Are you making yourself a target for fraud? More and more often I am hearing stories of people who have had their accounts hacked. They have had money stolen, lost sleep, spent hours setting up new accounts, or had their credit ruined. Don't let this happen to you. Are you making these dangerous mistakes? Mistake #1: Using the same password for all your accounts. Please don't do this. Use different passwords for every email account, and definitely use unique passwords for shopping websites where you'd enter your credit card. Mistake #2: Short passwords The risk of someone guessing your password is increasingly difficult the more characters are in it. So, go for the gusto and make your passwords long. Mistake #3: BradPitt, Charlie, Sarah, Princess, Barbie, Gandolf -- Did I guess it yet? Do not use kids' names, pet's name, nicknames, names from characters in books or movies or celebrity names. Even if I didn't guess it in my list, someone who knows you could. Mistake #4: Easy to remember English words Easy to remember is also easy to guess. Passwords should not contain English words found in a dictionary. Non-English words or any words in any dictionary are a high risk as well. And, for goodness sakes, if your password is "password" or "test" then it's a wonder you haven't been hacked yet! Mistake #5: Numbers are no-no's. Seriously, stay away from birthdays, anniversaries, addresses, social security numbers or telephone numbers. They are all too easy to guess. Choose random passwords for banking sites like PayPalbine letters (both uppercase and lowercase) and numbers. If all of this sounds too hard to remember, then consider using a Password program. Most of the good password programs will not only store your passwords on your computer, but they'll generate completely random passwords when you need one. Here are a few to try. fgroupsoft/Traysafe/ passwordsafe. sourceforge. net/ treepad/treepadsafe/ It's never a good time to find out that someone has stolen money from you -- or locked you out of your own email account. It's a waste of your time and money. Please protect yourself.
1. Input Checking Always check user input to be sure that it is what you expected. Make sure it doesn’t contain characters or other data which may be treated in a special way by your program or any programs called by your program. This often involves checking for characters such as quotes, and checking for unusual input characters such as non-alphanumeric characters where a text string is expected. Often, these are a sign of an attack of some kind being attempted. 2.Range Checking Always check the ranges when copying data, allocating memory or performing any operation which could potentially overflow. Some programming languages provide range-checked container access (such as the std::vector::at() in C++, but many programmers insist on using the unchecked array index  notation. In addition, the use of functions such as strcpy() should be avoided in preference to strncpy(), which allows you to specify the maximum number of characters to copy. Similar versions of functions such as snprintf() as opposed to sprintf() and fgets() instead of gets() provide equivalent length-of-buffer specification. The use of such functions throughout your code should prevent buffer overflows. Even if your character string originates within the program, and you think you can get away with strcpy() because you know the length of the string, that doesn’t mean to say that you, or someone else, won’t change things in the future and allow the string to be specified in a configuration file, on the command-line, or from direct user input. Getting into the habit of range-checking everything should prevent a large number of security vulnerabilities in your software. 3.Principle Of Least Privileges This is especially important if your program runs as root for any part of its runtime. Where possible, a program should drop any privileges it doesn’t need, and use the higher privileges for only those operations which require them. An example of this is the Postfix mailserver, which has a modular design allowing parts which require root privileges to be run distinctly from parts which do not. This form of privilege separation reduces the number of attack paths which lead to root privileges, and increases the security of the entire system because those few paths that remain can be analysed critically for security problems. 4.Don’t Race A race condition is a situation where a program performs an operation in several steps, and an attacker has the chance to catch it between steps and alter the system state. An example would be a program which checks file permissions, then opens the file. Between the permission check the stat() call and the file open the fopen() call an attacker could change the file being opened by renaming another file to the original files name. In order to prevent this, fopen() the file first, and then use fstat(), which takes a file descriptor instead of a filename. Since a file descriptor always points to the file that was opened with fopen(), even if the filename is subsequently changed, the fstat() call will be guaranteed to be checking the permissions of the same file. Many other race conditions exist, and there are often ways to prevent them by carefully choosing the order of execution of certain functions. 5.Register Error Handlers Many languages support the concept of a function which can be called when an error is detected, or the more flexible concept of exceptions. Make use of these to catch unexpected conditions and return to a safe point in the code, instead of blindly progressing in the hope that the user input won’t crash the program, or worse!
