Hacker 10 – Security Hacker

Category: Security

Computer Security

  • Hardware firewall Vs. software firewall

    Hardware firewall Vs. software firewall

    Software firewalls are most suitable for home users not running a network, they are installed in the operating system and only protect that particular machine, a software firewall will screen requests going in and out of the computer and determine whether the request between the client and the source is valid by looking at the predefined rules and verify the interaction.

    For a software firewall to be effective, its configuration rules will need to be set up properly. One of the main differences between software firewalls and hardware firewalls is that software firewalls restrict Internet access by application and hardware firewalls work looking at the port and URL address.

    Software firewall advantages:

    • Cheaper than a hardware firewall
    • Easier to configure than hardware firewalls
    • You can install a software firewall on a laptop and take it with you
    • Software firewalls application filtering makes them flexible
    BitDefender Internet Security firewall
    BitDefender Internet Security firewall

    Software firewall disadvantages:

    • They don’t protect a whole network needing one copy for each computer
    • Software firewalls consume more CPU and memory resources than hardware firewalls
    • Software firewalls have less configuration options than hardware firewalls

    Hardware firewall basics

    A hardware firewalls is a device placed in between your computer and the Internet, they are harder to configure than software firewalls, the high end broadband routers can come with an embedded hardware firewall inside, these are targeted at the home user and much easier to set up than a proper hardware firewall for businesses.

    Basic hardware firewalls use packet filtering, they scan packet headers to determine their source, origin and destination addresses, and whether the incoming traffic is related to an outgoing connection, such as a request for a website, this information is compared with the preset rules that determine whether the packet should be forwarded or blocked.

    The most advanced hardware firewalls can do stateful packet inspection looking into the contents of the data packet and state of the connection allowing the firewall to make decisions about packets based on context as well as the defined rules.

    Hardware firewall advantages:

    • A single hardware firewall can protect your entire network
    • They run on their own dedicated CPU and memory not taking away computer resources
    • Hardware firewalls can not be disabled by malware as easily as software firewalls can
    • A single hardware firewall can protect multiple computers not needing a license for each computer
    • Hardware firewalls still protect the computer when the operating system crashes
    Hardware firewall WatchGuard XTM 2Series
    Hardware firewall WatchGuard XTM 2Series

    Hardware firewall disadvantages:

    • A single router firewall is considerably more expensive than a license for a single software firewall
    • Hardware firewalls are more difficult to configure than software firewalls
    • Hardware firewalls need physical space where to install it and cable layout
    • A hardware firewall protecting the whole network will affect multiple computers if it fails

    What firewall to use?

    The average home user will be well protected with a software firewall, they are easier to manage and much cheaper in price than a dedicated hardware firewall. Large corporations and schools with big networks will need a hardware firewall as they are more cost effective, representing good value for money when defending a large network of computers and not having to pay licensing fees.

    When you use a firewall you still need antivirus and antispyware software installed in your computer, a firewall will protect you from intrusions while an antivirus protects you from malicious code running inside your computer.

  • How firewalls work & list of free firewalls

    How firewalls work & list of free firewalls

    Firewalls explained

    Your computer is open to attack from the moment you connect it to the Internet, even if you do not do anything with it, if the computer IP is visible on the Internet that is all that it is needed for a malicious hacker to attempt a break in.

    A firewall is designed to shield a single computer or private network through a set rules that permit legitimate communications to pass and stops non authorized connections, firewalls regulate traffic in and out of the network using packet filtering, a proxy service or stateful inspection. A good firewall will deny unauthorized incoming requests probing all of your computer ports trying to find one of them open to launch an attack.

    Companies dealing with highly confidential data, i.e. banks, implement strict firewall rules in their network  only allowing  employees access to one part of the network and stopping them from accessing sensitive areas. The most advanced firewalls have the ability to ban content based on the words used to perform a search, they also make use of updated URL blacklists containing unsuitable websites, these options are meant to stop network users from coming across inappropriate content and wasting time on non productive websites.

    Simple firewall diagram
    Simple firewall diagram

    Home users tend to use software based firewalls, this is secure enough, schools and corporations with a large computer network will use a hardware based firewallnot having to install it on each one of the computers and being able to set it up inside a dedicated IT room instead of next to the computers.

