Intro to Wireless Security

Change the System ID: Devices come with a default system ID called the SSID (Service Set Identifier) or ESSID (Extended Service Set Identifier). It is easy for a hacker to find out what the default identifier is for each manufacturer of wireless equipment so you need to change this to something else. Use something unique- not your name or something easily guessed. Disable Identifier Broadcasting: Announcing that you have a wireless connection to the world is an invitation for hackers. You already know you have one so you don’t need to broadcast it. Check the manual for your hardware and figure out how to disable broadcasting. Enable Encryption: WEP (Wired Equivalent Privacy) and WPA (Wi-Fi Protected Access) encrypt your data so that only the intended recipient is supposed to be able to read it. WEP has many holes and is easily cracked. 128-bit keys impact performance slightly without a significant increase in security so 40-bit (or 64-bit on some equipment) encryption is just as well. As with all security measures there are ways around it, but by using encryption you will keep the casual hackers out of your systems. If possible, you should use WPA encryption (most older equipment can be upgraded to be WPA compatible). WPA fixes the security flaws in WEP but it is still subject to DOS (denial-of-service) attacks. Restrict Unnecessary Traffic: Many wired and wireless routers have built-in firewalls. They are not the most technically advanced firewalls, but they help create one more line of defense. Read the manual for your hardware and learn how to configure your router to only allow incoming or outgoing traffic that you have approved. Change the Default Administrator Password: This is just good practice for ALL hardware and software. The default passwords are easily obtained and because so many people don’t bother to take the simple step of changing them they are usually what hackers try first. Make sure you change the default password on your wireless router / access point to something that is not easily guessed like your last name. Patch and Protect Your PC’s: As a last line of defense you should have personal firewall software such as Zone Alarm Pro and anti-virus software installed on your computer. As important as installing the anti-virus software, you must keep it up to date. New viruses are discovered daily and anti-virus software vendors generally release updates at least once a week. You also must keep up to date with patches for known security vulnerabilities. For Microsoft operating systems you can use Windows Update to try and help keep you current with patches. if(zSbL

View the original article here

Hide Your Wireless Network

High-speed broadband connections don't just grow on trees. We all like getting our money's worth when it comes to our Internet connection so we often extend its reach by adding a wireless router or a wireless access point. Once we start broadcasting wireless access, our signal can potentially be picked up outside of our home by our neighbors. If we haven't secured our connection then they might be able to connect and use our Internet access.

Enter: The Wireless Internet Leech. These people live right around you or might just be passing thru so they can do a "drive-by-leeching". They have no problem connecting to your wireless network and killing your bandwidth while you pay the bill. They don't think twice about connecting to any open wireless access point they happen to find.

There are websites devoted to finding open wireless access points. Some leeches even spray graffiti or use chalk near an open wireless access point to mark or Warchalk the site so others will know where they can get free wireless access. Warchalkers use codes and symbols to indicate the SSID name, bandwidth available, encryption used, etc.

How do you prevent your neighbors and others from leeching off of your wireless internet connection?

1. Turn on WPA2 encryption on your wireless router

If you haven't already done so, consult your wireless router's manual and enable WPA2 encryption on your wireless router. You may already have encryption turned on, but you may be using the outdated and vulnerable WEP encryption. WEP is easily hacked by even the most novice hacker in less than a minute or two by using free tools found on the Internet. Turn on WPA2 encryption and set a strong password for your network.

2. Change your wireless network's name (SSID)

Your SSID is the name that you give your wireless network. You should always change this name from its manufacturer set default which is usually the brand name of the router (i.e. Linksys, Netgear, D-link, etc). Changing the name helps to prevent hackers and leeches from finding specific vulnerabilities associated with your brand of router. If hackers know the brand name, then they could find an exploit to use against it (if one exists). The brand name also helps them determine what the default admin password for the router might be (if you haven't changed it).

Make the SSID something random and try to make it as long as you are comfortable with. The longer the SSID the better as it helps prevent hackers from using Rainbow Table-based attacks to try and crack your wireless encryption.