Are you the victim of identity theft? According to Joanna Crane of the Federal Trade Commission's Identity Theft Program, 80% of the victims who call the FTC say they have no idea how it happened. Furthermore, an FTC survey reported that 4.6% of those polled reported that they had been a victim of identity theft within the past year. Additionally, according to a recent General Accounting Office report, it is estimated that as many as 750,000 Americans are victims of identity theft every year. Is this an invisible enemy and are American's personal and financial information that easily accessible to identity thieves? What can the average American do to protect themselves from these personal attacks on their privacy? Although there are no guarantees, here are five simple steps to help prevent identity theft: 1) Shred private credit card statements, tax documents, bank statements, pre-approved credit card offers or any other documentation with private financial information. 2) If you are inundated with pre-approved credit card offers you can call toll free 1-888-567-8688 to opt out and request to have your name removed from the mailing list. In addition, you can call the national do not call registry at 1-888-382-1222 to stop unsolicited telemarketing calls where you could divulge personal information. 3) Monitor your credit report at least once a year. You are entitled to a free credit report and can get one by calling 1-877-322-8228. Look for suspicious activity. It is also wise to subscribe to a credit protection service which will inform you of changes in your credit report. 4) Check your mailbox daily and do not allow mail to sit overnight in your mailbox. Mail theft is an easy way for thieves to secure personal information. It is best to mail outgoing bills and checks at the post office or other secure locations. If you believe your mail has been stolen you must contact the nearest postal inspector. You can look in the white pages under Government Services or call 1-800-ASK-USPS. 5) Be defensive and more guarded with your information. Do not divulge your personal information freely. Never "validate" your personal or financial information when contacted through an email, even if it is a company you do business with; they have this information on file. It may look legitimate and realistic, but these attempts are getting more sophisticated and these types of scams are what is known as "phishing". We have explored five simple steps that the average person can do to help themselves prevent identity theft. In this age of advanced communications and technology and with the thieves getting more deceptive than ever, it is imperative to continue to educate yourself. Be cautious and understand that this information can be abused and it is up to you to safeguard yourself and your famliy from this growing trend.
Most people on the internet are good, honest people. However, there are some people browsing the internet who derive fun from poking around websites and finding security holes. A few simple tips can help you secure your website in the basic ways. Now, obviously, the subject of data security is a complicated one and way beyond the scope of this column. However, I will address the very basics one should do which will alleviate many potential problems that might allow people to see things they shouldn't. Password Protecting Directories If you have a directory on your server which should remain private, do not depend on people to not guess the name of the directory. It is better to password protect the folder at the server level. Over 50% of websites out there are powered by Apache server, so let's look at how to password protect a directory on Apache. Apache takes configuration commands via a file called. htaccess which sits in the directory. The commands in. htaccess have effect on that folder and any sub-folder, unless a particular sub-folder has its own. htaccess file within. To password protect a folder, Apache also uses a file called. htpasswd . This file contains the names and passwords of users granted access. The password is encrypted, so you must use the htpasswd program to create the passwords. To access it, go to the command line of your server and type htpasswd. If you receive a "command not found" error then you need to contact your system admin. Also, bear in mind that many web hosts provide web-based ways to secure a directory, so they may have things set up for you to do it that way rather than on your own. Barring this, let's continue. Type "htpasswd - c. htpasswd myusername" where "myusername" is the username you want. You will then be asked for a password. Confirm it and the file will be created. You can double check this via FTP. Also, if the file is inside your web folder, you should move it so that it is not accessible to the public. Now, open or create your. htaccess file. Inside, include the following: AuthUserFile /home/www/passwd/.htpasswd AuthGroupFile /dev/null AuthName "Secure Folder" AuthType Basic require valid-user On the first line, adjust the directory path to wherever your. htpasswd file is. Once this is set up, you will get a popup dialog when visiting that folder on your website. You will be required to log in to view it. Turn Off Directory Listings By default, any directory on your website which does not have a recognized homepage file (index. htm, index. php, default. htm, etc.) is going to instead display a listing of all the files in that folder. You might not want people to see everything you have on there. The simplest way to protect against this is to simply create a blank file, name it index. htm and then upload it to that folder. Your second option is to, again, use the. htaccess file to disable directory listing. To do so, just include the line "Options - Indexes" in the file. Now, users will get a 403 error rather than a list of files. Remove Install Files If you install software and scripts to your website, many times they come with installation and/or upgrade scripts. Leaving these on your server opens up a huge security problem because if somebody else is familiar with that software, they can find and run your install/upgrade scripts and thus reset your entire database, config files, etc. A well written software package will warn you to remove these items before allowing you to use the software. However, make sure this has been done. Just delete the files from your server. Keep Up with Security Updates Those who run software packages on their website need to keep in touch with updates and security alerts relating to that software. Not doing so can leave you wide open to hackers. In fact, many times a glaring security hole is discovered and reported and there is a lag before the creator of the software can release a patch for it. Anybody so inclined can find your site running the software and exploit the vulnerability if you do not upgrade. I myself have been burned by this a few times, having whole forums get destroyed and having to restore from backup. It happens. Reduce Your Error Reporting Level Speaking mainly for PHP here because that's what I work in, errors and warnings generated by PHP are, by default, printed with full information to your browser. The problem is that these errors usually contain full directory paths to the scripts in question. It gives away too much information. To alleviate this, reduce the error reporting level of PHP. You can do this in two ways. One is to adjust your php. ini file. This is the main configuration for PHP on your server. Look for the error_reporting and display_errors directives. However, if you do not have access to this file (many on shared hosting do not), you can also reduce the error reporting level using the error_reporting() function of PHP. Include this in a global file of your scripts that way it will work across the board. Secure Your Forms Forms open up a wide hole to your server for hackers if you do not properly code them. Since these forms are usually submitted to some script on your server, sometimes with access to your database, a form which does not provide some protection can offer a hacker direct access to all kinds of things. Keep in mind...just because you have an address field and it says "Address" in front of it does not mean you can trust people to enter their address in that field. Imagine your form is not properly coded and the script it submits to is not either. What's to stop a hacker from entering an SQL query or scripting code into that address field? With that in mind, here are a few things to do and look for: Use MaxLength. Input fields in form can use the maxlength attribute in the HTML to limit the length of input on forms. Use this to keep people from entering WAY too much data. This will stop most people. A hacker can bypass it, so you must protect against information overrun at the script level as well. Hide Emails If using a form-to-mail script, do not include the email address into the form itself. It defeats the point and spam spiders can still find your email address. Use Form Validation. I won't get into a lesson on programming here, but any script which a form submits to should validate the input received. Ensure that the fields received are the fields expected. Check that the incoming data is of reasonable and expected length and of the proper format (in the case of emails, phones, zips, etc.). Avoid SQL Injection. A full lesson on SQL injection can be reserved for another article, however the basics is that form input is allowed to be inserted directly into an SQL query without validation and, thus, giving a hacker the ability to execute SQL queries via your web form. To avoid this, always check the data type of incoming data (numbers, strings, etc.), run adequate form validation per above, and write queries in such a way that a hacker cannot insert anything into the form which would make the query do something other than you intend. Conclusion Website security is a rather involved subject and it get a LOT more technical than this. However, I have given you a basic primer on some of the easier things you can do on your website to alleviate the majority of threats to your website.
