Things I Want 2 Share

10 tips for improving your wireless network

2007-12-23T00:52:00.000+08:00

1. Position your wireless router (or wireless access point) in a central location.

2. Move the router off the floor and away from walls and metal objects (such as metal file cabinets).

3. Replace your router's antenna.

4. Replace your computer's wireless network adapter.

5. Add a wireless repeater.

6. Change your wireless channel.

7. Reduce wireless interference.

8. Update your firmware or your network adapter driver.

9. Pick equipment from a single vendor.

10. Upgrade 802.11b devices to 802.11g

Extend the range and the strength of your wireless network

By Tony Northrup

Top 5 VoIP vulnerabilities caused by poor network security

2007-12-18T11:48:00.000+08:00

Sierra VIPER Lab released what it believes are the top 5 VoIP vulnerabilities in 2007.

Remote eavesdropping of VoIP phone calls, a practice that is exponentially easier in VoIP than with traditional PSTN telephone networks, and which represents a major breach of enterprise communications and security.
VoIP Hopping, one of the enablers of remote eavesdropping, but more critically compromises VLANs, that were previously trusted as providing VoIP security, by enabling a PC to mimic an IP phone so hackers can access VoIP systems.
Vishing, the practice of VoIP phishing, which enables hackers to spoof caller ID and present a fraudulent phone identity, causing some consumers to share sensitive, personal information, such as credit card numbers, with hackers masquerading as banking representatives.
Toll fraud, which allows unauthorized users to access enterprise VoIP networks and make calls, increasing VoIP costs and traffic. While there was a much publicized case in 2006, when the FBI charged two men with accessing VoIP networks and reselling minutes to unsuspecting "customers," toll fraud continues unabated, especially on VoIP networks with little authentication or call analysis.
The Skype worm, originally known as the w32/Ramex.A virus, spread via IM, which automatically stops access to security tools while it downloads to infected PCs, and changes the Skype user's status to "Do not disturb" so that other users cannot contact the infected user.

Source: Top 5 VoIP vulnerabilities in 2007, Help Net Security, 14 December 2007

A Love Story

2007-12-01T14:22:00.000+08:00

"It is just a story guys...Hopefully you'll feel the way i feel... ;P"

He met her on a party. She was so outstanding, many guys chasing after her, while he was so normal, nobody paid attention to him. At the end of the party, he invited her to have coffee with him, she was surprised, but due to being polite, she promised.

They sat in a nice coffee shop, he was too nervous tosay anything, she felt uncomfortable, she thought, please, let me go home..suddenly he asked the waiter, "would you please give me some salt?I'd like to put it in my coffee."

Everybody stared at him, so strange! His face turned red, but, still, he put the salt in his coffee and drank it. She asked him curiously "is this your hobby?". He replied, "when I was a little boy, I was living near the sea, I liked playing in the sea, I could feel the taste of the sea, just like the taste of the salty coffee. Now every time I have the salty coffee, I always think of my childhood, think of my hometown, I miss myhometown so much, I miss my parents who are still living there".

Whilesaying that tears filled his eyes. She was deeply touched. That's his true feeling, from the bottom of his heart. A man who can tell out his homesickness, he must be a man who loves home, cares about home, has responsibility of home.. Then she also started to speak, spoke about her faraway hometown, her childhood, her family. That wasa really nice talk, also a beautiful beginning of their story.

They continued to date. She found that actually he was a man who meets all her demands; he had tolerance, was kind hearted, warm, careful. He was such a good person but she almost missed him! Thanks to his salty coffee! Then the story was just like every beautiful love story, the princess married to the prince, then they were living the happy life... And, every time she made coffee for him, she put some salt in the coffee, as she knew that's the way he liked it.

After 40 years, he passed away, left her a letter which said: "My dearest, please forgive me, forgive my whole life lie. This was the only lie I said to you---the salty coffee. Remember the first time we dated? I was so nervous at that time, actually I wanted some sugar,but I said salt It was hard for me to change so I just went ahead. I never thought that could be the start of our communication! I tried to tell you the truth many times in my life, but I was too afraid to do that, as I have promised not to lie to you for anything.. Now I'm dying, I afraid of nothing so I tell you the truth: I don't like the salty coffee, what a strange bad taste.But I have had the salty coffee for my whole life!Since I knew you, I never feel sorry for anything I do for you. Having you with me is my biggest happiness for my whole life. If I can live for the second time, I still want to know you and have you for my whole life, even though I have to drink the salty coffee again". Her tears made the letter totally wet.