3. Turn off the "allow admin via wireless" feature of your wireless router

As an extra precaution against hackers, turn off the "allow admin via wireless" feature on your router. This will help to prevent a wireless hacker from gaining control of your wireless router. Turning this feature off tells your router to only permit router administration from a computer that is directly connected via an Ethernet cable. This means that they would pretty much have to be in your house in order to access the admin console of your router.

Your neighbors will likely be a little mad at you for turning off their free Internet gravy train. They may sneer at you and let their dog use the bathroom in your yard from now on. At least now that they are no longer getting a free ride, maybe you will have enough bandwidth to stream an HD movie without it stuttering and getting all "blocky" for a change.

View the original article here

Rogue Wireless Clients

You pay a pretty penny for that super fast internet connection, but you aren't seeing anywhere close to the speeds promised by your Internet service provider. It could be any number of problems. One thing that will suck the life out of your bandwidth are wireless freeloaders. They will hop on to any wireless network connection they can find and use your bandwidth to their heart's content.

How can you tell if someone is connected to your wireless network without your permission?

1. Log on to the administrative interface on your wireless router / wireless access point

In order to view the current active wireless connections using your wireless access point you will need to log in to the administrative console of your wireless router. Check your router manufacturer's user guide for detailed instructions.

2. Click on the wireless configuration / status page from your router's admin console

While all routers are different, usually the list of active wireless clients is provided on either the 'wireless configuration' page or the 'wireless status' page on most wireless routers. Look for a list of wireless clients.

You should see a table with two columns. One column will show the Media Access Control (MAC) address which is a unique identifier assigned to the network interface of whatever device is connected to your network. The other column should contain the IP addresses that were assigned to the devices by your router.

If you have DHCP enabled on your router then your router will automatically assign an IP address to any client that is authenticated (whether they hacked their way in or not). Only after the router gives the client an IP is the client able to connect to resources on your network and reach the internet.

3. Count your wireless devices

Do you only have a laptop and a smartphone that use your wireless access point yet you see 20 different clients listed in the wireless clients table? If the numbers aren't adding up, then you may have some rogue wireless clients or you may just have some devices that you forgot had wireless connections such as your XBOX or your Wi-Fi enabled camcorder.

4. Look up the MAC addresses of any suspicious devices to see what they are

So you've counted up all your wireless devices and there are two more than you think you are supposed to have. It's time to lookup the MAC addresses to see who made the device so you can learn what it might be. Visit a MAC Vendor lookup site such as MACVendorLookup.com and enter the MAC address of the suspicious device. The site will tell you who the manufacturer of the device-in-question is. If it says "Dell Inc." and you don't own any Dell computers then, chances are, someone is hijacking your connection and freeloading off your Wi-Fi.

5. Lock out the wireless freeloaders

If someone is using your wireless network without your permission then one of two things has happened, you've either turned off security completely and are allowing anyone to connect to your access point or someone has cracked your wireless encryption or cracked / guessed your wireless password.

The best way to get rid of unauthorized wireless users is to first ensure that you are using the latest wireless encryption mechanism (currently WPA2). Once you are using the latest and greatest security then you should change your wireless network's name to something other than the default because hackers have tools that make cracking the password of a known network name a fairly simple task.

After you've chosen a good network name that is not on the list of the Top 1000 Most Common SSIDs then you should create a strong wireless network password (also known as a Pre Shared Key). Performing these steps should get rid of all the freeloaders who are using your network.

Don't forget that you'll have to give out your new wireless network name and password to all your legitimate / authorized users so they can rejoin your network after you've purged all the leeches.

View the original article here

Wireless Security FAQ Complex

The wireless router has becoming such as common household appliance that most people forget its even there. These devices have become so easy to setup that many of us don't bother to even change the default settings or configure the wireless security features.

Leaving your wireless router unsecured can not only leave your network open to attack, it can also subject your network to leeching neighbors who will eat away the precious bandwidth that you pay your hard earned money for.