: Though there are no warning signs to indicate that spyware or adware is being installed on your system, there are several tell tale signs to alert you of their presence, once they install. I have compiled here for your convinence 10 tell tale signs that can warn you of the presence of adware or spyware on your computer. Here they are. 1. Browser change: Frequent, unauthorized changes in your browser landing page or homepage should be a warning sign that something is going on with your computer. Your home page is the first page that you come to when you log on to your internet account. Very often, this page is the home page of your Internet Service provider (ISP), except if you changed it. If you find your home page changing frequently to pages that you do not know, there is a good chance that your system is infected by spyware or adware. 2. Busy system or modem light: A lighted system or modem indicator is a sign of on going activity. If you are not online using your computer, the modem indicator should not come alive. A flickering modem light when no one is online is a good indication that something is going on with your computer. 3. Influx of unwanted emails: Everyone gets a certain amount of junk mail everyday. However, a sudden spike in the number of unwanted email to your computer should be a cause for investigation. There might be sypware working behind closed doors in your computer. 4. System slow down: Have you noticed how your speed demon suddenly slowed down to a crawl like an old witch? If it is taking more time to launch your applications and even longer to load web pages, if your Windows xp or 2000 Task manager on launch indicates almost all available resource in use, you might be dealing with a case of spyware activity. 5. Unwanted redirects: Spyware and adware have the ability to redirect your search to web sites or pages of the choosing of the program owners. If youend up at sites and webpages that you did not search for, there is a good chance that you are being redirected by the unseen hands of spyware and adware owners. 6. Intrussive banners: Some spyware open up your browser for an avalanche of banner displays. Very often, these banners are hard to close. A lot of times, they are replaced as quickly as you close them. Sometimes the banners are so plenty, they overwhelm your system resources. 7. Unwanted pop-ups: Pop-ups when properly used, are a good resource to have on the web. They are used by responsible marketers to direct you to additional resources. However, pop-ups can be abused by aggressive advertisers through the use of adware or spyware. Disregarding professional marketing and advertising ethics aggressive advertisers employ adware and spyware scripts to spam your browser with unwanted and sometimes illicit offers. Another variation is the use of personalized pop-ups. When you begin to receive multiple pop ups with your name on them, that is an idication that someone is spying on you with spyware. 8. Unknow 900 numbers: 900 number are not very common. They usually carry a charge for access. Have you noticed a spike in your phone bill with charges to 900 numbers that you do not know? You might have been spied on a spyware program owner. It is believed that spyware and adware are responsible to a certain percentage of the identity theft crime that we see and hear about often today. 9. Foreign entries in your favorite folder: If you all of a sudden begin to see foreign items in your favorite folder, be warned. There is a good chance that someone has caused those items to appear there. It is suggested that you check your favorite folder frequently and delete unfamiliar entries. 10. Additional browser toolbars: The presence of a toolbar that you did not install on your system, may well be another tell tale sign of spyware presence. The average Internet user does not ordinarily fool around with toolbars. Most people are satisfied with the Internet Explorer, Yahoo and may be Google toolbars. If a toolbar looks unfamiliar to you, it probably is and should be investigated and possibly removed. Finally, there are times when it may seem all is well. Do not rest of your oars. A good rule of thumb for living on the internet is to do your due dilligence. Be proactive. Deploy some security systems and scan your computer frequently as some spywares and adwares operate in stealth. Your system is your investment. Protect it. This article is brought to you by allspywarefree
Computer viruses are deadly. They often spread without any apparent contact and can be a nuisance, or even worse, fatal to your computer. Individuals who create these viruses, estimated at 10-15 new ones a day, are the electronic version of terrorists. Their goal is to inflict havoc and destruction on as many people as possible by disabling, stealing, damaging, or destroying computer and information resources. Often, they have no specific target in mind, so no one is safe. If you access the internet, share files or your computer with others, or load anything from diskettes, CDs, or DVDs onto your computer, you are vulnerable to viruses. Fortunately, there are good guys working just as hard as the hackers to develop cures for viruses as quickly as they send them off into cyberspace. And there are many things you can do to keep your computer from catching viruses in the first place. Defining Viruses: A virus is a small computer program that can copy and spread itself from one computer to another, with or without the help of the user. However, viruses typically do more than just be fruitful and multiply, which is bad enough in itself because it hogs system resources. Anything else viruses are programmed to do, from displaying annoying messages to destroying files, is called their payload. Often, they cannot deliver their payload until an unsuspecting user does something to make the virus execute its