GBnet

Indian Business Network

Latest Posts

How Email Viruses Affect Network Security

A computer virus is a program that can replicate itself and spread from one machine to another with the intent to corrupt or destroy data. Many resources have reported that in 2009, the number of viruses, worms, and trojans have topped the 1 million mark.

One of the most common ways viruses are spread is through the use of email. Commonly, the viruses are programmed to spread themselves by emailing a copy of the attachment in which they’re hidden to all the other email addresses in an infected computer’s address book. This is occurring more and more frequently with the increase of computer and email users. The more users, the more people there are in address books.

The emails are usually titled with subject lines that would encourage an email user to open it. Some examples are “I love you” or “See famous person naked.” When the attachment is opened, the virus is activated, and the user’s computer becomes infected. One of the best preventative measures is to not open attachments. Not opening attachments is unavoidable for some. In that case the source of the attachment should be fully researched and the attachment should be expected by the receiver. Often, attachments that end with the.vbs extension (Visual Basic script) or the.exe extension (program files) pose the greatest threat.

It seems that the motivation behind the viruses has changed over past years. In previous years, virus writers were most often out to reap havoc and gain infamy. More recently, virus writers have appeared to be working with spammers. The motivation is now financial, and the goal is to infect machines, self circulate the infection method and take control of thousands of automated machines to conduct spam operations via open relays (Sturgeon, 2003). It appears that in recent years virus writers have been reported to be hired by spammers.

Network security has been improving over the past few years in response to the growing number of viruses. There is more awareness and investments into the use of anti-virus software, as well as spam blocking software. With the increase in critical data and sophisticated hardware and software, organizations and individuals are spending more to prevent and detect viruses and worms that can be detrimental to the day to day operations. Global revenue from anti-virus software reached almost $10 billion in 2006 and has continually grown.

In conclusion, viruses and worms are becoming more complex because virus writers are trying to push the boundaries and improve upon what was already done. The number of email users is also greatly increasing. Therefore the volume of emails is increasing. Education about the potential risks of email is not always there for the younger users, so many email viruses are also spread by the younger or less informed users. Anti-virus software has been of increasing importance to network security and is shown by global spending.

Contact Tranztec Solutions, Inc. (http://www.tranztec.com) to schedule a network security evaluation today.

Works Cited:

Karp, Jack (n.d.). Viruses Explained. TechTv.com. Retrieved November 19, 2005, from the Computer Crime Research Center at http://www.crime-research.org

Kruse, W., & Heiser, J. (2004). Computer Forensics. 9th ed. Indianapolis, IN: Pearson Education.

Sturgeon, Will (2003). Re:Viewing 2003: The return of the virus. Silicon.Com.

Retrieved November 19, 2005, from the Computer Crime Research Center at http://www.crime-research.org



Source by Joshua Maluchnik

How to Protect Your Network Using these Network Security Procedures and Tips

Network security is the new buzz word around town.

Most people think a network firewall that is setup with the default will protect

their network. The simple fact is no it will not. Not until you are hack will

you know this fact. Of course this comes a little too late. All operating systems

need ports open in order to communicate information regarding active directory,

DNS, DHCP, booting of a computer and more. Some applications need ports open to

work. So where do you reach a safe point where your applications work and they

are secure. The following will address the working ports and what to be

concerned about. Later I will address how to secure it.

Ports to be concerned about are 3389 which is

terminal services ports. If you do not have a firewall in place blocking public

IP address from forwarding to private IP address using this port then you will

want to call a security professional right away. Other ports to be concerned

about are 139 which gives access to network shares.

Another area of concern is the SMB or the

(Server Message Block) protocol. This protocol is used among other things for

file sharing in Windows NT/2000/XP. In Windows NT it ran on top of NetBT

(NetBIOS over TCP/IP), which used the famous ports 137, 138 (UDP) and 139 (TCP).

In Windows 2000/XP/2003, Microsoft added the possibility to run SMB directly

over TCP/IP, without the extra layer of NetBT. For this they use TCP port 445.

Again all these ports should remain in the private network and your firewall

should block access.