Securing your Wireless Router can be tricky. Here are some frequently asked questions and answers to help you choose and lock down a wireless router or access point:

1. Is my Wireless Network Safe if my Wireless Router has WEP Security Turned on?

Answer: No. While Wired Equivalent Privacy (WEP) was an excellent wireless encryption standard a few years ago, it does not provide the same level of protection as newer standards such as Wi-Fi Protected Access (WPA). WEP has been cracked and can be easily circumvented by hackers using tools that are freely available on the Internet.

2. What Security Features Should I Look for When Buying a Wireless Router?

Answer: Make sure any wireless router or access point you buy supports the latest wireless encryption standards such as WPA/WPA2. Other features to look for include: Built-in firewall Media Access Control (MAC) address filtering capability Remote administration lockout feature The ability to disable Service Set Identifier (SSID) broadcasting Access time limit control Parental control Restricted “guest” network zoning 3. How do I keep Neighbors From Leeching off of my Wireless Internet Connection?

Answer: The best way to keep people from freeloading off of your wireless connection is to: Enable WPA2 encryption on your wireless router or access point and set a strong password that is not easily guessed Change the SSID (wireless network name) to something other than the default value set by the manufacturer Turn off the “Broadcast SSID” feature of your router or access point so that only those who know what the network’s name is can access it 4. How Can I Keep my Kids From Using Wi-Fi on Their iPod/DS to Access the Internet?

Answer: Kids will be kids. They are very tech-savvy and will do everything they can to circumvent any security barriers you put up. Here are a few actions you can take to make it as difficult as possible for them: Use WPA2 encryption on your router with a strong password and don’t give them the password Change your wireless router’s default administration password Disable your wireless router’s remote administration feature Locate the wireless router in your bedroom or a locked closet to prevent them from pressing the factory settings reset button Enable the parental control features of their game device or iPod Enable MAC address filtering on your wireless router and exclude the MAC address of their device(s) from those allowed access Enable the access time restrictions feature of your wireless router and limit Internet access to daytime hours only 5. Is it legal to use my neighbor’s wireless hotspot if he left it unsecured?

Answer: Is it legal for you to go in your neighbor’s house if he left the door unlocked? No, it is not legal. The same applies to his wireless access point.

View the original article here

Top 100 Security Tools

In 2000, Fyodor, creator of the NMap Scanner, conducted a survey of the readers of the nmap-hackers mailing list and compiled the Top 50 Security Tools.

Three years later, Fyodor again conducted the survey, and expanded the list to include the Top 75 Security Tools. Another three years have gone by and another survey has been done. With 3,243 readers responding, Fyodor has compiled the Top 100 Security Tools from his 2006 survey and they are now posted on the Insecure.org web site.

There are a total of 42 new tools on the list. That means that 42 out of 100 tools on the Top 100 Security Tools list did not appear on the 2003 Top 75. Thirteen of the new tools even made the top 50. Had the list been maintained at the Top 75, the length of the list in 2003, 27 of the tools (almost half) would be new to the list.

For the complete, detailed listing of all 100 tools, complete with links to download them, you should visit the Top 100 Security Tools listing on Insecure.org. I will summarize here the top 10, as well as providing a list of the new tools on the list. Nessus (vulnerability scanners) Wireshark (packet sniffers- previously known as Ethereal) Snort (IDS - intrusion detection system) Netcat (Netcat) Metasploit Framework (vulnerability exploitation tools) HPing2 (packet crafting tools) Kismet (wireless tools or packet sniffers) TCPDump {packet sniffers) Cain and Abel (password crackers or packet sniffers) John The Ripper (password crackers) Metasploit Framework Paros Proxy Aircrack Sysinternals Scapy BackTrack P0f Google WebScarab WebInspect Core Impact IDA Pro Rainbow Crack AngryIP Scanner RKHunter Ike-scan KisMAC OSSEC HIDS Tor Knoppix chrootkit Yersinia Nagios X-scan Socat QualysGuard ClamAV BurpSuite Unicornscan BASE Argus Wikto SGuil IP Filter Canvas VMware OpenVPN OllyDbg Helix Acunetix Web Vulnerability Scanner TrueCrypt Watchfire AppScan

View the original article here

Protected Mode

With Windows Vista, Microsoft includes the latest version of Internet Explorer, IE7. However, on Windows Vista IE7 has some new security options which help make surfing the Web even safer, namely Protected Mode.

