Why You Need Intrusion Detection

Expert Advice on Keeping Your Network Safe by Blocking Dangerous Hacker Attacks
The stories go on and on about another individual having their personal information stolen from their computer by some hacker. While it is true that hackers do get people's information, and they will keep on getting that information,
it is also true that having intrusion detection software can help. And even better, to be hacker safe intrusion prevention system is by the same software.
Why You Need Intrusion Detection
Doors can be opened to hackers in varied ways. Two of the most common ways by which they can gain access to your computer is simply through emails, or Web pages that you visit that have spyware, or trojans (a file which looks innocent, but actually will later open doors to a hacker) attached to them. Other ways are robot spiders sent out over the Internet to find unprotected computers, and open doors. Some say that every computer attached to the Internet may be attacked by such a spider as many as 50 times each day. So, if you do not have an intrusion prevention system in place, up-to-date, then you may have regular unexpected visitors - and you may not even know it. Others say that 9 out of 10 computers have some sort of spyware, or malware on them. Could you be one of them? This article will show you what is available on the market for your protection - and much of it can be obtained for free.

The spider robots work automatically - looking for and identifying computers on the Internet that have doors, or ports, open to them. This information is then reported back to the hacker - knowing which computers to target - and which port to use. For this reason, every now and then, Microsoft will come out with a new patch for Windows, in order to close some faulty door that hackers have discovered and been using.
What Is Intrusion Detection?
Network Intrusion detection software is a must-have these days. Each company's software will vary somewhat (for copyright and originality purposes), but you do need one for your own network, or home computer. It differs from a firewall in that the purpose of a firewall is to stop unauthorized external contacts with your system. These offer hacker prevention largely for contacts from outside the network. Most of these will now notify the owner or network controller of intrusion attempts. Network intrusion detection systems, on the other hand, will give you warnings about events that take place within the network itself.

Read More

HISTORY OF HACKING AND ITS SECURITY

                           Hacking is not limited to computers.
The real meaning of hacking is to expand the capabilities of any electronic device; to use them beyond the original intentions of the manufacturer. As a matter of fact, the first hackers appeared in the 1960's at the Massachusetts Institute of Technology (MIT), and their first victims were electric trains. They wanted them to perform faster and more efficiently. So, is hacking always bad? Not really. It only depends on how to use it. But it wasn't until a group of these hackers decided to exert their knowledge in the computer mainframes of the MIT.

During the 1970's, a different kind of hacker appeared: the phreaks or phone hackers. They learned ways to hack the telephonic system and make phone calls for free. Within these group of people, a phreaker became famous because a simple discovery. John Draper, also known as Captain Crunch, found that he could make long distance calls with a whistle. He built a blue box that could do this and the Esquire magazine published an article on how to build them. Fascinated by this discovery, two kids, Steve Wozniak and Steve Jobs, decided to sell these blue boxes, starting a business friendship which resulted in the founding of Apple.

By the 1980's, phreaks started to migrate to computers, and the first Bulletin Board Systems (BBS) appeared. BBS are like the yahoo groups of today, were people posted messages of any kind of topics. The BBS used by hackers specialized in tips on how to break into computers, how to use stolen credit card numbers and share stolen computer passwords.

It wasn't until 1986 that the US government realized the danger that hackers represented to the national security. As a way to counteract this menace, the Congress passed the Computer Fraud and Abuse Act, making computer breaking a crime across the nation.

During the 1990's, when the use of the internet widespread around the world, hackers multiplied, but it wasn't until the end of the decade that system's security became mainstream among the public.

Today, we are accustomed to hackers, crackers, viruses, Trojans, worms and all of the techniques we need to follow to combat them.

Read More

Top Ten Credit Card Safety/SECURITY Tips

There are hundreds of credit cards scams that enable the wrong people to gain your account and identity information. Identity theft is a major problem and can be avoided using these ten simple safety techniques for credit card use.

1. Watch where you shop. It is important to be aware of store policies when it comes to credit card use. How is your information protected? Are the systems used to process payment information secure?

2. Shred all information received from the credit card company. With the high instances of identity theft occurring throughout the country it is essential to take measures to avoid allowing others to view personal information.

3. When shopping online, ensure that only safe and secured websites are used for the purchases of gifts and other items. A locked padlock should be seen in the internet browser to ensure the maximum safety measures are being taken.

4. Use automated banking machines at the bank over machines located at convenience stores and within malls. Using these bank machines reduces the risk of identity theft from information being scanned as the card is swiped through the banking machine.

