Friday, March 30, 2007
Consumer Warning TJ Maxx ID Theft
First off kudos to TJ Maxx for soming clean on this.....
TJ Max reported the largest identity theft ever. If you are a customer keep a very close eye on any account or credit card that may be exploited.
http://ezinearticles.com/?Identity-Theft-Problems-for-TJ-Max-and-Marshalls-Customers&id=431633
TJ Max reported the largest identity theft ever. If you are a customer keep a very close eye on any account or credit card that may be exploited.
http://ezinearticles.com/?Identity-Theft-Problems-for-TJ-Max-and-Marshalls-Customers&id=431633
Thursday, March 29, 2007
You NEED a Firewall
I usually like to generate my own posts but since this is a subject I've posted on many times before I'll just pass on a link from Forbes.
Please don't doubt it. Who ever you are, even if you are only using YouTube YOU NEED A FIREWALL!!!!!
http://www.forbes.com/2007/03/29/microsoft-symantec-cisco-ent-tech-cx_sb_0329smallbizresource.html?partner=yahootix
Please don't doubt it. Who ever you are, even if you are only using YouTube YOU NEED A FIREWALL!!!!!
http://www.forbes.com/2007/03/29/microsoft-symantec-cisco-ent-tech-cx_sb_0329smallbizresource.html?partner=yahootix
Friday, February 9, 2007
Still think security
Vista is not a security end all. Already sveral exploits have been seen. To protect yourself you will need the standards Host SecuritySoftware Firewall, Hardware Firewall, Network Intrusion Prevention, Anti Virus, Network Anti Virus Protection
More to follow next Tuesday on Vista security.
More to follow next Tuesday on Vista security.
Vista Vista Vista - Security
Hey everyone, thanks - the last few days there is has been a noticeable uptick in reads on this blog, which is flattering since I haven't had a chance to really keep it up-to-date lately. Let me just give you an idea of what I'll be covering the next week or so.
I purchased a Vista machine today, and noticed some fairly substantial security features upfront. I won't list those right now, instead I'm going to take a deeper look and post home security recommendations on Monday or Tuesday.
By the way I don't know if you noticed or not, but security flaws have already been reported on the product, so don't be under the impression that you will just be able to install Vista and instantaneously be secure.
Please check back on Tuesday for the latest, for more information.
I purchased a Vista machine today, and noticed some fairly substantial security features upfront. I won't list those right now, instead I'm going to take a deeper look and post home security recommendations on Monday or Tuesday.
By the way I don't know if you noticed or not, but security flaws have already been reported on the product, so don't be under the impression that you will just be able to install Vista and instantaneously be secure.
Please check back on Tuesday for the latest, for more information.
Thursday, January 25, 2007
Host Intrusion Prevention versus Host Anti Virus
This may be a little advance for security 1A. But please read it and try to grasp the differences between Anti Virus and Host Intrusion Prevention. If this concept was deployed on home computers the chances of you been infected with anything get very close to 0%.
Host Anti Virus is a traditional security mitigation software used by millions of computer users across the globe. Anti Virus does a great job of stopping known security exploits through the use of signature type definition files. Unfortunately for the general computer user, the word “known” is the key to this conversation. This means that Anti Virus is only as good as attacks that you already know about. If you use Anti Virus, you are still highly susceptible to a new computer attacks.
Contrast that with Hosts Intrusion Prevention (HIPS). HIPS looks at the behavior of hosts and decides if that behavior could be consistent with the action of malicious code. If the hips software besides that the behavior is suspicious, it will either stop the behavior or query you on whether you want to allow the behavior. Bottom line is that HIPS does not use signature definition files, it uses rule files that don't require updates and will stop viruses and worms whether they are known or not. My experience with hips software is that it is 100% reliable.
The downside of Host Intrusion Prevention software is that the versions that are available are targeted for larger customers with a professional security team that can manage and analyze events seen win rules trigger. Generally it's too complex to be managed by the average end user.
This article is little more than a call to action for security developers. Security engineers readily accept that HIPS software is superior to Anti Virus, now is the time to commercialize the software. Take the complexity out of the existing hips software, and tone it down so that the average home user can use it, and be protected at all times as opposed to the current scenario experience while using antivirus. This isn't that huge of a task. Shoot for the low hanging fruit, and only deploy rules such as, stopping code that is executed after a buffer overflow, stopping code that is being run for the first time, stop browsers from acting as servers, stop the average computer from opening any listening port, stop traffic related to port scans. These are just ideas I'm sure there's more. If you do happen to read this article, please encourage your local hips vendor to commercialize their product, maybe even encourage them to market it to huge service providers such as Comcast, and AOL.
Host Anti Virus is a traditional security mitigation software used by millions of computer users across the globe. Anti Virus does a great job of stopping known security exploits through the use of signature type definition files. Unfortunately for the general computer user, the word “known” is the key to this conversation. This means that Anti Virus is only as good as attacks that you already know about. If you use Anti Virus, you are still highly susceptible to a new computer attacks.
Contrast that with Hosts Intrusion Prevention (HIPS). HIPS looks at the behavior of hosts and decides if that behavior could be consistent with the action of malicious code. If the hips software besides that the behavior is suspicious, it will either stop the behavior or query you on whether you want to allow the behavior. Bottom line is that HIPS does not use signature definition files, it uses rule files that don't require updates and will stop viruses and worms whether they are known or not. My experience with hips software is that it is 100% reliable.
The downside of Host Intrusion Prevention software is that the versions that are available are targeted for larger customers with a professional security team that can manage and analyze events seen win rules trigger. Generally it's too complex to be managed by the average end user.
This article is little more than a call to action for security developers. Security engineers readily accept that HIPS software is superior to Anti Virus, now is the time to commercialize the software. Take the complexity out of the existing hips software, and tone it down so that the average home user can use it, and be protected at all times as opposed to the current scenario experience while using antivirus. This isn't that huge of a task. Shoot for the low hanging fruit, and only deploy rules such as, stopping code that is executed after a buffer overflow, stopping code that is being run for the first time, stop browsers from acting as servers, stop the average computer from opening any listening port, stop traffic related to port scans. These are just ideas I'm sure there's more. If you do happen to read this article, please encourage your local hips vendor to commercialize their product, maybe even encourage them to market it to huge service providers such as Comcast, and AOL.
Tuesday, January 16, 2007
Can I control the Chat rooms that my kids can access?
Yes. I haven’t used any myself so I can’t provide a personal reference. In speaking with my colleagues many recommend Net Nanny. Here is an excellent CNET review on their product. It appears to be easy to install and use and scored pretty well as far as a home security review.
http://reviews.cnet.com/Net_Nanny_4_0/4505-3667_7-1589239.html
http://reviews.cnet.com/Net_Nanny_4_0/4505-3667_7-1589239.html
Wednesday, December 27, 2006
Great Anti Phishing Site!!!
Sorry for such frequent posts but I just came across this great phishing site http://www.antiphishing.org/.
The best defense is don't go to sites you are not familiar with but I should also mention that many vendors offer anit-phishing protection included in products such as Software Firewall, Hardware Firewall, Network Intrusion Prevention, Anti Virus, Network Anti Virus Protection.
The best defense is don't go to sites you are not familiar with but I should also mention that many vendors offer anit-phishing protection included in products such as Software Firewall, Hardware Firewall, Network Intrusion Prevention, Anti Virus, Network Anti Virus Protection.
Subscribe to:
Posts (Atom)