Note: The NETSTAT command will show you

whatever ports are open or in use, but it is NOT a port scanning tool! If you

want to have your computer scanned for open ports see this page instead (link

will follow shortly).

C:>netstat -an |find /i “listening”

TCP 0.0.0.0:135 0.0.0.0:0 LISTENING

TCP 0.0.0.0:445 0.0.0.0:0 LISTENING

TCP 0.0.0.0:1723 0.0.0.0:0 LISTENING

TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING

TCP 127.0.0.1:1026 0.0.0.0:0 LISTENING

TCP 127.0.0.1:4664 0.0.0.0:0 LISTENING

TCP 192.168.50.127:139 0.0.0.0:0 LISTENING

TCP 192.168.100.193:139 0.0.0.0:0 LISTENING

The netstat command will also show you who is active on your computer. This will

show you what spyware or trojan horses that may have installed on your machine.

Active Connections

Proto Local Address Foreign Address State

TCP argonas:epmap argonas:0 LISTENING

TCP argonas:microsoft-ds argonas:0 LISTENING

TCP argonas:pptp argonas:0 LISTENING

TCP argonas:3389 argonas:0 LISTENING

TCP argonas:1026 argonas:0 LISTENING

TCP argonas:2617 localhost:2618 ESTABLISHED

TCP argonas:2618 localhost:2617 ESTABLISHED

TCP argonas:2619 localhost:2620 ESTABLISHED

TCP argonas:2620 localhost:2619 ESTABLISHED

TCP argonas:4664 argonas:0 LISTENING

TCP argonas:netbios-ssn argonas:0 LISTENING

TCP argonas:2958 an-in-f104.google.com:http ESTABLISHED

TCP argonas:3011 va-in-f104.google.com:http TIME_WAIT

TCP argonas:3014 eo-in-f147.google.com:http ESTABLISHED

TCP argonas:3081 unknown.xeex.net:http TIME_WAIT

TCP argonas:3104 unknown.xeex.net:http ESTABLISHED

TCP argonas:3903 web1.allaboutsingles.com:http CLOSE_WAIT

TCP argonas:4449 static-71-116-207-166.lsanca.dsl-w.verizon.net:pptp ESTABLISHED

TCP argonas:4762 va-in-f104.google.com:http CLOSE_WAIT

TCP argonas:netbios-ssn argonas:0 LISTENING

TCP argonas:2939 192.168.100.202:1025 ESTABLISHED

TCP argonas:2957 exchange01.intercore.local:1419 ESTABLISHED

Once you have locked down all ports then you must be

concerned with internal security. No one in your organization will be allowed to

talk to anyone about any secure information. Even giving out there email

address. Next use devices like honey pots, barracuda spam appliance, Symantec

anti-virus hardware and software. A properly configured network can allow your

workers to work and disallow hackers to work.



Source by Steven Young

Why Is Remote Monitoring Important for Network Security?

There are no longer any physical files and folders that can be stolen by a perpetrator who must barge through the gates and beat up the guards to access information. In fact, a perpetrator need not even be physically present to make the theft. All information is digitally encoded and decoded in the form of data, and there is no telling who is gaining access to confidential company information at what opportune moment.

It is thus important to ensure a remote monitoring service or software at work at all hours of the day. Recent advances in computer security technologies have made it possible for system administrators to keep tabs on the exchanges and activities occurring in a particular network of computers. With such an efficient technology management in place, business owners can rest assured that company data will not be accessed extraneously.

Network security is not a one-man task. In fact, it is not even a manual task. Even if there were as many securities personnel as there are computers in a company network, there would still be a potential threat emanating from a background infiltration. Only automated network monitoring systems are capable of overseeing a million activities within a network of computers and report anything suspicious at the shortest notice.

Remote monitoring can offer business owners and network administrators the peace of mind they deserve. This process is ‘remote’ in the sense that there will be no in-house security personnel managing the operations within a computer network. If a business hires an IT services company that provides remote monitoring, the latter is not going to place an online security guard in the office. Rather, the IT services company will administer the activities of your computer network using their remote monitoring technology. They will work ‘remotely’ without disrupting the day-to-day operations of the computers, alerting the business authorities only when potential threats are encountered.