Someday, someone asked her: what's the taste of salty coffee? It's sweet. She replied.

Melayu perlu jadi "kiasu" untuk berjaya - Ungku Aziz

2007-12-01T13:58:00.000+08:00

SEREMBAN 28 Okt. - Orang Melayu perlu mempunyai sifat "kiasu", iaitu sentiasa mahu menjadi nombor satu atau yang terbaik dalam apa jua bidang yang mereka ceburi, kata pakar ekonomi dan cendekiawan negara, Prof Diraja Ungku Aziz Ungku Abdul Hamid di sini hari ini.

Beliau berkata, walaupun sifat "kiasu", perkataan Hokkien yang bermakna
"terlalu takut untuk kalah" mempunyai kebaikan dan keburukannya, dan orang Melayu perlu mengambil aspek keberaniannya dalam berusaha mencapai kecemerlangan dalam kehidupan mereka.

Sifat "kiasu" itu adalah antara tujuh kebaikan yang perlu dimiliki orang Melayu untuk berjaya yang digariskannya pada Forum Khas Konvensyen Pertanian Kebangsaan 2007 yang bertemakan "Melayu Dalam Pertanian: Dulu, Kini dan Akan Datang" di sini hari ini.
Konvensyen dua hari mulai semalam, dianjurkan bersama oleh Kementerian Pertanian dan Industri Asas Tani, Biro Pertanian UMNO Malaysia dan Badan Perhubungan UMNO Negeri Sembilan.

Ia bertujuan mencetus kesedaran di kalangan anggota UMNO khususnya, mengenai pentingnya industri pertanian terhadap ekonomi orang Melayu.
Ungku Aziz berkata, orang Melayu juga perlu mempunyai sikap berani serta berani menanggung risiko, selain sifat "siddique" yang bermakna "berkata benar" serta beramanah, telus dan mempunyai sifat ingin tahu.

Beliau berkata, sebelum zaman penjajahan, orang Melayu terkenal sebagai pedagang di rantau ini berikutan keberanian mereka mengembara menjaja barangan dagangan di peringkat antarabangsa serta berani mengambil risiko.

Malangnya, dengan kedatangan British, orang Melayu telah ditindas dan minda serta pemikiran mereka dipengaruhi secara halus menyebabkan sehingga kini masih tidak mampu bangkit untuk mencapai kecemerlangan zaman Kesultanan Melayu, katanya.

Bagaimanapun beliau yakin orang Melayu, terutama yang terlibat dalam bidang usahawan akan menggubah sikap mereka secara automatik dengan lebih menitikberatkan ilmu dan sentiasa berusaha bagi memajukan diri kerana wujudnya sikap "ingin tahu" untuk membangun dan memperluas bidang yang mereka ceburi.

Terdahulu, Menteri Pertanian dan Industri Asas Tani, Tan Sri Muhyiddin Yassin dalam ucaptamanya pagi ini turut menyentuh mengenai pentingnya orang Melayu mempunyai sikap "kiasu".

"Kita kena fikirkan, cari jalan dan kaedah, bagaimana kita boleh ubah minda dan fikiran orang Melayu terhadap diri mereka sendiri dan persekitarannya supaya mereka boleh jadi kiasu, aktif, gila kerja, tak suka duduk diam, sungguh-sungguh, setia, bertanggungjawab, cinta serta sayangkan bangsa dan agamanya," katanya.
Naib Presiden UMNO itu berkata: "Kita perlu membentuk satu pandangan hidup orang Melayu, memperbetulkan `world view' mereka dengan cara yang baru dan konkrit, sistematik dan praktikal."

Beliau yang tidak menafikan kerajinan orang Melayu bagaimanapun berkata, usaha perlu dilakukan bagi menjadikan mereka lebih rajin, serius dan bersungguh dalam kerjaya.

