Monthly Archives: November 2015

Security Features in Windows® XP Home Edition

Windows XP is available in two editions – Home Edition for home use, and Professional for businesses.

Security features in the Home edition make it even safer for you to shop and browse on the Internet. It comes with a built-in Internet Connection Firewall software that provides you with a resilient defense mechanism against security threats when you’re connected to the Internet, particularly if you use always-on connections such as cable modems and DSL.

Security in Home Edition

This version’s security services have been designed to be flexible, and take into account a wide variety of security and privacy situations that you’ll face as a home user.

Personalized Login: With Windows XP, all family members can have their own interface, complete with login and password. This added level of security ensures that no one can access, or accidentally delete your important documents. If you have children in the house, you can set up profiles with different security limits to filter out Internet sites that may be inappropriate for them.

Fast User Switching for Multiple Users of a Computer: Designed for the home, Fast User Switching lets everyone use a single computer as if it were their own. There is no need to log someone else off and decide whether to save another user’s files. Instead, Windows XP takes advantage of Terminal Services Technology and runs unique user sessions that enable each user’s data to be entirely separated. And when used with a user password, these sessions are secured from one another.

Personal Privacy: Microsoft Internet Explorer version 6.0 helps you maintain control over your personal information, when visiting web sites, by supporting the Platform for Privacy Preferences (P3P) standard from the World Wide Web Consortium (W3C).

As part of W3C, Microsoft helped develop a standard for web site privacy policies, so that you can make informed decisions about the amount and type of information you share online. Internet Explorer 6.0 determines whether the web sites you visit adhere to the standards Of W3C and tells you their status before you provide private information. Once you have defined your privacy preferences for disclosing personal information in Internet Explorer 6.0, the browser determines whether the sites you visit are P3P-compliant.

For P3P-compliant sites, the browser compares your privacy preferences to the privacy policies defined for the sites. Internet Explorer uses HTTP for this exchange of policy information. Based on your privacy preferences, the browser determines whether to disclose personal information to the web sites.

Cookie Management: The P3P standard also supports cookie management features in Internet Explorer 6.0. A cookie is a small file that an individual web site stores on your computer, to provide customization features.

For example, when you implement custom settings for MSN®, that information is stored in a cookie file on your computer. MSN then reads the cookie each time you visit the site and displays the options you selected. As part of their privacy policies, P3P-compliant web sites can provide policy information for their cookies. When you configure your privacy preferences, you can configure Internet Explorer to handle cookies in the following ways:

– Prevent all cookies from being stored on your computer.
– Refuse third-party cookies (cookies that do not originate from the same domain as the web site being visited and therefore are not covered by that web site’s privacy policy), but allow all other cookies to be stored on your computer.

Internet Connection Sharing: Internet Connection Sharing (ICS) connects multiple computers to the Internet using a single connection. With ICS, users can securely share DSL, cable modem, or telephone line connections among multiple computers.

How ICS Works
One computer, called the ICS host, connects directly to the Internet and shares its connection with the rest of the computers on the network.

The client computers rely on the ICS host computer to provide access to the Internet. Security is enhanced when ICS is enabled because only the host computer is visible to the Internet. Any communication from client computers to the Internet must pass through the host, a process that keeps the addresses of client computers hidden from the Internet.

Client computers are protected, because they cannot be seen from outside the network. Only the computer running ICS is seen from the public side. In addition, the ICS host computer manages network addressing.

The host computer assigns itself a permanent address and provides Dynamic Host Configuration Protocol (DHCP) to ICS clients. By assigning a unique address to each ICS client, it provides a way for computers to communicate with other computers on the network.

Windows XP provides the ability to share a single Internet connection with multiple computers on a home or small-business network through the ICS feature. This feature first appeared in Windows 2000 Professional and Windows 98 Second Edition, and has been improved in Windows XP.

Using Network Protocols: In Windows XP, the ICS feature provides Network Address Translation (NAT), DHCP, and Domain Name Service (DNS) to the home network.