The newspapers today are rife with security breaches and anti-hacker crusades. But it is fair to say the damage has been done once the hacker has trespassed and flouted all ‘secured’ boundaries. The anonymity of the hacker makes it impossible for system administrators as well as cyber crime authorities to track down his location. It is pretty evident that cyber ethics is not enough to prick the conscience of hackers. How can businesses cope with cyber security breaches in such potentially vulnerable times? Remote monitoring seems to be the silver lining in the dark ‘clouds’ that threaten us with network security breaches.



Source by Mark Crow

Computer Network Security Software – Why You Should Never Be Feeling Too Secure

Once you hook up your computer to a network – be it at home or at the office – you are vulnerable to attacks from the internet. It is therefore essential to have some kind of network security software installed.

Sure, your PC might not get compromised without this software just like somebody riding a motorbike without a helmet is not necessarily going to die in crash because they didn’t wear a helmet. You get the picture.

The first thing that comes to mind when talking about security software is of course an antivirus program with the latest virus definitions installed. This is not only for your own safety, but also for other people’s safety. An infected computer can be manipulated by the cyber-criminal to infect other computers, all the contacts stored on your computer for example.

The “good old days” of only virus attacks are long gone now. Attackers have access to highly sophisticated spyware programs – some of them readily available for download on the net- which keep on getting better every day. The biggest pest nowadays are Trojans. These are malicous programs which often contain a variety of malware. So if you get one Trojan on your PC, you can be pretty sure it can contain a combination of worms other trojans or even worse, rootkits.

That is why you should supplement your antivirus program with a good anti-spyware program. Both do an excellent job at what there are meant for. Most antivirus software offers some malware protection, but nothing as good as a standalone anti-spyware program. This also doubles your defense if you care about computer network security.

Does it end there? Network security is a never ending process, depending on how secure you want your computer to be. For the home user there is another very important factor which often gets overlooked.

Most of you have heard about a firewall which is standard in an internet security suite. Few of you will understand the workings of a firewall. What does it mean if your firewall software asks you “program x wants to access the internet, allow once, allow always, deny?”

Just press “deny” once for the wrong program and you will have disabled your internet access. Much better to get a hardware firewall which is standard and already configured in a SOHO router and consequently will not nag you with those incomprehensible questions.

As a home user do not hook up your PC directly to the network, get a router to tunnel and control the traffic between your PC and the internet.



Source by Peter D.

Digital Network Security System Explained

Computer technology has revolutionized the way we go about our lives both professionally and socially. Nearly every organization has installed a computer network for purposes of storing, receiving and sending information. Computer usage requires a fundamental approach to security.

Networks containing personal, confidential and sensitive information place great emphasis on their security. Even simple computer usage, like the exchange of emails and storage documents, would require a digital network security system.

Importance of Secure Systems

Network security is an important aspect of government organizations as well as small and large organizations. Intruders can cause a lot of damage to a network should they breach the security buffer. Such concerns call for great awareness among all computer network users.

Computer security systems have to be constantly updated if hackers are to be kept at bay. Each new day comes with its own security flaws. According to the International Journal of Electronic Security and Digital Forensics (IJESDF) 2010 Vol. 3, everyday sees the sprouting of 1 million security threats on the Internet.

Key Areas

• The very first focal area is deterrence. The aim here is to discourage hackers from breaking into systems for malicious and illegal reasons.

• Prevention: Have measures in place that would prevent any unauthorized access. This is achieved through communication encryption, security systems update and authorizing special access.

• Detection of security breaches as they arise. This is done through the setting up of logs that record any access of the system as well as its usage.

• Correction of system flaws. The security system can be used to put measures in place to prevent reoccurrence of the flaw.

• According to the National Institute of Standards and Technology (NIST), there are four main aims of a network attacker. He or she might aim to do any of the following:

• Intercept: This is a form of system attack where the attacker attempts unauthorized entry. This might take the form of information copying or packet sniffing which entails communication eavesdropping.

• Interrupt: This aims to deny the availability of services. The end result is that resources become unavailable.

