Securing your Home Wireless Network : A simple security guide January 27, 2006
Posted by iespresso in Extreme Tech.4 comments
A few years ago, home wireless access points were almost non-existent. Most people only had normal, wired broadband routers, so they didn’t really have to care about getting their internet connection hijacked by malicious wardrivers (villains wandering the streets in search of an unsecured wireless signal). This is entirely another story in 2006. I’m living in a suburb, and 4 of my neighbors emit wireless signals, 2 of them which are completely unsecured. Just imagine how many of them you could pick up if you are living in a big city. People think that wireless connectivity is a dream come true, but most of them ignore the downside of the technology. The problem is that most AP come preconfigured with their security features turned off. A couple of steps have to be taken if you want to enable them. This simple security guide will show you how you can do it.
When we’re talking about security, the more is the better. We’ll be enabling as many security features as possible on that AP. We want to install the maximum number of locks in front of that attacker, so that if he tries to get in, he’ll have to punch through all the doors before getting in. That is what we call the Layered security principle in the industry.
-Change the default administrator password.
Most routers or APs requires a default password to get in. Be sure to change it to something else, and it better not be your dog’s name. Be warned that most APs default passwords are well known by villains, and can be easily found on the internet. Just try searching google for “linksys router default password“, you’ll see what I mean.
-Turn off remote management features
Some routers can give you the ability to administer them via a wireless connection. Turn that off! You do not your neighbors to be able to get in your AP’s management console do you? The only downside to this is that you will have to have at least 1 wired computer in your environment.
-Turn off SSID broadcasting
First of all, what the heck is an SSID? The SSID (Service Set Identifier) is a sequence of up to 32 letters or numbers that represent the ID of your wireless network. the SSID is broadcasted from your AP to all wireless devices within range to let them know that he’s available and ready to receive connections. If you shut off SSID broadcasting, the clients will have to know about the ID of the network if they want to be able to connect to it. Here is my opinion on SSID broadcasting, read it before proceeding with the rest of the article.
-Enable MAC filtering
As you probably know, computers can be identified by many kinds of addresses. One of them, the MAC address, which is a unique ID tagged to your network card, can be specified in a list on the AP to prevent people that aren’t on there from connecting to the network. MAC addresses can be spoofed, so this measure is not a guarantee of security, but it adds another door to your layered security architecture. To get your MAC address, just click on start->run, and type cmd. When you are at the DOS prompt, type: ipconfig /all, this will display the current configuration of you network card. The MAC address is what ipconfig displays as Physical Address. It consists of six pairs of numbers or letters, as in A6-33-F3-86-BE-04. When you are finished, type exit and you will get back to windows
-Turn on WEP, WPA, or WPA2 encryption
Depending on the age of your router, these encryption methods may or may not be all available to you. The weakest one, WEP, has been largely criticized recently about its easy to crack security. If WEP is the only method available to you, I would consider replacing your AP for a more recent model. You can get a brand new linksys WRT54G for about 30$USD (As seen in the top right of this article). That shouldn’t break your budget! Sometimes, a firmware update can also add the missing functionalities. Please consult your manufacturer’s website to verify if any upgrades are available.
For encryption to work, you will first need to enable it on the client’s wireless NIC and on the AP. After this, a shared key (a password) must be specified on both sides. The key must be identical if you want your devices to communicate.
-Disable DHCP and assign your IP addresses manually.
DHCP (Dynamic Host Configuration Protocol) is a service that distributes IP addresses automatically to clients who request them. The problem with DHCP is that it will provide IP addresses to anyone who asks for them, even evildoers. While making your network easier to administer, it’s also helping out the bad guys. If you have a small network, providing static IPs to your computers is an easy and quick job. Consult this link for instructions.
So, are you up to the work of securing your network now? You could be the next target of those wardrivers. Never think that these things always happen to others, who knows, someone might already be using YOUR network.