Configuration of clients: The DNS functionality in Windows XP has been improved to include a local DNS Resolver to provide name resolution for all clients on the home network. With the DNS Resolver, non-Windows-based network devices are able to conduct name resolution for network clients. Internet names needing resolutions are still forwarded to the Internet service provider’s DNS servers for resolution.

Remote Discovery and Control Functionality: ICS also includes remote discovery and control functionality. Using Universal Plug and Play, network clients detect the presence of the ICS host, then query and determine its Internet connection status.

When you want to browse the Internet on another personal computer within your home, the Windows XP personal computer automatically connects to the Internet, if it’s not already connected on behalf of the other computer. The user on the client computer elsewhere in the house will know if there’s an existing Internet connection, and can disconnect it to use the telephone for normal voice communications, if desired. This is useful if you’re charged by the minute for dial-up connections, or prefer to turn off your Internet connection during periods of inactivity.

Internet Connection Firewall: Windows® XP provides Internet security in the form of the new Internet Connection Firewall (ICF). For years, business networks have been able to protect themselves from outside attacks by using firewalls. The Windows XP ICF makes use of active packet filtering, which means that ports on the firewall are dynamically opened only for as long as needed to enable you to access the services you’re interested in. This type of firewall technology, which is usually associated with more sophisticated enterprise firewalls, prevents would-be hackers from scanning your computer’s ports and resources, including file and printer shares. This significantly reduces the threat of external attacks. This firewall feature is available for Local Area Network (LAN), Point-to-Point Protocol Over Ethernet (PPPoE), VPN, or dial-up connections. Windows XP is the first Microsoft operating system to include this native PPPoE support.

Shared Documents Folder: When you create a password for yourself, Windows offers to lock down your “My Documents” folder, as well as any other sub-folder. That way, if you have a password and want privacy, you will be protected from other non-administrator users of the computer.


Choosing Security Software to Stay One Step Ahead of Hackers

A couple of months ago the government released the findings from a ‘cybersecurity review’ that was performed over the course of 60 days. The statistics showed that in 2008, online criminals stole nearly $1 trillion worth of intellectual property taken from businesses around the world. In the past two years, online crimes have cost American businesses upwards of $8 billion.

Hackers have developed increasingly sophisticated means of tampering with the Web, including infecting or pirating critical software applications in both public and private sectors of business. Traditional security measures have protected software only by using passive activities such as encrypting files or hiding programs behind firewalls and security perimeters. The problem with passive approaches is that they provide just a single defense layer that experienced hackers can dispose of quickly, leaving applications with no protection once that security level is breached.

The Internet obviously has opened up new markets and business opportunities, but it has also provided for the rapid dissemination of malware, different types of viruses, and compromised applications that can bring business to a halt. With companies increasing global distributions and online sales, and increasing numbers of businesses conducting operations online, the risk to transactions and software is growing exponentially. Securing the perimeter of a network, application, or system is no longer sufficient in today’s distributed computing environment. To safeguard their intellectual property, companies need to adopt new approaches that integrate security directly into software and data.

To succeed in IP protection, security software must be durable and resilient. Protection methods currently used―authenticating users, specifying user privileges, and transaction verification―are easy for experienced hackers to get around because they are a single yes/no point of decision. Such individual decision points result in single failure points, which allows hackers to create tools of attack that are rapidly distributed throughout the Internet. Protection schemes must be renewed and updated to maintain immunity against the experienced hackers gain every time they successfully breach security.

Security solutions should be user-friendly so that users can tailor the software to fit their specific business requirements for their individual environment. The solutions should also be free of performance penalties, so that developers do not have to choose between the amount of performance they get and the amount of the application that is secured. Also, security approaches should be friendly toward developers, because providing security at the code level is expensive and labor-intensive. In addition, code-level security measures will not be reusable, so ongoing expenses will be high.

Successful protection of your IP requires a balanced, careful evaluation of the various approaches available, and then selection of the one that will provide you with the maximum defense against hackers. If you keep these requirements in mind while making your selection, then the next time a hacker tries to worm his/her way into your mission-critical applications, your IT administrator will receive prompt notification in real time, and will be able to respond appropriately to protect your network and systems. Thwarting hackers isn’t as daunting a challenge if you prepare yourself ahead of time, and ensure that you have the proper protection in place.


