Tuesday, 29 March 2011

What Is Wardriving And How Can You Prevent It

Imagine a car equipped with nothing more than a laptop computer, a portable GPS receiver, and a wireless network card slowly strolls through your neighborhood. Unknown to any onlookers, this is no ordinary vehicle; rather, it is a wardriving machine. As the car strolls past homes and businesses, a wireless network card (available at any electronics store for as low as $25) scans for any wireless access points. Anyone with a wireless network (and there are many out there) is vulnerable. The computer is looking for what is called an SSID. An SSID is your wireless network name and it is being constantly transmitted by your access point, letting computers know of its presence. The wardriver uses software such as Netstumbler (for windows) or Cismet (for linux) to scan the airwaves for SSIDs. The program can track various access points at once and monitor the signal strength. These programs can also check to see if the network is encrypted. The wardriver will generally configure his or her software to log any strong unencrypted signals. Using the GPS receiver, the coordinates of the strong signal will be recorded. After this preliminary drive, the wardriver can return to the locations that were recorded, and connect to the access point. Once connected to an unencrypted network, the wardriver can use the victim's internet access, and can also explore computers on the network. If files are being shared within someone's private network, all of that information is susceptible to a wardriver. Furthermore, once in the network, a wardriver can sniff network traffic and can view any information such as passwords and credit card numbers you send out to the internet - even SSL secured data. Wireless network vulnerability is a major problem, and as more and more households purchase wireless technology, the problem of insecure networks increases. Sound scary? Well this happens every day, and it doesn't take an expert to pull off. It doesn't take an expert to protect against either, however.

Steps you can take to protect against wardrivers:

There are a number of very simple steps you can take to protect your wireless network. For many of these, you will have to access your router configuration utility (check your manual on how to do this, you will generally need to type an IP address into your browser such as 192.168.0.1 or 192.168.1.1).

Don't broadcast your SSID. If you are broadcasting your SSID, this is the first thing a program will pickup and recognize. If you configure your router to not broadcast your SSID, it will be difficult to detect (but not impossible, for some software can sniff wireless communication, so if you are using your wireless network, the SSID can be revealed). If you are not broadcasting your SSID, but it can be guessed (such as if you are using a default SSID), cloaking is pointless. Due to this, remember to change your SSID from the factory default. This is not a 100 percent effective method to secure your network, but it is a good first line of defense.

Change the default password. When you buy a router, a factory password is stored. People experienced in working with routers know the default passwords for different routers (and the make of the router can be seen by wardriver software such as netstumbler). It is important that you secure your router with a good password.

Encrypt your wireless communication. I can't stress the importance of encrypting your wireless communication enough. Enable encryption and enter a key. Most routers are only capable of WEP encryption, but if they permit, use EAP encryption, it's more secure than WEP. Like cloaking your SSID, encryption is not 100 percent secure. Given enough time and determination, if someone wants to target you and access your network, WEP encryption can be bypassed using software such as AirSnort.

Filter the MAC addresses that are allowed to connect to your router. This would require that you enter your router configuration and input the MAC address of each wireless card you have. This will restrict access so that only your computers can connect to the router. You will need to obtain the MAC address (which is the individual identification address of a network card in the form a 12 digit hexadecimal number). If someone sniffs traffic and detects the MAC address of a computer wirelessly using your network, the wardriver could emulate that address and connect to the router, but this takes time.

If you configure file sharing on your computers, make sure it is password protected. You should not share files on your networked computers unless it requires an authenticated user to access. Set up the same user accounts on your machines so that your computers can share files.

With these relatively simple steps, wireless network users can secure their networks from wardrivers. Wireless networks are inherently insecure, and these tips will merely help you greater secure your network. If someone is really determined to gain access to your network, given enough time, a good hacker can get access. These tips will deter the average wardriver from gaining access to your network, however. Although these methods are not definite security measures, they will change your network from being something that can be hacked in a matter of seconds, to something that will take a determined hacker days if not weeks of work, all of which will have to be done while in close proximity to your network.