programmed function. This could be as simple as clicking on an innocent looking file attachment with the. exe (executable) extension. Catching a Virus: Most viruses are spread through e-mail attachments because it's the easiest way to do it. Although Macintosh, Unix, and Linux systems can catch viruses, hackers are particularly keen on exploiting the security weaknesses in anything Microsoft, particularly Microsoft Outlook and Outlook Express. Because of the popularity of this software, hackers get maximum bang for their buck, and they probably get some satisfaction from continually reminding Microsoft that being big doesn't mean you're perfect. Solution 1: Anti-virus Software Your first line of defense is to install anti-virus software. To be extra safe, also install firewall software, which is now included in some anti-virus packages. This software can scan all of your drives for viruses and neutralize them. Here are some features to consider when evaluating anti-virus software. - Compatibility with your operating system - Make sure the software works with your system, particularly if you are using an older operating system like Windows 98. - Firewall software - If it's not included, find out if it's available. If you must, buy it from another vendor. - Automatic background protection - This means your software will constantly scan behind the scenes for infections and neutralize them as they appear. This provides some peace of mind. - Automatic, frequent updates - Because new viruses appear every day, you'll want regular updates. It's even better if they occur automatically when you connect to the internet. If automatic updating isn't included, you'll have to check the vendor's website and download updates yourself. This is vitally important, because you will not be protected from new viruses if your software is out of date. - Disaster recovery - Software with a recovery utility to help you get your system back to normal after a virus attack is always good to have. - ICSA certification - The International Computer Security Associatioin has standards for the detection rates of anti-virus software. Make sure your software has the ICSA certification. - Technical support - It's a good idea to select a package that offers free technical support, either online or through a toll-free number. If you're ever felled by a virus, you may need it. Some anti-virus software vendors are Symantec Corporation (Norton AntiVirus), McAfee Corporation (McAfee VirusScan), Trend Micro Inc. (PC-cillin), and Zone Labs Inc. (Zone Alarm Suite). Solution 2: The Virus Scan If you receive a particularly juicy attachment that you're dying to open, save it on your Windows desktop and run your anti-virus software on it first. To do this, click once gently on the file on your desktop ... don't actually open it ... then right click and choose Scan with (Name of Anti-Virus Software) to activate a virus scan. If it's infected, your anti-virus software may neutralize it, or at least tell you the attachment is too dangerous to open. On the other hand, don't feel guilty if the very thought of saving a potentially damaging file anywhere on your system is enough to quell your eagerness to open it and make you delete it immediately. Solution 3: Delete first, ask questions later. When in doubt about the origin of an e-mail, the best thing to do is delete it without previewing or opening it. However, some viruses, such as Klez, propagate by fishing in people's address books and sending themselves from any contact they find to another random contact. You can spread a virus just by having people in your address book, even if you don't actually e-mail them anything. They'll receive it from someone else in your address book, which really makes life confusing. Because of the proliferation of porn on the internet, e-mail viruses often tempt victims by using sexual filenames, such as nudes. exe. Don't fall for it. Solution 4: Beware of virus hoaxes E-mails warning you about viruses are almost always hoaxes. You may be tempted to believe them because you typically receive them from well-meaning friends, who received them from friends, etc. These e-mails themselves usually aren't viruses, but some have actually fallen into the hands of hackers who loaded them with viruses and forwarded them merrily on their way as a sick joke. The proliferation of e-mails about virus hoaxes can become nearly as bad as a real virus. Think about it, if you obey an e-mail that tells you to forward it to everyone in your address book, and they THEY do it, and this goes on long enough, you could bring the internet to its knees. If you ever want to verify a virus warning, your anti-virus vendor may have a list of hoaxes on it website. It's in the business of providing the fixes, so it will know which viruses are real. Solution 5: Beware of filename extensions The extension of a filename is the three characters that come after the dot. Windows now defaults to hiding filename extensions, but it isn't a good idea. Just being able to see a suspicious extension and deleting the file before opening it can save you from a virus infection. To see filename extensions in all your directory listings, on the Windows XP desktop, click Start button | Control Panels | Folder Options | View Tab. Clear the check box for Hide extensions of known file types. Click Apply | OK. System files will still be hidden, but you'll be able to see extensions for all the files you need to be concerned with. Viruses often live on files with these extensions -.vbs,.shs,.pif,.Ink - and they are almost never legitimately used for attachments. Solution 6: Disable the. shs extension One dangerous extension you can easily disable is. shs. Windows won't recognize it and will alert you before attempting to open an. shs file. The extension is usually just used for "scrap object" files created in Word and