Click the banner for the site map of NoticeBored.com, the information security awareness service

Internet & Web security

Know Your Enemy: Learning About Security Threats by the Honeynet Project (~US$33 from Amazon) is a technical guide to configuring and using honeypot systems to analyze hacker exploits and malware in the wild. Read our book review.

Lance Spitzner’s previous book Honeypots: Tracking Hackers (also ~US$33 from Amazon) is another gripping read for technical folks involved in defending networks against hacker attacks.

Vulnerabilities in Not-So Embedded Systems described the hack of a Xerox mulitfunction device (copy-scan -print). The machine has an embedded AMD CPU running Linux and Apache with the Xerox applications layered on top. Accessing the device remotely thanks to its web and telnet interfaces, the hacker exploited vulnerabilities in parameter handling by the applications to compromise the root account. To the presenter, this was a bit of a lark. He clearly enjoyed explaining how to hack the machine and, for example, photocopy and scan a stray paper clip and set it up as a default printing template. For Xerox, however, the presentation and exploit represents a security incident that forced them to roll out urgent security fixes to their understandably rather irate customers.

Defense Intelligence Systems Agency (DISA) occasionally conducts network penetration tests against US military networks and publishes interesting statistics such as the proportion of attacks that go unnoticed and unreported, presumably to shame the network/system administrators into improving their security responses. Given that their targets are (or at least should be) highly security conscious, the figures are a salutary lesson for all of us since the implication is that, if the vast majority of network intrusion attempts are not recognized as such, then how many successful intrusions are also being missed?

James Madison University has some good advice for students on Internet security, especially their RUNSAFE initiative and a general page with news of current security issues such as phishing.

The Internet, and hence modern civilization as it has come to be, is essentially founded on Transmission Control Protocol/Internetworking Protocol (TCP/IP). TCP/IP is a suite of communications protocols that works over almost any communications medium, including bongo drums. Does this prove that the roots of modern civilization are in the jungle? Maybe not ... but it sure is a fun way to learn about TCP/IP.

A US-CERT Cyber Security Tip covers browser security settings - fine if your users understand the issue and can alter the settings.

The WWW security FAQ addresses the sorts of web security queries typically raised by clued-up technically -minded end-users and novice sysadmins. It is useful albeit a few years old (a few years = one Internet eternity).

Stay Safe Online publishes advice for home users about computer security including, of course, Internet security aspects.

CERT published a good overview of Internet security in a 1997 paper. It is interesting though rather sad to note that the risks they identified in ’97 are still with us, plus more besides.

Firewalls

The Sam Spade and Geek Tools websites have extremely useful technical tools for analyzing IP addresses. Useful to find out who has put suspicious entries in your firewall logs (you do analyze your logs regularly, don’t you?).

Discover step-by-step how to analyze Cisco network/firewall logs using Kiwi Syslog and Sawmill (both free or low-cost products).

A CERT CyberSecurity Tip on firewalls starts from ground zero: what is a firewall and why would I want one?

If you’re trying to shut off unnecessary ports at the firewall, take a look at this useful table listing most well known TCP/IP ports.

DataSafe is evidently no conventional firewall but an “Extrusion Prevention System”, no less. It inspects network traffic and applies filtering rules in real time, rather like a firewall, but it’s focus is on preventing the unauthorized export of critical or sensitive information such as personal information, credit card data, health care records, intellectual property and classified information, rather like a content inspection firewall. [Nothing to do with extruded aluminum then!].

A US-CERT Cyber Security Tip briefly explains firewalls without delving into the technology. This is A Good Thing for security awareness materials intended for non-technical audiences.

Securing Wi-Fi / wireless networks

Network Security Architecture is an excellent textbook by Sean Convery (~$46 from Amazon). It is thoroughly recommended if you are tasked with preparing network security designs. See our full book review here and visit the author’s website with a collection of links from the book.

Wi-Foo: The Secrets of Wireless Hacking by Andrew Vladimirov, Konstantin Gavrilenko and Andrei Mikhailovsky (~$27 from Amazon) has good technical information about hacking and, by implication, securing wireless networks.

Wardriving: Drive, Detect, Defend by Chris Hurley, Michael Puchol, Russ Rogers and Frank Thornton (~$33 from Amazon) gets mixed reviews from those presumably hoping for a technical wireless network hackers’ manual but is appreciated by those with more limited technical knowledge.

Men from Florida and the UK were arrested for obtaining unauthorized access to WiFi networks. In the Florida case, the man admitted using a laptop PC in an SUV parked outside the house to ‘steal’ WiFi access. Cases of this nature are bound to consider whether the WiFi network was adequately secured - most aren’t. The numerous risks relating to WiFi take the edge off an otherwise useful facility.