Protected Mode is a security measure which relies on Windows Vista's new WIC (Windows Integrity Control) security to control how objects interact with each other. By default, when Protected Mode is enabled, every process and file associated with Internet Explorer is assigned a Low integrity level.

By comparison, standard users are granted a Medium integrity level and any object (file, process, etc.) that is not specifically granted a different integrity level is considered Medium by default. WIC will not let an object act on, or interact with an object of a higher integrity level than itself, so malicious processes and files from the Internet that try to infect or compromise the computer system will be rejected. Low can not overwrite or interact with Medium, so Internet Explorer loses.

There are, of course, instances where you want or need a web site to write to or work with your system. When you encounter a site like this, you might be inclined to just disable Protected Mode, even just for a little while. This is not advisable however because it leaves your whole system wide open to attack.

Like previous versions of Internet Explorer, IE7 has Security Zones which you can use to segregate web sites into different levels of trust. If you need certain processes or applets to work on a specific site and they won't work in Protected Mode, rather than turning off Protected Mode you should add the site in question to the Trusted zone, which has Protected Mode disabled by default.

View the original article here

Free Vulnerability Scanners

Nessus
The "Nessus" Project aims to provide to the internet community a free, powerful, up-to-date and easy to use remote security scanner. For more details you can see the Profile: Nessus Vulnerability Scanner or the article Nessus Vulnerability Scanner: Missing Bells & Whistles?

MBSA (Microsoft Baseline Security Analyzer)
In response to the avalanche of criticism Microsoft has received regarding the security of their products, Microsoft created a free tool to analyze your security configuration. Read a review of this free tool. For more details about this tool you can see Product Review: Microsoft Baseline Security Analyzer.

HFNetChk
HFNetChk is a command-line tool that enables an administrator to check the patch status of all the machines in a network from a central location.

GFi LANguard Network Security Scanner
GFI LANguard S.E.L.M. archives and analyses the event logs of all network machines and alerts you in real time to security issues, attacks and other critical events.

Tripwire
Tripwire software is a tool that checks to see what has changed on your system. The program monitors key attributes of files that should not change, including binary signature, size, expected change of size, etc.

NeWT
This easy-to-use windows network vulnerability scanner installs on any Windows 2000 or Windows XP computer. Multiple scanners can be managed by the Lightning Console. "NeWT" can scan any system on a local Class C network while "NeWT Pro" can be used to scan any host. "NeWT" is available as a complimentary download to the public while "NeWT Pro" is a commercially supported product from Tenable.

View the original article here

Foscam Surveillance Pro Review

Thanks to the proliferation of inexpensive IP security cameras from China, you can now purchase a pan-tilt capable security camera with night vision and a boat load of other features for less than 100 dollars. Check out our article on DIY iPhone-controlled Security Cameras for info on how to setup your own simple system.

Part of any good video surveillance system is having the capability to remotely view your camera feeds, which is where the Foscam Surveillance Pro App for iPhone comes in.

There are a ton of IP security camera viewing and control apps out there, some are good, some are awful. Since I had opted to purchase a Foscam brand (Foscam FI8918WW) camera, I wanted an app that had Foscam compatibility in mind. A quick search of the iTunes App Store revealed several. The Foscam Surveillance Pro app had some excellent reviewer feedback, so I gave it a try.

After installing the app, the first thing required is camera configuration information for the IP camera you wish to view. You must first choose a model of camera. While the Foscam Surveillance Pro app name would imply that it only supports Foscam-branded cameras, it actually supports many cameras from many different vendors.

