandal secrets?
Italy knocked out of Euro 2008?
Las Vegas Hotel caught in fire?
"London rocked by gas attack, army on high alert?"
Love Guru sneak previews here?
Man wakes up from 40 year coma?
Nokia unveils revolutionary new phone design?
Obama suffers setback in polls due to sex secrets?
Obama withdraws from elections?
Oprah found sleeping the streets?
Osama Bin Laden caught finally !?
Paris Hilton found to be gay!?
Saddam Hussein found dead?
Star Trek star dies at age 79?
"Statue of Liberty struck by lightning, catches fire?"
Stonehenge damaged by massive earthquake?
Top 10 movies of all time?
Top comedy downloads?
Top film from the Cannes?
Turner Empire poised for bankruptcy file?
Watch movie premieres now?
"White House hit by lightning, catches fire?"

Hackers get Shot in China

2008-06-20T08:14:00.000+05:30

If you thought Bush's Patriot Act was bad news, count your lucky stars that you're not a hacker in the People's Republic of China.

The PRC has an interesting history regarding hackers. If they catch them they shoot them. In the late 1990s some employee at the Bank of China hacked into accounts and embezzled a large chunk of change. The hacker apparently experienced remorse and turned himself in. Bad call. He was summarily tried, found guilty, and shot. Then the hacker's family was sent a bill for the bullets expended.

Source: LiquidMatrix

Beware The Rise of e-Crime

2008-06-18T09:41:00.000+05:30

The UK's Serious Organised Crime Agency [1] (Soca) has issued a warning about the increasing number of international online gangs stealing and trading personal details of web users.

A report issued by the agency says that groups of criminals - often comprising of an average of 30 specialists focused on areas ranging from phishing to data trading - are part of a market evolution geared at trading and exploiting data.

Information is often stolen through techniques such as phishing and key logging using malware sent via email. The stolen data is then used by the thieves for fraudulent purposes or sold to other cyber criminals over the web.

"As web-based technologies become increasingly diverse, e-criminals will use these services to access and exploit victims and conceal their activities," says the Soca report.

"Each group will typically have an inner circle of more technically advanced and/or experienced members who control access to the attack tools and are responsible for dividing up the work."

The tactics used by the criminals are constantly updated to keep ahead of protection offered by software vendors, according to Soca.

Last month, Soca completed the first phase of a five-year IT overhaul [2] to help in the battle against organised crime.

But the agency has admitted that it faced challenges in training staff to a level where the improvement will have a material effect on tackling criminals.

Soca's annual reports said the "challenges involved in increasing knowledge to a level that would facilitate a transformation of the impact on organised crime still remained significant."

So far the programme has given overseas staff secure access to IT systems, improved the internal management of information and upgraded software to improve the collection of Suspicious Activity Reports a mechanism allowing the public to electronically report financial crime.

- Angelica Mari

Source:Computing

Protect your identity online

2008-06-11T10:22:00.000+05:30

The best ways to protect your identity online
Rosemary Haworth

June 09, 2008 (PC Advisor) With identity theft on the rise and personal information at a premium, it's never been more important to be cautious about what you reveal online.

Social networking sites such as Facebook have largely usurped chatrooms and forums -- at least in the grown-up world -- as fun places to hang around online and engage in harmless distractions. Unfortunately, they've also replaced chatrooms in the tabloid consciousness as the place where pedophiles go to pick up victims.

But while we conscientiously monitor our kids' Internet use and apply restrictions to the sites they can visit and the times they're allowed to go online, we may be putting ourselves in other sorts of danger.
Practice what you preach

Having taught your kids to chat only to people they know and to limit the amount of personal information they give out, consider whether you practice what you preach.

Announcing to the world (via your Facebook profile) that you're bungee-jumping at Victoria Falls tells us you're still game for a laugh. If your profile also states your birth date, hometown, address and phone number, along with a reference to your current and past employers, you've left yourself wide open to someone becoming the new you.

In the past, a tell-tale answering machine message stating that you're on vacation would have been brilliant news for an opportunist thief. The equivalent these days is the careless status update or unprotected online profile that enables a cybercrook to see your personal details.
Limit your exposure

Privacy options at such sites aren't always enabled by default, although Facebook has taken steps to make users' current security settings far more transparent. Even so, you should check who can see what. The Privacy option at the top right of Facebook's home page lets you dictate who can see details about you and who can search for you.

In February, Facebook made a deal to make postings and profiles searchable via search engines. Fraudsters don't even have to be Facebook members to track you down and find out information about you.

Although there was plenty of outcry, the fact remains that Facebook's sign-up terms allow it to do this. Your profile may be all about you and acts as your online identity, but Facebook owns it. The point here is to ensure you read the terms and conditions before signing up.

Allowing friends to see your e-mail address, photo, status and musical tastes is fine, but we suggest you disable the search part. Also, if you allow friends of friends and "anyone in my networks" to see every online move you make, you've opened yourself up to an audience of thousands, if not millions. Anyone in your network could use what they can glean from your profile against you.

Be wary of seemingly "mutual" friends attempting to add you to their friends list. They may simply want to outdo their friends in how many online friends they have. Or they may want to be your friend to acquire further personal details via your profile.

Although this may sound far-fetched, there are plenty of reported instances of publicly and semipublicly posted personal information being exploited in this way.
Knowing me, knowing you

Similarly, assuming someone is trustworthy because they appear to know one of your friends can be a mistake. Last year, three teenage girls ended up being "groomed" and then stalked in person by a middle-aged man they met on the Bebo message boards. Each had trusted him because of his apparent online friendship with the others.

As one of the girls said after his arrest, the fact that he continued to be friendly to one of her friends led her to overlook his odd behavior -- including his comments on their shopping trips and other events that they had discussed together online.

The cyberstalker was eventually caught when he showed up at the Tate Modern gallery in London. He'd learned the girls were going there for a school trip and was recognized while covertly photographing one of the girls he'd met online. They were able to alert security and the police before he escaped.

Although this was a particularly nasty and dramatic case, it demonstrates another point. Reputation and the trust implicit in the apparent approval of someone by your peers is a powerful element of both our face-to-face and online interpersonal relations. It's also something that business networks such as LinkedIn and Plaxo trade on.

At LinkedIn, reputation ranking and feedback have now overtaken in importance the original goal of such sites: to build a circle of business associates and stay in touch with them as they flit from employer to employer. Be sure you keep tabs on who's saying what about you.

And reputation is all-important when convincing someone to buy goods from you online. Our own PC Advisor forums show that it's now de rigueur to find out what customers think of a company before buying from it online -- and it's even more important for small retailers.

Visit Broadband Advisor for the latest news and reviews about the Internet and Internet tools.
Romantic interludes

Let's return to our original warning about giving away your personal information freely, and the Internet acquaintances who have more than friendship in mind. This is something adults need to worry about just as much as kids and teenagers.

Internet dating is notorious as a means of disguising your true age, occupation, weight, gender and intentions -- that's why it's so popular. If you want to use the Web to meet people, then do so safely. Use a legitimate agency that's regulated and recognized, research what others who have used the service have to say about it and find out how the agency checks people before taking them on.

Expect some in-depth personal questions and to be asked for proof that you are who you say you are. A passport, driver's license, proof of address, and birth and divorce certificates were routinely asked for at the bricks-and-mortar dating agency where we used to help out.

Online agencies of good repute should insist on similar assurances. If they don't check you out thoroughly, what's to say they're checking up on your next date?

Acting on impulse and simply taking information supplied by potential dates at face value is more than foolish. It's dangerous in every sense.

Source: Computer World

Superfast mini tape from Tandberg

2008-06-10T10:55:00.000+05:30

Tandberg touts superfast mini tape library
Bryan Betts

June 09, 2008 (Techworld.com) Tandberg Data is claiming to have the fastest 2U tape library on the market after upgrading its StorageLibrary line with the latest half-height LTO-4 drives.

Tandberg says the upgraded StorageLibrary product now provides up to 123TB of compressed storage — although the 2U model has 12 tape slots for a compressed total of perhaps 20TB.

The Norwegian storage vendor has also updated its eight-slot StorageLoader — a smaller tape autoloader — with half-height (HH) LTO-4.

The compact tape drives have been available for only a few weeks, and provide a high capacity — 800GB of uncompressed data per cartridge. They allow Tandberg to fit two drives into a 2U library, so the library is about double the speed of one with a single drive, at up to 1.7TB/hour. Tandberg's larger libraries with more drives are even faster, of course.

Compared with LTO-3, the LTO-4 HH has double the storage capacity, runs 50% faster and includes 256-bit AES encryption in hardware, said Bharat Kumar, vice president of marketing and development at Tandberg. It supports nonerasable WORM tapes for long-term archiving, he added.

Meanwhile, rival tape library developer Overland Storage has poured cold water on Tandberg's speed claims.

"Performance is a bit of an odd thing to talk about, because the LTO-4 won't be the limiting factor - the bottleneck will be elsewhere in the system," said Chris James, Overland's European marketing director. He argued that the only real way to improve performance is to put a disk-based VTL (virtual tape library) in front of the tape library.

Not so, countered Simon Anderson, Tandberg's tape product manager. He pointed to LTO-4's ability to adjust its streaming speed so it can work efficiently even when its host server can't feed it at its rated 120MB/sec.

Half-height drives are the future, he said. "If you look at the LTO road map, there is no full-height LTO-5 — it will be half-height only, planned for 2010."

James agreed that the introduction of LTO-4 HH is significant — not just because it allows a library to host twice as many LTO-4 drives, but also because it can store twice as much data.

"20TB in 2U is pretty chunky," he said. "Given that a tape library generates 2% of the heat and consumes 5% of the power of the equivalent in disk storage, there's significant space and cost advantages to be had from migrating data to tape as soon as possible."

Tandberg said that a 24-slot StorageLibrary with a single IBM LTO-4 HH drive and a SCSI interface (Fibre Channel and SAS versions are also available) would sell for under $6,300. The smaller StorageLoader, with one LTO-4 HH and two magazines, each holding four tape cartridges, will sell for around $4,500, the company added.

Source: Computer World

New McAfee Research Names Hong Kong as Most Dangerous Country Domain; Finland is Safest

2008-06-05T10:47:00.000+05:30

SANTA CLARA, Calif., June 4 /PRNewswire-FirstCall/ - Hong Kong (.hk) domain has jumped 28 places as the most dangerous place to surf and search on the web according to a new McAfee Inc. (NYSE: MFE) report called "Mapping the Mal Web Revisited" which is released today. Hong Kong takes the mantle from Tokelau, a tiny island of 1,500 inhabitants in the South Pacific.

"Just like the real world, the virtual threats and risks are constantly changing. As our research shows, Web sites that are safe today can be dangerous tomorrow. Surfing the Web based on conventional wisdom is not enough to avoid risk online," said Jeff Green, Senior Vice President of Product Development & Avert Labs.

The second annual McAfee "Mapping the Mal Web" report into the riskiest and safest places on the Web reveals that 19.2% of all Web sites ending in the ".hk" domain pose a security threat1 to Web users. China (.cn) is second this year with over 11%. By contrast, Finland (.fi) remains the safest online destination for the second year with 0.05%, followed by Japan (.jp).

The most risky generic domain from 2007's report became more dangerous with 11.8% of all sites ending in .info posing a security threat and is the third most dangerous domain overall while government websites (.gov) remained the safest generic domain. The most popular domain, .com, is the ninth riskiest overall. The full McAfee "Mapping the Mal Web Revisited" report is available for download at www.mcafee.com/advice

Using the award-winning McAfee® SiteAdvisor® technology, McAfee analyzed 9.9 million heavily trafficked Web sites found in 265 different country (those ending in country letters e.g. Brazil .br) and generic (those ending in .net or .info for example) domains.

More here: McAfee

Pi Premiere League (PPL) is here!

2008-05-29T11:31:00.000+05:30

22by7 is holding its Annual Sports Event - The PPL

Teams are working hard to come up with Media Campaign to grab mindshare. I belong to Team Omega and here is the Poster we came up with:

Best of luck to the other Teams!

Corporate Sniffing

2008-05-28T10:37:00.000+05:30

Large companies snooping on employees' e-mails

Date: Tuesday, May 27, 2008

New York: If you are an employee in a large company and are thinking of using your work e-mail for job hunting or online dating, watch out.

A new survey finds that 41 percent of large companies (those with 20,000 or more employees) are employing staffers to read or otherwise analyse the contents of employees' outbound e-mail, technology website cnet.com reports.

In the study, which was commissioned by e-mail security provider Proofpoint and conducted by Forrester Research, 44 percent of the US companies surveyed said they investigated an e-mail leak of confidential data in the past year and 26 percent said they fired an employee for violating e-mail policies.

The companies also said they are worried about employees leaking company information on their blogs, message boards, and media-sharing sites like YouTube.

Eleven percent of the companies surveyed took disciplinary action against employees for improper use of blogs or message boards in the past year, and slightly more than that disciplined workers for social-network violations and for improper use of media-sharing sites.

And 14 percent of publicly traded companies investigated the leakage of material financial information, such as unannounced financial results, on blogs and message boards.

Source: Silicon India

Hide your files from Seekers - Nice Trick

2008-05-26T11:54:00.000+05:30

Hide Anything On Your Drive With This Really Neat Trick! - The most popular videos are here

Red Curtain - Free Sec App - Article Pick

2008-05-23T10:42:00.000+05:30

Most web workers are hip to security software applications. You probably run anti-virus software, and perhaps you use a Virtual Private Network (VPN) application when working from a public hotspot. (If you don’t run these applications, you should.) Recently, though, I’ve been using a more unusual, but definitely useful, security application from computer forensics company Mandiant, called Red Curtain.

Red Curtain is free to download and use, and it’s designed for the analysis of possible malware. It “examines executable files (e.g., .exe, .dll, and so on) to determine how suspicious they are based on a set of criteria” and then assigns each examined file a score.

Red Curtain examines a number of specific aspects of an executable, looking at things such as the entropy (or the randomness), indications of packing, compiler and packing signatures, the presence of digital signatures, and other characteristics to generate a threat “score.” According to Mandiant, “this score can be used to identify whether a set of files is worthy of further investigation.”

I’ve found Red Curtain useful in conjunction with anti-virus and anti-spyware software. After I finish my scans, when anti-virus and anti-spyware applications will occasionally flag files as possibly presenting problems, I quickly run a scan on the flagged files using Red Curtain. As one might expect for an application created by a computer forensics firm, it does a very dependable job of confirming whether suspicious files ought to be deleted right away.

You can download Red Curtain free, here. If you, as I do, constantly add to your arsenal of security applications, this one is worth a try.

Original Article : Web Worker Daily

Online Security tips for your kids

2008-05-22T10:52:00.000+05:30

7 tips for keeping kids safe online
Andy Greenberg

Any parent who has spent a few minutes trying to decipher the abbreviations in his or her teenager’s online chat conversations knows that the web hosts a youth culture all its own. And that world doesn’t just have its own language, it also fosters the sharing of personal information among friends—and sometimes strangers—that can set off alarm bells for parents. Here are a few tips for keeping up with your kid in this quickly evolving space—and helping to draw the line between harmless socializing and dangerous breaches of privacy

1. Talk to your kids about the web: More important than trying to limit or control your kids’ web access is to educate them about what information-sharing and behaviour is smart and responsible on the net. Make it clear to your kids that everything they post to a social networking site, or even send in an email, could easily end up being widely distributed to anyone in cyberspace—including people they’d never talk with in person. On the list of details they should never share online: home addresses, phone numbers, any financial information, sensitive personal details or compromising pictures.