• Fabrication: This is a counterfeiting attack. Fabrication attacks leads to bypassing of authenticity checks which eventually leads to information impersonation and mimicking.

• Modification: This is an attack that reroutes information intended for a particular user.

Finally, digital network security systems analysts handle two main cyber attacks. These are active attacks and passive attacks. Active attacks are easy to detect since they result in system disruption and they take the form of:

• Reply

• Service denial

•Masquerade- impersonation of an authorized user

• Modification

Passive attacks are hard to detect as they do not alter or interrupt information flow. They take the form of traffic analysis and transmission monitoring.



Source by Paul De Vizard

Emerging Cyber-Security Technologies in 2017

IT security as we know it is experiencing a revolution. The vast number of legacy systems are replaced by storage and transmission systems that are more complex, mobile, wireless, and even hardware independent. The war between data defenders and data thieves has been described as a cat-and-mouse game. As soon as the white hats counter one form of black-hat malicious behavior, another malevolent form rears its ugly head. How can the playing field be tilted in favor of the InfoSec warriors? The answer lies in these emerging technologies of this year.

Hardware authentication

The inadequacies of usernames and passwords are well known. Clearly, a more secure form of authentication is needed. One method is to bake authentication into a user’s hardware. Intel is moving in that direction with the Authenticate solution in its new, sixth-generation Core vPro processor. It can combine a variety of hardware-enhanced factors at the same time to validate a user’s identity. Hardware authentication can be particularly important for the Internet of Things (IoT) where a network wants to ensure that the thing trying to gain access to it is something that should have access to it.

User-behavior analytics

Once someone’s username and password are compromised, whoever has them can waltz onto a network and engage in all kinds of malicious behavior. That behavior can trigger a red flag to system defenders if they’re employing user behavior analytics (UBA). The technology uses big data analytics to identify anomalous behavior by a user. Comparing a user’s present behavior to past behavior isn’t the only way UBA can identify a malicious actor. It compares how someone is behaving compared to people with the same manager or same department. That can be an indicator that the person is doing something they shouldn’t be doing or someone else has taken over their account. In addition, UBA can be a valuable tool for training employees in better security practices.

Early Warning Systems

Early warning systems are still in their infancy, but they are being created to decrease hacking in an innovative way. These systems are based on algorithms that attempt to identify sites and servers that will be hacked in the future. This view is not focused exclusively on infrastructure weaknesses; rather, it includes an analysis of common traits shared by systems most frequently hacked. For example, a site that is known to contain a large amount of sensitive financial data would be a more likely hacking target than another site that contains only generic business information. Such systems are not designed to protect all sites, or even sites with specific types of security, which is a departure from classic cybersecurity approaches.

Virtual Dispersive Networking (VDN)

There has been a rise in man-in-the-middle cyber-attacks, through which hackers alter or insert messages into communication flows. Virtual Dispersive Networking – or VDN – mimics a traditional approach used by the military. Radio frequencies are randomly changed, and communications are divided into pieces (or streams). Receiving radios are programmed to reassemble these pieces into their original form. With VDN, either the internet itself or a particular network becomes the communication-assembling platform.

Combinations of intrusion detection and encryption technologies with Security Assertion Markup Language (SAML)

The biggest issue with cloud-based applications, particularly in regards to BYOD, is that these technologies reside and transmit outside the parameters of traditional firewalls and security systems. In order to address this issue, some companies are using SAML (a data authentication and authorization format) with intrusion detection and encryption software to manage their data flow.



Source by Saumya Sinha

How Network Security Applies To Your Business

All computer networks – personal and for business – should have a security system in place. On a personal level, this may be having an effective firewall, updated system, and technical and physical data storage, but businesses, in order to follow industry best practices, may be required to have a network security policy. Best practices, such as FFIEC and Sarbanes-Oxley for finance and HIPAA for health care, mandate a business or organization create a network security policy that incorporates risk assessment and management and includes regular IT audits to update the system against new attack tactics.