The author is a network security veteran, and CEO of Andertec Enterprises http://www.andertec.com, which specializes in onsite custom computer services for the Los Angeles area. Andertec also sells custom made-to-order computer systems, and has a line of revolutionary products at incredibly low prices including the best-selling CyberHome Complete home automation package.


Article Source: http://EzineArticles.com/1002

10 Secrets to a Healthy Computer and a Happier You

There comes a time in a person's life where no matter how much you fight it time takes its toll and we begin to slow down in how we perform our daily activities. However, in order to extend our youthful glow and energy levels it is important to eat right, exercise, and keep a positive outlook on life.

Now you may ask what has any of that got to do with "Secrets To A Healthy Computer?"

Well, in a way we're all just like a computer. If you neglect to take care of yourself you soon will cease to function properly and the many tasks that once were easy to do now take twice as long to accomplish and often require you to rest or "reboot" after a malfunction.

I can't tell you what foods to eat or what exercises to perform because I am not a nutritionist. Although, with my experiences in the personal computer field I can share with you some tips of how to keep that rectangle box of circuitry that sits within sights range functioning at maximum performance as long as time will allow.

Some important steps to follow are....

Make certain that your computer is located in a well ventilated area and that all air vents are unobstructed to prevent overheating and premature failure to any internal components.

Clean out the dust build-up at least every 6 months from the inside of the computer case including case vents, power supply vents, and all visible circuitry with a few cans of compressed air that can be purchased from any major computer store or electronics outlet. This will help reduce the chances of overheating and circuitry damage.

Before cleaning just be certain to always unplug the computer from the wall outlet and never physically contact the circuitry inside the computer case to prevent damage.

Be prepared for an unsuspected failure by always making backups of any important data that you do not and can not afford to lose.

I personally keep updated backups of my website and even store the disks at a remote location away from my every day use computers just in case a disaster were to occur and my main computers were destroyed resulting in the need for those lost files.

Purchase and install a well known anti-virus program that can be regularly updated with the latest virus definitions and ran during boot-up to help protect your computer from being the victim of an unwanted infestation.

Every few months or so run your computer's "Scandisk" program followed by the "Defragmenter" program to maximize the efficiency of your hard drive.

If you are not certain of how to use these utilities and being that the steps to execute these programs varies slightly from one operating system to the other it would be easiest to simply use the "Help" option that can be found by clicking on the START button found on your computers desktop.

The START menu will open up a drop-down-box that should display the "Help" option. By going here you can enter the keywords that deal with the answers to the subject you are searching for.

Run your computers "Disk Cleanup" utility every other week or so. If set the "Disk Cleanup" utility will automatically empty the recycling bin and recover some wasted disk space by removing the internet temporary files that seem to always accumulate.

Again, use the "Help" option if you are uncertain of how to perform this task.

Never smoke near a computer because the cooling fans will pull the smoke into the case where it can coat the inside parts of the computer with a residue which in turn can damage sensitive components.

Place the computer case in an area where it will not be accidentally kicked or bumped to prevent the loosening of cables and damage to internal parts.

Invest in a high quality surge protector to provide your computer and monitor against voltage spikes or "surges" that can dramatically shorten the life of your system. Just like most items in a store, "You get what you pay for". So don't skimp out on this important device!

Its also not a bad idea to invest in a surge protector that includes what is called a "Data Line Protector" which allows you to connect your telephone lines to and serves the same purpose for the telephone line to your modem just like the surge protector does for the electrical household current lines.

Finally, if you plan on being away from home for more that a few days at a time or if there is a thunderstorm brewing in your area it is a very wise decision to always unplug all electrical lines and modem telephone lines from your system. Even with a surge protector installed it is possible that such a large voltage spike such as one caused by a lightening strike could prove fatal to any computer system.

If you follow these simple steps the outcome is a healthy computer that will stay by your side and treat you well which also results in a happier you.

Dan devotes much time working on his internet ventures. He currently has a T-Shirt store at [http://www.cafepress.com/tshirtsngifts] and an ebook store at http://online-book-store.net that caters to his visitors.