Wi-Fi 802.11n Standard for WLANs Confirmed January 27, 2006
Posted by iespresso in News.add a comment
Back in January 2004, the IEEE (Institute for Electrical and Electronics Engineers) formed the 802.11 taskgroup to develop an additional amendment to the 802.11 standard for WLANs: 802.11n. The maximum theoretical speed for this standard is supposed to reach up to 540 Mbit/s. According to this Wifinews article, the 802.11n proposal was just accepted this week! Now, the new standard will be able to move forward relatively rapidly to ratification, even if the process of finalizing details could take until 2007. That’s Good news for corporations that are waiting for an high speed wireless access. I don’t think 802.11n will matter very much to home users since people don’t need that much speed at home, unless you are planning to share your internet access with your entire neighborhood!
Kama Sutra worm seduces PC users January 24, 2006
Posted by iespresso in Tech.1 comment so far
Name: Nyxem.E
Alias: Email-Worm.Win32.Nyxem.e
Size: 95744
Category: Virus
Platform: Win32
Date of Discovery: January 20, 2006
A new e-mail worm that spreads under the guise of pornographic content has jumped to the top of the worldwide virus charts.
When run on a Windows PC, the worm copies itself to shared network locations and sends itself to e-mail addresses found on the target computer. The pest includes a timed attack that attempts to disable antivirus and firewall software and delete certain files, including Office documents, on the third day of the month, according to antivirus software vendor F-Secure.
The worm, dubbed W32/Nyxem-E by F-Secure, arrives attached to an e-mail message. It uses a variety of subject lines, including “School girl fantasies gone bad.” The body text also varies, but it can include references to the Kama Sutra, the ancient Sanskrit book with pictures and explanations about different sexual positions.
“This worm feeds on people’s willingness to receive salacious content on their desktop computer,” Graham Cluley, senior technology consultant for antivirus vendor Sophos, said in a statement.
Nyxem-E was the most commonly caught threat in the past 24 hours, according to both F-Secure and Trend Micro, which calls the worm Grew.A. The worm also has its own counting mechanism, and it showed 510,000 infected systems on Saturday, according to F-Secure.
“Our internal reporting system shows a steady stream of Nyxems being reported from all over the world, from USA to Australia,” F-Secure said in a statement on its corporate blog. “If the worm keeps this pace, Friday the 3rd of February might be nasty–that’s when the destructive payload is programmed to strike for the first time.”
To protect themselves, users should keep their antivirus software up to date and be wary when opening e-mail attachments, experts said.
Google execs keep $1 salaries January 24, 2006
Posted by iespresso in News, Tech.add a comment
SAN FRANCISCO–Top executives of Google have once again agreed to be paid annual salaries of $1 each in 2006, counting instead on stock options and grants of the company’s volatile stock for their pay.
In a regulatory filing on Monday with the U.S. Securities and Exchange Commission, the Web search leader said it had approved a base salary of $1 for Chairman and CEO Eric Schmidt and its two co-founders and co-presidents, Larry Page and Sergey Brin.
The three were paid $1 a piece in salary during 2005.
The action–which was approved by Google last Tuesday but only disclosed this week–occurred ahead of the 14 percent decline in the company’s stock price last week amid investor concerns over the Internet sector’s growth outlook and revelation of a legal spat with the U.S. Justice Department.
But before anyone offers to spring for bus fare for Google executives, note that the 7 percent rebound in the price of the company’s stock on Monday alone means that Schmidt’s shares had recovered $413.8 million in value during the one-day trading session, according to CNET’s CEO Wealthmeter site. As a result, his total wealth in shares is roughly $6.3 billion.
Shares of Google gained $28.04 to close at $427.50, almost fully recovering from a sharp sell-off on Friday. Bullish Wall Street analysts argued that Google continues to gain market share that may insulate it from any slowing of the overall market.
The practice of paying the top Google executives $1 per year in base salary started in the second quarter of 2004, during the run-up to the company’s initial public offering in August 2004, according to the company’s regulatory filings.
Previously, Schmidt had earned $250,000 and Brin and Page had been paid about $150,000 in salary, even as they accumulated stock options that have made them billionaires, at least in the potential value of their shares and options.
Four additional executives received a 43 percent increase in their base salary, to $250,000 from $175,000 in 2005, according to the company’s latest regulatory filing.