2. Use kid-oriented social networks: One easy way to limit the dangers of social networking is to sign up your preteen kids for social networking sites designed for safety. The social network Imbee.com, for instance, is built to replicate real world friendships online, not to help kids meet strangers. Users can only access profiles within a limited network of friends. All new connections are approved by parents. The kids’ networking site Club Penguin is even safer, albeit targeted at a very young audience—with certain settings, users can only chat using a set of harmless phrases.

3. Use content-locking tools sparingly: Programs like Net Nanny or Cybersitter can block objectionable content on the web and make tracking your children’s online behaviour easy. But Larry Magid, founder of Safekids.com and Connectsafely.org, suggests parents think twice before locking down internet use with these kinds of programs. For teenagers, these sorts of software are likely to inspire rebellion and tempt them to find other, less censored paths to blocked material. For younger kids, Magid suggests the filters are often a poor substitute for more long-lasting education about online safety.

4. Agree on good terms for web use: The internet is more widely accessible every day, so a kid given strict rules about online behaviour without his or her input is likely to find a less restrictive entryway to the web. Instead, come to an agreement with your kids about what you both consider acceptable behaviour in terms of balancing their privacy and their safety. Larry Magid suggests parents and children write and sign pledges for proper online behaviour and post them by the family computer.

5. Monitor Your Kids’ Online Profile: One of the dangers of social networking and blogging is that so much of it occurs on the public web, where it’s broadcast to the world. But if strangers can access kids’ profiles and blogs, so can parents. Just as you stay involved in your child’s friendships in the offline world, you can also keep tabs on his or her online socializing, either actively participating for younger kids or watching from a less intrusive distance for teenagers.

6. Pick your location for computer carefully: Setting up a desktop computer that’s tied to a certain location in the house, rather than buying a laptop and using a wireless internet connection, is one way to make keeping an eye on your child’s web use easier. Even better: Put that computer in a high-traffic area of the house, like the living room or family room, to ensure that web surfing stays public. Keeping the internet out of your child’s bedroom also helps you balance his or her online activity with a healthy mix of offline activities like sports and reading.

7. Monitor cellphone use: As phones get smarter, the line between a cellphone and a net-connected computer is beginning to blur. If your child has a phone with internet capabilities, you should be sure to include cellphone use in your discussion about safe online communication. Monitoring your phone bill is one way to keep tabs on the amount of web browsing your child is doing over a cellular network. FORBES

Source: Times of India

Top 10 free Network Tools

2008-05-21T11:09:00.000+05:30

From sniffing to mapping to monitoring, these utilities perform surprisingly sophisticated tasks

Computerworld recently showcased 10 great free network management tools. Readers responded with some of their own favorites, so I'm going to take a look at those tools and report on their capabilities and usage from my perspective as an experienced network manager.

But first, let's address security. Readers mentioned the possible security implications of downloading free tools, which is a valid concern. What's to stop a coder from producing a neat network administration tool that secretly sends information about your network to a collection point for exploitation at a later date?

Read more here: ComputerWorld

Tips - Block Pop - ups

2008-05-19T11:16:00.001+05:30

How To Stop Pop Ups

Secure Web Apps

2008-05-15T11:09:00.000+05:30

| View | Upload your own

Happy Secure Surfing - Article pick

2008-05-09T12:37:00.000+05:30

Since you are reading this I’ll assume that you are aware that there are some fundamental precautions you need to take before you connect to the internet with your new machine. I’m hopeful that you are reading this on your old machine.

This is a good opportunity to review those precautions.

Patch your operating system. Download and install all available patches and service packs by connecting to Windows Update. According to Swedish security company Sophos, 50% of unpatched and unprotected systems will be infected with malicious code within 12 minutes of being connected to the Internet.

Install a firewall. Windows XP comes with a basic firewall, and if you are running Windows Vista, it does come with a more robust firewall (Windows Firewall) than XP, as well as anti-spyware utilities (Windows Defender). However, the consensus is; third party applications are usually more effective. Keep in mind that the XP firewall offers only minimal protection.

There are a number of free firewalls that are worth considering. The following are two that do the job particularly well.

Comodo Firewall

The definitive free firewall, Comodo Firewall protects your system by defeating hackers and restricting unauthorized programs from accessing the Internet. I have been using this application for 8 months and I continue to feel very secure. It resists being forcibly terminated and it works as well, or better, than any firewall I’ve paid for. This is one I highly recommend. Amazing that it’s free!

ZoneAlarm

The free version of ZoneAlarm lacks the features of ZoneAlarm Pro’s firewall. Its program control asks you regularly whether to allow programs; for some this can be intrusive and annoying. But it’s been around forever it seems, and it can’t be shut down, or out, by mal-ware.

Install anti-virus software. There is no doubt that an unprotected computer will become infected by viruses and malware within minutes of first being connected to the internet. There are many free versions of anti-virus software available and the programs that have a well justified reputation are listed below.

avast! 4 Home Edition

This anti virus app is a real fighter, scanning files on demand and on access, including email attachments. Let’s you know when it detects mal-ware through its shield function. An important feature is a boot-time scan option which removes mal-ware that can’t be remove any other way.

AVG Anti-Virus Free Edition

Similarly, this program scans files on access, on demand, and on schedule. Scans email; incoming and outgoing. For those on Vista, your in luck, it’s Vista-ready. I have been using this application since its release and it now forms part of my front line defenses. I recommend this one highly.

Install Spyware and Adware Software. It’s not only a virus that can put your computer down for the count, but a multitude of nasties freely floating on the Internet. Listed below are a number of free programs that offer very good protection against malware.

SpyCatcher Express

SpyCatcher does a good job of cleaning out spy-ware and at stopping further infestation.

Ad-Aware 2007

Many software reviewers consider Ad-Aware 2007 Free as the best free spyware and adware remover available. It does a relatively good job of protecting against known data-mining, Trojans, dialers, malware, browser hijackers and tracking components. The only downside with the free version is real-time protection is not included.

WinPatrol

Do you want to get a better understanding of what programs are being added to your computer? Then WinPatrol is the program for you. With WinPatrol, in your system tray, you can monitor system areas that are often changed by malicious programs. You can monitor your startup programs and services, cookies and current tasks. Should you need to, WinPatrol allows you to terminate processes and enable, or disable, startup programs. There are additional features that make WinPatrol a very powerful addition to your security applications.

ThreatFire 3

ThreatFire 3 blocks mal-ware, including zero-day threats, by analyzing program behavior and it does a stellar job. Again, this is one of the security applications that forms part of my front line defenses. I have found it to have high success rate at blocking mal-ware based on analysis of behavior. I highly recommend this one!

If you are now on the Internet, and you have not yet taking the precautions as outlined above, you are extremely vulnerable and it is critical that you take the following precautions:

Stop surfing the Web and patch your operating system. Only then download the protective software as noted above, or software that you are familiar with that will do an appropriate job of protecting your computer.

Do not visit any other websites until you have done this!

Additional security precautions:

Establish a password for the administrator account. Only you should have access to the administrator settings on your PC. Unfortunately, XP installs with open access to the administrator’s account. Be sure to change this.

Create a new password protected user account. Using this account for your general day-to-day activities adds another layer of protection to your computer. A user account does not have the same all-access permissions as your administrator account, and in many cases this extra layer of protection will restrict malware from gaining a foothold on your PC.

Good luck and safe surfing.

Source

What OS is Ideal for DataStorage?

2008-05-07T12:38:00.000+05:30

Find more videos like this on www.truveo.com.

Spammers & Scammers

2008-05-06T10:48:00.000+05:30

How spammers manage to make money

Kavita Kukday | TNN

Spam is undoubtedly one of internet miscreants’ oldest tricks. With the internet security community stopping just short of putting up hoardings screaming not to touch those “Make money for nothing” emails, one can safely assume that anyone with even half a clue won’t touch them with a bargepole. So how does the spamming community survive and thrive when no one who is even tad bit tech savvy admits to doing business with them? Would there be hoards of poverty-stricken spammers out there that are slowly, but surely, starving to death?

    The answer is unfortunately a big No.

    Studies have found that the business of spam is spinning more money by the day. So how do these spammers make money?

    Well, contrary to popular belief, a significant number of spammers apparently aren’t at all interested in whether anyone buys their wares. They will, in fact, keep minting money even if you never click on any of the spam emails. How? They simply feed off other spammers in a bizarre cannibalistic pyramid scheme of spinning money.

    The math is simple: most spammers make money selling email addresses to other spammers, who then sell those same addresses to others and so on, say security experts.

The numbers game: According to a study by IronPort Systems, Cisco’s security division, the spam volume currently stands at a whopping 98 billion per day worldwide. And it’s growing at 12% month over month since June 2007.

    “And why ever not? It makes you a lot of easy money. Spam masters make $10,000+ a week,” said Ambarish Deshpande, regional director, IronPort Systems, adding, “and they don’t do anything except mine for more and more legitimate addresses and sell them for money.”

    Obviously then, the profession is gaining popularity with young hackers, especially those in third world countries. The study found that the internet had an entire sub-industry supported by spammers alone. For instance, a test conducted on pharmaceutical spammers showed that four days of access to a spam server network, which simply gives you an infrastructure to dish out spam, gives these professionals $6,800.

    The study also found that replying to spam will always result in more spam. In fact, you would find that maximum percent of the spammers never even reply to your requests for more information on their product or service. That’s because they make money on customers’ email address, which is sold to other spammers who in turn again simply pass along the address to still other spammers.

    Funnily, some of these addresses finally also land them into actual legitimate business—people with a real product to sell who were actually interested in selling them. Since there are several layers to this spam scam, most of these legitimate business people don’t even know that the recipient hadn’t requested their sales pitch, because whoever sold them the email addresses in the first place had assured them the recipients wanted the information.

Hidden risks: The biggest number, of course, was found to be that of spam mails with offers for pornography, which consistently delivered exactly the sort of materials they promised. But even these came with nasty pop-up adproducing spyware, and the inbox was crammed with Xrated spam that would singe the retinas of all but the most jaded viewer. Worse, they opened up a backdoor to the computers with various codes that did everything from copying important data from your PC to turning your PC into a zombie that delivered more spam to random addresses all over the world.

    However, if this has led you to think you are safe because you never fell into the trap of clicking on those emails with pornographic content, think again. According to a Google study conducted in May 2007, “One in 10 web pages are infected with malicious code. 70% of web-based infections were found on ‘legitimate’ websites. An estimated 5% of heavily trafficked websites have some sort of threat associated with them—ranging from adware to malicious spyware.”

    For instance on Indian websites, malicious content was found embedded in sites like Delhi Tourism (www.delhi-tourism-india.com/culture), www.zeeinternational.co.in, Business Management Association (www.bmaindia.com) and also some well known banks who have since taken down the culprit script, said a security professional from one of the top security companies.

Scam spam: Finally, there is a good percent of spam messages that obviously still turn out to be brilliant scams. One such example Iron-Port Systems came across was where the ads spoke about a Canadian pharmacy. This sold $129.95 bottle of the ‘Erection pack’, which consisted of two packs of sexual stimulants, ‘viagra’ and ‘cialis’. The best part was a slick legitimate-looking pharmacy site called ‘My-CanadianPharmacy’. This came with a legitimate address and ‘contacts us’ sections.

    The spammers had not only gone to the trouble of making a legitimate looking website, but had also actually set up a delivery system which was traced back to a garage in India. A smalltime company in India was hired to package some tablets that were crammed with enough herbal stimulants to keep a person generally charged up for days. The package even included the return address of this place in Goregaon, Mumbai.

    “It was a brilliant business strategy because this way the spammers actually made the customers believe that they were on to something legitimate and got repeated business from them,” said Deshpande.

Source: Times of India

22by7 shares its expertise in Benefit IT magazine

2008-05-05T10:58:00.000+05:30

Sr. Architect Mr. Bharath shares his expertise in Benefit IT Mabazine article

You’ve Got Mail
So Archive It!

Managing e-mails is every organisation’s nightmare.
However, there’s no way around it given the need for
seamless communication, regulatory compliance and
legal purposes. With archiving solutions in place, you
can rest in peace regarding the efficiency of your server
and flow of e-mails. Go ahead and get one for that
smooth, hassle-free flow of communication.

Key BenefITs
No e-mail overload clogging server
No duplication of e-mails in archive
Ensures compliance with laws
Easy and quick retrieval of e-mails

You’ve got mail!

And a flood of it. Imagine your
inbox inundated with hundreds of messages
that you need to spend hours clearing each
morning? Or, what if a critical mail is lost
perhaps in the maze of your global network
or swallowed by your server? Unthinkable,
because the loss of a single e-mail may spell
the loss of a precious business contact,
contract, appointment, or may be a monetary
setback to your company.E-mail, an otherwise
efficient communication tool for companies or
college students, can be a nuisance, if not taken
care of expertly. In today’s global village, e-mail is
the most critical business communication tool in
over 93 per cent of the organisations in the world
today. Business firms receive a few hundred critical mails
everyday. Each mail is precious, for the communication it brings in
and the part it plays in the global business network.
A company’s progress is linked to it, and hence it needs to be preserved.
In the current business environment, organisations are under constant
pressure from the government, legal and regulatory bodies to store more
data and for longer periods ranging from five to
seven years. A lost mail may open the Pandora’s box of troubles from
loosing credibility in the eyes of potential customers to legal hassles
from suing clients. Enterprises, no doubt,understood this long back and to
maintain e-mail servers’ efficiency,the following steps were taken by
most systems managers:
• Adding more primary storage
capacity.
• Limiting the end user
mailbox size.
• Deleting messages from
message servers at regular
intervals, and
• Relying on back-up tapes for
long-term retention.

But these methods bypass the necessity to store e-mails for
regulatory compliance and legal requirements.
The client suing you for unfinished work as per the
contractual agreement, may very well get away with it and
many of your hard earned crores while making a huge dent in your
credibility unless, of course, you fish out the two-year old mail
regarding the transaction which was completed two years ago.
Herein e-mail archiving plays a crucial role allowing you to search
and reuse an old mail at your convenience.
Searching and retrieving the data when needed is the tricky bit.
Storing, archiving, and searching an old mail are the few challenges
we must tackle to safeguard against any potential business losses.
Where’s the space?

Today, most of the company information and record systems
are digital on at least one computer system (and probably multiple
systems, including online and offline storage). E-mails with all
kind of attachments (ppt, doc, jpeg, mpeg, mp3, etc) are taking up
almost 40 per cent of the storage capacity in organisations today.
What's more, even the e-mail attachments end up getting
stored in multiple places such as the inbox, sent folder and different
folders in a single computer, thus occupying more precious space.

A PR firm sends a 2 MB presentation to 100 companies. This
right away creates a 200 MB storage requirement for 200 recipients of
the press release. Many of those receiving the mail may open and
save the attachment or just let it lie in their inbox The organisations
whose employees do not open the mail add to the ‘unread’ bulk;
while those who ‘read’ but do not bother to delete the mail add to the
‘read’ bulk. Research has shown that after 30 days, 80 per cent of the
people do not access their e-mails but they do not delete it either. It is
just being kept for future reference while eating into a lot of expensive
storage space.