Basic Computer Security Tips

Everyone talks about computer security i.e being secure online but how many of us actually practice the effective security tips? Then when hackers or viruses attack, we look around to attach blame. Well, prevention is better than cure, so it pays in the long run to secure your system in advance.

Tip #1: Set up user accounts
One computer, many users, is a security disaster waiting to happen. Your files and data are your personal, private content and should be protected accordingly. To prevent other users from seeing or accessing your data, set up user accounts on your PC. A user account shows an individual’s specific data and not what is present on the entire system. It also specifies privileges on shared data, such as deleting/editing operations and what software can be installed on the machine.

This feature is especially useful when kids and adults use the same machine. What if your child accesses your important work files and deletes them by mistake? With a separate user account, he/she can only view certain files and cannot modify or delete them. Even if you are the sole user of the PC, set up a guest account, in case someone else needs to use the computer.

Tip #2: Secure your wireless network
With wired Internet access, there’s little risk of someone encroaching on your network. But wireless networks do have holes in their security, so as the owner of the network, you need to be vigilant. Setting up password-protected network access is the first step. You need to assign a network name and password to your Wi-Fi network. Use the latest wireless encryption methods like WPA or WPA2. Do not reveal your network password to others.

Tip #3: Arm your computer with an anti-virus program
The best defense is a good offense. One of the most basic computer security guidelines is installing an anti-virus software. Installing security programs like an anti-virus, keeps your computer round-the-clock safe against viruses, malware, Trojan worms etc. and other malicious programs. For better protection, try to install complete security suites, that provide Internet security and firewalls along with anti-virus software.

Tip #4: Be regular in updates and virus scans
Just installing an anti-virus program will not protect your PC. You need to keep it up-to-date with regular virus signature and threat updates. New viruses and malware programs emerge online each day. Another bad trait of viruses is that they keep trying to find new ways to enter an unsuspecting computer. The only way to counter such attacks is to update your security programs on a regular basis. You should also scan your computer regularly for dangerous programs. Schedule periodic scans, once-a-month scans, scanning new added devices and automatic full system scans, to ensure your PC is threat-free.

Tip #5: Install parental control software for kid-friendly computer usage
Keeping your computer secure definitely involves keeping your kids safe from cyber enemies. Aside from explicit and adult content, you need to filter and monitor what your kid is up to online. Social networking sites in particular, are fun online places to socialize but they are also preying grounds for the depraved. Parental control software allows you to set filters and block sites as well as receive warnings when suspicious activity is taking place online.

Tip #6: Block unwanted search results
You can even change your web browser’s security settings to block certain sites and filter out objectionable content. Such settings are not as powerful as parental control software but it helps to be extra secure. You can find this feature in the Tools option of most browsers. With search engines like Google, you can fiddle with search preferences settings.

Tip #7: Download wisely
Whether it is a picture, an MP3 or a game, downloaded files are an excellent way for malicious software to enter your computer. Once you download and install or use a file, there’s no telling what it will do to your machine. So be extra careful when it comes to downloading. Download files from trusted and preferably certified sites. Sites offering free, cracked versions of software programs are especially dangerous, as some cracks can contain malware.

When a download begins, you are asked to save the file before the downloading actually starts. Read the file name and its extension carefully, to ensure what you want is being downloaded. While installing a program, read the license agreement and make sure, only the program you want is being installed. Sometimes spyware and hidden programs are bundled into the installer program, and are installed secretly along with your software. Scan your PC for threats after downloading files from the Internet.

Tip #8: Be careful with emails
Getting and sending emails is easy, going through your inbox for mail, that is actually relevant, is not. Email inboxes are storehouses of junk mail, spam, advertisements, forwards, mail and many times, a hidden threat. You can keep your inbox sorted and clutter-free by using spam blockers and filters. Threat-wise, try to avoid opening emails from senders or addresses you don’t know.

