Professional Documents
Culture Documents
Introduction
Security News
MS Blaster worm hits the net
A DDoS attack shuts down anti-spam blacklist
Security threats to business-technology systems keep growing
NSA proposes a backdoor detection center
Cyberterror fears missed the real threat 9-11
Astalavista Recommends
Breaking into computer networks from the Internet
Analysis of remote active operation system fingerprint tools
Protecting against the unknown
Configuring Internet Explorer Security Zones
Echelon - the dangers of communications in the 21st century
Understanding information age warfare
Chinese information warfare - a phantom menace or emerging threat?
Free Security Consultation
What is the best way to learn system penetration testing?
Should we report security breaches, or it could damage our image a lot?
Is there Privacy anymore?!
Enterprise Security Issues
Security Awareness Programs - Frequently Asked Questions(FAQ)
Home Users Security Issues
E-mail Security - An Overview
Meet the Security Scene
Interview with Jason Scott, founder of TextFiles.com
Security Sites Review
InfosecWriters.com
DosHelp.com
Firewall.cx
Contribute to Astalavista
Final Words
01. Introduction
-----------Dear Subscriber,
The second issue of Astalavista's Security Newsletter is a fact.We are still ama
zed by the level of interest
you have shown in the first issue.Thanks a lot for the hundreds of e-mails we ha
ve received, for the recommendations, for
the proposals and, most importantly, for the nice words.The success of this news
letter is measured by YOU - our readers, by
the e-mails we keep receiving, by the increasing interest and willingness for co
ntribution from your side.We are
more than even devoted to continuing the development of the newsletter! We would
like to let you know that we read all of
your e-mails, it's just that we get thousands of them, so we kindly ask you to b
e patient while expecting our response.
In Issue 2 of Astalavista's Security Newsletter you will read helpful articles o
- General Security Papers " BREAKING INTO COMPUTER NETWORKS FROM THE INTERNET "
A comprehensive and extremely useful paper, summarizing and discussing the most
common techniques, used
by attackers.Each of the well known and widely used ports is analyzed from the h
acker's point of view.A source code and
external resources are included as well.
http://frame4.com/exchange/hackingguide3.1.pdf
" ANALYSIS OF REMOTE ACTIVE OPERATING SYSTEM FINGERPRINT TOOLS "
The paper reviews indepth various popular OS fingerprinting tools, the ways they
operate, and analyses each of their
functions and various stategies to protect your systems against fingerprinting t
ools.
http://frame4.com/exchange/osdetection.pdf
" PROTECTING AGAINST THE UNKNOWN - A GUIDE FOR IMPROVING NETWORK SECURITY TO PRO
TECT THE INTERNET AGAINST FUTURE FORMS OF
SECURITY HAZARDS "
If you still haven't read the Packet Storm Security Competition 'Storm Chaser 20
00' winner paper by Mixter, you are strongly
advised to read this quality publication.The author included topics which have n
ever been discussed before, a very well organized
and easy to read, take your time and read it.
http://frame4.com/exchange/mixter.doc
" CONFIGURING INTERNET EXPLORER SECURITY ZONES "
A very interesting topic that would teach you a lot of useful stuff; the paper c
ontains explanations of various browser
attacks and why they are so dangerous.
http://frame4.com/exchange/explorer-zones.pdf
- Misc Security Papers " ECHELON - THE DANGERS OF COMMUNICATIONS IN THE 21ST CENTURY "
Do you want to know more about Echelon - The Global Monitoring Program, do you w
ant to know how it works, for what it is
used and various other topics related to e-espionage? Go and get this paper!
http://frame4.com/exchange/echelon.pdf
" UNDERSTANDING INFORMATION AGE WARFARE "
This is one of the best e-books I have ever come across, discussing the Informat
ion Warfare subject.You will be amazed by its
content and the topics discussed inside.High quality in 319 pages reading!
http://frame4.com/exchange/uiaw.pdf
http://www.cica.ca/index.cfm/ci_id/15758/la_id/1.htm
http://www.crazytrain.com/penetration.html
--------Question: Hello.I operate a small e-business company, and I was wondering how yo
u
would advise us on reporting security breaches? Should we do it or it could dama
ge our image a lot? Although each of our
computers has ZoneAlarm installed on, Anti-Virus software and there's a friend o
f mine who's monitoring the system,
there are successful intrusions, there are no customer data stolen and no web de
facement yet, but we are very worried and concerned
about how to handle these? My friend told me that attackers were trying to use o
ur server to lunch a DoS attack on other sites...
--------Answer: Indeed, reporting a security breach would definitely damage your image a
lot, and as you are handling sensitive and
personal information over the Internet, you can imagine your customers' reaction
.In case you don't have an adequate marketing strategy
or a reasonable explanation for how it happened, why it happened, what measures
you took or plan to take in the next few
days, your company's image will be damaged a lot.