This makes e-mail storage a challenging job that is expensive to
manage and difficult to back-up, additionally with personal archives,
risk exposure, and inconsistent retention, message retrieval is like
searching for a needle in a haystack.

The key challenges according to Atul Gupta, product manager,
Select Technologies are:
• Reducing the primary storage
requirement for the messaging
storage environment by 60 to
80 per cent
• Improving performance of the
message servers
• Automating retention and
disposition policies
• Searching and retrieving
messages in seconds instead of
days, weeks or months
• Confidently producing all emails
for legal discovery.
There’s a solution though!

The most popular solutions in India are EMC’s E-mail Xtender
and Symantec’s Enterprise Vault,informs Atul.
EMC EmailXtender is a centralised data storage and
retrieval system. It automatically moves data off the e-mail
message server into the storage system, capturing and indexing all
incoming and outgoing e-mails. EMC EmailXtender
archive edition helps to reduce storage costs and increase
message server performance in Microsoft Exchange and Lotus
Notes/Domino environments by automatically migrating e-mail
messages and attachments into a centralised message archive. It
also removes duplicate messages while compressing them for a
compact message archive. “Good e-mail archiving solutions do
something called de-duplication of messages, so any message archived
will not be archived again,” adds
Bharath Kumar, senior architect,
22by7 Solutions Pvt Ltd.
This can also be combined with networked storage and help
organisations achieve increased operational efficiencies for dayto-
day e-mail management. For fixed content archiving, corporate
governance and regulated storage environments, EMC Centera,
a content addressed storage (CAS) system, provides unique
self-healing and authentication features.
Storing, archiving, and searching an old mail are the few challenges we
must tackle to safeguard against any
potential business losses.

ManageIT
productivity.

Since this is a a one time cost on software products and
disk storage solutions where the mails will be archived,
taking the compliance and SLAs (service level agreements) into
consideration, the ROI (Return on Investment) can be achieved
in a year, adds Kumar. However, Atul adds that the cost depends
on the archival policy and compliance and there are two
major components—archival software and hardware. Software
has unique features that lower the TCO (total cost of ownership)
and gives quick ROI. E-mails need to be archived as
a record of business transactions.At the same time there must be
ease of use for people to work with efficiency.

The art of archiving

An e-mail server’s performance can deteriorate
exponentially when storing vast amounts of old e-mail and as a
result, users have to suffer e-mail quotas. Archiving helps to keep
the messaging server sizes small, while improving performance
and reducing back-up time. With archiving, an organisation can
establish a pro-active e-mail management system. Moreover, a
single, centrally managed e-mail archive would help
improve operational efficiency and storage management in
your company as also reduce time, cost, and the risk of legal
hassles. It will also provide a seamless end-user experience
while enabling compliance with regulatory and corporate
governance requirements.

Digging deep

When we archive so many mails every day, we end up
storing millions of mails. So how do you hunt for one specific mail
in this mass? According to Kumar there are two ways to search for
mail from archives: Web search (By using a URL to connect to
the e-mail archival server) and second by using client software
which will get integrated with a mail client like Outlook, Notes,
etc. Thus, it can be retrieved through a simple search.
“Since every archived mail has an icon and this reflects as any
other mail in the mailbox minus the size of the mail. Once the
user clicks on the icon, the e-mail gets retrieved with a minimal lag
time,” says PK Gupta, director— APJ (Back-up, Recovery and
Archive solutions), EMC Global Services.

The legal angle

The compliance regulation ideally ranges between five
to seven years. So for legal purposes a company needs to
preserve its mails. Again, each company has its own policies
and systems of meeting its regulatory obligations. “The
time span for which we need to store an e-mail varies to a huge
extent from one organisation to the other. Different companies
have different strategies and policies. For example, one of the
customers keeps all the e-mails for 30 days on primary storage
after that it moves it to ATAbased cheaper disks for one year
but leaves shortcuts so that users can retrieve their e-mails quickly,
and at the same time save a lot of space by de-duplication.
After a year, it moves to content addressed storage (CAS) for five
years to meet the compliance requirements and then gets
deleted after five years,” adds Gupta.

Cost is a constraint

Companies need to invest on storage products so that the
servers’ efficiency is maintained, which indirectly impacts the
efficiency of employees. This improves user satisfaction and
Archiving for accessibility
• Increases the processing power of
the mail server
• Gives control on mails within the
organisation.
• Enhances e-mail retention efficiency
• Assists compliance with e-mail
retention requirements and
regulations to preserve corporate
records
• Deploys complete e-mail
management with assured
authenticity and easy accessibility to
the archived messages
• Increases end-user productivity by
reducing time spent managing e-mail
folders
• Accelerates Microsoft Exchange
and Lotus Notes software upgrades
and migrations by archiving e-mail in
advance
• Reduces storage costs and improves
message server performance
• Lowers the costs and risks of legal
hassles

-by Jesus Milton Rousseau S.
BenefIT Bureau

“Good e-mail archiving solutions do
something called de-duplication of
messages, so any message archived
will not be archived again.”
Bharath Kumar, senior architect, 22by7 Solutions Pvt Ltd.

Wireless Threats

2008-05-02T10:35:00.000+05:30

Wireless Vulnerabilities Present Enterprise-Wide Threats, Expert Says

Wireless is the greatest threat to corporate networks since the emergence of the Internet, AirPatrol CEO says

APRIL 28, 2008 | 5:40 PM

By Tim Wilson
Site Editor, Dark Reading

LAS VEGAS -- Interop/CSI SX Conference -- Wireless vulnerabilities in corporate environments are creating as great a threat now as the Internet did in its early days, a security expert said here today.

In a session at the Computer Security Institute's CSI CX conference, which is being held concurrently with Interop here, AirPatrol CEO Nicholas Miller said the rapid growth of wireless networking has increased the threat of wireless vulnerabilities to an unprecedented level.

"The problem is that wireless vulnerabilities don't just expose the user who's unaware of them, but the whole corporate network the user is attached to."

"I can go out in a car and sit in a parking lot with a wireless router and gain access to an amazing variety of systems," Miller said. "It's really a little bit scary."

In an effort to save money and reduce infrastructure, many companies are moving toward a wireless infrastructure, which puts their networks at a greater risk than ever, Miller says. Yet many of the old vulnerabilities that existed in the wireless environment still have not been resolved, he observed.

"We think the best approach is to attack the problem in the reverse way that they're currently doing, which is to put in a wireless network and then add a security solution," Miller said. "What we think they should do is deploy a wireless security system first, and then you could literally go out and buy the access points at Best Buy."

"What we're really saying is that the emperor's got no clothes. You don't need all of that complex wireless technology if you have a wireless threat management system in place with encryption and security."

Wireless infrastructure vendors offer some security capabilities, "but they are really looking for rogue access points, which is a tiny issue compared to the total problem associated with laptop security," he said. "You really need to look at the entire network -- you need to secure the endpoints."

The problem with most wireless technologies is that they don't account for the end user's location, Miller said. "All of a sudden people can have access to the network as if they were in the building, which is why we need location-based access in wireless. Any wireless product you're looking for should have that capability. If a hacker wants to break into the network, they should have to break into the building."

AirPatrol is working with CheckPoint to block wireless access from unauthorized access points via the firewall, Miller said. "We're blocking traffic at the edge of the network using CheckPoint firewalls, which is a new way to use the firewall. We're also working with a very large switch vendor to see this sort of access control at the switch level."

To be effective, a location-based wireless security system should be able to deliver accuracy within 10 feet of the user's location, Miller said. "Ten feet tells you it's Frank in accounting. Thirty feet tells you it's in the building."

Source

Wireless Security

2008-04-28T11:14:00.000+05:30

WHO = World Hackers Organization?

2008-04-25T10:51:00.000+05:30

Hackers jack thousands of sites, including U.N. domains

by Gregg Keizer

April 23, 2008 (Computerworld) Large numbers of legitimate Web sites, including government sites in the U.K. and some operated by the United Nations, have been hacked and are serving up malware, a security researcher said today as massive JavaScript attacks last detected in March resume.

"They're using the same techniques as last month, of an SQL injection of some sort," said Dan Hubbard, vice president of security research at Websense Inc., referring to large-scale attacks that have plagued the Internet since January.

Among the sites hacked were several affiliated with either the U.N. or U.K. government agencies, said Websense.

The exact number of sites that have been compromised is unknown, said Hubbard. He estimated that it's similar to the March attacks, which at their height infected more than 100,000 URLs, including prominent domains such as MSNBC.com.

"The attackers have now switched over to a new domain as their hub for hosting the malicious payload in this attack," Websense said in an alert posted yesterday to its Web site. "We have no doubt that the two attacks are related."

Although the malware-hosting domain has changed, it's located at a Chinese IP address, just like the one used in March, Hubbard said. "It also looks like they're using just the one [hosting] site, but changing the link within the JavaScript," he added, talking about an obfuscation tactic that the attackers have used before.

When a visitor reaches one of the hacked sites, the malicious JavaScript loads a file from the malware-hosting server, then redirects the browser to a different page, also hosted on the Chinese server.

"Once loaded, the file attempts eight different exploits," noted the Websense warning, including one that hits a vulnerability in Internet Explorer's handling of Vector Markup Language (VML) that was patched in January 2007.

Another security researcher, Giorgio Maone, who also develops the NoScript Firefox add-on, said late Wednesday that although the U.K.-based sites appeared to have been cleansed of the malicious JavaScript, the U.N. sites had not.

Maone also said "I told you so" in his blog post yesterday. In an August 2007 entry, he had said that rather than fixing the underlying security problems on the U.N. site, the agency had simply deployed a "pretty useless" firewall that masked the most obvious attack surface.

However, even the disinfected sites could fall victim again, Maone maintained. "The sad truth, though, is that even those 'clean' sites are still vulnerable, hence they could be reinfected at any time," he said.

"Web site owners have to start securing their code," Hubbard noted.

Source: Computer World

Are you Storing Headaches?

2008-04-21T11:21:00.000+05:30

| View | Upload your own

Did Chinese hack MEA server for Tibet policy?

2008-04-17T10:50:00.000+05:30

THE CHINESE hacked the servers of the Ministry of External Affairs (MEA) on Friday (April 11). Highly placed sources in the ministry state that sources of hacking were clearly linked to China.

Were the hackers trying to sniff into the Tibet policy related data in the MEA servers? Without disturbing anything they quietly came and left. What were the hackers looking for?

The Chinese hackers cracked the security code of a computer network in Beijing. The saving grace, according to MEA sources, was that the hacker(s) could not get any classified information. Thus, no valuable data were stolen.

Initially, the government was not forthright with mentioning the name of China into the Friday hacking. There were oblique hints. India's soft attitude towards China should be shed and the government should call spade a spade.

Sample a GoI communiqué that states it's not only China that is trying to hack into the MEA server from around the world. In fact, hackers from all over the world, including those in UK and the US constantly try to break in and filch sensitive information.

It was further stated that each official has in MEA has a backup computer. All sensitive material is in the offline computer.

by Aniruddha Roy 11 April 2008, Friday

Source: http://www.merinews.com/catFull.jsp?articleID=132322

Hack Whack!

2008-04-16T10:47:00.000+05:30

| View | Upload your own

Is your site safe?

2008-04-11T11:36:00.000+05:30

| View | Upload your own

Know what's happening in your wireless network?

2008-04-10T11:29:00.000+05:30

Network Scanning: Find Out What’s Really on Your Wireless Network
By John Edwards

If you've never used a wireless network scanner, you may be surprised by what it can tell you about your network and the data that lies within its reach.
A growing number of businesses are deploying 802.11 wireless networks for both internal use and public access. Regardless of the network's purpose and configuration, a wireless network scanner is necessary for assuring its continued operation and security. Popular open-source wifi network scanners include NetStumbler and Kismet. These products, and most other network scanners, can help you learn the following things about your wireless network.

Overall Vulnerability: Network scanners are often used in conjunction with a laptop or other portable computer to sniff out wireless networks from a moving vehicle — a practice known as wardriving. Performing the same activity while strolling down a street or through a business site is called warwalking. There's also warbiking, warskating and probably war-go-karting happening as well. In any event, while you yourself may never use a network scanner for wardriving or similar activities, you can be certain that other people are doing so in order to test your network's availability, size and configuration, as well as its potential vulnerability.

NetStumbler and some other network scanners work actively, sending messages that are designed to probe any encountered access point for information, such as its SSID (service set identifier), MAC (machine access code) numbers and the name of the network it's connected to. If your network is secure, you have nothing to worry about. If, on the other hand, you suspect that your network may be vulnerable to intruders through the lack of security measures, you may want to perform your own wardrive in order to check for potential soft spots (such as improperly configured access points that allow unrestricted network access or those that spew too much identification information). Vendors such as AirMagnet Inc. and Aruba Networks Inc. offer technologies that are designed to lock down wireless networks.

The Presence of Rogue Access Points: This is perhaps the most useful network-scanner application. A rouge access point is an access point that exists without permission of the wireless network's administrator. Rogue access points are often installed by employees to create stealth wireless networks that circumvent security measures installed on the company wireless network. A network scanner lets you sniff out, pinpoint and eradicate unauthorized access points.

Criminals can also install a rogue access point within the range of a company wireless network to hijack the connections of legitimate users. The crooks can then use the connections to eavesdrop on transmitted information and potentially even gain entry to the company's main internal network.

Hardware Problems: A network scanner is indispensable for checking the state of wireless network hardware, particularly access points. By measuring signal strength, the scanner can help you quickly identify access points that are inoperative or performing poorly.

The Location of Weak and Dead Spots: Network coverage can be impaired by walls, trees and a variety of other man-made and natural objects. A network scanner can help you locate poor coverage areas, which can then be bolstered with additional access points.

The Sources of Wireless Interference: Wireless networks are subject to interference from neighboring 802.11 installations, as well as from a variety of consumer and business technologies, including cordless phones, motors and various types of industrial equipment. By showing signal strength as you move about, a network scanner can help you track down interference sources that generate signals on the same frequency as the wireless network.

Improperly Aimed Directional Antennas Used for Long-Haul Connections: Many companies use point-to-point wireless connections to link together 802.11 hotspots across a business campus or other geographical site. Aiming directional antennas requires precise adjustments to ensure continuous connectivity and maximum performance. By measuring signal strength, a network scanner makes antenna aiming a faster, more exact and less troublesome task.

Source: ITSecurity

Data Security & your Business success

2008-04-08T16:39:00.000+05:30

Take Stock: Conducting a Data Security Audit in Your Office

by Lesley Fair

It may mean one thing on TV, but to savvy business executives, “CSI” should stand for Carefully Secure Information. Every company has an obligation to its customers, affiliates, and employees to safeguard sensitive data. As outlined in the Federal Trade Commission’s new handbook, Protecting Personal Information: A Guide for Business, one step of the process is to “Take Stock” — conduct a CSI-style “forensic audit” of your information practices.