After selecting a model, you must supply the IP address or host name of the camera along with the port, username, and password. Most cameras use port 80, but it depends on the setup of your particular camera. It is important to note that your camera must already be accessible via the internet before it will work with the app.

My camera's IP address is a non-public, internal IP, given to my camera by the DHCP server on my wireless access point. Since the IP is not a "real" IP, I had to enable the port forwarding option on my router and tell it that any inbound connections that are trying to come in on port 80 from the internet, should be routed to my camera's internal (DHCP-assigned) IP address. Once this is setup, all I have to do is find out what my internet service provider-assigned IP address is (by using a site such as Whatsmyip.org) and I am all set to connect to my camera from the Internet.

After you successfully enter in your connection information into the Foscam Surveillance Pro app, all you have to do is touch the camera's name and you will be taken to the viewer. The controls available depend on the model of camera you chose during setup. If you chose a pan-tilt capable camera, you will see a virtual joystick that you can touch to move the camera around. The lag time between when you touch the joystick and when the camera actually moves will depend on how good your connection is from your iPhone.

While in viewer mode, you can rotate your phone to see a full screen landscape view from the camera. The joystick disappears in landscape view allowing you to touch an area of the screen to move the camera instead of using the virtual joystick. You can also pinch-zoom in and out on areas of interest within the camera window.

Other cool features (if supported by your specific camera) provided by the app include: Multi-camera mosaic view allowing you to view up to six camera feeds on your iPhone's screen at one timeBrightness and contrast controls that change the camera's on-board settingsMotion Sensor enable / disable / adjustMotion sensor triggered snapshot to e-mail settings controlSet and access presets for different camera positionsEnable / disable "patrol mode"

This app has been great for piece of mind, allowing me to virtually check on things at my house when I'm away. The developer is very active and resolving issues and adding new features as well.

Foscam Surveillance Pro is available for $4.99 at the iTunes App Store

View the original article here

Configure Internet Explorer...

Internet Explorer offers four different zones to help you classify security level depending on how well you know or trust the site: Trusted, Restricted, Internet and Intranet or Local.

Classifying the sites you visit and configuring your Internet Explorer security settings for each zone can help to ensure you can safely surf the Web without fear of malicious ActiveX or Java applets.

Click on Tools on the menu bar at the top of Internet ExplorerClick on Internet Options from the Tools drop-down menuWhen Internet Options opens up, click on the Security tabInternet Explorer begins by categorizing sites into either Internet, Local Intranet, Trusted Site or Restricted Site zones. You can specify the security settings for each zone. Select the zone you wish to configure.You can use the Default Level button to select from the pre-defined security settings Microsoft set up in Internet Explorer. See Tips for details of each setting.MEDIUM is most appropriate for the majority of Internet surfing. It has safeguards against malicious code, but is not so restrictive as to prohibit you from viewing most web sites.You can also click on the Custom Level button and alter individual settings, starting with one of the Default levels as a baseline and then changing specific settings.LOW -Minimal safeguards and warning prompts are provided -Most content is downloadable and run without prompts -All active content can run -Appropriate for sites that you absolutely trust MEDIUM-LOW -Same as Medium without prompts -Most content will be run without prompts -Unsigned ActiveX controls will not be downloaded -Appropriate for sites on your local network (Intranet) MEDIUM -Safe browsing and still functional -Prompts before downloading potentially unsafe content -Unsigned ActiveX controls will not be downloaded -Appropriate for most Internet sites HIGH -The safest way to browse, but also the least functional -Less secure features are disabled -Appropriate for sites that might have harmful content if(zSbL

View the original article here

HomePlug Powerline Net Sec

There used to be two basic options for setting up a network in your home. You could either string Ethernet cables all over the place or you could invest in a wireless access point or wireless router and go wireless. Over the last few years a third option has emerged and started to catch on.

Enter: the HomePlug Powerline network. Powerline networks use your home's electrical wiring to carry network traffic at speeds that rival traditional wired network technologies. Powerline networks are super simple to implement thanks to the HomePlug Powerline Alliance who has done their best to make Powerline network products interoperable and easy for consumers to install.