    How to Access Windows Firewall Settings

    The Windows operating system included a built in firewall starting in Windows XP, to locate Windows Vista firewall go to Start(Windows logo)>Control panel>Security>Windows firewall>Change settings

    Using Windows security control panel you can turn on and off your Windows firewall which is activated by default unless you change the setting during the operating system installation. The Windows built-in firewall is very basic and it lacks advanced configuration in comparison to third party software firewall packages, Windows firewall will only protect you from  attacks coming from the outside, if a trojan manages to lodge in your computer and wants to send data from inside your computer to the outside world, Windows firewall will not warn you of the nasty outgoing connection.

    To update Windows firewall you need to go to Start>All programs>Windows update, the Windows firewall updates itself using Windows update, it does not have any special update button.

    Windows built-in firewall settings
    Windows built-in firewall settings

    If you install a second software firewall in your computer you should disable Windows built-in firewall, as their traffic filtering rules may conflict with each other, most software firewall will automatically disable Windows firewall during installation.

    Most popular free firewalls

    • Comodo firewall: Comodo firewall is available for download as a standalone program or bundled with Comodo Internet Security Suite, the later providing antivirus and anti-malware protection too. Comodo Firewall will cross-references any new software you download with a whitelist of over 15 million trusted files and applications.
    • Online Armor free firewall: It prevents and removes spyware, very easy to use without too many annoying popups, Online Armor guards itself and other software from tampering by third party applications and it dettects keyloggers.
    • ZoneAlarm firewall: This free firewall will resist malware attacks, its SmartDefence Advisor reduces the number of pop ups you get, comes with automatic Wi-Fi security setting activation, antiphishing protection, a toolbar, 2GB of online free storage, an antivirus and parental controls.
  • How to encrypt and clear Windows page file

    How to encrypt and clear Windows page file

    When you are operate your computer the files you are managing will be temporarily stored in volatile RAM memory, once you close the files you are working on the occupied RAM memory will clear itself and be available again.

    Computer’s RAM memory (all computers have it) can run out, when this happens Windows will use what it is known as Windows page or swap file. This file is an internal Windows operating system file where temporary data is stored for the operating system to have quick read and write access.

    Using the page file has two implications, one is that it slows down your computer because the data is being read from the hard disk (slower than RAM memory) and two is that data written to the Windows page file can be recovered via specialist software, data stored in the Windows page file can include passwords and all kind of personal files, but if Windows did not have any page file and you exhausted your RAM memory, the computer would crash.

    How to locate and resize pagefile.sys

    Windows swap memory filename is pagefile.sys it is not visible to users and hard to locate, you can increase or decrease Windows default page file size or stop using it through Windows control panel, you might need to do this depending on how much RAM memory your computer has installed and how much you use, a bigger page file is suitable for those low on RAM and setting a smaller page file size will give you hard disk space back.

    In Windows Vista go to the Start Windows logo>Control Panel>System and Maintenance>System

    Where it says “Computer name, domain and workgroup settings” click on Settings, a new window will open asking you for administrator rights, on the new window click on the Advanced tab, right below where it says Perfomance click on Settings click on Advanced you will say that it says “Virtual memory and total paging file size for all drives” that is where you can change Windows page file size or instruct Windows not to use a page file at all.

    Windows Vista page file settings
    Windows Vista page file settings

    If you choose not to use a page file when your RAM memory runs out Windows will crash, if you have a high amount of RAM, like 8GB and do not run virtual memory intensive applications like high end games and graphic editors, you should never run out of RAM and it is safe to disable the Windows page file.

    How to encrypt Windows page file

    Your Windows operating system comes with a program installed called fsutil you can access it using Windows cmd command line, it is very important that you run Windows cmd as administrator, otherwise you won’t be able to encrypt the Windows page file.

    To run cmd as an administrator go to Start Windows logo>All programs>Accessories>Command prompt (right click on it and choose “Run as administrator“) Windows command line black window will open.

    To encrypt Windows page file type:

    fsutil behavior set EncryptPagingFile 1

    Before encryption takes place your computer needs to be rebooted.