"Orang Melayu memang mahu jadi kaya, tapi mahu ambil jalan yang mudah dan cepat, takut mengambil risiko dan hanya melakukan pelaburan yang paling minimum.

"Mereka suka membina dunia fantasi, dibuai dengan membayangkan yang indah-indah dan seronok-seronok, tetapi hakikatnya mereka tidak serius dan bersungguh melakukan kerja dan tugasan," katanya.

Muhyiddin berkata, akhirnya orang Melayu menjadi bangsa yang lemah, tidak berani, tidak agresif untuk mencapai kejayaan sehingga timbul cerita seperti `Angan-Angan Mat Jenin', iaitu jenaka yang menghina bangsanya sendiri.

Beliau berkata, orang Melayu secara relatifnya masih rendah dari segi produktiviti, malah lebih rendah daripada pendatang tanpa izin walaupun mereka tidak ada kemahiran.

"Adakah ini akibat penjajahan yang begitu lama, hampir lebih 500 tahun menyebabkan minda orang Melayu beku dan statik bagaikan tanah yang tidak berbaja dan tidak ditimpa hujan sehingga tanah menjadi gersang dan me"layu"?" katanya.

Masalah Perut Buncit

2007-10-19T20:19:00.000+08:00

Minum air
Anda sebenarnya dapat mengurangkan masalah tersebut dengan minum air lebih banyak. Ia mencairkan konsentrasi sodium dalam tubuh sehingga meningkatkan jumlah air yang keluar dari sistem. Minum lebih banyak air juga menjamin fungsi empedu efektif untuk mengeluarkan produk sampah. Jangan mengubah konsumsi air ketika diet kerana banyak bahan akan sukar dicerna dan dapat menyebabkan perut menggelembung.

Makan perlahan-lahan
Hindari makan cepat, kerana ketika anda menelan terlalu cepat, setidaknya udara tertahan dalam usus dan membentuk gas yang dapat memicu penggelembungan perut. Selalu duduk saat makan dan kunyah makan secara perlahan-lahan. Makanan yang tidak terkunyah menjadi bagian-bagian kecil tidak dapat dicerna dengan sempurna yang kemudian menghasilkan banyak gas yang menimbulkan penggelembungan.

Mengurangkan penggunaan garam
Terlalu banyak garam dalam diet menambah ekstra sodium terhadap cecair dalam tubuh yang memperlambatkan mekanisme sehingga mendorong air keluar dari sel. Akibatnya perut terasa penuh dan menggelembung.

Komposisi serat yang tepat
Serat adalah elemen penting dalam diet, tetapi untuk mengimbangi penyimpanan air yang menyebabkan penggelembungan, makanlah serat dalam buah-buahan seperti epal dan pear yang memiliki banyak kandungan air.

Awasi penggunaan ubat-ubatan
Perut mengembung adalah kesan sampingan dari penggunaan ubat. Aspirin kadang-kadang menyebabkan masalah perut yang memicu sembelit dan penggelembungan, termasuk pil kontrasepsi.

Hindari sembelit
Sembelit didefinisikan sebagai apabila terjadi lebih sedikit dari tiga kali buang air besar dalam seminggu atau jika terlibat ketegangan. Akibatnya perut terasa bertambah besar. Untuk merangsang isi perut, banyakkan memakan serat dari buah-buahan dan sayuran, lakukan secara gradual untuk menghindari fermentasi dan produksi gas yang berlebihan.

Olahraga
Olahraga akan membantu menggerakkan cairan dalam perut yang dapat menyebabkan perut besar dengan mendorongnya keluar dari jaringan dan masuk aliran darah dimana akan dilkeluarkan sebagai keringat atau dibawa ke empedu untuk dikeluarkan sebagai urine. Olahraga yang disarankan antara lain aerobik.

Wireless Network Security

2007-10-18T14:04:00.000+08:00

Simple measures need to be consider :

Change the default username and password on the router
Encrypt wireless network
Change the Default SSID (Network name)
Turn off the SSID
Enable Mac address filtering
Static IP Addresses

Port knocking

2007-09-23T22:17:00.000+08:00

Port knocking is a means of providing an extra layer of security via firewall. The better firewalls are able to keep ports closed against outside attempts to connect unless a set of connections attempts are made to a pre-determined list of ports in a specific order — or, at least, provides the means of implementing port knocking through some additional utility.

