2010
by Roger Grimes
Basic security measures can protect your company from even the most elite malicious hackers.
Two weeks ago, I essentially claimed that nearly every company I know is hacked -- and in many cases, thoroughly hacked. Although there's a bit of hyperbole in that statement, it isn't that far from reality. That statement, however, has led some readers to believe detecting hackers and preventing attacks is impossible. Nothing could be further from the truth.
Discovering malicious hackers
Despite what the movies show, hackers are never good enough to go unnoticed. Even the professionals hackers who are making millions of dollars really don't do much to stay hidden. They don't need to: Most admins aren't looking.
The Verizon 2008 Data Breach Investigations Report [PDF], which is quickly becoming one of the most respected sources on computer crime statistics, said it best: "Evidence of events leading up to 82 percent of data breaches was available to the organization prior to actual compromise. Regardless of the particular type of event monitoring in use, the result was the same: Information regarding the attack was neither noticed nor acted upon."
Your No. 1 tool for detecting malicious activities is your log files. Most admins don't turn them on, and those who do usually don't monitor them. Additionally, many companies only turn on logging on their servers, even though most of the malicious break-ins occur on their user's workstations.
Every company should enable an enterprise-wide log management plan, a topic I covered the basics of last year. In a very small nutshell, you need to collect all your log events in a central location and generate alerts on abnormal events that dictate a reaction. Don't be that company with an enabled event logging management system that sends dozens to hundreds of "alerts" a day, a figure that guarantees that none will be acted upon. A well-designed events-management system only requests action for the stuff that deserves to be investigated. (On a related note, I'm just finishing up a review of event log management systems that should be published on InfoWorld soon.)
Another effective way to detect hackers is to scan for common hacking tools: password crackers, man-in-the-middle tools, sniffers, and so on. Most anti-malware scanners will detect commonly used hacker tools. Although not all hackers use the same tools, they generally do.
I'm also a big believer in creating network traffic flow baselines. Most data should be going from servers to workstations and vice versa. Unexpected server-to-server traffic should be investigated, as should unexpected workstation-to-workstation traffic. Moreover, if you have a workstation hitting every server in your environment, investigate it. Many insider attacks have been interrupted because astute network flow analysts noticed very large amounts of data going to a single employee's machine.
2010
by Mark Kaelin
Takeaway: A Microsoft Windows PC that has not been updated for security vulnerabilities will be compromised by some form of malware within minutes of connecting to the Internet. Take steps to protect yourself before you start Web surfing.
It is only natural, when you get a brand new PC, especially one with broadband capabilities built-in, you want to connect to the Internet and see it action. For many, the browser and the World Wide Web are the "killer-apps" of the modern PC—the Internet is what you have a PC for, everything else is just extra fluff.
However, connecting to the Internet with a new unprotected and unpatched PC is practically inviting the nefarious and malicious to infect your PC. According to research published by Sophos in July 2005, there is about a 50 percent chance that an unpatched PC will be infected with malicious software within 12 minutes of connecting to the Internet. Once infected, it is almost impossible to get a PC clean again without completely re-installing the operating system. (We are restricting this conversation to Windows PCs for the moment.)
To prevent the frustration that comes with re-installing Windows, you should take the necessary steps to update, configure, and patch your new PC. Keep in mind that no matter how new your PC is, it will most likely need patching and it will definitely need to be properly configured. Here are 10 basic things you should do before attaching the Internet to a new PC.
1. Make a starter CD-ROM
Before you disconnect your old computer, take a few minutes to burn a starter CD-ROM that contains the latest version of your favorite anti-virus software. I prefer to keep this simple and inexpensive by using AVG from Grisoft, but if you like Norton or McAfee those will work just as well.
To save time later, you should put other security applications on this disk like Spybot Search & Destroy, AdAware, etc. It would also be a good idea to include any updated drivers you might need—drivers for your video card for example. Just like Windows, your video card drivers are likely to be a little old also. You should also put drivers on this disk for peripherals that you will be connecting to your new PC, like cameras, scanners, printers, and game interface devices. Having all of these device drivers residing on a single CD-ROM means you will not have to go to the Internet to retrieve them as you set up your new PC.
2. Remove the promotional apps
After going through the initial setup process where Windows identifies devices you may be asked to register and/or activate your copy of the Windows operating system—hold off on that for now, you can always do that later. This first thing to do is to clean up the mess that shipped in your PC. You should remove all of the promotional and trial software that you do not intend to use from your new PC. This is usually the first thing I do, because invariably one of those apps will ask if I want to activate it or register it—a process that usually involves accessing the Internet. (Some times they don't ask—they just assume I want them on my pristine PC). At this point you should have no connection to the Internet at all, wireless or not.
The applications to be deleted are usually ISPs advertisements like AOL and Earthlink, an antivirus app from a competitor of your current application (something you should already have ready on your CD-ROM), trial versions of Money or Quickbooks, etc. If you are not going to use these, go to the Add/Remove Programs applet in the Control Panel and remove them completely.
3. Install antivirus software
Install the antivirus software that you burned onto a CD-ROM in step 1. The assumption is that any PC purchased after this document is published will have Windows XP SP2 installed, but if SP2 is not installed, you could have that update ready on your disk too. In fact, if you know how, you could have some of the more important Windows patches and updates on your disk also. This would be a good time to install anti-spyware software too.
For the other 7 must-have steps click here and call Symmetric Group today!