Network security standards encompass all ways in which data is needed by a business: usability, reliability, integrity, and safety. To protect this data, antivirus and spyware programs, a firewall, intrusion prevention systems (IPS), and virtual private networks (VPN) may be added in some kind of combination to a company system, and all need regular updates and management. For companies or organizations that utilize credit cards or electronic information management systems, protecting data goes beyond convenience, and if a security breach occurs, business or money can be lost or fraud, identity theft, lawsuits, stolen records, or corrupted information can result.

Hackers and similar online criminals, however, continue to revise their tactics to break through or bypass firewalls, and networks need to be updated to combat any new threats. Although threats are numerous, they typically fall into the following categories:

Viruses and worms, which are malicious code that, inserted onto your system, spreads. Viruses typically come from attachments, and a worm may just be contained in an email.

Trojan horses are malware that enters a network through a harmless-seeming file that can be embedded on a website, be free downloadable software, or come through a link. Trojans are easier to prevent than to remove, and a network, as a result, may keep a list of approve sites or use blocking programs.

Spam is a mild threat, until it clogs up a network and causes the system to go down.

Phishing is a tactic used to obtain passwords or other network access information. Usually in the form of a legitimate-looking email, a phishing scheme gets a network user to click on a link, usually one that seem to go to a banking or business website, and provide password information. Social engineering, additionally, falls under phishing threats.

Packet sniffing also captures user data but not by email. Instead, a user is lured by a “honey pot” – an unsecured network in a public place – and a third party accesses the user’s data and captures streams of the user’s data, which can be used for fraud, stealing records or money, or identity theft.

Zombie computers are spam threats taken to a higher degree. When a computer is infected with malware, it can become a spamming tool and, as a result, sends out thousands of emails over a network without the user’s approval. Although difficult to detect, a zombie computer may be the cause of a slow or crashing system.

A network assessment may find points where such threats can enter and offers solutions for repairing them. A company conducting a network security assessment uses a combination of ethical hacking techniques – emulating outside threats in order to find vulnerabilities – and social engineering to uncover these weaker areas. Typically, an assessment addresses technical, physical, and personal areas through penetration tests, staff interviews, vulnerability scans, examining operating system settings, and analyzing past attacks, and a report detailing all vulnerabilities and providing solutions is the result.



Source by Irene Test

Network Security for the Finance Industry

Network security, from policies to regular assessments, is integral to businesses of all sizes. Certain industries, on the other hand, mandate network security compliance. Finance is one, and businesses and organizations under this vast umbrella must comply with the following standards.

The Federal Financial Institutions Examination Council (FFIEC) outlines all principles, standards, and reports for federal examination of financial institutions, and the Information Technology Handbook portion addresses network security and assessments. While touching on audits to e-banking standards and all other aspects in between, the FFIEC Information Technology Handbook essentially requires all such institutions to have strategies in place for identifying risk exposure, enforcing confidentiality and availability of all information, determining the effectiveness of management planning, and evaluating processes and compliance. As part of business continuity planning, a network security policy must align with a financial institution’s strategy for minimizing financial losses, improving customer experience, and reducing any negative effects.

Going into greater detail, the FFIEC Information Technology Handbook delineates standards for Information Security. Because such threats constantly evolve, a financial institution’s network security policy must change with them. More specifically, an information security policy needs to react to changing threats to reduce and assess risks through identification, management, implementation of new strategies, testing, and monitoring.

As many financial institutions have developed e-banking systems in recent years, the FFIEC Information Technology Handbook is devoted to addressing related risks and procedures. E-banking makes such institutions particularly vulnerable online, and in response, such businesses or other entities must implement controls for guarding and securing customer information, including an authentication process for customers. As such institutions are liable for unauthorized transactions, a network security policy needs to address potential losses from fraud and violations of customer privacy.

The Gramm Leach Bliley Act, or simply GLBA, is part of the FFIEC Information Technology Handbook but stands on its own. GLBA 501(b) is also known as Interagency Guidelines Establishing Information Security Standards, but regardless of name, this section mandates security and confidentiality of all non-public personal information through safeguards; protection against anticipated security threats, unauthorized access, or use of information; establishing a risk-based security program through assessment and management of threats; training and testing, and monitoring, auditing, adjusting, and reporting.