Excell when you highlight text and drag it to the desktop for pasting into other documents. If this isn't something you ever do, or you have Word and Excell 2000 or later, which allow you to have 12 items on the Clipboard, click the Start button | Control Panel | Folder Options | File Types tab. Under Registered file types, scroll down and highlight the SHS extension. Click Delete | Yes | Apply | OK. Solution 7: Dealing with double extensions When you turn on your extensions in Windows, you'll be able to detect viruses that piggy-back themselves onto innocent looking files with a double extension, such as happybirthday. doc. exe. NEVER trust a file with a double extension - it goes against Nature. Solution 8: Beware of unknown. exe files A virus is a program that must be executed to do its dirty work, so it may have an. exe extension. Unfortunately, this is the same extension used by legitimate program files. So, don't panic if you find files named Word. exe or Excel. exe on your system - they're your Microsoft software. Just don't EVER open any file with an. exe extension if you don't know what the file's purpose is. Solution 9: Watch out for icons Viruses in attachment files have been known to assume the shape of familiar looking icons of text or picture files, like the wolf in the hen house. If you recieve an unexpected attachment, don't open it without first running it through your anti-virus software. Solution 10: Don't download from public newgroups What better place for a hacker to lurk and stick his virus than in the middle of a crowd? Sooner or later, someone's bound to download it and get the virus going. Don't download files and programs from newsgroups or bulletin boards, or open attachments sent from strangers in chatrooms ("Let's exchange pictures!") without first scanning with your anti-virus software. Solution 11: Avoid bootleg software This may seem like a no brainer, but sometimes that tiny price tag on a popular but expensive package can be too good to resist. Resist it! Likewise, be careful about accepting application software from others. You don't know where it's been, and what may have started out as a perfectly clean package could have become infected during installation on someone else's infected computer. Solution 12: Protect macros in MS Word, Excel, and Powerpoint A common type of virus uses macros. Macros are sets of stored commands that users can save as shortcuts to perform long functions in just a few keystrokes. A macro virus may perform such mischief as changing file types from text files or spreadsheets into templates, locking up keyboards, and deleting files. Word, Excel, and PowerPoint come with macro virus protection. To make sure yours is activated, open each application, then click Tools menu | Macro | Security. On the Security Level tab, make sure Medium or High is selected. Clcik OK. If you are already infected with a macro virus, you may find that the steps of this procedure are unavailable becasue the virus has disabled them. In that event, run a virus scan on your system to see if your anti-virus software can kill the virus. Solution 13: Use passwords If you share your computer, it's a good idea to assign everyone a password. Passwords should be a combination of letters and numbers no less than eight characters long, and preferably nonsensical. Never write passwords and stick them anywhere near the computer. To assign passwords in Windows XP, click the Start button | Control Panel | User Accounts. Follow the prompts to assign/change passwords. Solution 14: Update application software Microsoft constantly issues patches for the security holes in its operating system and applications software. however, don't be lulled into complacency if you have Windows Update automatically checking things for you. Update checks for patches to repair bugs in the operating system, not for security problems. To get the latest security hotfixes (as Microsoft calls them), visit microsoft and look for hotfixes for all your Microsoft software, particularly Outlook and Outlook Express. Microsoft also has a free downloadable package called Microsoft Baseline Security Analyzer (MBSA) that scans your system for missing hotfixes. It works with Windows 2000 and XP Home and Professional only. It doesn't support Windows 95, 98, or ME. To download the MBSA, go to the TechNet section of the Microsoft Website. Be warned that the information is written in techie language, so you may find it daunting. Last Words: Now that you know some ways for avoiding and dealing with viruses, let's wrap things up with some solution you've probably heard before but have ignored. - Back up your files regularly - If a virus crashes your sytem, you'll feel much better if you've got backup copies of all your important files. Make the backup copies on a media that's separate from the computer, such as on diskettes, CDs, or zip disks. Scan them for viruses before you put them away to make sure they aren't infected. If they are, they'll do you no good if you ever have to use them because they will just transmit the virus right back onto your computer. - Make a boot disk - Create an emergency boot diskette before you have a problem so you can start your computer after a serious security problem To make a boot diskette with Windows XP, put a blank floppy disk in the drive. Open My Computer, then right click the floppy drive. Click Format. Under Format options, click Create an MS-DOS startup disk. Click Start. Keep the disk in a safe place. With luck, you'll never need to use it. - Turn off you computer - DSL and cable connections that are "always on" may be convenient, but you should always turn off your computer when its not in use. Hackers can't get to a machine that's powered off. You are free to reprint this article in its entirety as long as the clickable URLs remain in the "Resource Box" section.