Effective data security starts with assessing what information you have and identifying who has access to it. Understanding how personal information moves into, through, and out of your business and who has — or could have — access to it is essential to assessing security vulnerabilities. Whether you’re a industry giant or a lean-and-mean one-person shop, here are some tips on conducting your own “CSI” investigation:
# Secure the scene. Inventory all file cabinets, computers, flash drives, disks, and other equipment to find out where your company stores sensitive data. Don’t forget about laptops, employees’ home offices, cell phones, and email attachments. No security audit is complete until you check everywhere sensitive data might be stored.
# Look for footprints. Track personal information through your business by talking with your technology staff, human resources office, accounting personnel, and outside service providers. Get a complete picture of who sends your company sensitive data. Do you get it from customers? Call centers? Credit card companies? Banks or other financial institutions? Affiliates and contractors?
# Check the doors. How does sensitive data come in to your company? From your website? Via email? Through the mailroom? What kind of information is collected at each entry point? Customers’ credit card, debit, or checking account numbers? Sensitive health or financial data?
# Dust for fingerprints. Who has — or could have — access to the information? Which of your employees has permission to look at sensitive data? Could anyone else get a hold of it? What about vendors who supply and update software you use to process credit card transactions? Contractors running your call center, distribution, or fulfillment operations?
# Protect key evidence. Different types of data present varying risks. Pay particular attention to how you keep personally identifying information like Social Security numbers; credit card, debit, checking account, or financial information; and other sensitive data that could facilitate fraud or identity theft if it fell into the wrong hands.

Get your copy of Protecting Personal Information: A Guide for Business at www.ftc.gov/infosecurity.

Lesley Fair is an attorney in the FTC’s Bureau of Consumer Protection who specializes in business compliance.

Source

Top Security Breaches - 2007

2008-04-03T12:34:00.000+05:30

David Hakala on January 22, 2008

Every year sees a fresh crop of security breaches. Most go unreported, unless they involve consumers' personal data, at which point companies are required to give timely public notice of security breaches. The following list of 2007's worst security breaches consists mainly of such reportable incidents. The incidents are sorted in descending order of severity based on how many individuals were potentially affected.

Note that remote hackers played a role in a small minority of cases. Most data losses occurred because laptops, tapes or disks were not properly secured. It is a never-ending struggle to get users to adhere to physical security protocols.

Jan 17, 2007: The TJX Companies Inc. (which operates T.J. Maxx, Marshalls and other stores) announced that it suffered an “unauthorized intrusion” into its computer systems that process customer transactions. The company subsequently revealed that the hackers had access to between 46 million and 215 million customer records for 17 months. The costs of this breach have reportedly reached $216 million, and the lawsuits are still flying.

July 3, 2007: Some 8.5 million customer records were stolen by a database analyst employed by Certegy Check Services Inc., a subsidiary of Fidelity National Information Services. The theft included credit card and bank account data, as well as other personal information. In November 2007, the employee pled guilty to conspiracy and fraud charges. A California class-action lawsuit against the company and its parent alleging negligence remains pending.

Sept. 15, 2007: Online stockbroker TD AMERITRADE’s computer system was infiltrated by hackers, who stole up to 6.3 million customer contact records including names, addresses and phone numbers. The hackers were able to install a backdoor program on the company's server, which gave them access.

April 10, 2007: A CD containing the personal information of 2.9 million Medicaid and child health care insurance recipients was lost in shipping. Officials would not reveal whether the data was encrypted. The data was being shipped from an Atlanta office of Affiliated Computer Services Inc., which manages claims for the state, to another contractor in Maryland.

Aug. 23, 2007: Monster revealed that intruders using legitimate usernames and passwords entered its system and made off with 1.3 million jobs seekers' records, including email addresses, names, home addresses and phone numbers.

Sept. 28, 2007: A laptop containing the personal information — including Social Security numbers — of 800,000 employment applicants was stolen from the offices of a third-party vendor that manages application data for fashion retailer Gap Inc.

July 20, 2007: SAIC, a Pentagon contractor, failed to encrypt data on 580,000 military households before transmitting it over the Internet. The data included names, addresses, birth dates, Social Security numbers and health information. The data was stored on an unsecured server.

June 15, 2007: In Ohio, a backup tape stolen from a 22 year-old intern’s car contained the names and Social Security numbers of all 500,000 state employees, plus 225,000 similar records of taxpayers.

Oct. 4, 2007: The Massachusetts Division of Professional Licensure, responding to public-records requests from marketers, mailed out disks containing the names and addresses of 450,000 licensed professionals in the state. Then, the division hurriedly mailed letters to all 450,000 professionals saying that their Social Security numbers had been included inadvertently. All but two of the disks were recovered.

May 19, 2007: Hackers broke into the network of the Illinois Department of Financial and Professional Regulation in January 2007 and accessed nearly 300,000 records regarding licensed professionals and applicants for licenses. The breach was discovered on May 3, 2007.

Aug. 23, 2007: A laptop containing 280,000 records about city retirees was stolen from a consultant to the City of New York Financial Information Services Agency as he sat in a restaurant.

Dec. 5, 2007: The names and Social Security numbers of 268,000 blood donors were on a laptop stolen from Memorial Blood Centers in Duluth, Minn.

March 30, 2007: Three laptops were stolen from the offices of the Los Angeles County Child Support Services. The data included 130,500 Social Security numbers — most without names — 12,000 individuals’ names and addresses, and more than 101,000 child-support case numbers.

May 19, 2007: A computer was stolen from the Texas Commission on Law Enforcement Standards and Education. It contained the names, home addresses, driver-license numbers, birth dates and Social Security numbers of every licensed law enforcement officer in the state — some 230,000 individuals.

Oct. 30, 2007: Three backup tapes containing 230,000 records of The Hartford Financial Services Group Inc.'s customers were misplaced.

Oct. 23, 2007: West Virginia Public Employees Insurance Agency notified 200,000 current and past members of its insurance programs that a computer tape containing names, addresses, phone numbers and Social Security numbers was lost while being shipped via United Parcel Service of America Inc.

May 14, 2007: A virus that could have allowed a hacker access to 197,000 records about students at College of Southern Nevada attacked a server, but the school is not sure whether any data was actually taken.

Jan. 26, 2007: Tapes containing names, Social Security numbers and other data regarding 196,000 Wellpoint Anthem Blue Cross Blue Shield customers were stolen from a lockbox held by one of the company’s contractors.

Nov. 16, 2007: Tae Kim, a former auditor for the U.S. Department of Veterans Affairs, was arrested after being caught using fraudulent credit cards. His home computer contained 1.8 million records on Veterans Affairs medical patients pertaining to 185,000 unique individuals.

Source

FW: 010408 - Tuesday Travesty - Alabama State in USA legislates to change the Value of Pi

2008-04-01T10:22:00.000+05:30

NMSR Reports, Vol. 4, No. 4, April 2008

Alabama Legislature Lays Siege to Pi

By April Holiday

The Associalized Press

HUNTSVILLE, Ala. -- NASA engineers and mathematicians in this high-tech city are stunned and infuriated after the Alabama state legislature narrowly passed a law yesterday [March 30, 2008] redefining pi, a mathematical constant used in the aerospace industry. The bill to change the value of pi to exactly three was introduced without fanfare by Leonard Lee Lawson (R, Crossville), and rapidly gained support after a letter-writing campaign by members of the Solomon Society, a traditional values group. Governor Guy Hunt says he will sign it into law on Wednesday.

The law took the state's engineering community by surprise. "It would have been nice if they had consulted with someone who actually uses pi," said Marshall Bergman, a manager at the Ballistic Missile Defense Organization. According to Bergman, pi (p) is a Greek letter that signifies the ratio of the circumference of a circle to its diameter. It is often used by engineers to calculate missile trajectories.

Prof. Kim Johanson, a mathematician from University of Alabama, said that pi is a universal constant, and cannot arbitrarily be changed by lawmakers. Johanson explained that pi is an irrational number, which means that it has an infinite number of digits after the decimal point and can never be known exactly. Nevertheless, she said, pi is precisely defined by mathematics to be "3.14159, plus as many more digits as you have time to calculate".

"I think that it is the mathematicians that are being irrational, and it is time for them to admit it," said Lawson. "The Bible very clearly says in I Kings 7:23 that the altar font of Solomon's Temple was ten cubits across and thirty cubits in diameter, and that it was round in compass."

Is your hard drive about to crash?

2008-03-25T12:09:00.000+05:30

Hard drives form the basis of our computing. The use of computers comes down to manipulating data, and the hard drive is, of course, where we store all our data; family albums, music, work documents, email, the list goes on.

Most of the components in your computer are electronic devices. They don’t fail with time like a mechanical device such as a car. But your hard drive is one of the few mechanical devices used in modern computing, and as such, it’s destined to die eventually.

It’s important to learn to recognize the warning signs of an imminent hard drive failure, since you might not have the budget for an extensive back-up system, so you can rescue all that data before it’s lost—sometimes forever, not retrievable at any cost.

Why do hard drives fail?
Logical Failures
Logical failures occur when the electronics of the hard drive failure or the software (firmware) has a problem. This kind of failure is usually the cheapest and easiest to have fixed. Unfortunately, it’s also an uncommon failure.

Media Failures
If the hard drive has been handled roughly, or the magnetic platters are scratched, have read/write errors or low-level formatting problems, this is a media failure. These are also relatively uncommon. Once the platters are scratched, the data should be considered scrapped.

Head Failures
A head failure occurs when the read/write head crashes into the platters (the head crash), has an “improper flying height” or the wiring between the logic board and the head is faulty—among other failures related to malfunction of the read/write head. This is a common failure. The head crash is particularly nasty.

Mechanical Failures
Mechanical failures probably make up the bulk of hard drive failures. The motor burns out, the drive overheats, bearings get stuck—the kind of thing you’d expect to find when a car fails. These can be nasty but if the failure didn’t affect the platters, you might have a chance of recovery, but at a cost.

How do I find out when it’s going to fail before it fails?
That’s not always possible, and sometimes a hard drive will just die—but it’s still important to keep an eye on the symptoms of an imminent hard drive so you have the chance to back-up your data and get professional help.

Hard drives are incredibly sensitive bits of hardware, so don’t try to crack it open and have a look inside unless you know what you’re doing. And most definitely ensure that if you do crack it open, the platters don’t get exposed to the open air—hard drives can only be opened in Class 100 clean rooms or they’re pretty much instantly destroyed by dust.

It’s a lot easier to back-up than to get your data recovered. Once you detect any of the signs of failure you need to ensure that you have a back-up and if not, make one. Then when the drive dies, you can claim your warranty if you still have it, or buy a new drive, and be on your way.

Recovery can cost thousands and thousands of dollars; it sure is a ridiculous amount to pay, but there’s not much you can do but shop around and find the best price. The cost of transferring a back-up onto a brand new drive is much cheaper than having a recovery specialist do the same for you.

Strange Noises
Sometimes hearing strange grinding and thrashing noises means your drive is beyond repair—for instance, if you’ve had a head crash, it very often is. Or it could just be that the motor has failed or your hard drive is grinding away because of noisy bearings. If you’re hearing strange noises then act very, very quickly—you probably don’t have much time.

Disappearing Data and Disk Errors
Computer won’t let you save a document? Or you’re sure that you had a file on your desktop yesterday that’s nowhere to be seen today? Programs that always worked suddenly stop working, asking where a file it depends on is stored?

These are all potential signs that your hard drive is on its way out. Of course, it could be that your kids moved your files for fun or a virus is eating through them, but disappearing data is never a good sign for your drive if you can rule out those alternative causes.

Your computer stops recognizing your drive
This may seem obvious, but if your computer no longer recognizes your drive chances are there’s a problem with it, not the computer. Test it in a friend’s computer and see if your hard drive is recognized by it.

Often, this will be a logical failure—unless you can hear strange noises that indicate a severe mechanical or head problem.

Computer Crashes
Does your computer regularly blue-screen or suddenly reboot? Does it crash often, especially when booting your operating system? If your computer is crashing, especially at times when the computers is accessing files (such as during the boot sequence), it may indicate a problem with your drive.

Really Slow Access Times
It shouldn’t take half an hour to open a folder in Windows Explorer, or two hours to empty the trash. I’ve come across this problem plenty of times over the years, and it’s always followed by a failing hard drive within a month or two.

If you have this symptom on your computer and your drive does not fail, please uninstall Vista from your 486.

Sound is a great indicator. As soon as the sound changes from the norm, or you get plenty of clicking and grinding from your hard drive, you need to power it down immediately. Get to know the sound of your hard drive while it’s young and in working order, because you’ll need to be able to hear the slightest differences when it gets older.

What next?
Don’t try to be a hero. If there’s time, get your data backed up. If there’s not—nasty noises, for example—get it out of the computer or enclosure, wrap it in anti-static plastic or aluminium foil and keep it safe until you can send it to a professional. Hard drives are very sensitive, just like those kids who die their hair black and write poems about suicide. Don’t mess with them.

When you contact a recovery specialist, they will give you details on shipping the drive, though they tend to prefer you hand-deliver it to prevent further damage.

When it comes to hard drives, just remember to keep an eye on it and act quickly. And, of course, keep extensive back-ups, even if you have to skip groceries one week to do so.

Link

Bank of India website hacked!

2008-03-24T10:58:00.000+05:30

Bank of India website back online, without malicious code
Dan Kaplan 5 Sep 2007 19:17

The Bank of India website is operational today - approximately four days after security teams disabled it after hackers embedded malware on the home page.
The delay – Sunbelt Software researchers first notified the bank Thursday that its website was distributing 30 types of malware – was necessary to ensure complete removal, experts said. Often times, site engineers fail to shore up all of the holes, which may allow attacks to continue.

“You typically find that if the bad guys find a way to compromise one page, they compromise other pages as well,” Roger Thompson, chief technology officer of Exploit Prevention Labs, told SCMagazineUS.com today. “We often see that the sites get re-hacked.”

The hackers, believed by Sunbelt to be part of the Russian Business Network (RBN) criminal gang, unleashed two server exploits that took advantage of machines not patched with the latest MicrosoftWindows updates, Thompson said.

Visitors to the bank's home page could have been infected if their machines were not updated with the MS06-042 bulletin, a cumulative fix for Internet Explorer that was issued in August 2006, or January 2007's MS07-004 update, which corrects a vulnerability in vector markup language.

It is unknown what mode of attack the criminals used to drop malicious IFRAME links on the site, but experts believe the gang may have injected a malicious script.

Jeremiah Grossman, founder and CTO of WhiteHat Security, told SCMagazineUS.com today that hackers now focus their attacks on website visitors.

Reports today said the Bank of India site was compromised through a U.S.-based hosting provider. Grossman said hosting providers often fall victim to silent attacks and they offer big targets because they provide criminals with access to thousands of sites.

Bank officials could not be reached for comment. It is unknown how many Americans may have been affected, but experts believe many U.S. residents use the bank.

Thompson said end-users should be wary of similar website exploits, and they are more likely to be affected in the office than at home.

“Where they catch people is when they are doing their banking at work,” he said. “People think they're safer at work being behind the corporate firewall and corporate anti-virus, but companies tend not to patch automatically because they run a lot of home-grown applications.”

Grossman said bank customers should remember to patch their machines and run a platform or alternative web browser that attracts less attention from the malicious community.

“They're definitely out of harms way,” he said. “Nobody is going after these systems en masse.”

Source Link

Phishing attacks on banks rise six-fold

2008-03-17T11:18:00.000+05:30

It could set the alarm bells ringing for Indian banking system, there has been a six-fold rise in phishing attacks on the country's lenders during the last four months alone, a study revealed in Mumbai.

Phishing is a form of internet fraud that aims to steal valuable information such as credit cards details, social security numbers, user IDs and passwords for financial gains.

The fraud is executed through spoof emails and fake websites that prompt users to disclose their personal details.