They include Chief Financial Officer George Reyes; legal counsel David Drummond; Omid Kordestani, sales chief and developer of Google’s original advertising business; and Shona Brown, senior vice president of business operations.
© 2006 Reuters Limited. All rights reserved.
Firefox 2.0 – Racing Towards 2 January 24, 2006
Posted by iespresso in Tech.add a comment
It’s going to be an exciting year. Not since the run up to Firefox 1.0 have I been so excited about the content of a release. Firefox 2 is going to be great.
Firstly, Firefox 2 is based off the same Gecko branch that shipped Firefox 1.5, so they should be compatible from a web developer’s point of view. APIs might be added, but none should be changed.
From a development point of view, the idea of Firefox 2 is to deliver significant user experience enhancements on top of a relatively stable rendering engine as significant retooling is done on the main development trunk for what will become Firefox 3, and deliver them in a timely fashion. By being deliberately cautious with our goals for the rendering engine, we hope to avoid long cycles of shake and bake that delayed Firefox 1.5 (which had more substantial Gecko changes than user interface changes).
So, without further ado, some of the most important features from the planning brainstorming page:
New Bookmarks and History
Improve the browser’s Bookmarks and History systems to improve their effectiveness as renavigation aids while at the same time improving the back end for speed and extensibility.
Tabbed Browsing Enhancements
Make tabs behave more like windows in the operating system environment, making them behave more as users would expect.
Improved Basic Content Type Handling
For things like RSS/Atom feeds, mail links etc. Improve discovery and handling user interfaces.
Web Search
Improve the discoverability and adaptability of the search UI within Firefox.
Bug Fixing
Bug fixing at all levels where risk is low and yield high, e.g. the blank tab download bug, platform stability, etc.
Some additional things we would like to look at in the Firefox 2 timeframe include:
Visual Uplift
A freshen of the visual design of Firefox while maintaining high levels of system integration.
Inline Spell Check
The rise of applications like web mail, blogging etc highlight the weaknesses of HTML’s textarea widget. We should at the very least offer people the ability to spell check their submissions.
Exit Survey
We’d like to know why people leave Firefox. A survey on uninstall would help us find ways to make the software better in future versions.
UI Consolidation and Simplification
Consolidate and simplify user interface in the browser window tying together features in meaningful ways where possible.
There are many other ideas floating around, this is just a brief snapshot of some of the high priority items on our plates. If we get this done, we’ll be satisfied!
by ben | http://weblogs.mozillazine.org
Mobile Web Server – what will they think next? January 24, 2006
Posted by iespresso in News.add a comment
Background For quite some time it has been possible to access the Internet using mobile phones, although the role of the phone has strictly been that of a client. Considering that the modern phones have processing power and memory on par with and even exceeding that of webservers when the web was young, there really is no reason anymore why webservers could not reside on mobile phones and why people could not create and maintain their own personal mobile websites.
Goals
A desire to show in practice that personal mobile websites are feasible triggered the birth of the project that started in the beginning of 2004. The primary goals were to bring a full-fledged webserver to S60 and to make a webserver running on a mobile phone accessible from the Internet using any web browser.
Apache
To underline that modern phones really are quite capable we decided, rather than writing a small webserver from scratch, to port Apache httpd, the most widely used webserver in the world. There were naturally concerns with this choice; not only is Apache typically used on rather big computers but also the S60/Symbian platform is quite different from pretty much everything else.
Fortunately, Symbian does have a so-called Posix layer that provides a fair amount of typical Unix functionality. Consequently, the Symbian port of Apache is based on the Unix version and although there certainly were a few hurdles along the road, the porting of Apache still proved to be more straightforward that what was initially anticipated.
We have also ported mod_python and integrated it with Python for S60 so we can now create content using both Python scripts and PSP (Python Server Pages), which is a great deal more convenent for experimentation compared with writing custom Apache modules in C/C++.
Access from the Internet
Being able to run Apache on a mobile phone is rather interesting in itself but still not much more than a quirk unless it can be accessed from a browser outside the device itself. Our target was to make it possible to access a webserver running on a mobile phone, equipped with a standard operator SIM, from any browser on the internet, at any time.