Beware fake wi-fi connections in public places such as airports and Internet cafes. Fake connections, perhaps labeled “free wi-fi” or similar, are likely to be ad hoc rather than access point types and may have false MAC addresses. The hackers use tools such as Airsnarf. They can easily intercept all plaintext network traffic from attached machines including, for example POP3 email passwords, and with a bit more effort may potentially spoof encrypted SSL connections using man in the middle attacks. If your PC is not properly secured, shared drives and directories may also be fully accessible to the fakers.

“AirSnare is an intrusion detection system to help you monitor your wireless network. AirSnare will alert you to unfriendly MAC addresses on your network as well as to DHCP requests. If AirSnare detects an unfriendly MAC address, you have the option of tracking its access to IP addresses and ports or of launching Ethereal.” It can also email alerts, meaning that it could be run on a suitable machine unobtrusively monitoring a remote chunk of your network. Interesting idea.

Tools to help the overworked Security Manager identify wireless networks in their premises range from free to $thousands. At the bottom end are Wi-Fi snooping tools such as NetStumbler and kismet, and the cheap-n-nasty wLAN detectors given away as merchandising at computer shows. In the mid range is commercial software that uses standard wireless LAN cards to scan the normal Wi-Fi frequency bands, and wide range UHF/SHF scanners. High end tools use very expensive software to get more information from the wLAN cards, or use dedicated spectrum analyzer hardware to get even more gen, provided the user has the technical skills to control the machine and interpret the output. Read about (some of) the range on Informit.

Intrusion Detection Systems (IDSes) are being adapted to monitor wireless networks. Standard IDSes work as normal monitoring the wired Ethernet side of the Access Points while the new wireless-capable IDSes monitor the wireless signals. See eWeek’s review of wireless IDSs for more.

If you still need convincing that wireless networking is something you need to manage, take a look at this survey. Security concerns were raised by more than 60% of the respondents who claimed business benefits from wireless technology.

“A Maryland man with a grudge against a Connecticut-based patent firm used unsecured wireless networks at homes and businesses in the Washington DC area to penetrate the company’s computers and deliver untraceable threats and extortion demands, until an FBI surveillance team caught him in the act ...” (news from The Register).

Even the Department of Homeland Security evidently has trouble securing its wireless networks despite publishing advice in this area.

ComputerWorld’s best practice advice for securing wireless networking starts with a great suggestion - sort out policies, training and awareness.

Having found publicly accessible wLAN Access Points using a portable PC, PCMCIA wLAN card and software tools such as Netstumbler, Airsnort and WEPcrack, ‘war-drivers’ may take up ‘war-chalking’. wHackers leave chalk symbols on the pavement to indicate accessible wLANs nearby. Wardriving and warchalking are described at www.wardrive.net. The site recommends ten controls to improve wireless LAN security, adding that applying them creates a basic level of security. The site also has a good collection of links to further information on wireless LAN security.

Placement and types of antennas may certainly be used to control the range of the wireless network, contrary to the rather disparaging remarks in NIST’s otherwise excellent Special Publication 800-48 Wireless network security – 802.11, Bluetooth and handheld devices. You may be aware of the organized war -driving contests and various ad hoc efforts to identify wireless LANs that are publicized on the Web. You may not realize, however, that there are many other wireless networks in the vicinity of the so-called “war -drivers” that were not even identified as such. This was due to their use of directional antennas and/or careful placement of omni-directional antennas to avoid blanket coverage of public areas (‘security by obscurity’ has some value after all).

Insecure wireless LANs provide a convenient network entry point for hackers to launch practically anonymous/untraceable attacks. “All the bars and restaurants near our offices have wLANs for waiters to send orders to the kitchen. All are insecurely configured. However, since the worst anyone could do is jump the queue for ordering drinks, perhaps the low level of protection is all that’s necessary.”

An excellent Security Focus article Protecting road warriors: managing security for mobile users takes a broad look at information security for workers constantly on the move. Another covers Wireless attacks and penetration testing, starting with a description of common attack scenarios. Here are parts 2 and 3

Here are ten top tips from South Africa to secure your wLAN. Microsoft advises on wLAN security for small- to medium-sized enterprises and published a technical pack/guide to securing wLANs, the Microsoft way.

Boeing has thousands of wireless devices in its gigantic Seattle factory. Discover how they are secured.

Computerworld’s best practices for wireless network security.

Internet & Web security

Firewalls

Securing Wi-Fi / wireless networks

Other network security links

Related NoticeBored links collections