    Windows page file encryption
    Windows page file encryption

    To check if Windows page file is encrypted type:

    fsutil behavior query EncryptPagingFile

    The value 1 indicates that the page file is encrypted, a value of 0 indicates that it is not.

    If something doesn’t work or you change your mind you can decrypt Windows page file typing:

    fsutil behavior set EncryptPagingFile 0

    When you encrypt Windows page file built-in Windows EFS (Encrypting File System) is used, the needed encryption keys are created and erased by Windows as needed, this only works in hard disks formatted with the NTFS file system (not FAT).

    How to clear Windows page file

    You can tell Windows to erase its virtual memory, aka page file, every time you shut down the computer, but be aware that this will slightly slow down the shutdown process.

    Registry editor ClearPageFileAtShutdown
    Registry editor ClearPageFileAtShutdown

    To automatically clear Windows page file contents on shut down invoke the registry editor, go to Windows Run using the Windows key on your keyboard +R, alternatively go to Start>All Programs>Accessories>Run, type regedit click enter and the Windows registry will open in a new window.

    Navigate to: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session
    Manager\

    You will see a DWORD value “ClearPageFileAtShutdown”, double-click on it and change value data from “0” to “1″, if you want to reverse the changes later on change the value back to “0“.

    Securely erasing the page file contents can only be done using specialist privacy data wiping software that will overwrite its contents, the system above will clear the page file contents but they will still be recoverable until the page file has been used, and overwritten, again.

  • How does encryption work? Encryption for dummies

    How does encryption work? Encryption for dummies

    In the online world encryption disguises data rearranging the data bits so that nobody can read or see the information without the secret key, this key can consist of a password or a digital file, aka keyfile, encryption secures plain text as well as any other digital media like photos, videos or software, you can also encrypt a whole operating system and a partition.

    To secure data, encryption uses mathematic functions known as cryptography algorithms, aka ciphers, some example of well known and trusted cryptography algorithms are AES, Blowfish, Twofish and Serpent, these ciphers can be subcategorized with a number indicating its strength in bits.

    An encryption algorithm key length indicates its size measured in bits, the length indicating the algorithm strength in bits will always be even (bit is binary unit composed of zeros and ones), these keys are used to control the operation of a cipher.

    The more mathematical strength the encryption algorithm has the more difficult it will be to crack it without access to the key but a strong cipher normally requires more computational power, a few seconds of wait might not matter much to the home user but for businesses dealing with thousands of calculations each hour to decrypt/encrypt data in their servers it will mean that more money has to be spent in hardware and electricity.

    Why not all websites use encrypted SSL connections

    If all of the websites on the Internet used encrypted SSL connections the servers serving content using SSL (Secure Socker Layer) would need more CPU power and more electricity, when you multiply this by millions of pages served each second, costs dramatically add up, page loading would also be slower because the decryption process needs to take place in the computer and those using very low end processors in mobile devices would suffer speed the most.

    Symmetric encryption diagram
    Symmetric encryption diagram

    When choosing an encryption algorithm it is important to look at is many factors, not only key size, when it comes to security how an algorithm has been implemented is much more important than key length, algorithm perfomance also matters, if people had to wait an hour to encrypt and decrypt files encryption would become unusable, a trade off in between security and usability needs to be established, the best is to always choose a standard algorithm that has been widely scrutinised by experts, aka cryptographers.

    What encryption key length should I choose?

    An AES 128-bit encryption key is considered very strong and suitable to withstand future attaks, the U.S. Government requires 192 or 256-bit AES encryption keys for highly sensitive data, AES is the standard US Government encryption algorithm for data encryption.

    A 128-bit key, can have more than 300,000,000,000,000,000,000,000,000,000,000,000 key combinations.

    The importance of choosing a strong password for encryption

    Encryption software gathers random data before encrypting your files, aka entropy, the password you use will be part of this random data gathered to cipher the files, hence why it is very important that you choose a long passphrase, in addition, you should not use any dictionary words to thwart brute force attacks.

    A brute force attack consists of an automatic process where all of the dictionary words are quickly whirled at the password login prompt, as computers have become increasingly faster this can be done in a matter of hours or less using cloud computing.