The 24X7 Security Response Lab of Pune-based internet security firm Symantec found that in October last year, there were 20 unique attacks on Indian banks while the figure has grown to 120 attacks as of January, 2008.

"The attacks are now becoming more localised, subtle and target-specific...the increase in the number of attacks reflects that they are getting successful," Symantec Director Security Response Prabhat Kumar Singh said.

From fame, the phishers are now turning towards making a fortune, he added.

The Symantec lab monitors the complete threat spectrum and malware activity all across the world. It provides support in 14 languages against phishers who are extensively using sophisticated methods to install spyware, trojans, worms and viruses.

But, it is not actually a security breach for the bank. "The banks have put in the best possible security but it is the unsuspecting user on whose back the phishers enter the system," Singh said.

16 Mar 2008, 1701 hrs IST,PTI - The Times of India

22by7 celebrates Pi Day

2008-03-14T11:02:00.001+05:30

Today is International Pi Day! -- and also 22by7's 2nd Birthday!

Pi day is being celebrated throughout the world,specially in Universities & schools.

If you care to look there is an incredible numbers of sites on the web dedicated to Pi.

Here's a sample quote where the word-counts are pi decimals .

How I need a drink, alcoholic in nature, after the heavy lectures involving quantum mechanics.

&

A great palindrome: “I prefer pi.”

More Pi fun here:

http://members.aol.com/loosetooth/pi.html

22by7 will be celebrating Pi day with a slew of games & quizzes with Pi as the theme.

We have also scripted a play called "Pi-lay" - a take off on "Sholay".

Where the villain is "Daku Angle Singh" and who shouts "arre o! Lambda" regularly.

Other equivalent characters are :

Thakur T-square

Pi & Zero - Whose strategic weapons to kill Angle Singh are Protractors...

Infinity ( for Basanti) - 'cos she has to dance forever to save Zero's life.....

The village ? - "Pinagaram", obviously inhabited by Piwallon or Pindians...

Well like I keep saying :

We have loads of fun

At Twenty Two by Seven...

Indian Govt plans to tackle Hackers

2008-03-12T14:43:00.001+05:30

Hackers attempts @gov.org

Date: Tuesday, March 11, 2008

New Delhi: Nowadays, government departments are facing big threats from some hitherto unfamiliar elements. Remote injection, authorization bypass and Cult of the Dead Cow are those that make up a wider nightmare of departments of Railways, TRAI, Customs, among others, reported The Economic Times.

Website hacking has attained critical momentum in India. The last few months have seen hackers attacking the website of TRAI, Indian Railways, Department of Telecom, Air Cargo Customs, National Institute of Social Defence, Forward Markets Commission, National Institute of Health and Family Welfare and BSNL, among others.

The hackers even disfigured the website of department of information technology, the nodal agency that is supposed to solve the very issue of hacking. Hackers have also tampered with the website of the wireless planning and coordination wing of the Department of Telecom, the body which handles the sensitive issue of spectrum allocation.

To stop the menace, the DIT says it is in the process of hosting all the servers of the key ministries in the country itself.

"We have entrusted the National Informatics Centre (NIC) with this task and the servers of most of the ministries have been moved to the government body," a DIT official said. The Indian Computer Emergency Response Team (CERT-IN), a DIT body, is in the process of implementing a high-end attack detection solution to make the systems, especially government-owned ones, safer. CERT-IN is also installing a network flow-based threat assessment solution to check the vulnerability of a particular website.

Despite all these efforts, the number of security-related incidents (of hackers crashing Indian websites) has been growing steadily. In January, 87 security incidents were reported as compared to 45 in December 2007. Out of all the incidents, 47 percent were related to phishing, 21 percent unauthorized scanning, 25 percent incidents related to virus under the malicious code category and seven percent incidents were related to technical help under other categories, government data reveal.

In January, only 30 incidents of defacement were reported compared to 509 in December and 305 in November. According to industry sources, the government sector now accounted for 30 percent of all defaced Indian websites in 2007, when compared to about 27 percent in 2006.

Source:

http://www.siliconindia.com/shownews/40258

Security Tips : How to prevent Identity Theft

2008-03-10T11:00:00.000+05:30

Most companies handle, process, and store personal information of employees, clients, and business partners every hour of every day. It is more important than ever to safeguard this information due to the growing problem of identity theft.

Identity theft occurs when someone takes another's personal data--such as their social security number (US), social insurance number (Canada), drivers license number, and birth date--and uses it to commit fraud. The thief might apply for telephone service, credit cards or loans, buy merchandise, lease cars or apartments, apply for a mortgage, even get a job--all in someone else's name. The victim could be left with serious damage to their credit record, their bank account, and their good name.

Your vigilance can help prevent identity theft. Follow these security tips at the office to lower your own risk and your company's exposure to this crime.

Guard others' personal information as if it were your own.
- Guard sensitive information such as social security numbers (US), social insurance numbers (Canada), drivers license numbers, addresses, birth dates, mother's maiden name, bank account and credit card numbers, policy numbers, health care data and employee numbers.
Take care when exchanging sensitive personal data in conversations.
- Do not discuss sensitive information in public places, such as in a restaurant, gym, lobby or elevator, or on public transportation.
- Do not discuss sensitive information on a cell phone, which is vulnerable to casual and electronic eavesdropping.
Lock up.
- Lock up sensitive papers and digital media overnight.
- Lock your computer with a password-protected screen saver before leaving your desk unattended.
- Keep your wallet or purse in a locked drawer or cabinet.
Don't give passers-by easy access to sensitive papers.
- Put away sensitive papers before leaving your desk.
- Don't leave sensitive papers unattended at copiers, fax machines, or printers.
Rather than email sensitive personal information, consider other options.
- Fax it, or send a printed copy in a sealed envelope.
Shred papers containing sensitive information before discarding.
- Preferably, use a cross-cut shredder, which cuts paper into confetti-like pieces, rather than a strip-cut shredder, which cuts paper into long strips that can be reassembled.
Have an IT professional overwrite or destroy your digital media (such as a CD, diskette, hard drive or backup tape) before discarding.
- Note that when you delete a file using the Windows "Delete" function--and when you empty your PC's Recycle Bin--the file is not actually deleted. Instead, that file's media space is simply made available to be overwritten by other data. "Deleted" data that is not overwritten can still be recovered, possibly by an identity thief.
- Contact your IT support personnel to have them overwrite the data or physically destroy digital media before discarding.
Contact internal or external information security specialists to take advantage of their expertise.
- Information security specialists can help you design ways to store, transmit and process sensitive online and paper-based information in a secure manner.
Learn more about how identity thieves steal personal information, ways to help protect yourself, and how to take action if you know or suspect you are a victim. You can begin at websites like these:
- Equifax's Identity Theft and Fraud page https://www.econsumer.equifax.com/consumer/forward.ehtml?forward=idtheft_ifyouravictim
- US Federal Trade Commission http://www.consumer.gov/idtheft/
- Solicitor General of Canada Report on Identity Theft http://www.sgc.gc.ca/publications/policing/Identity_Theft_Consumers_e.asp
- Identity Theft Resource Center, a nonprofit specializing in identity theft and victim assistance http://www.idtheftcenter.org/index.shtml
- Source: http://www.aon.com/risk_management/information_security/identity_theft/default.jsp

10 InfoSec & Storage resolutions - 2008

2008-02-29T10:57:00.000+05:30

| View | Upload your own

Websense recognizes 22by7's expertise

2008-02-28T10:35:00.001+05:30

Websense Awards Indian Partners at February Channel Meets
By : ChannelsTech2.0 Staff | Feb 27,2008

Websense Inc, from mid-February this year rolled out channel meets and roadshows in Chennai, Delhi, Mumbai and Bangalore, one after the other to lay off the roadmap of the company post acquisition of SurfControl. The security solutions provider also awarded good performing partners at these gatherings.

The list partners who bagged the awards in Northern India are- Best Sales Manager, Vishal Bhadani, Wipro Infotech, Best Pre-Sales Consultant, Harsh Bhasin, Taarak India, Best Pre-Sales Consultant, Sukhpal Singh Sandhu, ACPL Systems, Best Marketing Support, Select Technologies, Best Partner, Wipro Infotech and Futuresoft Solutions, Special Recognition Award, Rohit Sobti, Select Technologies, and the Best Emerging Partner, ACPL Systems.

All categories of The Best Sales Manager, Best Pre-Sales Consultant, Best Marketing Support and Best Partner in Western India went to MIEL e-Security. The Chennai and Hyderabad winners include- Best Sales Manager, Rupa Parekh, Wipro Infotech, Best Pre-Sales Consultant, Prasad Raghuram, Wipro Infotech, Best Pre-Sales Consultant, Srikkantan Venkatesh, Digital Track Solutions, Best Marketing Support, Veeras Infotek, Best Partner, Wipro Infotech, Best Emerging Partner, Raksha Technologies, Special Recognition Award, Secure Network Solutions India.

The southern India winners include Best Sales Manager, Ashutosh, Gemini Communication, Best Pre-Sales Consultant, Jeevan Shetty, Wipro Infotech, Best Pre-Sales Consultant, Vinay, 22by7 Solutions, Best Partner, Wipro Infotech and Kinfotech, Special Recognition Award, Avanti Shirur, Select Technologies.

There were National awards also handed over to partners that included Best National Sales Manager, Vikramjeet Bhatti, MIEL e-Security, Best Pre-Sales Consultant, Srikanth N V, Select Technologies, Best Pre-Sales Consultant, Sajith Rahman, Inflow Technologies, Best Marketing support, Najeeba, Inflow Technologies, Special Recognition Award, Ajit Zanjad, MIEL e-Security, Best Partner, MIEL e-Security, Best Partner, Softcell Technologies, Valued Distributor, Select Technologies, Inflow Technologies and Foresight Software Solutions.

Source:

http://www.tech2.com/channels/story.php?id=5443

2008-02-20T11:14:00.000+05:30

2008-02-17T17:39:00.000+05:30

India's web security levels vulnerable
17 Feb 2008, 1321 hrs IST,PTI

NEW DELHI: India, where internet penetration is increasing fast, is also the most vulnerable to spammers and virus attacks, a study has said.

"Virus activity increased across a number of countries in January, including India, which takes the number one spot with 1 in 30.5 emails," a study conducted by a web security services firm MessageLabs said.

Apart from virus attacks, spams are now proving to be the most disruptive element in the e-mail traffic. The study conducted in January this year found the global ratio of spam mail was 73.4 per cent, which means one in every 1.36 email was affected.

Interestingly, virus attack on the western countries are far less than on India, the leading provider of integrated messaging and web security services said in the study.

In New Zealand, web security levels were pretty good as one out of 768 mails had Virus, while for Australia, it was one for every 298.7 mails. In the US, one in every 191.5 email had a virus while the same in Canada was found in every 158.4 e-mails.

Among other Asian countries, Japan was at the lower end of the table, where one in every 273.7 mails had virus in them. However, China was better placed than India as one virus attack was reported for every 92.7 mails there.

Virus levels for nearly all industry sectors increased in January. In the finance sector, virus level was low in comparison with other segments where one in every 177.9 mails was affected while for the IT services sector, the figure was 143 and in retail 1 in every 125.6 emails received had a virus.

The global ratio of email-borne viruses in e-mail traffic was one in 131.4 emails.

Source: Times of India

2008-02-15T11:26:00.000+05:30

What does a wan accelerator appliance do?

There are several things this sort of appliance can accomplish. In a nut shell, the appliance can; enforce quality of service rules, compress data, compress IP headers, accelerate TCP, accelerate CIFS (Common Internet File System), mitigate lost packets with forward error correction and cache repeated data patterns at the byte level.

At a higher level, this sort of new product can enable server consolidation to a central site. This is accomplished by providing lower latency and higher throughput where some applications wouldn't otherwise be usable across a LAN.

Consider this article from Silver Peak Systems

The Emergence of Local Instance Networking (LIN)

By Craig Stouffer

As enterprises grow in size and enterprise applications become more critical to business operations, CIOs are faced with a design dilemma: should branch office infrastructure be centralized or distributed?

In a distributed implementation, e-mail servers, file servers and databases are placed locally within each branch location. While this typically provides the best possible performance to end users, it results in server sprawl,which can be costly to implement and creates a variety of management, security and compliance challenges.

The alternative is to consolidate server infrastructure into a select number of data centers, which enables all maintenance, troubleshooting, security policy enforcement, backups and auditing to be performed centrally. While this solves most of the challenges associated with server sprawl, it does not address one of the most important ones' performance. Most applications simply do not perform well over a wide area network (WAN) due to bandwidth and latency constraints.

Given the compelling arguments for server centralization, various solutions have emerged to try and improve application performance over enterprise WANs. WAN optimization products leverage compression and Quality of Service (QoS) techniques to maximize bandwidth utilization and prioritize enterprise traffic; application acceleration products employ application-specific caching and latency mitigation tools to improve performance on an application-by-application basis. While both generations of products have benefits, neither addresses the full set of challenges facing enterprise IT staff from cost and performance to security and management.

A breakthrough approach is required to solve existing performance and scale limitations, while preserving application transparency. This is accomplished with Local Instance Networking,the first technology that provides all of the benefits of a centralized approach, without compromising performance. LIN is the first network technology to improve application delivery while settling the centralized vs. distributed debate.

1ST Generation: WAN Optimization WAN optimization products are most often deployed as bandwidth band-aids, providing short-term benefits on congested WAN links where it is infeasible or too expensive to buy additional bandwidth. Although each vendor has their own proprietary implementations, WAN optimization solutions rely on two underlying technologies: compression and Quality of Service (QoS).

Compression Compression is used to reduce the bandwidth consumed by traffic traversing the WAN.

The gains realized by compression techniques vary depending on the mix of traffic traversing the WAN. Text and spreadsheets, for example, are easy to compress, so they typically yield 25x performance gains. On the other hand, pre-compressed content, like zip files, cannot be compressed much further. On average, most enterprises deploying compression technology will see around a 50 percent improvement in WAN utilization, which is the equivalent of doubling the effective WAN bandwidth. This is often not enough performance improvement to justify the additional hardware expenditure and operation costs.

QoS In an effort to maximize WAN utilization, most enterprises will oversubscribe their network. When demand exceeds the capacity of a WAN link and all traffic is contending for the same limited resource, less important traffic (such as Web browsing) may take bandwidth away from business-critical applications. To prevent this, most 1st generation WAN optimization solutions implement Quality of Service techniques to classify and prioritize traffic based on applications, users and other criteria.

By using a combination of compression and QoS techniques, 1st generation WAN optimization products enable enterprises to get more out of their congested WAN links. In some instances, this saves money by delaying the purchase of additional bandwidth. However, this is often a short-term gain. It also does not address latency issues across the WAN, which has a significant impact on application performance.

It is important to note, however, that while compression and QoS are not sufficient on their own for enterprise-wide application delivery, they are essential components of newer, more comprehensive application acceleration solutions, such as Local Instance Networking.

2nd Generation: Application Acceleration A second generation of products emerged to address some of the shortcomings of WAN optimization solutions. These application acceleration solutions can provide significant improvements by optimizing the performance of specific applications. However, the tradeoff is ease of use, manageability and long-term interoperability. There are two broad techniques used for application acceleration: application proxies/caches and latency compensation.

