daily espresso, FOR TECH FANS BY TECH FANS

A few years ago, home wireless access points were almost non-existent. Most people only had normal, wired broadband routers, so they didn’t really have to care about getting their internet connection hijacked by malicious wardrivers (villains wandering the streets in search of an unsecured wireless signal). This is entirely another story in 2006. I’m living in a suburb, and 4 of my neighbors emit wireless signals, 2 of them which are completely unsecured. Just imagine how many of them you could pick up if you are living in a big city. People think that wireless connectivity is a dream come true, but most of them ignore the downside of the technology. The problem is that most AP come preconfigured with their security features turned off. A couple of steps have to be taken if you want to enable them. This simple security guide will show you how you can do it.

When we’re talking about security, the more is the better. We’ll be enabling as many security features as possible on that AP. We want to install the maximum number of locks in front of that attacker, so that if he tries to get in, he’ll have to punch through all the doors before getting in. That is what we call the Layered security principle in the industry.

-Change the default administrator password.

Most routers or APs requires a default password to get in. Be sure to change it to something else, and it better not be your dog’s name. Be warned that most APs default passwords are well known by villains, and can be easily found on the internet. Just try searching google for “linksys router default password“, you’ll see what I mean.

-Turn off remote management features

Some routers can give you the ability to administer them via a wireless connection. Turn that off! You do not your neighbors to be able to get in your AP’s management console do you? The only downside to this is that you will have to have at least 1 wired computer in your environment.

-Turn off SSID broadcasting

First of all, what the heck is an SSID? The SSID (Service Set Identifier) is a sequence of up to 32 letters or numbers that represent the ID of your wireless network. the SSID is broadcasted from your AP to all wireless devices within range to let them know that he’s available and ready to receive connections. If you shut off SSID broadcasting, the clients will have to know about the ID of the network if they want to be able to connect to it. Here is my opinion on SSID broadcasting, read it before proceeding with the rest of the article.

-Enable MAC filtering

As you probably know, computers can be identified by many kinds of addresses. One of them, the MAC address, which is a unique ID tagged to your network card, can be specified in a list on the AP to prevent people that aren’t on there from connecting to the network. MAC addresses can be spoofed, so this measure is not a guarantee of security, but it adds another door to your layered security architecture. To get your MAC address, just click on start->run, and type cmd. When you are at the DOS prompt, type: ipconfig /all, this will display the current configuration of you network card. The MAC address is what ipconfig displays as Physical Address. It consists of six pairs of numbers or letters, as in A6-33-F3-86-BE-04. When you are finished, type exit and you will get back to windows

-Turn on WEP, WPA, or WPA2 encryption

Depending on the age of your router, these encryption methods may or may not be all available to you. The weakest one, WEP, has been largely criticized recently about its easy to crack security. If WEP is the only method available to you, I would consider replacing your AP for a more recent model. You can get a brand new linksys WRT54G for about 30$USD (As seen in the top right of this article). That shouldn’t break your budget! Sometimes, a firmware update can also add the missing functionalities. Please consult your manufacturer’s website to verify if any upgrades are available.

For encryption to work, you will first need to enable it on the client’s wireless NIC and on the AP. After this, a shared key (a password) must be specified on both sides. The key must be identical if you want your devices to communicate.

-Disable DHCP and assign your IP addresses manually.

DHCP (Dynamic Host Configuration Protocol) is a service that distributes IP addresses automatically to clients who request them. The problem with DHCP is that it will provide IP addresses to anyone who asks for them, even evildoers. While making your network easier to administer, it’s also helping out the bad guys. If you have a small network, providing static IPs to your computers is an easy and quick job. Consult this link for instructions.

So, are you up to the work of securing your network now? You could be the next target of those wardrivers. Never think that these things always happen to others, who knows, someone might already be using YOUR network.

The purpose of this guide is to show the process involved in tracing an email. The first step required to tracing an email is finding out the headers of the email. What are headers? Email headers are lines added at the top of an email message that are used by servers as the email goes on route to get delivered. Generally email clients only show the standard To, From, and Subject headers, but there are more.
1) Enabling Email Headers

Enabling Email Headers For Gmail
Step 1:Once Logged into your Gmail Account open the Email whose headers you want to view. Click on the “More Options” link in the message next to the date of the email.
Step 2: Now click the “Show Original” link.
Step 3: This link will popup a new window the headers and the body of the message.