In other words, port knocking is like a secret knock, where you knock on a door a certain number of times with some recognizable pauses between some of the individual knocks, producing a pattern that can be used to identify the person on the other side. This can help solve the problem of needing to allow connections to a commonly used port, such as port 22 for SSH, without having to just leave the port open for any schmuck in the world to start bombarding it with connection attempts in a brute-force attack on your user passwords. Not only does this help cut down on the likelihood that a user account that accepts remote connections can be compromised by a brute-force attempt to crack security, but it also eliminates a lot of opportunity for denial of service attacks because it will be more difficult for an attacker to find an open port to attack.

Referring to Chad Perrin, http://blogs.techrepublic.com.com/security/?p=292

Best Sites for Networking Guidance

2007-09-17T23:19:00.000+08:00

Practically Networked (www.practicallynetworked.com):
The leading home and small-business networking site, with tips and tutorials on everything from setting up file sharing to using dynamic DNS services. the troubleshooting guides are invaluable, and an active peer-help forum is another great resource.

SmallNetBuilder (www.smallnetbuilder.com): A bit more techni than Practically Networked, with articles dedicated to such specialized topics as how to set up LAN parties and how to crack WEP encyption. You will also find very good FAQs and tutorials on general networking issues.

Wi-Fi Planet (www.wi-fiplanet.com): The place to go for truly deep wireless tutorials and testing. Don't miss the site's articles discussing SSID Spoofing and the use of VPNS at public hotspots. Has an active discussion area too.

CERT Home Network Security (www.cert.org/tech_tips/home_networks.html): A comprehensive and unbiased guide to home network security, maintained by the Carnegie Mellon-based Computer Emergency Response Team, a federally funded Internet security research and development center. The guide also serves as a fantastic primer on networking terms and technology. It's required reading for the network administrator in your home.

Security Now (www.grc.com/securitynow.htm): Great network security resource, with transcripts of Steve Gibson's and Leo Laporte's weekly SecurityNow podcasts, which translate complex security issues into plain language for a broad spectrum of visitors.

Shields Up (www.grc.com/x/ne.dll?bh0bkyd2): Also from Steve Gibson, a very popular free Internet security test site. Go here to find out about holes (such as open ports) in your network that potential hackers could exploit, as well as useful tips on how to close them.

Port Forward (www.portforward.com): Need help removing roadblocks obstructing desirable traffic to and from your network? At this site you can examine a comprehensive list of ports used by Internet games, streaming video, and other applications, with port-forwarding setup guides for most popular routers.

DynDNS (www.dyndns.com): Most ISP:s assign IP addresses dynamically, meaning that yours is always changing. But if you need a fixed IP address for your Web server, Webcam, or media streamer, DynDNS's Dynamic DNS service will provide it--and will do so free of charge for home users.

Obtained from : www.pcworld.ca/news/column/053d04620a01040801683e806daae7f2/pg0.htm

Setting Up A Secure Home Wireless Network - 2 Simple Steps To Protect Your Privacy

2007-09-14T12:04:00.000+08:00

Securing a home wireless network is a two step process. The first step is to ensure network security by securing the wireless access point or router. All of this can normally be done through the web based software interface of the device, by typing in the default address of ‘192.168.0.1’.

The first thing that needs to be changed is administrator username and password. Many networks are hacked into, simply because nobody bothered changing the default values. This is the same as most VCRs still blinking 12:00 because no one changed the time. Once this is done, enable MAC address filtering, and add computers based on their MAC address. This option will allow only those specified computers to connect to the network, but will not however guarantee total security.

The network SSID defines a name for the network. The default value of this should be changed to an obscure and long string. This value should be written down in a safe place and entered into the machines that are allowed to connect. Disabling the broadcast of the network SSID also provides an extra layer of security as the network will not advertise itself to outsiders.

Encryption should also be enabled. The default encryption is normally weak and can be easily broken. Normally WEP (Wireless Equivalent Privacy) is used for data encryption, however where available try and use WPA-PSK encryption. This method uses 256 bit encryption for transmitting data and the key also changes so provides a far more secure alternative to WEP.