A key sign of a malicious email is poor language. Weird, nonsensical text or poor grammar or even bogus-seeming email addresses are some signs of a harmful email. Be especially wary of email attachments. Check the file extension. Files with .exe, .pif, .com,.bin or .bat extensions, can be malicious. If you do not know the sender of the email, do not open or download such files, just delete the mail. Instead of opening the attachment from the mail itself, save the file, let it download and scan it, before opening it.

Tip #9: Secure your data with backups
Sometimes no matter what steps you take, you lose data. Part of being secure is having a fail-safe or backup to fall back on, in case something bad happens. So in case a virus has attacked your files or data is accidentally deleted, your data is never really lost, if you have a backup of it. Backup your data regularly, either by storing it on physical devices like CDs or by backing it up on a network. Set a system restore point for your PC, so in the event of a system crash, you can restore your PC to a particular working state with your data intact.

Tip #10: Be smart with your passwords
Passwords are supposed to keep your individual settings and data safe, so you need to keep their true value or the actual password safe. This means, do not write down all your passwords on a piece of paper and keep it lying around. With numerous passwords, it’s understandable that remembering them all is difficult. So you can write them down but the place where you store this info, should be secure. And once in a while, please change your passwords. If in case, they are revealed, updating the passwords can render all hacking attempts as naught. Another safety precaution is the “remember me” option in most secure sites. If multiple users access the same PC, do not select this option.

The above computer security tips are just the tip of the iceberg, when it comes to securing your PC. For every good advancement in technology, cyber evil seems to get even more evil, so it pays to be vigilant in today’s cyberspace.


How to Protect Yourself from Social Engineering Attacks

The Trojan Horse
The use of the wooden horse statue by the Greeks to invade Troy is arguably the oldest social engineering attack known to man. This method of making the Trojan to allow their destroyers get right into the homes of Troy is considered to be so clever, that an entire section of malware has been named after it.
What is Social Engineering?
The art of psychologically manipulating people so that they give up confidential/sensitive information is known as social engineering. These are non-technical attacks, which rely on fooling people into deviating from regular security procedures. People engaging in this criminal act either target individuals for things such as bank information and passwords, or they might target the employees of entire organizations for sensitive corporate information, which they can then use to make a lot of quick money in the market.

The use of social engineering has increased drastically, because it is much more difficult to hack into someone’s software/password than it is to win their trust and exploit them to gain information that is wanted. No matter how technically sound the security chain might be, information is always susceptible to attack if the people involved with the information are vulnerable. The key to protecting oneself from such fraud is to develop a good sense of who and what to trust. The various types of social engineering that one can be targeted with are based on common attributes of the human thought process while making decisions. The various biases that a human may have towards a person or a situation are exploited in an endless list of combinations, some of which we will look at below.

Types of Social Engineering
Pretexting: This is one of the most common threats of social engineering, in which conmen create an imaginary scenario to interact with the targeted person in such a way that the person would voluntarily give out information or perform certain actions, which he/she would not do in ordinary circumstances. This technique is carried out by first finding out information about the targeted person or organization through documents such as discarded bank/financial statements, which is then used to convince the target that the conman has a sense of authority.

This technique can also be used by impersonating people like the police, tax officials, or insurance investigators, who in the mind of the victim have a right to know about the information. The conman simply does a little research to satisfactorily answer questions asked by the victims, behaves earnestly and authoritatively, and extracts information with quick thinking and manipulation of the situation.

Baiting: This technique uses the greed or curiosity of the target. Usually, the criminal uses some form of physical media like a CD or pen drive, which is given a legitimate but interesting label. It is then purposely left in a place like a restroom or elevator, where it is sure to be found by someone. When any person finds the CD, he/she is expected to get curious about the label and the data that it contains. However, on inserting the CD into a computer, they unknowingly install malware into the system, which could give the attacker unrestricted access, not only to that computer, but also to the company’s internal network.

