Newsletter #12 - May your holidays be merry and bright
A couple things before we get to Bob's promised condensed version of a six-day seminar on hacking and malicious code…  One, please contact Cheryl if we installed McAfee VirusScan for you last summer, and you’re receiving notice that your virus definitions have expired.  They haven’t.

Second, we’re finally getting the newsletters archived on the website.  When finished, it will be a handy resource.  Check it out. http://www.solutionarchitech.com/newsletter.htm
         
    
I recently attended a six-day training seminar hosted by SANS*.  The title was “Incident Tracking and Hacking Techniques”.  It was a real eye opener. 

Bottom line:
1. Keep your operating systems patched

2. If you don't have a firewall, get one

3. Keep your Anti-Virus software up-to-date
Following these 3 rules will greatly reduce your risk of systems and data compromise.


Details:

OPERATING SYSTEMS PATCHING:

Although this advice is relevant for all software, Microsoft is the biggest target, therefore most widely exploited.  Additionally most of you have Microsoft operating systems. 

The main problem: when software is developed, programs that require input from remote sources allot memory space for this input.  For example, a web page may receive user information like ‘Name’, ‘Address’, etcetera.  This input should be, say, about 1,000 characters.  If the programmer does not test the input for size, a hacker can send 100,000 characters, overwriting the memory space that stores the active program code, effectively executing whatever new code is inserted by the hacker. 

The hacker's code is then executed with the same privileges that the server was running.  Meaning, you are at his mercy. 

Microsoft has so many security updates that they have begun releasing them on a regularly monthly bases with supplemental updates whenever a particularly nasty vulnerability is found. 

Microsoft is trying to make patching easy.  If we haven't done that already, start their Automatic Update Service...  You can configure your machine to check for updates, download and install them automatically on a configurable schedule... Nice! 

FIREWALLS:

Most Firewalls today are packet filtering.  This means that each piece of information is inspected by the firewall and dropped or passed through based on user definable rules.  Most are configured so that your internal protected network can talk freely to the outside world, but computers on the outside cannot start a conversation with computers inside your protected network.  Most small business / home routers have firewalls built-in (this includes most of you).  If you are not behind your own router, you should utilize a software firewall.  Most Anti-Virus manufactures also have firewall offerings.  Windows XP has a firewall built in.  Unix has several low or no cost firewall available.

ANTI-VIRUS:

You can stop Malware from destroying your productivity by keeping your anti-virus software up to date.  If someone inside your protected network goes to a website, or receives an email from an un-protected server, the Malware can find itself inside your network.  Nothing to worry about if your anti-virus is up to date, because as soon as anyone tries to access it the anti-virus software intervenes.  That is, unless you’ve caught a brand-new virus, and the definitions haven’t caught up yet.

In Closing:

There’s just no substitute for caution and common sense.  If anyone or anything wants to install software on your machine, make sure you REALLY trust the source.  Never install any unsolicited software or answer any unsolicited emails.  If you need software, go to the manufacturer's website and download it yourself or have a professional do it for you.
That's it,            
Bob               

*The SANS (System-administration, Audit, Network, Security) Institute is the most trusted and by far the largest source for information security training and certification in the world.  It develops, maintains, and makes available at no cost, the largest collection of research documents about various aspects of information security.  It also mans the Internet's early warning system - Internet Storm Center.  SANS was established in 1989 as a cooperative research and education organization.  Its programs now reach more than 165,000 computer professionals.  At the heart of SANS are security practitioners in government agencies, corporations, and universities around the world who invest hundreds of hours each year in research and teaching to help the entire information security community. 

Look on their site www.sans.org for many interesting articles.  For example, you can find what industry expert have to say about the role the Blaster worm played in last August’s, East Coast blackout. 
(For a really cool picture of that blackout from space... .  Merry Christmas.)


Return to Home Page
About Us Client List Major Projects Letters of Reference Our Fav


Didn't find your answer?
Register for a free consultation.
Register for consultation