Sarbanes-Oxley is an additional set of network security standards for financial institutions. Also known as the Public Company Accounting Reform and Protection Act of 2002, Sarbanes-Oxley goes into depth for reporting. Section 404, the most pertinent, specifies that sufficient controls to prevent fraud, misuse, and loss of financial data and transactions must be put in place. To be effective, controls must quickly detect any intruders and take swift counteractive actions but also note any exceptions. Sarbanes-Oxley 404 additionally specifies that a network security audit must be part of any overall assessment of a financial institution.



Source by Irene Test

Network Security Camera and CCTV Comparison

The benefits of a network security camera system extend beyond the functionality that an analog security camera system can provide. The advantages include remote accessibility, high image quality, even management and intelligent video capabilities, easy integration possibilities and better scalability, flexibility and cost-effectiveness.

A network system allows multiple users to access, configure, view live and recorded video at anytime from anywhere in the world with an internet connection. This allows for a third-party company, such as a security firm, to provide additional services such as diagnosing problems or monitoring the system. With an analog CCTV system, you would have to be at the monitoring site to view and manage video, and remote video access would require installation of additional equipment such as a video encoder or a network digital video recorder (DVR). A DVR is the digital version of a video cassette recorder.

When there is a need for high quality images to identify people’s faces or detailed objects, network security cameras with progressive scan and megapixel technologies can deliver better image quality and higher resolution than an analog CCTV camera. Image quality is also better retained in a network security camera system than an analog camera system. With analog systems that use DVR, there has to be conversions from analog to digital in the camera, then converted back to analog to transport through the analog cables, then again to digital to be recorded. With each conversion the image quality is degraded. Analog video signals also become weaker the more cabling it has to travel through. In a fully digital system, images are digitized once in the network camera and stay digital so there is minimal degradation.

All network security products are built to an open standard can be integrated with computers and Ethernet-based devices and software. Also, as the video system grows, the scalability and flexibility of a network security system comes in extremely handy. Any number of cameras and devices can be added to the system minimal invasion to the infrastructure already in place. In an analog system, each camera needs a cable running directly from the security camera to the monitoring station. Network cameras can be placed and networked or removed from virtually anywhere. For this reason, once the network system is already in place, it is much more cost effective than an analog system on the basis of the flexibility alone. Network cables and wireless devices are also cheaper than traditional cabling for analog systems.



Source by Will Edison

Why Network Security Is Important for Your Business

With so much work being done and stored on computers, network security should be a priority for all businesses. Everything from customer information and corporate secrets to other important data are stored on and transmitted via computer networks, so it’s no wonder that the temptation for criminals to break in to your network is great.

In reality, the threat of network intrusion is real, no matter what the size of your business. For example, smaller businesses, thinking that their networks may not pose as much of a temptation, may have less secure networks and thus leave them open to attack.

Imagine what your company would have to lose if a criminal were to breach your computer network. They may have access to your personnel files, your customer files, credit card numbers, and confidential financial information. The havoc a criminal could cause with just one of these pieces of information is almost unthinkable.

How to Secure Your Network

One part of securing a network is ensuring that the network is built to be secure. When building a business network, a network architect should determine how best to secure the network, whether that network is a small network for a small business or one that has to integrate into part of a huge global enterprise network. Building a secure network starts with choosing the network equipment, including firewalls, routers, and switches.

A much larger part of network security is creating policies that ensure your network is secure by allowing only certain people to use the network for prescribed purposes only. Only allowing authorized users access to a computer network by logging in keeps unknown people from getting in. Likewise, having password policies that require a strong password and teaching users of your network not to share those passwords with unauthorized users also helps to keep a network safe.

Additional tips include:

  • Identify what could possibly tempt an attack. By taking inventory of what your company’s data assets are and taking steps to protect those assets by securing your network, you help to ensure your company’s data is safe.
  • Institute policies that keep your computers safe while being used by authorized user, such as preventing or limiting downloads or unauthorized browsing.
  • Keep users aware of the simple things they can do like changing their password regularly, not writing down their password, and not giving their password out to anyone.

Taking the steps above helps to protect your business not only from intrusion but also from downtime due to malware infections, which can adversely affect your company’s bottom line.



Source by Daniel Gottilla