Some routers have firewalls built in. Where available make sure that this option is enabled.

The second step of securing a home wireless network is securing each individual’s PC. This can be done by installing a software firewall (this may not always be necessary if a hardware firewall is installed), antivirus software, anti-spam and pop-up blocking software. It is essential to keep this software up to date, as downloading the latest security updates for the operating system and web browser you are using.

You can manage your home network yourself if you have the time, or you can buy a home networking software that will monitor your network and alert you to any intruders or weak security measures for about $30. Whichever way you choose to do it make sure you secure your home wireless network.

Article Source: http://EzineArticles.com/?expert=Wallace_Renckers

Using Cain and Abel for ARP poisoning

2007-09-12T03:43:00.000+08:00

You can perform ARP poisoning on your switched Ethernet network to test your IDS/IPS or to see how easy it is to turn a switch into a hub and capture anything and everything with a network analyzer.

ARP poisoning can be hazardous to your network's hardware and health, causing downtime and more. So be careful!

Perform the following security testing steps to use Cain and Abel for ARP poisoning and improve Microsoft network security:

Load Cain and Abel and click the Sniffer tab at the top to get into the network analyzer mode. It defaults to the Hosts page.
Click the Start/Stop ARP icon (the yellow and black circle). This starts the ARP poison routing (how Cain and Abel refers to ARP poisoning) process and also enables the built-in sniffer.
If prompted, select the network adapter in the window that displays and click OK.
Click the blue + icon to add hosts to perform ARP poisoning on.
On the MAC Address Scanner window that comes up, ensure the All Hosts in My Subnet option is selected and click OK.
Click the ARP tab (the one with the yellow and black circle icon) at the bottom to load the ARP page.
Click in the white space under the uppermost Status column heading (just under the Sniffer tab). This re-enables the blue + icon.
Click the blue + icon, and the New ARP Poison Routing window comes up showing the hosts discovered in Step 3 above.
Select your default route (in my case, 10.11.12.1). This will then fill the right-hand column with all the remaining hosts, as shown in Figure 9-20.
Ctrl+click all the hosts in the right column that you want to poison.
Click OK, and the ARP poisoning process starts. This process can take anywhere from a few seconds to a few minutes depending on your network hardware and each hosts' local TCP/IP stack. The results of ARP poisoning on my test network are shown in Figure 9-21.
You can use Cain and Abel's built-in passwords feature to capture passwords traversing the network to and from various hosts simply by clicking the Passwords tab at the bottom of the screen.

Figure 9-20: Selecting your victim hosts for ARP poisoning in Cain and Abel.

Figure 9-21: ARP poisoning end results in Cain and Abel.

This excerpt is from Chapter 9 - Network Infrastructure in "Hacking for Dummies, 2nd edition," written by Kevin Beaver and published by Wiley Publishing.

ARP spoofing

2007-09-12T03:39:00.000+08:00

An excessive number of ARP requests can be a sign of an ARP spoofing attack (also called ARP poisoning) on your network.

A client running a program such as the UNIX-based dsniff or the UNIX- and Windows-based Cain and Abel can change the ARP tables -- the tables that store IP addresses to media access control (MAC) address mappings -- on network hosts. This causes the victim computers to think they need to send traffic to the attacker's computer rather than to the true destination computer when communicating on the network. This is often referred to as a Man-in-the-middle (MITM) attack.

Spoofed ARP replies can be sent to a switch very quickly, which can crash an Ethernet switch or (hopefully) make it revert to broadcast mode, which essentially turns it into a hub. When this occurs, an attacker can sniff every packet going through the switch without bothering with ARP spoofing.

This security vulnerability is inherent in how TCP/IP communications are handled.

Here's a typical ARP spoofing attack with a hacker's computer (Hacky) and two legitimate network users' computers (Joe and Bob):

Hacky poisons the ARP caches of victims Joe and Bob by using dsniff, ettercap or a utility he wrote.
Joe associates Hacky's MAC address with Bob's IP address.
Bob associates Hacky's MAC address with Joe's IP address.
Joe's traffic and Bob's traffic are sent to Hacky's IP address first.
Hacky's network analyzer captures Joe's and Bob's traffic.