The IP address is dedicated for a specific purpose such as, in communications a dedicated channel is a line reserved exclusively for one type of communication. The same is true for private line or leased line/s. Security is very good with Dedicated IP’S. This is the reason ‘NOT’ Shared. The response time is ‘Much Faster.’ In a sense as well, downloading is Much Faster even if you don’t optimize your HTML when you publish your web site to the server. And anyone that downloads at all via computer. In addition to the stated above, ‘Not’ all servers are used for the same specific purpose. Here are a few examples – Web Server, File Server, Mail Server, DNS Server, and Printing Server. The Operating System for the server/s can be all of the above or specifically for one type of Server and/or many different applications. Although, some Servers otherwise are ‘Shared or General Servers.’ The Web Hosting Company or Service/s that host accounts may offer and include Dedicated IP/S with their SSL (Secure Layer Sockets) Certificates. The SSL’s are in different strengths (bits – like 128bits – 256bits) and can be renewed on an annual basis. The SSL/S is encryption for your security when you shop or login your information to your account/s. How do you know if the web site is secure? The easiest way is to look for the Lock in your tray and make sure it is locked ‘Not’ unlocked. Here is another couple of way to make sure your information is secure. Look for this in your address bar https. And look for the SSL certificate located on the web page. You can click it for more information, such as validation dates and more general information for your security and authentication. About Us: 101Domainames is a complete professional & verified site dedicated to ‘Web Hosting & More’ throughout The USA, Canada, Internationally, & Locally. With offers to Register Domains, Hosting Plans, Site Building, Design, E–Mail Accounts, Blog, Promotion, 24/7 Customer Support, Guaranteed 99.9% Up Time, Latest Updates, Information, Tips, Technology, Links, and SO Much MORE. Please VISIT > 101Domainames ‘FREE’ to use or print with our link to our site only. Copyrights 2006 101domainames all rights reserved.
"Spoofing" or "phishing" frauds attempt to make internet users believe that they are receiving e-mail from a specific, trusted source, or that they are securely connected to a trusted web site, when that’s not the case at all, far from it. Spoofing is generally used as a means to convince individuals to divulge personal or financial information which enables the perpetrators to commit credit card/bank fraud or other forms of identity theft. In "email spoofing" the header of an e-mail appears to originate from someone or somewhere other than the actual source. Spam distributors often use email spoofing in an attempt to get their recipients to open the message and possibly even respond to their solicitations. "IP spoofing" is a technique used to gain unauthorized access to computers. In this instance the unscrupulous intruder sends a message to a computer with an IP address indicating that the message is coming from a trusted source. "Link alteration" involves the altering of a return internet address of a web page that’s emailed to a consumer in order to redirect the recipient to a hacker's site rather than the legitimate site. This is accomplished by adding the hacker's ip address before the actual address in an e-mail which has a request going back to the original site. If an individual unsuspectingly receives a spoofed e-mail and proceeds to "click here to update" account information, for example, and is redirected to a site that looks exactly like a commercial site such as EBay or PayPal, there is a good chance that the individual will follow through in submitting personal and/or credit information. And that’s exactly what the hacker is counting on. How to Protect Yourself • If you need to update your information online, use the same procedure you've used before, or open a new browser window and type in the website address of the legitimate company's page. • If a website’s address is unfamiliar, it's probably not authentic. Only use the address that you’ve used before, or better yet, start at the normal homepage. • Most companies require you to log in to a secure site. Look for the lock at the bottom of your browser and "https" in front of the website address. • If you encounter an unsolicited e-mail that requests, either directly or through a web site, for personal financial or identity information, such as Social Security number, passwords, or other identifiers, exercise extreme caution. • Take note of the header address on the web site. Most legitimate sites will have a relatively short internet address that usually depicts the business name followed by ".com," or possibly ".org." Spoof sites are more likely to have an excessively long strong of characters in the header, with the legitimate business name somewhere in the string, or possibly not at all. • If you have any doubts about an e-mail or website, contact the legitimate company directly. Make a copy of the questionable web site's URL address, send it to the legitimate business and ask if the request is authentic. • Always report fraudulent or suspicious e-mail to your ISP. • Lastly, if you've been victimized, you should file a complaint with the FBI's Internet Crime Complaint Center at ic3.gov. Vigilance and Security vigilanceandsecurity
The internet is a wonderful place; many of us use it on a regular basis for a multitude of functions. Email helps us to keep in touch with family, and friends all over the world and most people have at least one email account. The growing use of digital cameras and camera phones means that we can send pictures at the click of a mouse. MP3 players have become increasingly popular, and we can download songs to play on them with extreme ease. All of this is great, and the internet is becoming a big part of our everyday lives. Unfortunately, there is a downside to all of this increased use of the internet. That is the growth of the spread of viruses and other so-called ‘malware’. Originally, internet hackers were satisfied keeping their attentions focussed on government and business websites, and their viruses were intended to attack corporations. Most hackers saw this as a challenge. However, there is now an increasing trend towards home computer users being targeted by these attacks. The amount of damage that can be caused by a virus varies, but there are a number of easy steps that a person can take to help increase their internet security. The first step to keeping your computer free from viruses is to have up-to-date antivirus software running on your computer. You need to make regular checks to ensure that your software is updated, and to scan your entire computer for viruses. There are a number of cheap, and free antivirus software programs available that provide excellent protection. You can find these by searching through your search engine for antivirus software. The next step to maintain your internet security is to be extremely cautious about the type of files that you open, or download. The majority of viruses are actually spread through email attachments. Having these on your computer, in your inbox, is not the danger; the real danger is when you open the attachment. It may not be obvious that anything has happened when you first open the attachment containing the virus, quite often they appear blank. The damage is caused by the program that is activated within the attachment. If you do not know, and trust, the person who has sent you the attachment then delete the email.