The basic Powerline network consists of at least two Powerline network devices which look like little bricks that plug into your home's power outlets. Each Powerline network adapter has an Ethernet port to connect network devices to.

Say you have a computer in your basement and your Internet router is on the third floor of your house. Instead of running a network cable up to the third floor, all you would need to do is take a Powerline network adapter, plug it in near your computer in the basement, connect the cord to your computer and to the powerline adapter, and follow the same process with another Powerline adapter, plugging it into your router and a power outlet near you router. Boom. You're done!

If you want to add more devices in other rooms to the network, you just need to buy more Powerline network adapters. Some versions of the homeplug standard support of to 64 adapters. I don't think I even have half that many power outlets in my home.

So what's the catch? Well, Powerline networks get a little trickier when you move out of the realm of the single family home. This is where the security issues begin.

The HomePlug standard has security features such as encryption built in but because their main goals seem to be ease of use and interoperability, most HomePlug devices have the same network name "HomePlugAV" or something similar. This makes it easy for people to 'plug and play' devices from different companies who are part of the same HomePlug standard. Since they have the same network name they will all talk to each other without any user intervention.

The main issue with all Powerline network devices having the same out-of-the-box default network name is when you live in an apartment, dorm, or other situation where the electrical wiring is shared. If two or more different apartments start using Powerline networking products with the same network name then they are essentially sharing their network with each other which could lead to all manner of security and privacy issues.

How do you implement the security features of HomePlug Powerline Networks to create a more private network?

Change your Powerline network name

Most HomePlug Powerline network devices have a 'group' or 'security' button that will allow you to change your network's name. Usually this involves holding the security button down for s specified period of time to clear the default name and generate a new random network name.

Once the new network name is established, all the other powerline network devices must be given the new name so they can communicate with each other. Again, this is done by pressing the security button on one of the Powerline network devices for a certain number of seconds and then going to the other Powerline network devices and pressing their security button while the unit with the new network name is in 'broadcast new network name' mode.

Even though the HomePlug Standard is used by several manufacturers such as DLink, Netgear, Cisco, and others, the time you hold down the security button to accomplish creating and joining a network may be slightly different depending on the manufacturer of the HomePlug network devices you are using. Check your specific Powerline network device maker's website for details on how to create and join a network.

Use Powerline HomePlug scanning / configuration software to detect rogue devices

Some HomePlug Powerline network device makers have a software program that can detect what devices are present on your network and can configure them as well (provided you have the device passwords that are printed on each device).

If you only have two powerline network devices in your home and the software detects more than two, then you know that your network is mixing with a neighbors and that you should create your own private network by following the instructions above.

View the original article here

Right Of Privacy

Citizens of the United States are afforded a number of rights. These rights have evolved and developed over the centuries and have been added to the permanent record in the form of amendments to the Constitution of the United States.

As it stands right now, there are a total of 27 amendments. A couple of them cancel each other out like the 21st amendment which repeals the 18th amendment prohibition on the manufacture, sale or transportation of alcoholic beverages.

Most United States citizens are probably not aware of what is written in those amendments. They may have memorized it long enough to pass a high school government or civics class, but that data has long since been purged to make room for more important things. Many Americans are probably unaware that it was not legal for the United States government to collect income taxes until they passed the 16th amendment or that a person could be President indefinitely until the two term limit was imposed by the 20th amendment.

Not casting stones, I myself could not tell you what most of them are. Most people are familiar with “taking the fifth” which implies using one’s 5th amendment right to not “be compelled in any criminal case to be a witness against himself”. Amendments such as the 1st amendment right that essentially defines the separation of church and state, the 2nd amendment right to bear arms, or the 4th amendment protecting you from unlawful search and seizure of your property are fairly common knowledge and are mentioned frequently in the media in support of various causes.

