Security Today

Comments, thoughts, and pet peeves about the application (or misapplication) of security today.

Tuesday, February 28, 2006

More thoughts on your home network

Here's a news story that you probably won't find as a headline, because it happens all too often... My friends house was burglarized and among his losses - possibly the least of his concerns - were his computers.

So we chatted a good bit about it and I got a little food for thought as well.

First, was the question how anyone would know that he had computers in the first place. Anyone? Anyone? Here are three quick possibilities:
  • The comings/goings of persons with "laptop cases" - we all know what they look like and it's pretty unavoidable.
  • Looking into the windows of the house. How many of us actually try to conceal our computers from the windows? Afterall, they're so common.
  • Wireless networks. That's it. Anyone with a laptop running XP that turns it on will see the network listed, unless....


So what are some solutions?

As for the laptop cases, there are some designer bags that don't "have the look," but they're pricey. I'm pretty cheap so my solution involves my favorite daybag (book backpack) and a bit of swag from my buddy at Cisco. For you, just find a bag or briefcase that you like and works for you. Then get a padded carrier for the laptop and put in inside your bag/briefcase. It may not be pretty, unless you put some time into it, but it works nicely. I like it for airports and other public places. No one would ever put a laptop in my ratty old backpack, so no one gives it a second look.

The windows problem should be pretty easy. If not, you have much larger problems. And if you problems are much larger, like you have a server rack in your kitchen, then it's time to get creative with your window treatments. Possibly frosting the lower half of window will prevent casual observation.

Wireless networks are a problem - and one that just won't go away. Most folks look at this issue in terms of encrypting data and the like. The focus is on a hacker, not a burglar. So you can turn off your SSID Broadcast to make it a little harder form someone to find your network. This has little benefit and does create some headache. While it makes the network stop broadcasting "its name" it still has to transmit the data and you must "tell" your computer the name of the wireless network it is looking for before it can get access. Keep in mind that someone with moderate skill will be able to find your network, sniff all you packets, crack you encryption and get onto your network. It's coming, but right now the average burglar probably isn't going through this trouble. If he/she did they probably wouldn't enter your home since they could steal your data remotely. So consider lowering the profile of your wireless network. Turn it off when out of the house. Turn off the SSID. Turn on the MAC filter - again, this has limited benefit with additional headache. Oh, and I should not have to mention this, but make sure you change the password to your router.

I'll stop this here, but don't worry this topic will come up often I'm sure.

See the entire post

Friday, February 03, 2006

You Network, Your Computer - protect it.

I know I'm a little late on this topic, but I'm really not just writing about this new threat.

There are three things that everyone should have in place on their home network.
  • A firewall
  • Anti-virus Software
  • Anti-spyware Software
Now here's why...

The firewall is a tool for separating networks. Think of it more as a doorman than a wall. I think the tech guys just thought firewall sounded better in the beginning. The doorman or receptionist's job is to keep the wrong visitors out and admit the right ones. It's not perfect and there are ways to get around it. The most common is when traffic is initiated from the inside. Like when I send you an email with a link to a website; that you dutifully click on. This tells the firewall that you wanted the communication in the first place. That is one way to get the bad stuff past the firewall - it's not foolproof. The better firewalls are on the lookout for bad data trying to get through.

It is ideal to have a firewall on your network; that is at the point of origin in your house (by the cable or DSL modem). It should be an appliance - a physical box separate from your computer. It will handle the bulk of the work and screen all sorts of bad stuff.

It is also ideal to have a software firewall on your computer - desktop or laptop. This does not need to be some robust system like Norton Internet Security because your appliance is carrying the bulk of the workload. This firewall gives you more control over who your computer tries to contact - outbound traffic. On a laptop this is an essential tool if you ever connect to public networks where such a lightweight firewall prevents many disasters. This local firewall let's you more easily keep those programs you just installed from reaching out to the web - ah you didn't know they did that, huh. Remember though, the more robust (read powerful) this firewall is the more of your computer's resources it will consume; which means slower downloads, graphics processing, etc.

Anti-virus software is like the linebacker behind the firewall. It prowls around and makes sure that anything that gets through gets special attention. It also fills the role of a free safety by making sure that everthing crossing the line is covered. In other words - for the non-football minded - this software makes sure that the code (program) that is malicious is not able to install or run. How it does this is not really important here; what is important is having it installed and running ALL THE TIME!

Anti-spyware is still evolving and is useful for preventing some of the methods used for tracking your activity on the computer. Try a few like Spybot, Adaware, Microsoft, and the others; then see which combination is best for you since none get everything.

When it doubt... Google the application that is trying to reach the web, or the term you do not understand. Google and Wikipedia are your friend and partner on this and will help choose the right programs to deny access to the web.

That's the quick and dirty. For more advice, send an email.

See the entire post

The Ineffective Risk Manager - A Comedy or maybe a tragedy

This in from a close friend. It took awhile to stop laughing.

So museums, like other firms, high these folks called Risk Managers. Otherwise they have security or safety professionals that fill this role, and sometimes they just have to rely on an operations manager to do this job. Well here's the result when no one is observing the environment with an objective eye and taking appropriate actions to safeguard the assets.

And here is the asinine comment of the day:

"Whilst the method of displaying objects is always under review, it is important not to over-react and make the museum's collections less accessible to the visiting public," he added in a statement."

Wrong! Assets like these - that is IRREPLACEABLE - must be less accessible to the public. That doesn't mean they need to be hidden either, but some sort of barrier should prevent destructive unauthorized access.

Let's face it, it's not like these can be replaced. The insurance carrier MIGHT pay a claim, and right there is a problem. The carrier should have dictated specific safeguards to be used in the display of the asset, otherwise no claim check. But even with the money the museum is out the vases, out the exhibit, and out the patronage that the vases drew. They were a key exhibit, why weren't they protected?

The priceless vases, dating from the late 17th or early 18th century, were donated to the museum in 1948 and have become one of its most recognizable exhibits.

And here's the absolute funniest quote from the article:

Shocked but determined museum staff members have vowed to glue the shards back together again.

I guess they were all absent the day that the whole Humpty Dumpty fairytale was covered.


Here's the moral of the story... Take a step back; look at your facility; know your organization's mission; then ask what if, what if, what if, and don't stop asking until the day you retire.

See the entire post