Enabling Email Headers For Hotmail
Step 1:Once logged in, click on the “Options” link in the upper navigation bar.
Step 2: Now click on the “Mail Display Settings” link.
Step 3: Change the “Message Headers” option to “Full” and click ok.
Step 4: Go to your inbox and open any one of your email. You emails show now contain additional headers.

2) Understanding Email Headers

In this example the “Sender” located at sender@exampleuniversity.edu want to send an email to “Receiver” located at receiver@exampleisp.com. The sender composes his email at his workstation in the university’s computer lab (lab.exampleuniversity.edu). Once completed the email message is passed to the university’s mail server called mail.exampleuniversity.com. The mail server seeing that it has a message for receiver@exampleisp.com, contacts someisp.com mail server and delivers the email to it. The email is stored on someisp.com server until Receiver logs on to check his/her inbox.

In this example, four headers will be added to the email message. This first header is generated by email client on lab.exampleuniversity.edu when forwarding it to the mail server at mail.exampleuniversity.edu.

The following header is added when mail.exampleuniversity.edu transmits the message to mail.exampleisp.com.

The following header is added when mail.exampleisp.com stores the message on the server for Reciever.

The following header is added when Reciever downloads the email from home machine called reciever.local.

3) Tracking The Orginal Sender
The easiest way for finding the original sender is by looking for the X-Originating-IP header, this header is important since it tells you the IP Address of the computer that had sent the email. If you can not find the X-Originating-IP header then you will have to sift through the Received headers to find the sender’s ip.

Once the email sender’s ip is found go to http://www.arin.net/ to begin a search.

Now click on the “NET-24-16-0-0-1” link.

Scroll down the page untill you find the OrgAbuseEmail field.

Remember to include all the headers of the email along with an attached copy when filling a complaint.

thats it folks… happy tracing

by Raven

Ever wish you could make one of your computer’s drives invisible to anyone snooping around on your system? Well, happy days are here my friend! Whether you have sensitive docs, pictures, or any other private data, this is one of the easiest ways to keep them safe. Keep in mind that you’ll still be able to access your hidden drives; you just won’t see that they exist in Windows Explorer or the My Computer folder. Back up your registry before you start!

1. Open Regedit.

2. Navigate to one of these strings:

HKEY_CURRENT_USER\Software\Microsoft\Windows\
CurrentVersion\Policies\Explorer – this only changes the settings for the current logged in user

HKEY_LOCALMACHINE\Software\Microsoft\Windows\
CurrentVersion\Policies\Explorer – this changes the settings for all users on the machine. You may have to create the key folder “Explorer” manually.

3. In the Explorer key folder, create a new DWORD value by right-clicking Explorer, then choosing New DWORD value. Name the value “NoDrives” (without the quotes). This value defines local and network drive visibility for each logical drive on the computer. All drives will be visible as long as this value’s data is set to 0.

4. Following the table below, enter the decimal number corresponding to the drive(s) you want to hide as NoDrives value data. When you right-click on NoDrives and choose Modify, make sure you select Decimal base, not Hexadecimal.

Drive Number to hide
A: 1
B: 2
C: 4
D: 8
E: 16
F: 32
G: 64
H: 128
I: 256
J: 512
K: 1024
L: 2048
M: 4096
N: 8192
O: 16384
P: 32768
Q: 65536
R: 131072
S: 262144
T: 524288
U: 1048576
V: 2097152
W: 4194304
X: 8388608
Y: 16777216
Z: 33554432
All drives 67108863

If you want to hide more than one drive, you simply add the drive amounts together for a combined total.

For example, to hide the D:/ and T:/ drives, add the decimal value for the D:/ drive to the decimal value to the T:/ drive.

8 (D) + 524288 (T) = 524296

To disable all of your visible drives, set the value to 67108863.

You must reboot your PC to see your changes. Have fun!

2006 is the Year of the Penguin! So if you’ve been toying with the idea of running your own server, now’s the time. This comprehensive guide shows you how to get started – from installing Linux, to using the command line, setting automatic tasks to run, and securing the beast! Begin >>