Having read through the amendments on the Findlaw.com web site though, I can’t find any amendment that explicitly protects a United States citizen’s right of privacy. The 14th amendment is often cited as the amendment which protects what Justice Louis Brandeis called the “right to be left alone”, but upon reading it, it appears that a fair amount of interpretation has to be allowed for in order to come to the conclusion that it inherently protects our privacy. The 1st, 4th and 5th amendments are also occasionally referred to in discussions of a right of privacy.

Of course, the 10th amendment explicitly grants authority to the individual states for any power not delegated to the United States Congress or prohibited explicitly in the Constitution of the United States. So, there may very well be provisions protecting privacy in state constitutions or state laws. There are also a number of statutes and regulations at both the federal and state levels which are based at least in part on the inferred right of privacy.

Unfortunately, privacy, and the protection of sensitive or personal information, seems to be legislated on an industry by industry basis. The Privacy Act of 1974 prevents the unauthorized disclosure of personal information held by the federal government. The Fair Credit Reporting Act protects information gathered by credit reporting agencies. The Children’s Online Privacy Protection Act grants parents authority over what information about their children (age 13 and under) can be collected by web sites.

As it relates to securing computer networks or data, the Sarbanes-Oxley Act, HIPAA and GLBA all contain at least some guarantee of an individual’s right not to have their personal or confidential information exposed. These regulations mandate that companies take steps to ensure their customer’s data is secure and impose fines and penalties on companies that fail to do so.

California’s SB-1386 places a responsibility on companies operating in that state to inform customers when their data has been exposed or compromised in any way. If it weren’t for that California law, the recent debacle at ChoicePoint might never have been disclosed.

View the original article here

Reset Passwords

There are tools available to help you track and remember your many passwords. However, you have to get into your computer to begin with in order to use them. Windows XP allows you to add a password hint which you can use to trigger your memory if you forget the password, but what do you do if the hint doesn’t help? Are you locked out of your computer forever?

In most cases, the answer is “no”. You can reset the password by using an account with Administrator privileges. If you are the only one using your computer, you might think that you are just out of luck, but don’t give up just yet.

View the original article here

Google+ Security

You've heard all the hype about Google+. You may have even dived in, gotten yourself an account, and started building your "circles" of friends, but have you taken the time to see what kind of privacy and security features that Google has baked into Google+?

Facebook, Google+'s main competitor, has adapted its privacy and security settings over time, based on its user's concerns and other factors. Facebook has achieved a fairly robust system of opt-in, opt-out, group, and friend-based security and privacy measures that are still evolving today.

It's ultimately up to the Google+ developers as to whether they want to follow Facebook's lead or go in a completely different direction with regards to security and privacy features.

The jury is still out on whether or not Google+ has done a good job implementing its privacy and security features. We all remember Google's first major foray into the world of social networking, also known as Google Buzz. Buzz's initial privacy settings left a lot to be desired and a class action lawsuit was filed as a result. Has Google learned it's lesson? We'll have to wait and see.

Here are some tips on how you can use Google+'s currently offered security and privacy options to make your Google+ experience a safe one.

To begin, click on the gear icon in the top-right corner of your Google+ home page.

1. Restrict the visibility of your Google+ circles to increase your privacy

Unless you want everyone in the world to be able to see who your friends are, you'll probably want to limit access to this information.

To restrict who can see your friends and circles:

Click the "Profile and Privacy" link from the "Google+ Accounts" page:

Click the "Edit Network Visibility" button from the "Sharing" section of the page..

Uncheck the box for "Show People In" if you don't want anyone, including those in your circles, to be able to see who your friends are. Your other option is to leave the box checked, and choose whether you want your friends to be able to see who is in your circles, or you can allow the whole world to see this information. The current default is to allow everyone in the world to see who are in your circles.

If you want to be extra private you can prevent the fact that you have been added to other people's circles by unchecking the box that says "Show people who have added you to circles" at the bottom of the "Edit Network Visibility" pop-up box.