5. Report a card lost or stolen immediately after the card has been discovered lost or the information has been stolen. The credit card company can immediately place a hold on the account, as well as any purchases made through the account can be protected under purchase protection.

6. Ensure credit cards are signed the moment that they are received and activated. Signing the credit card reduces the chance of the card being used in a case of identity theft.

7. Keep account numbers written in a safe place that cannot be accessed by others. Credit card account numbers should not be written within the wallet, or any other area where they can be easily accessed.

8. Never lend credit cards to anyone or allow anyone to use the number to make purchases over the telephone or the internet. It is important to be aware of all credit card activity and prevent future use of card information.

9. Check your account statement each month for regular and periodic use. Customers that check the account statement are more likely to catch identity theft before it becomes devastating to the card holder.

10. Don’t keep extra copies of credit cards in the house, unless they are in a safe, under lock and key. An extra credit card can be couriered to the card holder in as little as a day – therefore it is important to avoid keeping excess copies of the credit card at home.

Read More

We can Trace a Stolen SIM Card of any mobile phone....

All information about your cell phone is stored on a SIM card inside your phone. This is the card cell phone companies
program when you first activate your cell phone. When your cell phone is stolen, the SIM card is often the only way to trace the phone’s location.

Tracking your stolen cell phone through the SIM card is mainly done through your cell phone provider. As soon as you realize the phone has been stolen, call your cell phone provider. Provide them with your account number, cell phone number and approximate time the phone was stolen. They can then track the phone’s activity. If the SIM card has not been changed out, this will help the cell phone company lead authorities to your phone’s location.

If GPS is enabled on your cell phone, you may be able to monitor your cell phone’s location from home. This will require the cell phone to be turned on and the SIM card active. Open the web page you use to access the GPS locator on your phone. Call authorities as soon as you have a set location.

Try calling your cell phone. Some thieves will actually answer the phone. The call will provide a way for your cell phone provider to track the last known location. Authorities may also be able to provide this service as well.

If the SIM card has already been changed out, finding the cell phone itself may be impossible. However, your cell phone provider can still attempt to trace the location of the SIM card. When the cell phone number assigned to the SIM card’s serial number no longer match, this alerts the provider to the theft. They will then be able to trace the stolen SIM card through the new cell phone number.

New applications are being created that work silently to track the SIM card and cell phone. These applications run quietly to prevent alerting the thief to their presence. One such application is Smart Phone Guard. The application hides itself the moment the SIM card is replaced. A message is then sent to friends’ numbers. The numbers are determined at the time the application is installed. The application also allows you to remotely delete any personal information such as photos and videos remotely through one of the friend’s numbers.

Check with your cell phone provider for other applications that may be able to trace the location of stolen SIM cards. These applications will give you peace of mind that no matter what happens to your phone, you’ll still have control. For older phones, newer applications may not be compatible.

In the event your SIM card or cell phone is stolen, report the incident immediately to your cell phone provider. This will prevent unauthorized calls and charges to your account. For many thieves, once the phone is deactivated, they simply discard the phone. Ask your provider to trace the SIM card if possible. GPS enabled phones can also be tracked through the SIM card and phone number. There are several different ways to trace a stolen SIM card with new methods being developed daily.

Read More

Pak criminals hack into 40-50 Indian sites a day'

New Delhi, Nov 12: Exposing the lack of cyber security  in India, an 'ethical hacker' has revealed the Pakistani cyber criminals manage
to deface 40 to 50 Indian sites every day.

In the war that has been on since 2001, the Pakistani criminals are able to easily break into Indian cyberspace, while their Indian counterparts can only deface about 10 to 15 Pak websites in retaliation, Ankit Fadia told Business Standard.


"Terrorists are using the most advanced technologies for communicating with each other, which include VoIP (voice-over Internet protocol), hiding messages inside photographs, draft emails and encrypted pen drives," the 18-year-old added.

Fadia pointed out that even though India is the global IT capital, the country has to still go a long way when it comes to cyber security.

"Though we have enacted cyber laws, there is not much awareness in the country about security risks arising from cyber attacks nor is there any proper training for law enforcing agencies to deal with the crime," Fadia said in another interview with a news agency.

Fadia is an independent computer security and digital intelligence consultant. He has also worked with the CBI to trace the addresses of 15 Pakistani hackers who posted anti-India messages on websites they broke into.