Application Proxies and Caches Application proxies are used to locally simulate an application server, enabling specific content to be delivered locally with LAN-like performance. One example of a proxy-type device is the Web cache, which stores local copies of requested Web pages so that subsequent requests for the same URL could be serviced from the local appliance disk rather than from the remote Web server. This technique provides a reasonable boost for static content. However, it does not work well for dynamic content or applications that require up-to-date information. Unfortunately, as most enterprise applications have been Webified, and Web content is expected to be very dynamic in nature, Web caches have reached a roadblock in terms of overall effectiveness.

More recently, similar proxy approaches have been extended to file services. Wide Area File Services (WAFS) emerged as a way of implementing proxy file servers in distributed offices. By configuring clients to point to a WAFS share, the proxy file server can make remote content appear local. These devices terminate CIFS sessions, and then examine requests to see if the requested filename can be delivered locally. To achieve this, WAFS servers must replicate file locking semantics.

Although WAFS offers a number of specialized features, like the ability to authenticate users and read and write files even when the data center is unreachable (e.g., due to a network event), they create an enormous management burden. The branch office, in effect, is supporting a full blown file server. This requires user and password updates and can lead to coherency issues when multiple versions of the same file exist in the network at the same time. In addition, they must be constantly updated to support the latest changes to file system protocols. As a result, rather than simplifying the branch office, these approaches can actually make things more complicated by introducing another vendors implementation of a file system.

If performance gains are to be achieved across all applications, WAFS and Web caches have to be implemented in conjunction with other application-specific acceleration tools. In addition to being cost prohibitive, this is not scalable, as the applications themselves frequently undergo changes that require significant modification to those products that are used to accelerate them. This dynamic has already been witnessed in the e-mail space, where a variety of MS Exchange acceleration products were rendered obsolete when Microsoft moved from Exchange 2000 to Exchange/Outlook 2003.

Latency Compensation An alternative approach to application acceleration is to reduce the amount of latency created by underlying protocols, like TCP. Latency results when chatty protocols communicate frequently with a server and are required to stop and wait for a response before the next step can proceed. The more steps, the longer the end users perceived response time.

While these latency mitigation techniques are transparent at the application level, they still require termination and re-injection of TCP streams. Theoretically, this should not be an issue. However, in practice, this can be problematic because routing is often asymmetric packets can take different inbound and outbound paths when communicating between different locations.

Fortunately, some of the latency compensation techniques that operate at the protocol level can provide non-intrusive benefits. These are leveraged by 3rd generation approaches to application delivery.

3rd Generation: Local Instance Networking In addition to accelerating application performance, Local Instance Networking addresses server sprawl by providing a viable mechanism for centralizing branch office infrastructure while localizing information delivery.

Local Instance Networking inspects all WAN traffic and stores a local instance of information in an application independent data store at each enterprise location. The local instance is transparently populated based on day-to-day usage, containing a subset of the enterprises working data set that is most relevant to each location. Each piece of information is stored only once per location, enabling an appropriately sized LIN appliance to hold weeks worth of data.

Local Instance Networking appliances examine outbound packets to see if a match exists in the local instance at the destination location. If a match exists, then the repetitive information is not sent across the WAN and instructions are sent to deliver the data locally. If the data has been modified, only the delta is transmitted across the WAN, maximizing bandwidth utilization and application performance.

In a LIN implementation, all authentication, authorization, file and record locking is performed centrally by the native applications. This ensures 100 percent application coherency and future compatibility with new version of applications. By working at the network (or packet) level, a Local Instance Network transparently supports all enterprise applications and transport methods, allowing for exceptionally simple deployments that provide immediate improvements to a wide variety of enterprise applications.

LIN appliances deliver the performance of distributed servers, without the cost and complexity. By operating at the network layer, they are completely transparent to all transport protocol (e.g., TCP, UDP, etc.), and provide significant benefits to all enterprise applications. By localizing information, yet centralizing management and control of branch office infrastructure, Local Instance Networking puts an end to server sprawl and the management, security, cost and compliance headaches that accompany it.

Source : http://www.bandwidth.com/wiki/article/What_does_a_wan_accelerator_appliance_do%3F

Unmonitored Surfing is not Safe!!!

2008-02-14T12:49:00.001+05:30

Websense reveals findings of `State of Security’ survey

India Infoline News Service / Mumbai Feb 12, 2008 15:19

The survey findings highlight that a majority of employees today spend a significant time on the Internet when at work. However, the majority of these employees are not aware of and hence not worried about the security threats arising from the Internet

Websense, Inc. a global leader in Web security and content protection announced the findings of the SOS ‘State of Security’ survey conducted in India. The survey commissioned by Websense and undertaken by The Nielsen Company, India, assesses the impact of the Internet at work and gauges awareness of Internet security risks among employees.

The study of employees working in 450 organisations across Delhi, Bangalore, Chennai, Mumbai and Hyderabad, surveyed employees with Internet access at work in large businesses and small and medium enterprises.

“The survey findings highlight that a majority of employees today spend a significant time on the Internet when at work. However, the majority of these employees are not aware of and hence not worried about the security threats arising from the Internet,” said Surendra Singh, Regional Director, SAARC, Websense Inc.

Key findings of 2007 State of Security India, employees survey:

1.Unsafe IT behaviour leads to unintentional loss of confidential information:

63% of respondents from Delhi use their personal email ID for work purposes against the average of 36%. Delhi and Bangalore also have the highest proportion of respondents (32%) who send work documents to personal e-mail accounts versus the average of 23%. Given the nature of data that BFSI deals with, 42% of employees in this vertical use personal e-mail for work-related activities. In Bangalore, an average of 17% of respondents admitted to clicking on links in e-mail sent from unknown sources and 22% on pop-up ads highlighting a significant section of Internet users who are ignorant of online threats.

2.Leaking information a job threat:

57% employees feel leaking sensitive company information or infecting their company with malicious spyware or viruses (38%) puts them at greater risk of losing their job than not adhering to their organisation’s Internet policy (20%). Almost one-third employees (31%) believe they will lose their job on viewing adult content at the workplace and 22% said they would lose their job if found downloading unauthorised software.

3.Employees surfing behaviour:

64% of respondents admitted they are bit fearful of the security dangers of the Web and hence surf only safe Web sites. However, 39% of all respondents agreed that they download movies, music, software etc. while at work. Significantly, 30% said they surf aimlessly with no particular destination in mind and about the same proportion of respondents said they surf without bothering about online security.

4.Internet — A critical work enabler:

All employees surveyed spend an average of 4.25 hrs per day on the Internet. Employees spend 45% of their time (3.5 hours) per day surfing work-related Web sites, the highest being in Chennai, 50% (4.25 hours) and Hyderabad, 65% (5.5 hours). The average time spent on non work-related Web sites is 5 hours per week. Enterprises incur a productivity loss of approximately Rs. 160,000 per employee per annum due to non work-related surfing.

5.Organisation’s Internet security:

Almost 70% of employees in India appeared confident of their IT department’s capabilities to protect them against every Internet security threat.

6.Web is biggest source of infection:

52% of all employees surveyed believe that the Web is a key source of infection followed by e-mail (39%) and instant messaging (4%). In similar findings, IT managers also believe the Web (48%) to be a key source of network infection followed by e-mail (46%).

7.Data leakage:

35% of employees feel most worried about losing both personal as well as work-related information. However, 28% of employees do not feel worried at all about any personal or private information being stolen or accessed from their work PC.

Source :

http://indiainfoline.com/news/innernews.asp?storyId=58837&lmn=1

Thumbs down for Thumbdrives!

2008-02-14T10:45:00.000+05:30

Thumb Drives Replace Malware As Top Security Concern, Study Finds

A survey of IT managers showed that while more than half use a USB flash drive on a daily basis, many still view portable storage devices as a huge security threat.

A worker calls up a sensitive investor list and downloads it on her thumb drive, slips it into her pocket, and walks out, smiling and waving to her boss and the security officer stationed at the front door.

This is just one of the scenarios that security professionals and IT managers are increasingly worried about. According to one recent study, IT managers said portable storage devices, such as thumb drives and MP3 players, have surpassed even malware to become a top concern.

The study, which polled 370 IT professionals, showed that 38.4% of IT managers say portable storage devices are their top security concern. That's up from 25.7% in 2006.

"It is very easy to download information to them quickly," said Bill Piwonka, VP of product management for Centennial Software, which conducted the survey at this spring's InfoSec security conference in London. "If there isn't a defined acceptable use policy or controls to prevent the download and transfer of sensitive data, managers do not know if and how such data is leaving the building. Also, USB sticks are frequently lost. If sensitive data isn't encrypted on these devices, it would obviously be very easy to obtain."

To make matters worse, 80% of respondents admitted that their organizations don't currently have effective measures in place to combat the unauthorized use of portable devices. And 43.2% cited no control at all. Only 8.6% have a total ban on portable devices.

Piwonka said in an interview that that danger with portable storage devices lies in not knowing what files have been maliciously or even unintentionally downloaded to them, and how that data is being used. And if it has been lost, who has the information?

A worker easily could download corporate information -- sales figures, customer lists, marketing plans -- onto a small storage device, slip it into their bag or even a pocket, and just walk out the door with it. It makes stealing information much easier since it's not a matter of printing anything out or even walking out of the office with a laptop slung over a shoulder.

While IT managers fear what users might do with a portable storage device, they also really like them for themselves.

The study showed that 65% of IT managers use a USB flash drive on a daily basis.

"Portable devices do have a function in the workplace," said Piwonka. "They are an easy way to share, transfer, and store information. Managers need to create an acceptable use policy and share it with their employees to further control the handling of sensitive data."

By Sharon Gaudin, InformationWeek

URL: http://www.informationweek.com/story/showArticle.jhtml?articleID=199300021

What is CAS?

2008-02-13T11:21:00.000+05:30

Storage managers are quickly realizing that not all corporate data is alike and different data must be handled in ways that benefit the business. While storage arrays are often employed for fluid or transaction-based corporate data, they generally fall short with long-term or archival storage tasks. Content-addressed storage (CAS) is one emerging disk-based storage technology that promises to improve the storage of long-term fixed content by lowering storage costs, ensuring file authenticity and reducing storage requirements.

CAS systems are designed to store fixed data that rarely, if ever, changes and is only called for infrequently. For example, a corporate Oracle database must be continuously accessible from high-performance Fibre Channel storage. Yet, a vast amount of business data, like patient medical images or legal documents, is only needed occasionally. Consequently, CAS platforms can offer lower storage costs using inexpensive high-density SATA or SAS hard disks -- similar to other second-tier storage solutions.

"CAS is really used as a lower cost tier of storage typically used as an online digital archive," says Tony Asaro, senior analyst at the Enterprise Strategy Group. "Customers put files, e-mail and even database data on CAS as a large repository."

Increasing regulatory demands and litigation are also prompting corporations to examine their data integrity. Today, it's not enough to simply store data. Storage managers must implement strategies to ensure that files can be located promptly by auditors and legal staff on demand, and prove, often in a courtroom, that e-mails, documents and other types of data have not been changed or tampered with. CAS ensures data integrity, because in CAS systems data exists as annotated "objects" that cannot be duplicated or modified.

Still, CAS has its downsides. CAS platforms are yet another addition to the storage infrastructure that must be managed and maintained. CAS is not an appropriate solution for high-performance transactional storage tasks -- it's strictly a secondary storage system. Software is also a vital component of CAS operation and management, so it's important to consider the overall quality of hardware, software and network integration prior to any CAS acquisition. The following article outlines the essential ideas of CAS, offers vendor and user insights into existing products, and examines potential future directions of the technology.

more : Link

Top security breaches - 2007

2008-02-13T10:41:00.000+05:30

Every year gets its share of major, jaw-dropping security blunders. This is a retrospective for the 21st century so far, with special attention on 2007.

The UK privacy breach: An employee of Her Majesty’s Revenue and Customs Office mailed two CDs containing confidential data on about 25 million UK citizens, including names, addresses, insurance account numbers, and bank account details for claimants in the national child benefit database. These CDs never made it to their destination. Just in case you think someone having your bank account number is no big deal, you should read about what happened to Top Gear TV series host Jeremy Clarkson when he published his account information in a newspaper to “prove” that having someone’s bank account will do nothing for a malicious party. At least Clarkson owned up to the mistake and started advocating disincentives for such poor security practice. I particularly like when he said “we must go after the idiots who lost the discs and stick cocktail sticks in their eyes until they beg for mercy.”

Embassies confuse anonymity with security: Swedish security consultant Dan Egerstad showed that people all over the world, most notably certain embassies, tend to assume that using the Tor anonymizing network means they’re secure. Somehow, they’ve missed the importance of encryption to protect their data. One must wonder why governments are so bad at security. By the way, the Swedish equivalents to the FBI and CIA raided Egerstad’s apartment for undisclosed reasons, accused him of several crimes, then released him without charges.

The iPhone runs everything as root: As Wired put it, IPhone’s Security Rivals Windows 95. This is very bad — and, of course, the root password for the iPhone was cracked in just three days. It had to happen eventually. To be fair, Windows Mobile devices all run everything as the administrative user as well, but this is not exactly unexpected (so it’s less notable). Credit to the fine folks at Metasploit for figuring it out, and figuring out how to make use of that fact.

Sears installs spyware on customer computers: The depth and breadth of harvested data is truly frightening, and you just have to read it to believe it. Do not join the “My SHC Community”. Worse yet, if you follow the update link at the beginning of the article, you’ll find out that Sears (KMart is involved, too) is playing some pretty sketchy games with privacy policy presentation, based on whether the spyware is installed on your system. Considering this example, that’s probably reason enough to avoid ever getting mixed up in any online Sears community, but that’s not all. . . .

Your Sears buying habits may be public knowledge: In short, by joining the Sears “Manage My Home” community, you can search through the Sears purchase history of anyone whose name and address you know. Not only should you avoid joining online Sears communities but, it seems, you should avoid shopping there as well. Apparently, major corporations are as bad as government agencies when it comes to security — especially Sears.

Link: http://blogs.techrepublic.com.com/security/?p=389&tag=rbxccnbtr1

What is Data Deduplication?

2008-02-12T11:46:00.000+05:30

Data deduplication (often called "intelligent compression" or "single-instance storage") is a method of reducing storage needs by eliminating redundant data. Only one unique instance of the data is actually retained on storage media, such as disk or tape. Redundant data is replaced with a pointer to the unique data copy. For example, a typical email system might contain 100 instances of the same one megabyte (MB) file attachment. If the email platform is backed up or archived, all 100 instances are saved, requiring 100 MB storage space. With data deduplication, only one instance of the attachment is actually stored; each subsequent instance is just referenced back to the one saved copy. In this example, a 100 MB storage demand could be reduced to only one MB.

Data deduplication offers other benefits. Lower storage space requirements will save money on disk expenditures. The more efficient use of disk space also allows for longer disk retention periods, which provides better recovery time objectives (RTO) for a longer time and reduces the need for tape backups. Data deduplication also reduces the data that must be sent across a WAN for remote backups, replication, and disaster recovery.

Data deduplication can generally operate at the file, block, and even the bit level. File deduplication eliminates duplicate files (as in the example above), but this is not a very efficient means of deduplication. Block and bit deduplication looks within a file and saves unique iterations of each block or bit. Each chunk of data is processed using a hash algorithm such as MD5 or SHA-1. This process generates a unique number for each piece which is then stored in an index. If a file is updated, only the changed data is saved. That is, if only a few bytes of a document or presentation are changed, only the changed blocks or bytes are saved, the changes don't constitute an entirely new file. This behavior makes block and bit deduplication far more efficient. However, block and bit deduplication take more processing power and uses a much larger index to track the individual pieces.

