Archive for the ‘Educational’ Category

What is Sidejacking?

/ November 10th, 2010 / Comments Off

Sidejacking is a process in which an attacker uses packet sniffing applications to read the traffic between your computer and a website to steal password information.  These attacks exploit unencrypted home and public Wi-Fi connections.

The majority of websites utilize a secure HTTP (HTTPS) connection to protect your username and password when logging into the site.  Some sites however revert to an unsecure HTTP connection once you are successfully authenticated and transfer session info, such as username and password, via cookies that are vulnerable to sidejacking.

I use public Wi-Fi connections everyday (Panera Bread mostly, but will use Borders if I can’t find a power outlet) and rely on them heavily as I am continuously on the go.  So how do I protect myself moving forward?

Virtual Private Networking (VPN) connections are the answer.  VPN connections create a secure tunnel between your computer and the outside world.  So, in our unprotected Wi-Fi scenario the sidejackers can see the data traffic but are unable to read the contents of the information.

Setting up a VPN connection is actually quite simple.  There are personal VPN providers online such as OpenVPN.net and ItsHidden.com that offer free services and step by step setup instructions.  I am actually in the process of creating my own VPN server through my home DSL with a SonicWall SSL-VPN appliance.

Let’s not forget to lock down our home Wi-Fi connections as well and be sure to use the WPA2 standard.  To date WPA2 encryption blocks all sidejacking attacks.  Double check your routers wireless encryption settings and if your router does not offer WPA2 then I think it’s worth the investment to upgrade your router. Here’s to a safe browsing environment.

Content Filtering & Security

/ August 30th, 2010 / Comments Off

The Internet can be a very scary place for many reasons.  New threats seem to be popping up on a daily basis and are becoming harder and harder to deal with.  The challenge of keeping users on your networks safe from malware, botnets and phishing scams can be quite daunting and quite expensive.

I’ve tested many content filtering devices with mixed reviews and have never found one I would be willing to promote to my clients until now.  The funny thing is, is that it’s not an appliance at all!  It’s a cloud based service called OpenDNS.

OpenDNS takes a very simple and direct approach to content filtering. (download their whitepaper) Rather then installing expensive hardware and adding ton’s of overhead too your Internet connection, OpenDNS checks the domain for security when DNS requests are made.  Quick technical note: DNS stands for Domain Name Service.  DNS resolves easy too remember names like cnn.com, espn.com or royerseo.com to IP addresses.  Humans tend to remember names easier then long numbers.

This revolutionary approach has made content filtering and security affordable for families and businesses alike.  Setup is snap and the entire service is managed via your own web dashboard. 

If you are a business owner interested in reducing online distractions or a concerned parent trying to keep your children safe online, OpenDNS has a solution for you.

Spyware Removal Tools

/ January 5th, 2010 / Comments Off

I hate spyware. That’s right, I said it. I hate spyware. I have a really hard time hating anything in this world but spyware make’s it easy. We’ve all been infected with some sort of spyware, or its cousin malware, and understand quite well how difficult it can be to remove. The majority of the time it’s easier and less time consuming to just backup your data and re-install the operating system.

I have found some excellent tools to assist me in the removal spyware and I wanted to share them with you. The first tool I use is Malwarebytes’ Anti-Malware.  In my opinion it’s the best removal scanner on the Internet for several reasons.  Number 1, it works.  The infected files found are permanently removed and scan times are super fast.  Number 2, it’s small and unobtrusive.  The application itself does not slow down the performance of you machine.  In most cases it’s the only spyware removal tool i will need, but some infections are more stubborn then others.

The next tool I use is HiJackThis.  Spyware infections love to take over you web browser and send you to only sites they want you to see.  This is called “browser hijacking”.  HiJackThis scans your registry, startup locations and browser settings and simply lists all the contents, good or bad.  HiJackThis does a good job of linking to the web and informing you of what is potential spyware and what is not, so use caution when selecting the items you wish to remove.

The final spyware removal tool I use is CCleaner.   I’ve justed started using CCleaner recently and have been impressed with it’s performance.  It does a great job of clearing old registry items, browser history and freeing up hard drive space.  I recommend CCleaner as a nice preventative maintenance program to keep your PC running fast and smooth.

One other program I would recommend in closing is the free AVG Link Scanner.  I don’t even use traditional Anti-virus software on my PC’s, I use the free AVG Link Scanner.  It’s interacts with your web browser and let’s you know before clicking on a link if the site is safe or not. The majority of spyware finds it way onto your PC through browsing legitimate websites. Check out this video to see how it works.