Article Source: http://EzineArticles.com/?expert=Dan_Preston

Article Source: http://EzineArticles.com/133

3 Warning Signs You Might Have a Virus

Consumers always want to know how to tell if they have a virus running in the background they don't know about. Some common warning signs are listed below, but there is no sure fire bet to determining if you have a virus or not without a professional software program. There are a lot of websites out there that will let you run a free scan of your PC to determine if you have any issues, however, most of these sites will want you to then purchase their software. Don't spend your money. There are some common warning signs that can help you determine your risk.

1. PC Running SLOW

Does your PC seem to be running slower than normal? Does it seem to have a delay from when you click on a button to when the PC responds? If so, you might have something running in the background you don't need or want. Check your memory usage as you shouldn't be using much while idling. If it seems rather high, call a professional. They can help determine which programs are using your memory and if you need a potential upgrade or virus removed.

2. Pop Up Alerts and Security Warnings

This is one of those sure fire signs you have a virus. While Microsoft does have security warning pop ups, these pop ups won't ever go away. You have clicked on them in every which way and it just keeps doing the same thing. (By the way, it was a bad idea to click on them...but the damage is already done). What do you do now? Call for help. Get a professional in to check your entire hard drive and remove all signs of the virus. These can often be removed quickly and with little disruption.

3. Changed Settings

You notice that your normal desktop setting have changed and no one seems to know how they changed. Does your internet browser only go to one website which isn't your home page? If so, you are likely to have a virus. DO NOT download any software or purchase the software that they are stating will help remove the virus from your PC. Call a professional. Do not use your PC until a Professional has done a clean sweep of registry files and all to ensure the virus has been removed.

In today's world, most people refer to anything that is going wrong with their PC as having a virus. Remember, there are viruses, Trojans, worms, pests, and so on. Each of these is a issue that needs a professional to help safe guard your PC. Using an off-site backup of your programs and documents is a great way to help protect your information. In case a virus does infect your PC, you know that with a simple click of the mouse, you can retrieve all your information without worry. Another bonus of having a backup is being able to access your information from anywhere.

Viruses are always changing and getting smarter. There isn't a for sure way to determine you have a virus without the right software. However, using the warning signs above can give you a head start in safe surfing on the Internet.

Marsha Rogers
Zone Nonsense

http://www.zonenonsense.com

Marsha Rogers is the co-founder of Zone Nonsense, a virus removal and PC optimization company located in Nashville, TN. With over 10 years of experience, her expertise has been focused on helping educate the elderly on safe internet surfing.

Article Source: http://EzineArticles.com/?expert=Marsha_Rogers

Article Source: http://EzineArticles.com/6087194

Is Your PC Part of a Botnet?

These Botnets are big business - a multi-billion dollar business in fact. Botnets are usually used to send spam, keylog, steal pay-per-click advertising revenues, and take part in a DDoS attacks (attacks that flood servers with so much traffic, it brings the network to its knees, often bringing the server down). The most significant attribute of Botnets, however, is keylogging: a little program running in the background [that you never notice] recoding all of your keystrokes, and then sending the data back to C&C servers, which again are controlled by people with malicious intent.

Often clients ask me why people do this? Why would someone write this type of software? Who has the time? The primary motivator is monetary gain!

Think about that! How much banking do you do online? What about using your credit card online? Accessing your email or other online services (i.e. Google Adwords, Amazon.com, PayPal, etc.)? Each unique set of credentials an attacker steals sell for $25 (the current online rate). Take for example UC Santa Barbara, its campus was infected with the Torpig Botnet for 10 days; during those 10 days the attackers stole nearly 300,000 set of credentials (usernames, passwords, etc.) from over 52,000 infected machines. In 10 days, the attackers potentially made over 7 million dollars by selling each of those credentials. I won't go into where you would go to sell this information, but it's big business. In addition, while your machine is still infected, its use is sold to others who want to use your PC to generate and send spam (a revenue generator as well); it's a vicious cycle.