If Hacky is configured to act like a router and forward packets, it forwards the traffic to its original destination. The original sender and receiver never know the difference!

Top 100 Network Security Tools

2007-09-09T14:28:00.001+08:00

Based on website http://sectools.org/

1. Nessus
2. Wireshark
3. Snort
4. Netcat
5. Metasploit Framework
6. Hping2
7. Kismet
8. Tcpdump
9. Cain and Abel
10. John the Ripper
11. Ettercap
12. Nikto
13. Ping/telnet/dig/traceroute/whois/netstat
14. OpenSSH/PuTTY/SSH
15. THC Hydra
16. Paros proxy
17. Dsniff
18. Netstumbler
19. THC Amap
20. GFI LANguard
21. Aircrack
22. Superscan
23. Netfilter
24. Sysinternals
25. Retina
26. Perl/Python/Ruby
27. L0phtcrack
28. Scapy
29. Sam Spade
30. GnuPG/PGP
31. Airsnort
32. BackTrack
33. P0f
34. 'Google'
35. WebScarab
36. Ntop
37. Tripwire
38. Ngrep
39. Nbtscan
40. WebInspect
41. OpenSSL
42. Xprobe2
43. EtherApe
44. Core Impact
45. IDA Pro
46. Solar Winds
47. Pwdump
48. LSoF
49. RainbowCrack
50. Firewalk

51. Angry IP Scanner
52. RKHunter
53. Ike-scan
54. Arpwatch
55. KisMAC
56. OSSEC HIDS
57. Openbsd PF
58. Nemesis
59. Tor
60. Knoppix
61. ISS Internet Scanner
62. Fport
63. chkrootkit
64. SPIKE Proxy
65. OpenBSD
66. Yersinia
67. Nagios
68. Fragroute/Fragrouter
69. X-scan
70. Whisker/libwhisker
71. Socat
72. Sara
73. QualysGuard
74. ClamAV
75. cheops/cheops-ng
76. Burpsuite
77. Brutus
78. Unicornscan
79 Stunnel
80. Honeyd
81. Fping
82. BASE
83. Argus
84. Wikto
85. Sguil
86. Scanrand
87. IP filter
88. Canvas
89. VMware
90. Tcptraceroute
91. SAINT
92. OpenVPN
93. OllyDbg
94. Helix
95. Bastille
96. Acunetix Web Vulnerability Scanner
97. TrueCrypt
98. Watchfire AppScan
99. N-stealth
100. MBSA (Microsoft Baseline Security Analyzer)

Wi-Fi, VoIP, USB security still lacking

2007-09-09T01:14:00.000+08:00

<

That is according to Manchester-based IT membership body, the National Computing Centre (NCC), which found that 40 percent of companies have installed partial to no security on their wireless networks, while only 15 percent have initiated VoIP security measures.

With the proliferation of small, high-capacity USB storage devices also posing a liability, the NCC found that nearly 75 percent of respondents recognise that there is an issue to be addressed, but that only 11 percent have done so.

Stefan Foster, managing director of the NCC, said: "Running unsecured Wi-Fi is like locking the front door, but leaving the windows open. Fraudsters are increasingly targeting IT systems and the growing use of Wi-Fi is attracting their attention both inside and outside of the office environment.

A recent study by network security specialist BigFix found that mobile devices such as laptops and smart phones were posing a risk to network security, because most security configuration management solutions are unable to manage them when they are not connected to the network.

Although 80 percent of companies were using anti-virus products, 40 percent admitted to having been affected by malicious code in the last year.
>>
extracted from ITwales website "http://www.itwales.com/798604.htm"

We have to take a drastic counter-measure in order to provide a good network security. Easier said than done :P

In my opinion, in Malaysia, there is still lack of awareness in computer network security, generally, in wireless computing environment, specifically. Some of them haven't educate themselves with wireless network security as nowadays security has becoming a main issue of almost anything.

There is so much to be done in order to educate people and increase their conscience about computer network security. Life nowadays cannot be part from mobile technologies as they have become necessities.

So we have to held seminars, classes, or maybe even a short movie of "How to..." regarding of network security in commercial media.