      SO PLEASE STOP SUCH ACTIVITY AND MAKE WORLD BEAUTIFUL IN ALL ASPECT----AJEET

Read More

High Profile Twitter Hacker Arrested in France

The hacker credited with pulling off the most damaging hack against Twitter to date, which resulted in the leak of thousands of confidential corporate documents, was arrested by authorities in France. However, the Frenchman was questioned about an earlier attack involving unauthorized access to several high profile Twitter accounts, including that of Barack Obama.

At the beginning of May last year, someone calling himself "Hacker Croll" took credit for obtaining unauthorized access to a Twitter's administrative backend. In order to sustain his claim, the hacker released screenshots and private information taken from accounts belonging to the likes of Ashton Kutcher, Lily Rose Allen and Barack Obama.

The hacker explained at the time that he used nothing more than social engineering to hijack the e-mail and password of a Twitter employee named Jason Goldman. This gave him access to information from any account on the micro-blogging platform.

"Hacker Croll" repeated the feat a few months later, in July, but on a much larger scale. Starting by hacking into the personal e-mail account of a different Twitter worker, he eventually managed to access the company's Google Apps account, where thousands of internal corporate documents and communications were hosted.

Many of those files were later leaked and published online. Private information collected from them also allowed the hacker to social-engineer his way into the Gmail, AT&T, Amazon, PayPal, iTunes, MobileMe and GoDaddy accounts of multiple Twitter employees, including the company's founders Evan Williams and Biz Stone.

The French police finally caught up with "Hacker Croll" on Wednesday in the city of Clermont-Ferrand, after an investigation that lasted several months and involved a strong collaboration with the FBI. AFP reports that the 25-year-old unemployed hacker was released from police custody after being questioned in regards to the first incident and admitting to his involvement.

"He was a young man spending time on the Internet. He acted as a result of a bet, out of the defiance of the hacker. He is the sort who likes to claim responsibility for what he has done," prosecutor Jean-Yves Coquillat commented for the French news agency. He is scheduled to appear in court on June 24 and could face a sentence of two years in jail.

Read More

Top ten antivirus of 2010

1. Kaspersky version 7.0.0.43 beta – 99.23%
2. Kaspersky version 6.0.2.614 – 99.13%
3. Active Virus Shield by AOL version 6.0.0.308 – 99.13%
4. ZoneAlarm with KAV Antivirus version 7.0.337.000 – 99.13%
5. F-Secure 2007 version 7.01.128 – 98.56%
6. BitDefender Professional version 10 – 97.70%
7. BullGuard version 7.0.0.23 – 96.59%
8. Ashampoo version 1.30 – 95.80%
9. eScan version 8.0.671.1 – 94.43%
10. Nod32 version 2.70.32 – 94.00%

Read More

Threats to Computer Security

 Computer systems are vulnerable to many threats that can inflict various types of damage resulting in significant losses. This damage can range from errors harming database integrity to fires destroying entire computer centers. Losses can stem, for example, from the actions of supposedly trusted employees defrauding a system, from outside hackers, or from careless data entry clerks. Precision in estimating computer security-related losses is not possible because many losses are never discovered, and others are "swept under the carpet" to avoid unfavorable publicity. The effects of various threats varies considerably: some affect the confidentiality or integrity of data while others affect the availability of a system.
1. Errors and Omissions

Errors and omissions are an important threat to data and system integrity. These errors are caused not only by data entry clerks processing hundreds of transactions per day, but also by all types of users who create and edit data. Many programs, especially those designed by users for personal computers, lack quality control measures. However, even the most sophisticated programs cannot detect all types of input errors or omissions. A sound awareness and training program can help an organization reduce the number and severity of errors and omissions.

Users, data entry clerks, system operators, and programmers frequently make errors that contribute directly or indirectly to security problems. In some cases, the error is the threat, such as a data entry error or a programming error that crashes a system. In other cases, the errors create vulnerabilities. Errors can occur during all phases of the systems life cycle.
2. Fraud and Theft

Computer systems can be exploited for both fraud and theft both by "automating" traditional methods of fraud and by using new methods. For example, individuals may use a computer to skim small amounts of money from a large number of financial accounts, assuming that small discrepancies may not be investigated. Financial systems are not the only ones at risk. Systems that control access to any resource are targets (e.g., time and attendance systems, inventory systems, school grading systems, and long-distance telephone systems). Computer fraud and theft can be committed by insiders or outsiders. Insiders (i.e., authorized users of a system) are responsible for the majority of fraud.