    Encryption security tips

    • Always choose an encryption program that uses a standard cipher that has been scrutinised by experts, e.g AES
    • Do not use dictionary words as your password, use a long passphrase made up of capital and small letters with punctuation signs and numbers
    • Do not use the passphrase you use to encrypt your data for anything else like your webmail password or an online forum which security can be compromised
    • Never trust a third party service to store your encryption keys or carry out the encryption implementation, if you store data online encrypt it yourself in your computer
    • Watch out for keyloggers and malware in your computer that could capture your keystrokes and your secret passphrase, use an updated antivirus and firewall
    • Never reveal to anyone your password, not even to a support department whose staff could be outsourced in a crime ridden country or could be impersonating someone else

    Encryption links for beginners

    National Cryptologic Museum Foundation

    NSA Cryptokids

    Intypedia Information Security

    Bruce Schneier’s blog (Cryptographer)

  • 9 ways to protect your email address from spambots

    9 ways to protect your email address from spambots

    Obfuscating your email is the best way to stop spammers bots from harvesting and storing your email address from a website, newsgroup or forum, spammers automated software follows certain patterns to identify and store an email address, they can’t comprehend it when a person has deliberately hidden his/her email address to be human readable only, they are also unable of following instructions.

      1. Change your email syntax: Replace the @ symbol in between your username and email domain name with (at) , (AT), the . with the words DOT and add spaces in between the words, for example: hacker10 (AT) fastmail DOT com
      2. Create a graphic image of your email address: Spambots can’t read the letters embedded in pictures like jpegs, with a graphics editor you can create a .jpeg with your email address inside it, after that you can then either upload it, if the site allows, or use a free file hosting image site and link to it, for example:
        Hacker10 email address
        Hacker10 Email address inside graphic

        To email click on link:http://www.hacker10.com/?p=10773

        There are free online services that will create a graphical image of your email address in seconds you don’t even need a graphics editor.

      3. Use email plus addressing: If your main email address is example@gmail.com you could use example+hacker10@gmail.com and all of the messages to that email address not only will still be delivered to your main email account but also classified into the folders named after the email username + symbol, plus email addresses structure goes like this:username+foldername@domain.comYou can create an unlimited number of throw away email addresses this way, not only you will be able to filter out one particular address if it receives unsolicited email, but also spot the source of the spam, if you have only used one email address for one site and nowhere else then it is clear where spammers harvested the email from.The main caveat to email plus addressing is that few free email services support this feature, Gmail and Fastmail do but with Yahoo it only works with its premium paid for email service. Another problem you might encounter using email plus addressing is that many webforms will not accept your email address because they do not recognise the + character as valid, Yahoo mail uses a – character instead, standing a better chance to be allowed inside webforms.
    Detailed old letter mail
    Detailed old letter mail
      1. Use a disposable email address: There are plenty of services available providing free disposable email addresses, aka DEA, most of them will erase your email address in just a few minutes or some weeks at most, disposable email addresses do not normally use a password and others choosing the same username could read the contents, you would have to avoid its use for emails containing personal information and choose a hard to guess username.Disposable Email Services:
      1. Use an email forwarding service: If you need a disposable email address that lasts for months choose an email forwarding service instead, you will be asked to sign up which takes longer but you know that all subsequent email messages will be forwarded to you.Mail forwarding services:
      1. Register a domain name and use it for email: For around $10 year you can register the domain name of your choice and use that domain as a mail forwarding address, your domain registrar will supply you with a control panel from where you can activate it for email and forward all of your messages to your real email address. Make sure to choose a domain name registrar with this facility, most of them do though.Domain registrars with email forwarding:
    Stop email spam
    Stop email spam
      1. Use RecaptCha mailhide: This free service from Google will convert your email address into a clickable link and it will ask users to enter a captcha code before they can see it, a captcha code is the same antispam system many blogs use to stop spambots commenting on them.
      1. Choose a non obvious email addresses: Spammers use software to generate likely email username combinations. Do not use your own name or dictionary word as your main email address, it makes it harder to guess for an automated tool.If you need an easy to remember email address to give away you can use an alias email address that can be disabled if spam comes in but do not choose it as your main account email as you can not usually change it.
    1. Use email aliases: Many email services will allow you to create a second email address directing all of the email to your main account, always use an email alias when you communicate with someone, this way if that email is compromised you can always cancel it.
  • Hide data inside JPEG images using SteganPEG

    Hide data inside JPEG images using SteganPEG

    With SteganPEG you can hide files inside JPEG images without altering them to the human eye, being JPEG one of the most common file formats that exist that will reduce suspicions when you upload it to a website, facilitating covert communications, flickr is an example of a website that can be used to share secret stego messages embedded in pictures with nobody noticing.