Initially we utilized a Bluetooth PAN network but although that already is useful – it provides for the possibility of accessing functionality on the phone using a big screen and proper keyboard – it is quite limited compared with what access over the cellular network would imply.
Providing access to a mobile phone from the Internet was a challenge as operators typically employ firewalls that prevent access from the Internet to phones inside that firewall. By implementing a custom gateway we could circumvent that limitation and we are now able to provide a webserver on a mobile phone with a global URL than can be accessed from any browser. In a sense, the mobile phone has now finally become a full member of the Internet.
Content
As a mobile phone contains quite a lot of personal data it is straightforward to semi-automatically generate a personal home page. And contrary to websites in general, a website on a mobile phone always has its “administrator” nearby and he or she can even participate in the content generation. For instance, we have created a web-application that prompts the phone owner to take a picture, which subsequently is returned as a JPG. That is, on a personal device the website can be interactive.
Further, that a website becomes mobile implies that certain properties of websites that hitherto have been mostly meaningless now need to be taken into account. As long as a website resides on a stationary server the physical location of that server lacks meaning, because it will never change. With a mobile website it does change and it is meaningful as the content that is shared may depend upon the current location and context. For instance, if you browse to a mobile website and ask the “administrator” to take a picture, the image you get depends upon the location of the website. Current search engines that update their indexes rather rarely may need modifications to be able to cope with the dynamism introduced by mobile websites.
Implications
We believe that being able to run a globally accessible personal website on your mobile phone has the potential of changing the Internet landscape. If every mobile phone or even every smartphone initially, is equipped with a webserver then very quickly most websites will reside on mobile phones. That is bound to have some impact not only on how mobile phones are perceived but also on how the web evolves.
The software is currently used inside Nokia as an experimentation platform.
Tracing An Email – Wanna track who sent u the mail? January 23, 2006
Posted by iespresso in Extreme Tech.add a comment
The purpose of this guide is to show the process involved in tracing an email. The first step required to tracing an email is finding out the headers of the email. What are headers? Email headers are lines added at the top of an email message that are used by servers as the email goes on route to get delivered. Generally email clients only show the standard To, From, and Subject headers, but there are more.
1) Enabling Email Headers
Enabling Email Headers For Gmail
Step 1:Once Logged into your Gmail Account open the Email whose headers you want to view. Click on the “More Options” link in the message next to the date of the email.
Step 2: Now click the “Show Original” link.
Step 3: This link will popup a new window the headers and the body of the message.
Enabling Email Headers For Hotmail
Step 1:Once logged in, click on the “Options” link in the upper navigation bar.
Step 2: Now click on the “Mail Display Settings” link.
Step 3: Change the “Message Headers” option to “Full” and click ok.
Step 4: Go to your inbox and open any one of your email. You emails show now contain additional headers.
2) Understanding Email Headers
In this example the “Sender” located at sender@exampleuniversity.edu want to send an email to “Receiver” located at receiver@exampleisp.com. The sender composes his email at his workstation in the university’s computer lab (lab.exampleuniversity.edu). Once completed the email message is passed to the university’s mail server called mail.exampleuniversity.com. The mail server seeing that it has a message for receiver@exampleisp.com, contacts someisp.com mail server and delivers the email to it. The email is stored on someisp.com server until Receiver logs on to check his/her inbox.
In this example, four headers will be added to the email message. This first header is generated by email client on lab.exampleuniversity.edu when forwarding it to the mail server at mail.exampleuniversity.edu.
The following header is added when mail.exampleuniversity.edu transmits the message to mail.exampleisp.com.
The following header is added when mail.exampleisp.com stores the message on the server for Reciever.
The following header is added when Reciever downloads the email from home machine called reciever.local.
3) Tracking The Orginal Sender
The easiest way for finding the original sender is by looking for the X-Originating-IP header, this header is important since it tells you the IP Address of the computer that had sent the email. If you can not find the X-Originating-IP header then you will have to sift through the Received headers to find the sender’s ip.