Since insiders have both access to and familiarity with the victim computer system (including what resources it controls and its flaws), authorized system users are in a better position to commit crimes. Insiders can be both general users (such as clerks) or technical staff members. An organization's former employees, with their knowledge of an organization's operations, may also pose a threat, particularly if their access is not terminated promptly.
3. Employee Sabotage

Employees are most familiar with their employer's computers and applications, including knowing what actions might cause the most damage, mischief, or sabotage. The downsizing of organizations in both the public and private sectors has created a group of individuals with organizational knowledge, who may retain potential system access (e.g., if system accounts are not deleted in a timely manner). The number of incidents of employee sabotage is believed to be much smaller than the instances of theft, but the cost of such incidents can be quite high.

    Common examples of computer-related employee sabotage include:
  # destroying hardware or facilities,
  # planting logic bombs that destroy
  # programs or data,
  # entering data incorrectly,
  # "crashing" systems,
  # deleting data,
  # holding data hostage, and
  # changing data.

4. Loss of Physical and Infrastructure Support

The loss of supporting infrastructure includes power failures (outages, spikes, and brownouts), loss of communications, water outages and leaks, sewer problems, lack of transportation services, fire, flood, civil unrest, and strikes.
5. Malicious Hackers

The term malicious hackers, sometimes called crackers, refers to those who break into computers without authorization. They can include both outsiders and insiders. Much of the rise of hacker activity is often attributed to increases in connectivity in both government and industry. One 1992 study of a particular Internet site (i.e., one computer system) found that hackers attempted to break in at least once every other day. The hacker threat should be considered in terms of past and potential future damage. Although current losses due to hacker attacks are significantly smaller than losses due to insider theft and sabotage, the hacker problem is widespread and serious.
6. Industrial Espionage

Industrial espionage is the act of gathering proprietary data from private companies or the government for the purpose of aiding another company(ies). Industrial espionage can be perpetrated either by companies seeking to improve their competitive advantage or by governments seeking to aid their domestic industries. Foreign industrial espionage carried out by a government is often referred to as economic espionage. Since information is processed and stored on computer systems, computer security can help protect against such threats; it can do little, however, to reduce the threat of authorized employees selling that information.
7. Malicious Code

Malicious code refers to viruses, worms, Trojan horses, logic bombs, and other "uninvited" software. Sometimes mistakenly associated only with personal computers, malicious code can attack other platforms. Actual costs attributed to the presence of malicious code have resulted primarily from system outages and staff time involved in repairing the systems. Nonetheless, these costs can be significant.

    Malicious Software: A Few Key Terms

    Virus: A code segment that replicates by attaching copies of itself to existing executables. The new copy of the virus is executed when a user executes the new host program. The virus may include an additional "payload" that triggers when specific conditions are met. For example, some viruses display a text string on a particular date. There are many types of viruses, including variants, overwriting, resident, stealth, and polymorphic.

    Trojan Horse: A program that performs a desired task, but that also includes unexpected (and undesirable) functions. Consider as an example an editing program for a multiuser system. This program could be modified to randomly delete one of the users' files each time they perform a useful function (editing), but the deletions are unexpected and definitely undesired!

    Worm: A self-replicating program that is self-contained and does not require a host program. The program creates a copy of itself and causes it to execute; no user intervention is required. Worms commonly use network services to propagate to other host systems.

8. Threats to Personal Privacy

The accumulation of vast amounts of electronic information about individuals by governments, credit bureaus, and private companies, combined with the ability of computers to monitor, process, and aggregate large amounts of information about individuals have created a threat to individual privacy. The possibility that all of this information and technology may be able to be linked together has arisen as a specter of the modern information age.

Read More

Man Infects Himself With Computer Virus

A scientist with a computer chip implanted in his wrist has deliberately infected himself with a computer virus. Security vendor Sophos calls it "Scaremongering".

A British scientist has infected himself with a computer virus. Take a second and let those words sink in. Ten years ago, people still carried pagers, now a man has a computer chip inside of him, and it is infected with a virus to boot. The future is nigh.

Dr. Mark Gasson is a cybernetics researcher at the University of Reading in England, and in some ways he is a real life six million dollar man. Of course, six million dollars won’t get you quite as far as it got Steve Austin, a single chip will have to suffice. Gasson has a Radio Frequency Identification (RFID) chip implanted in his wrist that allows him to do certain things, such as open keycard locked doors, and operate his cell phone. The technology for this type of device has been around for a few years now, but Gasson wanted to test the security behind the RFID chips, so he infected his with a benign computer virus according to PC World.