Hash collisions are a potential problem with deduplication. When a piece of data receives a hash number, that number is then compared with the index of other existing hash numbers. If that hash number is already in the index, the piece of data is considered a duplicate and does not need to be stored again. Otherwise the new hash number is added to the index and the new data is stored. In rare cases, the hash algorithm may produce the same hash number for two different chunks of data. When a hash collision occurs, the system won't store the new data because it sees that its hash number already exists in the index.. This is called a false positive, and can result in data loss. Some vendors combine hash algorithms to reduce the possibility of a hash collision. Some vendors are also examining metadata to identify data and prevent collisions.

In actual practice, data deduplication is often used in conjunction with other forms of data reduction such as conventional compression and delta differencing. Taken together, these three techniques can be very effective at optimizing the use of storage space.

-- by Stephen J. Bigelow

Link

Beware of RealPlayer

2008-02-11T14:50:00.001+05:30

RealPlayer Installs Badware

According to StopBadware.org, the latest version of RealPlayer is tricking the users installing, once with it, the Rhapsody Player Engine required to access RealNetwork's online music service. The problem appears when Rhapsody Player Engine can’t be removed, even if you uninstall the RealPlayer.
[adsense]In a report, Maxim Weinstein, StopBadware's manager, stated that users are not aware of this installation and the computer's hard-drive space or processing power are used, or, a security risk is present due to the possible bugs from Rhapsody.

Badware has become synonym with RealPlayer 11 and the older RealPlayer 10.5 software.

When downloading Real Player 10.5, users, if not completing the RealNetworks product registration page, receive Message Center, a way to get ads or, as Weinstein said, "a piece of adware".

Ryan Luckin, RealNetworks spokesman, confirmed it, but added that a check box announces the users about the installation of Message Center.

The problem was solved in the RealPlayer 11 case, but the 10.5 version is downloaded via the Firefox browser's "Missing Plug-in" feature.

StopBadware advises the customers to avoid downloading this player, especially after Luckin declared it "an oversight".

Many users regarded RealPlayer as a substitute for QuickTime and Microsoft's Windows Media Player. But, in 1999, the computer security consultant Richard Smith, noticed that the RealNetworks servers obtained information through the Message Center software.

Though RealPlayer also runs on Mac OS X and Linux, StopBadware, it is working only for the Windows versions of RealPlayer's software.

In order to protect the costumers, Google, Lenovo, and Sun Microsystems sustains StopBadware with funding.

Weinstein advised Real Networks to solve not only the RealPlayer 10.5's Message Center problem because "It's hard to say that one is worse".

Source: http://www.bestsecuritytips.com/news+print.storyid+480.htm

Security Departments Are Wasting Their Time

2008-02-11T10:56:00.001+05:30

About a third of current security practices are useless, according to ICSA chief scientist and Verizon exec

FEBRUARY 6, 2008 | By Tim Wilson Site Editor, Dark Reading

WASHINGTON -- Computer Forensics Show 2008 -- Peter Tippett thinks it's time for security professionals to wake up and stop wasting their energy.

In a presentation here yesterday, Tippett -- who is vice president of risk intelligence for Verizon Business, chief scientist at ICSA Labs, and the inventor of the program that became Norton AntiVirus -- said that about one third of today's security practices are based on outmoded or outdated concepts that don't apply to today's computing environments.

"A large part of what we [security pros] do for our companies is based on a sort of flat-earth thinking," Tippett said. "We need to start looking at the earth as round."

For example, today's security industry focuses way too much time on vulnerability research, testing, and patching, Tippett suggested. "Only 3 percent of the vulnerabilities that are discovered are ever exploited," he said. "Yet there is huge amount of attention given to vulnerability disclosure, patch management, and so forth."

Tippett compared vulnerability research with automobile safety research. "If I sat up in a window of a building, I might find that I could shoot an arrow through the sunroof of a Ford and kill the driver," he said. "It isn't very likely, but it's possible.

"If I disclose that vulnerability, shouldn't the automaker put in some sort of arrow deflection device to patch the problem? And then other researchers may find similar vulnerabilities in other makes and models," Tippett continued. "And because it's potentially fatal to the driver, I rate it as 'critical.' There's a lot of attention and effort there, but it isn't really helping auto safety very much."

Similarly, many security strategies are built around the concept of defending a single computer, rather than a community of computers, Tippett observed. "Long passwords are a classic example," he said. "If you take a single computer and make the password longer and more complex, it will be harder to guess, and that makes that computer safer."

But if a hacker breaks into the password files of a corporation with 10,000 machines, he only needs to guess one password to penetrate the network, Tippett notes. "In that case, the long passwords might mean that he can only crack 2,000 of the passwords instead of 5,000," he said. "But what did you really gain by implementing them? He only needed one."

Tippett also suggested that many security pros waste time trying to buy or invent defenses that are 100 percent secure. "If a product can be cracked, it's sometimes thrown out and considered useless," he observed. "But automobile seatbelts only prevent fatalities about 50 percent of the time. Are they worthless? Security products don't have to be perfect to be helpful in your defense."

This concept also applies to security processes, Tippett said. "There's a notion out there that if I do certain processes flawlessly, such as vulnerability patching or updating my antivirus software, that my organization will be more secure. But studies have shown that there isn't necessarily a direct correlation between doing these processes well and the frequency or infrequency of security incidents.

"You can't always improve the security of something by doing it better," Tippett said. "If we made seatbelts out of titanium instead of nylon, they'd be a lot stronger. But there's no evidence to suggest that they'd really help improve passenger safety."

Security teams need to rethink the way they spend their time, focusing on efforts that could potentially pay higher security dividends, Tippett suggested. "For example, only 8 percent of companies have enabled their routers to do 'default deny' on inbound traffic," he said. "Even fewer do it on outbound traffic. That's an example of a simple effort that could pay high dividends if more companies took the time to do it."

Security awareness programs also offer a high rate of return, Tippett said. "Employee training sometimes gets a bad rap because it doesn't alter the behavior of every employee who takes it," he said. "But if I can reduce the number of security incidents by 30 percent through a $10,000 security awareness program, doesn't that make more sense than spending $1 million on an antivirus upgrade that only reduces incidents by 2 percent?"

Powered by Qumana

Social Network Security Hazards

2008-02-08T12:51:00.000+05:30

Employees often let their guards down on LinkedIn or MySpace.
Here’s how to solve social-networking security threats through policy.

Emily Post’s "Etiquette" made her an authority on proper home, business and political behavior nearly a century ago.
Unfortunately, Post was decades too early to write about norms for social-networking sites like MySpace, Facebook and LinkedIn.
It’s too bad — she would probably supply good advice on what information users should share about themselves and their work online.

The definition of professional behavior on social networks remains wide open.
People will always use them to socialize as well as do business, hopefully with common sense as their guide.
However, two aspects of social-network use do need to be addressed: technical security and user security.

At a technical and functional level, social-networking services don’t do much that’s new — they just enable users to connect with others more quickly and less formally than by email (which itself was once hailed as the latest in speed and informality).

As with other electronic communications, social networks tend to allow users to send file attachments (especially photos) and use peer-to-peer programs for chats and phone calls, but these tools’ properties are well-understood and system administrators can filter them or even block certain URLs if necessary.

From a user-security standpoint, the major problem with social networks is also their strength:
They encourage open interaction among users who may know each other but who could also be very loosely connected.
Under the umbrella of LinkedIn or MySpace, though, the barriers people normally maintain against interacting with near-strangers may be lowered.

Excessive blabbing on social sites can generate unwanted gossip about your company and its plans, while unscrupulous competitors can social-engineer employees into revealing intellectual property.
Your employees’ mere presence on social networks also sends a signal: job titles, experience, friends and family, and contact information can all be combined to where competitors can draw reasonably accurate org charts of your company and its suppliers, partners and clients.

Ways to Handle Risk

Realizing that perceived security gaps could lead individuals and companies to shun their sites, big names like Facebook and LinkedIn allow you to adjust how much information about you — posts,photos, online status and other factors — others may access.

Facebook’s privacy site describes several such controls. Users can reduce what appears in their profile and what information about their online activities is public, such as their use of specific Facebook applications.
Users can also block specific Facebookers from seeing more than a limited profile, or from finding you via search.

Facebook also limits the ability of search-site Web crawlers to harvest user information, saying in its privacy policy, “Facebook limits access to site information by third party search engine ‘crawlers’ (e.g. Google, Yahoo, MSN, Ask). Facebook takes action to block access
by these engines to personal information beyond your name, profile picture, and limited aggregated data about your profile (e.g. number of wall postings).”

LinkedIn is the most business-y social network, and its users seem generally aware of the need to behave professionally. The site provides a wide range of tools for customizing others’ views of you,
such as the ability to change whether people you’re connected to can see just those you both have connections with, or your entire connections list.

Another feature that keeps your cards closer to the vest is the ability to choose whether others can see that you’ve viewed their profile. You can set this feature so that no one knows, so that only your name and headline show, or so that only anonymous profile characteristics such as your title and industry appear.

These types of features increase social networks’ corporate usability.
However, at the end of the day, specific company policies that limit what employees may share online might create the biggest payoffs, like resistance to social engineering, preservation of the company’s and employees’ reputations, and preservation of trade secrets and internal company structure.

Paul D. Kretkowski on July 25, 2007
http://www.itsecurity.com/features/social-network-security-hazards-072507/

Top 5 Identity Theft Prevention Tips

2008-02-08T11:08:00.000+05:30

There are some important proactive steps that every consumer can take to safeguard their identity. We like to recommend these top five things everyone should do, or at least know about, to protect themselves and their family from becoming a victim of identity theft.

Buy a shredder: Shredding all your personal information before tossing it in the trash will prevent dumpster divers from fishing out your pre-approved credit card offers. Shredders that cut lengthwise and crosswise are ideal as it minimizes the chances that potential thieves can tape your documents back together.
Change your passwords monthly: Do you bank online? Or store personal information on your laptop? If so, it would be wise to change your password at least once a month and try to select passwords that will not be obvious to potential hackers (birthday, anniversary, pet name, etc.).
Freeze your credit: If your data has been breached (electronically or via dumpster divers), there is not much an identity thief can do if your credit has been frozen... there is no way someone can open a line of credit (credit cards, house/car loans, etc) without access to your credit information, and you can say good-bye to those pesky and potentially dangerous pre-approved credit card offers.
Beware of phishing scams: Scam artists "phish" for victims by pretending to be banks, stores or government agencies. They do this over the phone, in emails and in the regular mail. Don't give out your personal information, unless you made the contact. Don't respond to a request to verify your account number or password. Legitimate companies do not request this kind of information in this way.
Protect your computer from spyware and viruses: Spyware programs can collect many different types of personal information about you like passwords and credit card numbers. Always use firewall, virus and spyware protection software that you update regularly like Norton Internet Security 2006. Only download free software from sites you know and trust.

Source : https://www.trustedid.com/html/identity_theft_protection_resource_010.php

How To Configure Internet Explorer Security

2008-02-07T13:12:00.000+05:30

Internet Explorer offers four different zones to help you classify security level depending on
how well you know or trust the site: Trusted, Restricted, Internet and Intranet or Local.

Classifying the sites you visit and configuring your Internet Explorer security settings
for each zone can help to ensure you can safely surf the Web without fear of malicious ActiveX or Java applets.

Difficulty: Average
Time Required: 10 Minutes

Here's How:

1. Click on Tools on the menu bar at the top of Internet Explorer
2. Click on Internet Options from the Tools drop-down menu
3. When Internet Options opens up, click on the Security tab
4. Internet Explorer begins by categorizing sites into either Internet, Local Intranet,
Trusted Site or Restricted Site zones. You can specify the security settings for each zone.
Select the zone you wish to configure.
5. You can use the Default Level button to select from the pre-defined security settings
Microsoft set up in Internet Explorer. See Tips for details of each setting.
6. MEDIUM is most appropriate for the majority of Internet surfing.
It has safeguards against malicious code, but is not so restrictive as to prohibit you from viewing most web sites.
7. You can also click on the Custom Level button and alter individual settings,
starting with one of the Default levels as a baseline and then changing specific settings.

Tips:

1. LOW -Minimal safeguards and warning prompts are provided -Most content is downloadable
and run without prompts -All active content can run -Appropriate for sites that you absolutely trust
2. MEDIUM-LOW -Same as Medium without prompts -Most content will be run without prompts
-Unsigned ActiveX controls will not be downloaded -Appropriate for sites on your local network (Intranet)
3. MEDIUM -Safe browsing and still functional -Prompts before downloading potentially unsafe content
-Unsigned ActiveX controls will not be downloaded -Appropriate for most Internet sites
4. HIGH -The safest way to browse, but also the least functional -Less secure features are disabled
-Appropriate for sites that might have harmful content

What You Need:

* Computer
* Internet Explorer
by: Tony Bradley, CISSP, MCSE2k, MCSA, A+

http://netsecurity.about.com/cs/tutorials/ht/ht020203.htm

Beware of Internet Urban Legends

2008-02-07T11:07:00.000+05:30

Those Emails Are Probably Not Legitimate
By Judy Hedding, About.com

You have probably heard the phrase 'urban legend' but you might not have really known what an urban legend is.
According to David Emery, the About Guide to Urban Legends and Folklore1,

Urban legends are popular narratives alleged to be true, transmitted from person to person by oral
or written communication (including fax and email). Said stories always involve some combination of outlandish,
humiliating, humorous, terrifying, or supernatural events – events which always happened to someone else.
For credibility, the teller of an urban legend relies on good storytelling and the citing of
an "authoritative" word-of-mouth source (typically "a friend of a friend") rather than verifiable facts.
And sometimes, but not always, there's a moral to the story, e.g.: "behave yourself, or bad things will happen."

If you receive email, chances are that you have received one involving one of these hoaxes.
I know that I have received every single one of these:

* Bill Gates is not giving you $1000, and Disney is not giving you a free vacation.
* There is no baby food company issuing class action checks.
* Big companies don't do business via chain letters and there are no computer programs
that track how many times an email is forwarded, let alone by whom.
* Proctor and Gamble is not part of a satanic cult or scheme, and its logo is not satanic.
* The Gap is not giving away free clothes. There is no need to pass it on "just in case it's true."
* There is no kidney theft ring in New Orleans. Or Chicago.
Or anywhere else in the world. No one is waking up in a bathtub full of ice,
even if a friend of a friend swears it happened to their cousin.
David Emery reports, "The National Kidney Foundation has repeatedly issued requests for actual victims
of organ thieves to come forward and tell their stories." None have. Zero. Zip. Nada. Not even your friend's cousin.
* Neiman Marcus doesn't really sell a $200 cookie recipe. And even if they do, we all have it.
And even if you don't, you can it here2. Then, if you make the recipe, and decide the cookies are that awesome,
feel free to pass the recipe on.
* There is no gang initiation plot to murder any motorist who flashes headlights at another car driving at night without lights.
* Craig Shergold in England is not dying of cancer and would like everyone to stop sending him their business cards.
He is no longer a little boy either.
* The "Make a Wish" foundation is a real organization doing fine work, but they have had to establish
a special toll free hot line in response to the large number of Internet hoaxes using their good name and reputation.
It is distracting them from the important work they do. Also, the American Cancer Society does not give 3 cents
for each person you forward e-mail to. How would they even know?
* Women really are suffering in Afghanistan, but forwarding an e-mail won't help their cause in the least.
If you want to help, contact your local Legislative Representative, or get in touch with Amnesty International or the Red Cross.
* KFC did not change their name from Kentucky Fried Chicken because they use genetically engineered
chickens instead of real ones. KFC really does use real chickens with feathers and beaks and feet.
Why did they change their name? Now that we are more health conscious, KFC determined that the word 'Fried' denoted
something less than appealing. With the help of a focus group, they picked the name KFC. It's short,
doesn't offend dieters and it's easy to remember.
* There is no bill pending before Congress that will allow long distance companies to charge you for using the Internet.