    You can password protect your files, even if someone analyses the image they will still need to know the passphrase to see the data although there is no mention of encryption being used to cipher the file, this is still better than nothing and enough for low security needs, another nifty feature of this open source stego software is that it shows you how much space remains available on a picture to hide data inside it.

    The hidden data you insert inside the JPEG is compressed first, you can hide any kind of file, text, images inside images or executables but the bigger the file the more difficult it will be to fit in inside the JPEG.

    This steganography software only supports DCT based Baseline Sequential JPEG images, the most widely used JPEG compression, when you download SteganPEG you also get the source code and can look at or modify it at your own discretion.

     

    SteganPEG open source steganography
    SteganPEG open source steganography

     

    Steganography vs. Cryptography

    While cryptography ciphers your data and makes it available to only those with the right passphrase, steganography hides your confidential files making it impossible for someone to investigate and try to extract something whose existence is not obvious.

    Steganography does not use cryptography per se, it uses the spare bits that files have and use them up to hide data inside them, it is possible to detect and extract that data with specialist steganography detection tools that is why high security steganography software will also include encryption.

    For those living under oppressive regimes and subjected to strict communications monitoring, and those living in places where they must hand over their encryption password to the authorities to avoid punishment, steganography is the ideal covert communication method, it has long been used by spies from worldwide agencies, Russian spies in the US in 2010 used steganography software to post photos on the Internet with embedded messages hidden in them.

    Get SteganPEG from Softpedia

  • List of programs to digitally sign PDF documents offline

    List of programs to digitally sign PDF documents offline

    A digital signature consists of a mathematical scheme to establish the authenticity of a digital message or document and protect it from tampering, it normally uses PKA (Public Key Algorithms) to digitally sign the message or document.

    A digital signature uses asymmetric cryptography and it provides with more security than a handwritten signature because it attests to the identity of the signer as well as the integrity of the document, the slightest change in the document will make the digital signature verification process to fail.

    Offline software to digitally sign documents

    PDFStudio Pro: Paid PDF managing software for Windows, Mac and Linux, the main function of this program is to create and interact with PDF documents but it has the capability of digitally signing them. Digital signatures can be created or imported from an existing stamp, PDFStudio can batch process multiple PDF, optimize, add watermarks, annotate and password protect in between many other things, and all round very complete PDF editing program.

    PDFStudio Pro digital signing documents
    PDFStudio Pro digital signing documents

    JSignPDF: Open source freeware program to digital sign pdf files with a visible a digital signature, image or description. It supports batch processing although only via command line, JSignPDF timestamps the document and allows you to choose the hash algorithm and certification level. JSignPDF can be used as a standalone application or as an add-on in OpenOffice.org, you will need Java installed in your computer to use it.

    JSignPDF free digital signature software
    JSignPDF free digital signature software

    Portable Signer: This free open source application based in Java, and platform independent (works in Linux, MAC and Windows) will digitally sign your PDF documents using standard X.509 certificates, the signed documents are read only. This program to digitally sign documents is made available by the Municipality of Vienna (Austria) and its signature block complies with Austrian e-government rules.

    PortableSigner-PDF-digital-signatures
    PortableSigner PDF digital signing software

    PDFsigner: Windows PDF signing software that creates digital signatures using standard X.509 certificates and it also verifies digital signatures to make sure that a document has not been tampered with. Its digital signatures are visible with most PDF readers and there is support for smartcards and signing documents in bulk, the interface is very intuitive and easy to use even for novices.

    PDFSigner digital signing software
    PDFSigner digital signing software