Wednesday, June 16, 2010

How to secure your wifi


How To Secure Your Wifi

Dear Friends,

I told you earlier that the final episode of my wifi series is yet to come and that is the most important part of this series as this will tell you how to secure the wifi connections of everybody.

So lets go to that part:-

Wi-fi implementations vary from one application area to another. Like Home to Enterprise to Public Hotspots.

The Above Table summarises the minimum requirements that need to meet in each case in order to ensure adequate security.

I shall explain the terms very briefly to make this table meaningful to the users. Interested users may google these terms to get further detail very easily.

MAC Binding: This technology is used to allow only MAC addresses of few known devices to associate with the Access Point. This is suitable for very small sized network and is not scalable. Also this is prone to MAC spoofing attack.

Hide SSID: SSID is the identification string of a wi-fi network. The default behaviour of any access point is to broadcast SSID in beacon. This helps the users to easily identify the networks available to them. Wireless best practice guidelines suggests to hide SSID so that it is not visible through casual attempts to locate a wi-fi network. However there are plenty of scanners available those can detect hidden SSIDs.

Captive Portal: This is an authentication portal which is kept captive either inside the access point or any user authentication system. If this is implemented, whenever a user tries to use the wi-fi network for internet browsing for the first time, he is challenged with this portal by automatically redirecting his URL request in browser to the authentication portal page. On successful authentication, the originally requested URL is returned to the user's browser and access to the network is granted. However on failure access to the network is denied.

WPA2-PSK: Discussed earlier.

WPA2-802.1x: Discussed earlier. 802.1x implementation would require a RADIUS server and optional directory databases like LDAP/Active Directory/NDS etc.

SSL: SSL in this context is a PKI mechanism clubbed with 802.1x. This will require the presence of one or more digital certificate servers. This is applicable to different variants of EAP authentication - EAP/TLS, PEAP,LEAP etc.

SMS Auth: TRAI has mandated that in any public hotspot the owner must architect the user authentication process to prove the identification of the user against a photo identity card. Now an indirect process of complying this is SMS Auth. In this process an access PIN is system generated and consequently system delivered to the User’s mobile phone number upon successful user authentication. Now this indirectly takes care of the user’s identity verification against any valid photo-identity proof because the same has been done before this mobile phone number was allotted against the user’s name by the service provider.

Logging: Logging is a Facility to generate data and record the same to identify who with what MAC address and IP address had associated with which access point when for what duration. Most of the access points would generate such data. It is not a good idea to store the log data in the device itself. This will allow a hacker to remove all the traces of work very easily. It is required that the logs be stored on a Syslog server.

LWAP: Light Weight Access Points are APs those do not store the configurations locally on the devices. Rather the configurations are done and maintained in a central device called Controller. These are particularly required in a large wi-fi network. Centralised configuration ensures tight security policy enforcement all across.

AAP: Autonomous access points store configurations locally. These should be used in homes and very small office networks only.

I think it will be very helpful for you and please don't forget to say thanks to my friend Sudipto.

Thanking you

Urproblemmysolution team

Sunday, June 13, 2010

What is latest cyber attack

What is the Latest cyber attack?

Dear Friends,

In this world both good and bad mentality persons exist. Someone wants to safe his country and someone pays money to criminals for committing crime and they get the benefit and steal all the requirements. This thing is happenning in the world and now in the cyber world. The countries with evil power are attacking the network system of their neighbour. So here is an example for you which has been published very recently. So pl read it and raise hatred to them.:

South Korea – Two South Korean government websites were struck by the second cyberattack in a week, but suffered no major damage, the government said Saturday.

Most of the computers trying to access the websites were traced to China, the Ministry of Public Administration and Security said in a statement.

The Korean Culture and Information Service and the Justice Ministry were the targets of the so-called denial of service attacks on Friday, in which large numbers of computers try to connect to a site at the same time to overwhelm the server, the statement said.

The security ministry said it quickly blocked access by 274 computers with Internet Protocol addresses — the Web equivalent of a street address or phone number — mostly in China.

On Wednesday, similar attacks originating from China occurred on a site run by the security ministry.

The statement said it was investigating who was behind the attacks.

Last year, government websites in South Korea and the U.S. were paralyzed by similar cyberattacks that South Korean officials believed were conducted by North Korea.

South Korean media have reported that North Korea runs an Internet warfare unit aimed at hacking into U.S. and South Korean military networks to gather information and disrupt service. Source (news.yahoo.com)

So after few years all of we will see that a country has taken responsibility to make cyber terrorists.

With Thanks

urproblemmysolution Team

Saturday, June 12, 2010

The First Birth Aniversary of our Blog

To my Thousands of Readers and Commentators/Experts,

I, Sujit Mukerherjee, Adminstrator of this blog started this project a year ago solely for the purpose of making Netizens around the globe aware of the acuteness and seriousness of Cyber Crime that is pervading around us and spreading so quickly that it has become increasingly difficult for Law Enforcement alone to fight this menace. You Netizons have to fight too - almost on a daily basis. That was the reason for the birth of this Blog.

The Blog has received such a fantastic response - thanks to all of you who have contributed through articles and comments.

There is an important announcement to make. I started this Blog on the 12Th of June 2009, and four days later someone booked a domain by the same name - who has nothing todo with this Blog. Please ignore that domain.

"urproblemmysolution" is my brainchild and I wanted to extend this Blog later to a proper domain (dotcom), but that will not happen. Someone already booked that domain name. Please remember that the dotcom site has nothing to do with us. I will announce a domain name through this blog on a future date whenever I'm ready to move this blog to a proper domain name.

Till then please continue reading this blog and bless me with your valuable comments and articles - just as you have been doing so far.

Wishing this Blog a very happy Birthday and Thanking you profusely,

This is your Admin Sujit Mukherjee.....

PS: Today on the first Aniversary of this Blog I have given birth to another Blog that I'm sure will provide very interesting reading material for all of you.

Please await my first posting at www.dailypapercutting.blogspot.com

Wednesday, June 9, 2010

Cybercriminals and Phishers are in the FIFA 2010 World Cup





My Dear Friends,

I have already discussed about details of wifi except one part and I think now you are thinking that what is that part. I will tell you that later. But now I am going to tell you what is the latest threat to the netizens related to the forthcoming world cup i.e: FIFA WOrld Cup 2010.

Not only me most of the invabitants of the earth are mad about FIFA WORLD CUP as Maradona, Messi, Kaka, Drogba, Roonie, Robinho many many players will show their skill in this world football championship and most of us will try to enjoy this game through television direct telecast or reach to South Africa to see the games directly by sitting in the gallery and their are 6 official partners and Visa is one of them.

Cybercriminals and phishers are using this sentiments of football lovers. Now definitely a question has come in your mind that what are they doing with these? So I will tell you now what are they doing with these. The cyber criminals and phishers are using malwares with the attachments in the form of tickets and lottery winning mails in the name of Visa and so on. They are also sending you the world cup playing charts of different teams with an attachment and when you open it a malware will be installed in your computer and your computer will be used as zombie by the cyber criminals. For knowing about zombie you are requested to read my previous postings. Not only that the phishers will take your money in their previous style.

Here are two pictures for you, enlarge it. So be cautious. Don't open any unknown mail about FIFA world Cup 2010 and don't download any attachment from this mail as this includes zero day vulnarability, which will not be traced by any antivirus.

Thanking You

Urproblemmysolution Team