So what's the harm in passing along all these emails to your friends, relatives, co-workers and acquaintances?
They are, at best, annoying and a nuisance. They are, at worst, illegal. David Emery provides this analysis:

Basically, these amount to rumor mongering by chain letter. Such messages typically include a plethora of
capitalized words and exclamations points, little or no substantiating evidence, and, in the majority of cases,
downright false information. The true intent behind them is to provoke fear rather than to inform.
People who forward them may do so with naive good intentions, but it's hard to credit the anonymous
authors of email scare messages with any but cynical or self-serving motives.

Here's the bottom line: if you receive an email that requests that you pass it along to everyone you know,
or 10 people you care about, or anyone, don't do it. If you receive an offer that seems too good to be true,
it probably is just that, so don't respond. Don't even send an email back. No one will read it, or worse,
you'll end up on another email list. If you want to investigate some claim being made, the best
place to check it out is at David Emery's web site on Urban Legends and Folklore.
If you can't find it there, post the inquiry to the forum at his site.

Best Practices for Preventing Security Risks

2008-02-06T12:33:00.000+05:30

Configure systems, from the first day, with the most secure configuration that your business functionality will allow, and use automation to keep users from installing/uninstalling software
Use automation to make sure systems maintain their secure configuration, remain fully patched with the latest version of the software (including keeping anti-virus software up to date)
Use proxies on your border network, configuring all client services (HTTP, HTTPS, FTP, DNS, etc.) so that they have to pass through the proxies to get to the Internet
Protect sensitive data through encryption, data classification mapped against access control, and through automated data leakage protection
Use automated inoculation for awareness and provide penalties for those who do not follow acceptable use policy.
Perform proper DMZ segmentation with firewalls
Remove the security flaws in web applications by testing programmers security knowledge and testing the software for flaw

Source: http://www.sans.org/top20/#prevent

How to choose a firewall

2008-02-06T11:28:00.001+05:30

There are several different types of firewalls on the market today. Choosing one for your organization can be a daunting task – especially in an industry filled with buzzwords and proprietary trademarks. Let's take a look at the basics of firewall technology and five questions you should ask when choosing a firewall for your organization.

Why are you implementing a firewall? Sure, this sounds like a simple question. You're probably thinking to yourself, "Because we need one!" But it's important that you take the time to define the technical objectives that you have for firewall implementation. These objectives will drive the selection process. You don't want to choose an expensive, feature-rich firewall that's complicated to administer when your technical requirements could be met by a simpler product.
How will the firewall fit into your network topology? Will this firewall sit at the perimeter of your corporate network and be directly connected to the Internet, or will it serve to segment a sensitive LAN from the remainder of the organization? How much traffic will it process? How many interfaces will it need to segment your traffic? Performance requirements such as these contribute a significant amount to the total cost of new firewall implementations, making it easy to under- or over-purchase.
What type of traffic inspection do you need to perform? This is where the buzzwords start to come into play. Every vendor out there has a different trademark for their traffic-inspection technology, but there are essentially three different options (listed in order of increasing complexity and cost):
- Packet-filtering firewalls use simple rules to evaluate each packet they encounter on its own merits. They maintain no history from packet to packet, and they perform basic packet header inspection. The simplicity of this inspection makes them speed demons. They're the most inexpensive option, but they are also the least flexible and vulnerable. There's a good chance you already own equipment capable of performing packet filtering – your routers!
- Stateful-inspection firewalls go a step further. They track the three-way TCP handshake to ensure that packets claiming to belong to an established session (i.e., the SYN flag is not set) correspond to previous activity seen by the firewall. Requests to open the initial connection are subject to the stateful-inspection firewall rulebase.
- Application-proxy firewalls contain the highest level of intelligence. In addition to stateful inspection, they broker the connection between client and server. The client connects to the firewall, which analyzes the request (including application-layer inspection of packet contents). If the firewall rules indicate that the communication should be allowed, the firewall then establishes a connection with the server and continues to act as an intermediary in the communication. When combined with Network Address Translation, both hosts may not even be aware that the other exists – they both believe they are communicating directly with the firewall.
Is your organization better suited for an appliance or a software solution? Appliances are typically much easier to install. You normally just plug in the appropriate Ethernet cables, perform basic network configuration and you're ready to configure your firewall rules. Software firewalls, on the other hand, can be tricky to install and require tweaking. They also lack the security that's often built into the hardened operating systems of firewall appliances. What's the tradeoff? You guessed it! Appliances are more expensive.
What operating system is best suited for your requirements? Even appliances run an OS and, chances are, you'll need to work with it at some point in your firewall administration career. If you're a Linux jockey, you probably don't want to choose a Windows-based firewall. On the other hand, if you don't know ⁄dev⁄null from ⁄var⁄log, you probably want to steer clear of Unix-based solutions.

While I can't recommend a specific type of firewall to you without knowing your needs, the process of answering these questions can help you solidify your thoughts and put you in the right direction. With these answers in hand, you should be able to intelligently evaluate the cost/benefit tradeoff for the various products available on the market today. - Mike Chapple

Source: http://searchsecurity.techtarget.com/tip/1,289483,sid14_gci1113533,00.html

Email Security Tips

2008-02-06T11:20:00.000+05:30

Attachments

Do not open an attachment unless you trust the source.

Do you know the person who is sending you this file? If not, don’t open it. E-mail addresses can be “spoofed” – the “from” address can be faked.
Once the message is open does the content match the sender? If not, send it back and ask for clarification.
Does it make sense that they are sending it to you? If not, send it back and ask for clarification.
Microsoft NEVER sends operating system patches as e-mail attachments. They will ask you to visit the Microsoft Web site to download any software.

Sending Personal Information

E-mail is not secure. Think of it as sending a postcard written in pencil. As the card is delivered it makes numerous stops and can be altered or read by various people. Personal information should never be sent via e-mail – ssn, credit card, name, phone, address, and date of birth in combination. Don’t send anything you wouldn’t want on a billboard.

Phishing

“Phishing is a scam where the perpetrator sends out legitimate-looking e-mails appearing to come from some of the Web's biggest sites, including eBay, PayPal, MSN, Yahoo, BestBuy, and America Online, in an effort to phish (prounounced "fish") for personal and financial information from the recipient.”

Examples would be a message from your bank that asks you to update your account information. You click on the link, the legitimate bank site opens, then a page opens up on top asking you for your account info. This info page DOES NOT belong to the legitimate site. If you fill out your personal information and submit it, the info will go to the “phisher” to be sold or used to steal your identity.

Source: searchSecurity.com Definitions

Back up your Data!

2008-02-05T12:49:00.000+05:30

PC and Data Safety Tips
To quote a friend of mine, "There are only two kinds of hard drives: the ones that have already crashed
and the ones that will eventually crash."
This is a very true statement. If this hasn't happened to you yet, don't worry - it will.
To be prepared for a disaster like that, you should back up your data - ALL your data.
To make this process easier, you should have your data well organized on your hard drive.
That My Documents folder in Windows is there for a purpose. You should keep all your files in that folder,
no matter if they are Word documents, Excel spreadsheets, pictures, whatever.
That way you can simply backup just that folder instead of having to go hunt on your hard drive trying to
remember where you put all your files.
You can actually set up almost every decent program to save its files into a folder you specify.
Take a few minutes to do that, you will be grateful later.

You probably noticed that I said earlier "most of your data".
Most people forget that there is more than just your Word documents.
What about your bookmarks that you accumulated over the years? Your e-mail addresses?
The saved game of Quake that took you three months to get to that level?
Unfortunately, this type of data cannot be stored in the My Documents folder.
So be sure that you don't forget to back up that information as well.

Backup Methods
If you don't have much on your PC, you might get away with copying a few files to a few floppies.
Chances are though, that you need a lot more space.
Thankfully there are several options that make it easy.
A very popular tool is the Iomega zip drive. It holds 100 MB of data per cartridge and can
easily be transported.
Tape drives are relatively cheap, but slow, and the tapes are very sensitive to heat etc.
Another possibility is to back up to another hard drive, either a second drive in your PC or another
hard drive in another PC if your PC is connected to a network.
A new and increasingly popular way is to back up to a CD burner.
You can get a re-writeable CD burner that will let you reuse the same CD for your
backups over and over.
You can also use the CD burner to make your own personalized music CDs.
My personal recommendation is the Hewlett Packard 8100i.

Make an Emergency Disk If your hard drive crashes or your PC won't boot anymore
for whatever reason, you need a bootable floppy disk.
You can create this easily in Windows 98 by going to
Start/Settings/Control Panel/Add Remove Programs/Startup Disk/Create Disk.
This will create a bootable floppy with CD ROM support that will be very valuable to you when
that moment comes.
In Windows 95, this process is a little more complicated as the floppy will not automatically support the
CD ROM drive.
You need to manually copy the drivers to your boot disk.

Power Protection A very important factor that is often neglected is the supply of power to your PC.
If you live in an area with frequent power outages, regular brownouts or in a house with bad wiring,
this could cause data loss on your PC.
To prevent this, you should consider getting an uninterruptable power supply, or UPS.
It will alert you when the power drops or completely disappears, and provide you with 5 to 10 minutes
(depending on the model) of battery power to give you time to save your data and shutdown your PC
properly.
My personal recommendation is APC.

Cooling There is a lot of heat produced inside your PC, mainly by the main processor, but also by other
devices like CD drives, hard drives, video cards, etc. If the temperature gets too high,
your PC will start behaving very oddly including crashes.
Make sure that you have proper cooling inside the case, preferably one fan that blows cool air
into the case and another fan that pushes the warm air out.
Your PC should have some room to breathe, don't cram it into a tight corner.
Check that the fans are not cover by dust.

Virus Protection Every time you download a file from the Internet, get a floppy from a friend,
bring a file home from work, you expose your PC to the risk of getting a virus.
Viruses can be very devastating on your PC, including corrupted files, deleted files and erased hard drives.
To protect yourself, you should install a professional virus checker, such as Norton Antivirus from Symantec.

Stay Current If you are running old programs that were designed for Windows 3.x you should
see if there is a newer version available that was designed for Windows 95/98.
Also, about once a year you should make a list of all the hardware that you have installed on your PC,
such as video card, printer, sound card, etc. and visit the manufacturer's web site to see if there are
newer drivers available.

Keep it clean The more programs you run, the higher your chances for crashes are.
Don't install programs without doing some research first.
If you don't use a program anymore, uninstall it.
If it is a beta version, it does not belong on a PC that has important data on it.
Be especially careful with little unknown or custom written programs that you download from the Internet.
It could contain a virus or could be written by a hobby programmer with good intentions but bad QA skills.

Third Party Utilities Be careful with all those third party utilities out there, such as uninstaller,
diagnostic, optimization and other programs.
A lot of them are very intrusive on your system and cause more problems than they fix.
The only party benefiting from them is the manufacturer who rakes in your cash.
Windows 98 already comes with many diagnostic tools that make most of the third party utilities redundant.
The only two tools that don't come with Windows and that have proven to be invaluable for me are
Symantec's Norton Antivirus and Power Quest's Partition Magic 4.0.

Source : PC911

How To Recognize and Avoid Spyware

2008-02-04T15:48:00.000+05:30

What is spyware?

Despite its name, the term "spyware" doesn't refer to something used by undercover operatives, but rather by the advertising industry. In fact, spyware is also known as "adware."

It refers to a category of software that, when installed on your computer, may send you pop-up ads, redirect your browser to certain web sites, or monitor the web sites that you visit. Some extreme, invasive versions of spyware may track exactly what keys you type. Attackers may also use spyware for malicious purposes.

Because of the extra processing, spyware may cause your computer to become slow or sluggish. There are also privacy implications:

* What information is being gathered?
* Who is receiving it?
* How is it being used?

How do you know if there is spyware on your computer?

The following symptoms may indicate that spyware is installed on your computer:

* you are subjected to endless pop-up windows
* you are redirected to web sites other than the one you typed into your browser
* new, unexpected toolbars appear in your web browser
* new, unexpected icons appear in the task tray at the bottom of your screen
* your browser's home page suddenly changed
* the search engine your browser opens when you click "search" has been changed
* certain keys fail to work in your browser (e.g., the tab key doesn't work when you are moving to the next field within a form)
* random Windows error messages begin to appear
* your computer suddenly seems very slow when opening programs or processing tasks (saving files, etc.)

How can you prevent spyware from installing on your computer?

To avoid unintentionally installing it yourself, follow these good security practices:

Don't click on links within pop-up windows - Because pop-up windows are often a product of spyware, clicking on the window may install spyware software on your computer. To close the pop-up window, click on the "X" icon in the titlebar instead of a "close" link within the window.

Choose "no" when asked unexpected questions - Be wary of unexpected dialog boxes asking whether you want to run a particular program or perform another type of task. Always select "no" or "cancel," or close the dialog box by clicking the "X" icon in the titlebar.

Be wary of free downloadable software - There are many sites that offer customized toolbars or other features that appeal to users. Don't download programs from sites you don't trust, and realize that you may be exposing your computer to spyware by downloading some of these programs.

Don't follow email links claiming to offer anti-spyware software - Like email viruses, the links may serve the opposite purpose and actually install the spyware it claims to be eliminating.

As an additional good security practice, especially if you are concerned that you might have spyware on your machine and want to minimize the impact, consider taking the following action:

Adjust your browser preferences to limit pop-up windows and cookies - Pop-up windows are often generated by some kind of scripting or active content. Adjusting the settings within your browser to reduce or prevent scripting or active content may reduce the number of pop-up windows that appear. Some browsers offer a specific option to block or limit pop-up windows.

Certain types of cookies are sometimes considered spyware because they reveal what web pages you have visited. You can adjust your privacy settings to only allow cookies for the web site you are visiting.

How do you remove spyware?

Run a full scan on your computer with your anti-virus software - Some anti-virus software will find and remove spyware, but it may not find the spyware when it is monitoring your computer in real time. Set your anti-virus software to prompt you to run a full scan periodically (see Understanding Anti-Virus Software for more information).

Run a legitimate product specifically designed to remove spyware - Many vendors offer products that will scan your computer for spyware and remove any spyware software. Popular products include Lavasoft's Ad-Aware, Webroot's SpySweeper, PestPatrol, and Spybot Search and Destroy.

Make sure that your anti-virus and anti-spyware software are compatible - Take a phased approach to installing the software to ensure that you don't unintentionally introduce problems (see Coordinating Virus and Spyware Defense for more information).

Authors: Mindi McDowell, Matt Lytle
Copyright 2004 Carnegie Mellon University.
LINK

2008 InfoSec Calendar

2008-02-04T12:24:00.000+05:30

| View | Upload your own