2010
Print newspapers are so yesterday; news sites -- and TV -- clobber print, Pew survey finds
By Sharon Gaudin
The number of people who rely on leafing through newspapers to learn what's going on in the world continues to decline, according to the results of a survey conducted by the Pew Research Center, a non-profit polling and social science research organization.
A study by the Washington D.C.-based "think tank" found that the Internet is now the third most popular vehicle for getting daily news updates, behind local and national television outlets. Local and national newspapers, and radio, lagged behind.
The Pew survey found that local and national television news were the top sources of news for Americans -- 78% of those polled said they turn to local television and 73% to a national network or cable show for at least some news. Web sites are now the third most popular source for news as 61% of respondents said they read them regularly.
The survey results are bad news for the newspaper industry as just 50% of respondents reported reading news in a local newspaper, while only 17% reportedly read news in a national newspaper like the New York Times or USA Today. Newspapers also lagged behind radio, which was cited as a news source by 54% of respondents.
The survey found that some 92% of Americans turn to multiple sources for their daily news fix. For instance, they might watch television news in the morning, listen to the news on the radio during their drive to work, glance at a newspaper in the lunch room and read about breaking news online at their desks.
"The Internet is at the center of the story of how people's relationship to news is changing," noted the report. "The process Americans use to get news is based on foraging and opportunism. They seem to access news when the spirit moves them or they have a chance to check up on headlines."
However, despite countless online news outlets, the survey found that most people visit only two to five sites daily. And 65% say they do not have a single favorite news Web site.
The study also reported that people increasingly want their news to be portable and customizable. For example, Pew found that 33% of cell phone owners read news on their phones, and 28% of Internet users have customized their home pages to show them news from sources and about topics that they're interested in.
However, the study also showed that people are becoming much more social about how they consume and share news.
"To a great extent, people's experience of news, especially on the Internet, is becoming a shared social experience as people swap links in e-mails, post news stories on their social networking site feeds, highlight news stories in their Tweets, and haggle over the meaning of events in discussion threads," the report noted. "For instance, more than eight in 10 online news consumers get or share links in e-mails. The rise of the Internet as a news platform has been an integral part of these changes."
And according to the survey, 51% of people on social networking sites like Facebook say that on a typical day they learn of news from people they follow. And 23% of those people follow news organizations or individual journalists on social networking sites.
"The advent of social media, like social networking sites and blogs, has helped the news become a social experience in fresh ways for consumers," the report noted. "People use their social networks and social networking technology to filter, assess, and react to news."
The study is based on telephone interviews with 2,259 American adults. The survey was conducted between Dec. 28, 2009 and Jan. 19, 2010.
2010
Google is using a tool to help people locate friends and loved ones who might have been affected by Saturday's 8.8.-magnitude earthquake in Chile.
Google Person Finder allows users to search for information about people by name or leave information about people in both English and Spanish. As of Sunday morning, the page said it contained 22,900 records. However, the page cautions users that all data input would be viewable and usable by all and that the company plays no role in verifying the information. Google had set up a similar Person Finder tool after Haiti's recent earthquake.
A Google crisis response page also notes that Americans seeking information about those in Chile can call the U.S. State Department at 1-888-407-4747. The page includes a map listing recent seismic activity in Chile, as well as resources to donate money to charities supporting the earthquake relief effort. "Your donation will help disaster victims rebuild their lives and their communities," the page says. As with the Haiti relief effort, donations can also be made via text message, according to the Mobile Giving Foundation, the organization that processes the donations. Cell users can make a $10 donation to the effort by texting the word "Chile" to any of the following numbers: 25383 (Habitat for Humanity), 20222 (World Vision), 85944 (International Medical Corp.), and 52000 (Salvation Army).
As of Sunday morning, local authorities had reported about 300 fatalities as a result of the massive quake, but that number was expected to rise.
Seismologists had feared a major tsunami would sweep across the Pacific Ocean as a result of the earthquake. People in Hawaii, where the greatest tsunami damage was feared, were evacuated to higher ground but no major damage was reported.
2010
From CNET
By Erica Ogg
It turns out Apple isn't the only company readying a touch-screen tablet computer.
We say that half-jokingly, of course. In the last few months, quite a few companies have signaled their intentions to go head-to-head (or at least offer an alternative) to Apple's much-ballyhooed iPad, which should hit stores in March. Hewlett-Packard, Dell, Acer, and Sony have or are in the process of readying gadgets they say will compete with the iPad. We've seen some demonstrations at the Consumer Electronics Show and other trade shows, but several gadget makers admitted to waiting to see what Apple was going to do before setting the specifications and price of their competing touch-screen tablets.
Now that they know, what are they going to do about it? That might sound a bit silly considering companies like HP, Dell, and Acer have larger market share than Apple--when it comes to computers. But in other, faster-growing areas--smartphones and music players--Apple's popularity far outstrips theirs. And in a new device category (it's reasonable to consider this a new category) they're all essentially starting from scratch.
So how will every company not named Apple try to compete for your touch-screen tablet computing dollar, assuming such a dollar exists? They will try to emphasize something about theirs being better, of course, be it in terms of price, style, speeds and feeds, or the movies, books, games, or TV shows available via their gadget. Dell, for example, providing evidence that an old dog can at least attempt new tricks, tends to emphasize style these days. HP's commercials try to sell you on how easily their product fit into your lifestyle.
Random photo
 |