Effective 26 February 2008 Congratulations to AdvancedNetworX, Inc. for meeting all criteria to achieve an Advanced Security. AdvancedNetworX, Inc. has met the resource requirements for an Advanced Security and has demonstrated that it is qualified to support customers with Advanced Security in USA. We value the commitment and expertise that AdvancedNetworX, Inc. has demonstrated and look forward to a successful partnership. Sincerely, Cisco Channel Specialization Team What is Advanced Security Specialization? "The Cisco Advanced Security Specialization recognizes partners for their knowledge and expertise in selling, designing, installing, and supporting comprehensive, integrated network security solutions. ... The focus of the specialization is on developing sales, technical, and services capabilities that distinguish partners as being among the industry’s elite in providing integrated, collaborative, adaptive security solutions." -- Cisco Systems About AdvancedNetworX, Inc.: At AdvancedNetworX, your business IS our business. We work closely with you to find the technology solution that best matches your needs. Then design, implement and support the solution, while exceeding expectations. Because the quality of your business depends on the quality of your network, security and voice services, count on AdvancedNetworX to be an extension of your team. We have the knowledge and experience to keep your companys network services at 100%.
Application Security risk assessment and risk management are vital tasks for IT managers. Corporations face increased levels of Application Security risk from hackers and cyber crooks seeking intellectual property and customer information. A comprehensive application security risk assessment is a modern day corporate necessity. Application security risk management provides the optimal protection within the constraints of budget, law, ethics, and safety. Performing an overall Application Security risk assessment enables organizations to make wise decisions. Web Servers - Application Security Web Servers are One of the most critical sources of Application Security risk to organizations. Performing an application security assessment and implementing security risk management is critical. Here are core points that pose a major security risk to Application Security: Default configuration - Application Security Web server default configurations that may not be secure leave unnecessary samples, templates, administrative tools, etc. open to attacks. Poor application security risk management leaves security breaches for hackers to take complete control over the Web server. Databases - Application Security Web sites and applications must be interactive to be useful and there lies the risk... Web applications without sufficient application security allow hackers to attack their databases. Invalid input scripts leads to many of the worst database attacksprehensive risk assessment may reveal steps to ensure application security. Encryption - Application Security Encryption reduces application security risks and losses when Web servers are breached. Even though a company's Intranet server has greater vulnerability to attacks, encryption creates a lower relative risk. Web Servers - Application Security Web Servers are the most critical sources of Application Security risk for most companies. Performing application security assessment regularly and implementing security risk management reduces security risk for overall application security. Databases - Application Security Web sites and applications must be interactive to be useful and there lies the risk... Web applications that do not perform sufficient application security validation allow hackers to attack its databases. Invalid input leads to many of the most popular attacksprehensive risk assessment may reveal steps to ensure application security. Default configuration - Application Security Web servers default configurations often leave unsecured important information, templates and administrative tools open to attacks. Inappropriate application security risk enables hackers to gain control over the Web server and your company's Application Security. The bright side is there are powerful application security solutions to combat them.
“Would you let someone walk into your home, take whatever they wanted and leave as if nothing had happened?“ No! Of course you wouldn't. So why are you letting them do it to your website? WARNING: If you are using PayPal , Clickbank or a number of other payment processors for your digital downloads YOU ARE LOSING MONEY!!! Using a simple two step operation those in the know can read your website, download your product for free (Steal it) and be gone without you even knowing a thing. Depending on your traffic and product price, this could be costing you hundreds, even thousands of dollars a month. “So Simple your average 12 year old can do it!“ Almost as scary is the fact that any pictures, content, links in fact anything on your website can be stolen with just two simple mouse clicks. This isn’t only available to those in the know either. It is common knowledge and is so simple your average 12 year old could and does do it, EVERY DAY. “Where do your Emails go first?“ Did you know that your emails can go through more than four different severs before they arrive at the in box of the person you sent them to. Again with only a little know ledge it is possible to read your emails at any stage of their journey from your computer to the recipients in box. “Would you allow these people into your home?“ Ill ask you again “Would you let someone walk into your house and take your money?” NO? Then why do you let them steal money from your website? “Would you let someone walk in to you home and walk out with the contents, such as your TV set or stereo?“ NO? Then why do you let them steal whatever content they want from your website? “Would you let someone at the post office open your letters and read them before they were delivered to you?” NO? Then why do you let someone read your emails before you even receive them? Just being aware that these things go on every day puts you ahead of the majority, who are totally oblivious to this outright theft and invasion of their privacy. “ Don’t allow them into your website! “ Now you know, You could be losing money, you could be donating anything on your website to anyone who wants it and that your email could be read by many different people before you see them. What are you going to do about it.? If you are going to broadcast that you have free products available and invite people to take whatever they want from your website. What do you expect? “ Don’t be a victim “ As with any crime, the perpetrator chooses his victim carefully. He searches for someone who looks like a victim. It's the same on the net. The criminals look for vulnerable websites ie Websites allowing digital downloads. They are looking for websites with nice graphics, good content and lots of keywords. Oh, did I mention, that your competition can actually steal your Keywords in a bid to get a better search engine ranking. “ Conclusion” Now you know what the criminals are looking for you can take the necessary measures to protect yourself. Do you want to be a victim? It’s up to you!