Security Awareness is what you should pay attention to, your employees need to b
e aware of the dangers the Internet represents,
they need to know how to react when a suspicious event occurs, when a dangerous
e-mail is received etc.It will increase your level of
Security a lot.As nowadays it's not enough to have a personal firewall and an an
ti-virus scanner, you need to know the dangers
in order to protect against them.
Here are some resources that will be useful to you:
http://www.securityawareness.com/
http://www.sans.org/rr/catindex.php?cat_id=47
http://www.itsecurity.com/papers/trinity8.htm
--------Question: Is there Privacy anymore?! I feel like everyone is monitoring me, my b
oss, the government, should I worry on
issues like these, I am not doing anything illegal but it's just my privacy that
I care for, what should I do to protect
myself on the Internet, my chat sessions, my e-mails? Thanks a lot, a very nice
newsletter by the way!
--------Answer: Privacy seems to change its meaning during the years and in the era of g
lobal connectivity it's almost non-existent,
that's the nature of communications.You need to pay additional attention to ever
ything you do, even the smallest details,
you need to start using encryption, change your usual behaviour online, and even
then you will be again in the same position.
Just like there's no 100% Security, there's no 100% Privacy as well, though if y
ou can manage to achieve 99% Privacy, you will
just make it a little harder for someone trace and monitor you.I would strongly
advise you to take a look at the following
resources and make the conclusions by yourself, but encrypting your files and emails would do fine for you.
even if you change your password, he/she would be able to recover it by confirmi
ng your personal information.Monitor this
and if you see something strange going on, consider changing both your password
and your personal information.
- Your mailbox preferences might be changed too; settings like "Save each sent e
-mail into the Sent folder" are activated
with the idea to monitor your correspondance.If you haven't set this ON, then so
meone else is probably using your e-mail
account.Monitor these and any other preference so that you will be able to detec
t an attacker.
- If a strange pop up ever appears, asking for personal information or your pass
word, never give out any of these no
matter how realistic the window looks.Instead, log out and log in again, but don
't give out any sensitive information in
this way.
Popular e-mail software
Outlook express, Netscape Messanger, and any other popular e-mail software is an
other application commonly attacked on the
user's/ computer.We will look at several highly recommended modifications that w
ill save you from a lot of trouble.
- Disable ActiveX and Java scripts for your e-mail software, consider blocking g
raphics or, if possible, any HTML content.
- Make sure you always write your user/password by yourself, instead of using an
y "remember my password" features.
- Once you download your e-mail, it is strongly recommended that you open any of
the messages while you are "Working Offline".
E-mail interception
Think for a while what kind of correspondence and personal stuff you use your email for, think of all the business
issues you discuss over it, and now, imagine someone else, even a competitor, mo
nitoring each of the e-mails you send and receive.
- Always make sure you check your e-mail from a secured location.Limit the use o
f a friend's computer and so on, because you
can never be sure what the computer is infected with.
- As we have already mentioned, always log in a secure(SSL encrypted)mode, and,
if your mail provider allows you to, keep
in SSL mode till you log out.
- Using encryption will definitely help you protect your privacy, below we have
included links to various providers that
provide encryption for their clients and, of course, PGP ( Pretty Good Privacy )
is obligatory.
External resources you might be interested in taking a look at can be located he
re:
http://www.hushmail.com/
http://www.pgpi.com/
http://www.windowsecurity.com/emailsecuritytest/
http://www.firewall.cx/articles-email-security.php
Jason: Well, the question makes it sound like this is a recent event, the
availability of information that, if implemented, could cause damage or
other sorts of trouble. This has always been the case; if you want, we can
go back to the days of the TAP newsletter (and the later 2600 magazine)
where all sorts of "dangerous" information was being printed. We can go
back many years before that.
This may sound like a copout, but I don't really buy into the concept of
"dangerous information". At a fundamental level, it is someone saying "I
am looking at this, and I have decided you should not see it. So don't
look. I've made my decision." And I find that loathesome in that it gives
someone enormous arbitrary power. This argument applies for
the concepts of Obscenity and Governmentally-Classified information, as
well.
Sometimes people bring up the concept of children into the argument and my
immediate reaction is not very pleasant. Parents protect; be a parent.
If somebody wants to hurt somebody else, then information files are not
the big limiting factor to them doing it; they'll just pick up a match and
set your house on fire, or buy a gun and shoot you or someone you really
like. Censorship, as you might imagine, is not big on my list of things
dancho@astalavista.net
Proofreader - Yordanka Ilieva
danny@astalavista.net