The sad truth is that Windows PCs are the most vulnerable to these types of attacks because: 1) economies of scale (Windows PCs have over 90% market share, making it a rich target) and 2) inadequate security settings on those Windows PCs. No computer or device connected to the Internet is 100% safe (including Macs); if someone wants to get access and they put in the effort, they'll get in. Market share aside, Windows PCs are the easiest to infect because by default you are logged in as an administrator on the PC with full access. Linux & Macs don't run as the root user by default (by design). Microsoft has taken steps to remedy this problem with Windows Vista/7 with a feature called UAC; every time a program wants to make a change to the system, Windows will prompt you for permission. But then the question still remains: how do I know if it's safe to run this program? All this boils down to end-user education really. You can have the latest anti-virus/malware programs and the latest updates, but if you visit an infected website or open an email attachment with a virus (the two primary ways Botnets spread), chances are good you'll be owned!

How to Keep Safe Online

Protecting yourself requires a multi-prong approach - there is no silver bullet!

The first thing you should do is have anti-virus software installed and enable your firewall. Both Symantec and McAfee are excellent anti-virus solutions and industry leaders in this field. Microsoft has released a free solution called Microsoft Security Essentials (http://www.microsoft.com/Security_Essentials/), which will protect your Windows PC from both viruses and malware. Although, the idea of Microsoft policing itself may make some folks nervous. However, in my experience Security Essentials does a decent job and it's free. And while enabling your firewall is better than not having one at all, remember it's no guarantee. If someone wants to get in, they'll find a way.

Go download Malwarebytes' Anti-Malware (http://www.malwarebytes.org/mbam.php). This is the best solution I have encountered when cleaning up infected PCs. It's free for home-use and does an excellent job at detecting malware and Trojans. You can purchase a Pro version that will provide real-time protection so you don't have to run a scan manually each time you're looking for infections. Sometimes to remove stubborn infections you have to reboot Windows into Safe-Mode (restart Windows and keep hitting the F8 key until you get a DOS looking menu system; select any of the Safe-Mode options and let Windows boot as usual; then run Malwarebytes).

Keep your Windows OS updated. It's free and there is no reason not to install the free patches Microsoft provides for its OSes. Check your Windows Updates setting in Vista/7 in the Control Panel, of if you're on Windows XP and below go to windowsupdate.microsoft.com.

Use a safe browser. Stay away from Internet Explorer 6. In fact, if you're still using IE 6 go buy a new computer, or give me a call so I clean up your machine because chances are your PC is part of a Botnet. Internet Explorer 8 is a much safer browser than its predecessors; and Firefox, Chrome, and Opera are all worthy too. My only concern with third party browsers is their plug-in architecture, which themselves can have security flaws.

Implement OpenDNS in your home and/or business network. OpenDNS keeps you from unintentionally going to websites known to spread malware/Trojans, etc; plus you can filter the Internet sites users access on your network (i.e. block adult themes sites). The best part is this service is free! (Perhaps I'll do a video training on this topic if I garner enough interest).

Lastly, don't run your PC as an administrator, unless you absolutely know what you're doing. In a corporate environment the prudent thing to do is have 2 separate logins: one do to administrative tasks and a second one for everyday use.

These six steps will greatly minimize the attack surface of your computing environment. Stay safe!

Jacob Picart is an independent IT Consultant with over a dozen years of industry experience, including working with Windows servers (Exchange, IIS, DNS, Active Directory, etc.); network security (Cisco firewalls and routers); and Linux. Additionally, he serves as the Technical Director for Remnant Studios, a post-production studio specializing in 3D visual & motion graphics effects. His broad technological background, combined with his media and design skills, make him a sought-after consultant by companies who want to better align their technology resources to their business message. He earned his B.A. from San Jose State University and has served in a professional capacity in the industry for over 12 years.

Article Source: http://EzineArticles.com/?expert=Jacob_Picart

Article Source: http://EzineArticles.com/6060540