Tailgating: In this method, the attacker’s intention is to gain entry into a restricted area of large organizations. If the area is guarded by electronic access systems, like electronic employee ID cards, the attacker just walks behind a legitimate employee having access to the area. Usually, the real employee will hold the door open for the attacker as courtesy, as he/she may think that the attacker is a part of the organization. They might forget to ask the attacker for identification, or may assume that he has misplaced his ID. The attacker might also display a fake ID, giving him access to any place that he may want to go.

Quid Pro Quo: In this technique, the attacker randomly calls telephone numbers at the targeted company, posing as a member of the technical assistance staff, and asking if there is any problem with the computer systems. Eventually, the attacker will find someone having a genuine problem, and will help solve the issue, all the while getting the distressed employee to unknowingly type in commands which will give the attacker access to the network, or put in a malware in the computer.

Phishing: This is another popular method used by criminals to fraudulently obtain private information about a person. The scam is run by either sending an email or making a phone call to the target. The email/phone call is designed to appear like legitimate correspondence from real businesses, like banks or credit card companies. If such an email is received, it will have links to a webpage with seemingly legit logos and company content, and a form which will request all kinds of details, such as PIN numbers or addresses, for alleged verification purposes.

In phone calls, a bogus interactive voice response (IVR) system prompts the target to call a supposed bank number, where a lot of information is asked for verification purposes. These systems work by appearing to reject login IDs and passwords entered by the victim, so that the information is entered multiple times. Some systems even transfer your call to the attacker, who gains information by acting as a representative from the customer service department.

Social Engineering Examples
Example 1: In 2011, a security company ironically had a breach in their security system, which the attacker accessed using social engineering. Over a couple of days, two phishing emails were sent to low-level employees of the firm. The subject of these emails was ‘2011 recruitment plan’. Eventually, one curious employee opened the excel attachment, which contained a malware, giving access to the attacker by a loophole in Adobe Flash software. The breach cost the company over USD 60 million.

Example 2: In 2013, a Chinese cyber-espionage group named ‘Hidden Lynx’ made several attacks on the digital code signing certificates of security companies. The group infected sites, which were accessed regularly by the target companies with malware, and gained access to the company network and networks of some of their clients.

Example 3: A bank in Belgium was robbed of diamonds and other gems worth over 21 million Euros in 2007 by a mysterious man, who is still at large. But what set this robbery apart from the others was that, the thief used only his charm and wit to do the job, despite the bank’s great security system. He visited the bank during business hours, became very friendly with the staff, brought them small gifts like chocolates, all the while making copies of the keys and finding information on where the jewels were. Finally, when the theft was found out, the employees could not believe that such a nice man could do such a terrible thing.

Social engineering attacks prey on the nature of humans to be helpful and trusting, and many individuals are unaware of how these attacks look like. Even if the employees of a company are trained to spot such frauds, third-party contacts can still compromise security. Therefore, such attacks are difficult to prevent completely. However, in order to make it difficult for social engineers and discourage them from attacking, some preventive measures need to be taken.

Measures to Prevent Social Engineering Attacks

It is important to assess how much knowledge an individual or employees of the organization have about security, so that adequate training can be imparted to fill in the gaps in their knowledge.
Training should be provided in small pieces rather than as a whole, so that it is easily understood.
Using simulated attacks of likely fraudulent scenarios will help in identifying the signs of social engineering.
Using advanced systems of security and different passwords for different accounts is very important.
Regularly checking personal data, account details, and making requisite upgrades to security is very helpful.
Keep security questions creative, and completely abstain from giving out personal information over the phone or email.
Restrict information that can pass out of the organization, and never allow unauthorized guests to be unsupervised in areas with network access.
Make sure that employees are trained to politely question people they don’t know, about their presence in the office premises, and ensure that regular sessions and talks about security issues are held, so the problem of social engineering is always fresh in the minds of the employees.
Employees should be provided with an effective centralized system for reporting suspicious behavior, which will have a good chance of detecting social engineering patterns, and preventing disasters from taking place.

This list of preventive measures is by no means a complete one. However, it is hoped that the article has given you some food for thought. Social engineering attacks occur on a daily basis, and it is important that awareness is maintained, so that one does not give out information just because the attacker asked for it nicely.