Gasson and his group of researchers created the virus, then embedded it in Gasson’s chip. When Gasson entered the lab and the RFID chip signaled a security door to open, the system that accepted the information to make the door unlock, also accepted the virus. From there, the virus began to replicate, and any other person that swiped their card, or used their RFID chip to interact with the infected computer, then became a carrier for the virus.

The virus Gasson created was harmless, but his point was to show that cybernetic computers are not immune, and viruses can be transmitted wirelessly into the computer. In simple and practical terms, this means any hacker that could infect an RFID chip could write a virus that would give them access to the highly secure lab.

Hacking an RFID chip itself is nothing new, nor is it particularly dangerous except in terms of security, but many bionic chips are designed to help people physically.  Pacemakers, cochlear implants for the hearing-impaired and neurological implants for example, could potentially face electronic viruses that become life threatening, according to Gasson.

Gasson’s experiment was designed to point out the potential security holes in cybernetic chips now, rather than later when they are more widespread.  But not everyone agrees with his assessments.

“Any virus code on the RFID chip would be utterly incapable of running unless a serious security hole existed in the external device reading it,” said Graham Cluley, a senior technology consultant for Sophos. “RFID chips normally just have data read from them, rather than ‘executed’, so the chances of a virus infection spreading in this fashion is extremely remote.”

While the RFID chips can accept information that may contain a virus, and that virus could potentially be transmitted between two RFID chips in close proximity, the virus would need an operating system connected to an RFID reader.

“The main progress that appears to have been made from such research is not a contribution to computer security, but a full-proof method of ensuring that university staff don’t forget their office door pass in the morning,” Cluley said. “Predictions of pacemakers and cochlear implants being hit by virus infections is the very worst kind of scaremongering.”

Read More

TOP COMPUTER SECURITY........ANTIVIRUS

     As technology has evolved, computers have become an integral part of everyday living. Computer users can stay connected to friends and family through email and social networking sites, get an online education, or even work from home. With these endless possibilities, however, comes an endless source of viruses, and it's more important than ever to ensure a computer is well protected. There are many anti-virus programs available on the market, but a few stand out above the rest.
    1  BitDefender Antivirus
   With prices starting at $24.95 for the 2010 edition, BitDefender is an affordable program that offers ease of use and a lot of flexibility. It works great for beginners who want to choose some settings and leave it alone.
     2 Kaspersky Anti-Virus
   At $59.99, Kaspersky Anti-Virus is one of the more expensive virus protection programs, but it makes up for this by offering a complete security protection against a variety of computer problems, from viruses, Trojans, bots, to even spyware. It also comes in a small business edition that makes it ideal for an office setup.

      3.Webroot Antivirus with Spy Sweeper

   Webroot Antivirus with Spy Sweeper combines a powerful anti-virus system with a top-notch spyware detection program in one convenient package. It offers some great extra features, like gamer mode, which ensures the program does not interrupt other computer activities.
      5.Norton AntiVirus
   One of the longest standing anti-virus companies, Norton continues to offer high caliber virus protection software each year. While previous versions had a reputation for using up a lot of computer resources, these concerns have been addressed in the 2010 edition, making the $39.99 price tag well within reason.
     6. ESET Nod32 Antivirus
    ESET Nod32 Antivirus is a great fit for computer users who want a simple virus protection program that will install quickly and function largely on its own without being noticed, which it succeeds at due to its low memory requirements and small updates.
     7. AVG Anti-Virus
   Offering its typical quality assortments of virus protection technology, AVG does a quality job in making sure a computer stays safe. A downside is that there is a very limited help section should any problems with the software arise.
      8.F-Secure Anti-Virus
   With an overall detection rate of 98 percent, F-Secure Anti-Virus is a formidable competitor in the virus protection industry. It works very quickly, offers real-time protection, and is Windows 7 compatible.
      9.G DATA AntiVirus
   Boasting the best detection rate of all 2010 anti-virus programs (99.8 percent), G DATA AntiVirus offers impenetrable protection for any computer. On the downside, it is slower than many other programs, and is not a complete security suite, meaning it may miss certain types of malware.

      10.Avira AntiVir

  Although short on extra features, Avira AntiVir is a quality protection program priced at just $26.95 (2010 pricing), and it offers a high level of detection, consistently catching and neutralizing threats. Installation is a little lengthy, taking nearly 10 minutes to complete.
     11. Trend Micro
  The biggest problem with Trend Micro is the installation process, which takes 14 minutes and requires a restart. Aside from that, the program is very effective and protects a computer from not only viruses, but many forms of spyware as well. A drawback is that Trend Micro has not yet incorporated advanced heuristics or a security network.

Read More