2. Remove global access to the parts of your personal profile that you don't want to share with the world

Identity thieves love personal details such as where you went to school, where you have worked, etc. These details are a gold mine for them. If you make these tidbits of information available for the whole world to see, you are just asking for them to use them to steal your identity. It's best to restrict access to most of these details, allowing only your friends the ability to see this information.

Anytime you see a globe icon next to something in Google+ it means that you are sharing that item with the world and not just with those within your circles.

To restrict certain parts of your profile to only be visible to people within your circles:

Click the "Profile and Privacy" link from the "Google+ Accounts" page.

Click the "Edit visibility on profile" link under the "Google Profiles" section of the page.

On the page that opens, click each item in your profile to modify its visibility settings. Click the drop-down box and change the items that you don't want revealed to the world.

Click the "Done Editing" button in the red bar near the top of the screen when you are finished modifying your profile visibility.

If you don't want your information made available to search engines, you should uncheck the "Help others find my profile in search results" box from the "Search visibility" section at the bottom of the page.

3. Restrict visibility of individual posts in your Google+ stream

Google+ allows you to restrict visibility of individual posts (i.e. status updates, photos, videos, links, etc...). When you're posting something in your Google+ stream on your homepage, look at the box underneath the text box you are typing your post into. You should see a blue box with the name of your default circle (i.e. Friends). This indicates the people that your post is about to be shared with. You can remove visibility for the post by clicking the "X" icon inside the blue box. You can also add or remove an individual's or circle's ability to see the post.

As Google+ evolves, it will undoubtedly feature additional privacy and security options. You should check the "Profile and Privacy" section of your Google+ account every month or so to make sure that you haven't been opted-in to something you would have rather been opted-out of.

View the original article here

Phishing Protection

Phishing attacks have become more sophisticated and users need simple steps they can use to protect themselves from becoming victims of phishing scams. Follow these 5 steps to avoid being a victim and protect yourself from phishing scams. Be Skeptical: It is better to err on the side of caution. Unless you are 100% sure that a particular message is legitimate, assume it is not. You should never supply your username, password, account number or any other personal or confidential information via email and you should not reply directly to the email in question. Ed Skoudis says “If the user really suspects that an e-mail is legit, they should: 1) close their e-mail client, 2) close ALL browser windows, 3) open a brand new browser, 4) surf to the e-commerce company's site as they normally would. If there's anything wrong with their account, there will be a message at the site when they log in. We need people to close their mail readers and browsers first, just in case an attacker sent a malicious script or pulled another fast one to direct the user to a different site.” Use The Old-Fashioned Way: An even safer means of verifying if an email regarding your account is legitimate or not is to simply delete the email and pick up the phone. Rather than risking that you may somehow be emailing the attacker or mis-directed to the attacker’s replica web site, just call customer service and explain what the email stated to verify if there is truly a problem with your account or if this is simply a phishing scam. Do Your Homework: When your bank statements or account details arrive, whether in print or through electronic means, analyze them closely. Make sure there are no transactions that you can’t account for and that all of the decimals are in the right spots. If you find any problems contact the company or financial institution in question immediately to notify them. Let Your Web Browser Warn You: The latest generation web browsers, such as Internet Explorer 7 and Firefox 2.0 come with built in phishing protection. These browsers will analyze web sites and compare them against known or suspected phishing sites and warn you if the site you are visiting may be malicious or illegitimate. Report Suspicious Activity: If you receive emails that are part of a phishing scam or even seem suspicious you should report them. Douglas Schweitzer says "Report suspicious e-mails to your ISP and be sure to also report them to the Federal Trade Commission (FTC) at www.ftc.gov".

View the original article here

Windows Vista Backup

If you choose Backup Files, Vista will walk you through choosing a destination to backup to (again- this is typically an external USB hard drive or a CD / DVD recorder), and then choosing the drives, folders, or files that you want to include in your backup.

Note: If you have already configured Backup Files, clicking on the Backup Files button will instantly initiate a backup. To modify the configuration, you instead need to click on the Change Settings link below the Backup Files button.

View the original article here