What's in a name? Possibly thousands of dollars. That's the word from law enforcement agents who say that Americans lose millions to identity theft each year. The term "identity theft" refers to a crime in which a person steals your Social Security number or other private information. The criminal then uses that information to charge items or services on your credit or simply steal money from your bank account. The thieves often operate online, making it especially important to take precautions when surfing the Web. A new book called "Geeks On Call Security and Privacy: 5-Minute Fixes" (Wiley, $14.95) could help you protect your identity. It offers expert advice on securing your computer as well as simple, step-by-step explanations of topics ranging from stopping viruses and spyware to backing up your data. The book explains these tips and others in detail: Encrypt Your Computer Data If your computer contains financial statements, credit card numbers, business documents, names and addresses of friends and family or other private information, consider using encryption software. Social Security Numbers Never use your Social Security number as a login on a Web site and do not give your Social Security number if an unsolicited e-mail requests it. Avoid Automatic Logins Some Web sites offer to save your user name and password so you can avoid the hassle of logging in over and over again. However, saving this information can make it easier for a thief to steal your identity. Always Log Out Before exiting an Internet account (online banking, bill pay, etc.), be sure to click the "Log Off" or "Log Out" button. This closes your session on the site and prevents someone from breaking into your account by clicking the back button on your Web browser. Avoid Credit Card "Auto Save" Most e-commerce Web sites allow you to store credit card numbers on their databases to make future transactions faster. Unfortunately, these databases are often targeted by hackers.
Passwords to access computer systems are usually stored, in some form, in a database in order for the system to perform password verification. To enhance the privacy of passwords, the stored password verification data is generally produced by applying a one-way function to the password, possibly in combination with other available data. For simplicity of this discussion, when the one-way function does not incorporate a secret key, other than the password, we refer to the one way function employed as a hash and its output as a hashed password. Even though functions that create hashed passwords may be cryptographically secure, possession of a hashed password provides a quick way to verify guesses for the password by applying the function to each guess, and comparing the result to the verification data. The most commonly used hash functions can be computed rapidly and the attacker can do this repeatedly with different guesses until a valid match is found, meaning the plaintext password has been recovered. The term password cracking is typically limited to recovery of one or more plaintext passwords from hashed passwords. Password cracking requires that an attacker can gain access to a hashed password, either by reading the password verification database or intercepting a hashed password sent over an open network, or has some other way to rapidly and without limit test if a guessed password is correct. Without the hashed password, the attacker can still attempt access to the computer system in question with guessed passwords. However well designed systems limit the number of failed access attempts and can alert administrators to trace the source of the attack if that quota is exceeded. With the hashed password, the attacker can work undetected, and if the attacker has obtained several hashed passwords, the chances for cracking at least one is quite high. There are also many other ways of obtaining passwords illicitly, such as social engineering, wiretapping, keystroke logging, login spoofing, dumpster diving, timing attack, etc.. However, cracking usually designates a guessing attack. Cracking may be combined with other techniques. For example, use of a hash-based challenge-response authentication method for password verification may provide a hashed password to an eavesdropper, who can then crack the password. A number of stronger cryptographic protocols exist that do not expose hashed-passwords during verification over a network, either by protecting them in transmission using a high-grade key, or by using a zero-knowledge password proof.
If you are a private investigator or a police officer, you know that body worn cameras are as much of a natural part of your investigative procedures as your ID. And because you are involved in this important, highly sensitive business, you often need to make video and audio recordings without the suspect knowing what you are doing. There is a great pocket DVR that is smaller than a package of cigarettes, and can actually be placed into an empty cigarette package for further concealment. This handy little device actually records up to eight hours on a single charge and comes complete with a 2.5” screen for easy viewing, along with a built-in speaker and microphone. Another great way to hide body worn cameras is by using the new wearable Sun Glasses that have a color camera built right into them, and they offer UV protection as well, so you don’t have to sacrifice your eye protection while covertly filming an important event. If you are looking for the ultimate thing in body worn cameras, you have got to get the tie camera. Made from high grade materials, this necktie is the perfect way to conceal your covert camera activities and is already used in hundreds of police departments and by television stations all over the country. If you are a detective, you have got to wear a tie, right? What better way to record critical information that could make or break a case against a suspect. So if a tie covers up that button worn camera you wanted to use on your shirt, you can use the tie camera instead and start recording away.