Once the email sender’s ip is found go to http://www.arin.net/ to begin a search.
Now click on the “NET-24-16-0-0-1” link.
Scroll down the page untill you find the OrgAbuseEmail field.
Remember to include all the headers of the email along with an attached copy when filling a complaint.
thats it folks… happy tracing
by Raven
New Year’s Resolutions Geeks Will Make and Break in 2006 January 23, 2006
Posted by iespresso in News.add a comment
I will not start playing any video game after 2 am.
I will read a book that’s neither sci-fi nor fantasy.
I will only make insightful, relevant posts in forums.
I will spend more of my waking hours away from the computer than on it.
I will stop correcting friends when they refer to Star Trek as Star Wars and vice versa.
I will only patch my software when I need to.
I will not make any expensive hardware upgrades just to get a 5% performance increase.
I will not talk about my awesome computer system at non-geek social events.
I will only blame Bill Gates for things that are actually his fault.
I will always show tolerance for people who don’t know the difference between memory and hard drive space.
I will not deface your website just because you disrespected my level 60 Night Elf druid.
Microsoft to spend $120 Million to Erase “HUGE Company” Image January 23, 2006
Posted by iespresso in News.add a comment
Microsoft Corp., the world’s biggest software maker, will spend $120 million a year on an advertising campaign to fight its image as “a huge American company.”
The campaign, using television, print and the Internet, highlights Microsoft’s education and economic development projects in 32 countries, including France and Taiwan, according to group advertising manager Mike Lucero. Actor William Macy of the movie “Fargo” narrates the ads.
“We are often perceived as a huge American company,” Lucero said Friday in an interview.
“We wanted to be very specific about what we are doing in each country in education, innovation, economic opportunity and security,” he said.
The campaign, being run by McCann Erickson, a unit of Interpublic Group of Cos., is an extension of Microsoft’s “Realizing Potential” advertisements that started in 2002.
“That was a global campaign in the traditional sense, with half a dozen ads pretty much the same in different countries,” Lucero said. “We had to get very local.”
The ads have started to air in some U.S. regions and will appear in all target markets in coming weeks, with advertisements for the Olympic Winter Games, the Academy Awards and TV shows including “24,” “ER” and “The West Wing.”
Redmond-based Microsoft made almost one-third of its $39.8 billion in fiscal 2005 revenue outside of the United States, according to a company filing with the Securities and Exchange Commission.
The company’s 63,000 employees are based in 102 countries, 37 percent of them outside of the United States.
By REBECCA BARR
Apple iMac (Intel Core Duo) January 23, 2006
Posted by iespresso in Tech.add a comment
BOTTOM LINE
Casual Mac users will love the new iMac (Intel Core Duo), but
professional users or anyone who uses graphics apps like Adobe Photoshop and video-editing software (such as Final Cut Pro) should wait until those tools are updated.
PROS
Intel Core Duo dual-core processor. Mini-DVI port for true dual-monitor usage. Front Row software is now peppier.
CONS
Many applications that are not optimized for Intel will run slower. Classic OS 9 environment no longer available.
TECH SPEC.
Type: All-in-one, General Purpose, Media, Business
Processor Family: Intel Core Duo
Installed RAM: 1024 MB
Hard Drive Capacity: 250 GB
RAID: No
Graphics Card: ATI Radeon x1600
Primary Optical Drive: Dual-Layer DVD+/-RW
Monitor Size: 20 inches
REVIEW
On the outside, the new Apple iMac (Intel Core Duo) ($1,699 direct, $1,799 as tested) looks no different than the previous PowerPC-based iMac G5 (iSight). The differences are all under the hood. The 20-inch new iMac combines a dual-core Intel Core Duo (formerly Pentium M or Yonah) processor with the Mac OS X experience. Casual Mac users, switchers from Microsoft Windows, and iPod aficionados will love the new iMac; however, professionals and people who use graphics apps such as Adobe Photoshop and Final Cut Pro should hold off until the critical app is updated to work smoothly with the Intel processor. For these people, we recommend holding on to your current G5-powered Mac, at least for now.
