Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - masud895

Pages: 1 [2] 3 4 ... 6
17
Internet / Virtual private network (VPN)
« on: May 16, 2016, 10:58:28 AM »
A virtual private network (VPN) is a technology that creates an encrypted connection over a less secure network. The benefit of using a VPN is that it ensures the appropriate level of security to the connected systems when the underlying network infrastructure alone cannot provide it. The justification for using a VPN instead of a private network usually boils down to cost and feasibility: It is either not feasible to have a private network (e.g., for a traveling sales rep) or it is too costly to do so. The most common types of VPNs are remote-access VPNs and site-to-site VPNs.

18
Computer forensics is the application of investigation and analysis techniques to gather and preserve evidence from a particular computing device in a way that is suitable for presentation in a court of law. The goal of computer forensics is to perform a structured investigation while maintaining a documented chain of evidence to find out exactly what happened on a computing device and who was responsible for it.

Uses of computer forensics

There are few areas of crime or dispute where computer forensics cannot be applied. Law enforcement agencies have been among the earliest and heaviest users of computer forensics and consequently have often been at the forefront of developments in the field.

Computers may constitute a ‘scene of a crime’, for example with hacking [1] or denial of service attacks [2] or they may hold evidence in the form of emails, internet history, documents or other files relevant to crimes such as murder, kidnap, fraud and drug trafficking.

It is not just the content of emails, documents and other files which may be of interest to investigators but also the ‘metadata’ [3] associated with those files. A computer forensic examination may reveal when a document first appeared on a computer, when it was last edited, when it was last saved or printed and which user carried out these actions.

More recently, commercial organisations have used computer forensics to their benefit in a variety of cases such as;

* Intellectual Property theft
* Industrial espionage
* Employment disputes
* Fraud investigations
* Forgeries
* Bankruptcy investigations
* Inappropriate email and internet use in the work place
* Regulatory compliance

19
Internet Risk / How to safe your Facebook Account?
« on: May 04, 2016, 02:03:10 PM »
Security Tips for Facebook
Here are 6 things you can do to help keep your account safe:
1.   Protect your password:
   Don't use your Facebook password anywhere else online.
   Never share your password. You should be the only one who knows it.
   Avoid including your name or common words. Your password should be difficult to guess.
2.   Use our extra security features.
3.   Make sure your email account(s) are secure.
4.   Log out of Facebook when you use a computer you share with other people. If you forget, you can log out remotely.
5.   Run anti-virus software on your computer:
   For Windows
   For Mac OS
6.   Think before you click or download anything.

20
Cyber Security / Protect Your Passwords
« on: October 08, 2015, 02:01:23 PM »
Here are a few principles for creating strong passwords and keeping them safe:

   The longer the password, the tougher it is to crack.  Use at least 10 characters; 12 is ideal for most home users.
   Mix letters, numbers, and special characters.  Try to be unpredictable – don’t use your name, birthdate, or common words.
   Don’t use the same password for many accounts.  If it’s stolen from you – or from one of the companies with which you do business – it can be used to take over all your accounts.
   Don’t share passwords on the phone, in texts or by email.  Legitimate companies will not send you messages asking for your password.  If you get such a message, it’s probably a scam.
   Keep your passwords in a secure place, out of plain sight.


21
Cyber Security / Computer Security (How to protect your information?)
« on: October 08, 2015, 01:45:10 PM »
Scammers, hackers, and identity thieves are looking to steal your personal information – and your money. But there are steps you can take to protect yourself, like keeping your computer software up-to-date and giving out your personal information only when you have a good reason.

   Use Security Software That Updates Automatically
   Treat Your Personal Information Like Cash
   Check Out Companies to Find Out Who You’re Really Dealing With
   Give Personal Information Over Encrypted Websites Only
   Protect Your Passwords
   Back Up Your Files


22
IT Forum / How to Protect Your Computer
« on: June 24, 2015, 11:19:34 AM »
The same advice parents might deliver to young drivers on their first solo journey applies to everyone who wants to navigate safely online. A special agent in our Cyber Division offered the following:
- “Don’t drive in bad neighborhoods.”
- “If you don’t lock your car, it’s vulnerable; if you don’t secure your computer, it’s vulnerable.”
- “Reduce your vulnerability, and you reduce the threat.”
Below are some key steps to protecting your computer from intrusion:
- Keep Your Firewall Turned On: A firewall helps protect your computer from hackers who might try to gain access to crash it, delete information, or even steal passwords or other sensitive information. Software firewalls are widely recommended for single computers. The software is prepackaged on some operating systems or can be purchased for individual computers. For multiple networked computers, hardware routers typically provide firewall protection.
- Install or Update Your Antivirus Software: Antivirus software is designed to prevent malicious software programs from embedding on your computer. If it detects malicious code, like a virus or a worm, it works to disarm or remove it. Viruses can infect computers without users’ knowledge. Most types of antivirus software can be set up to update automatically.
- Install or Update Your Antispyware Technology: Spyware is just what it sounds like—software that is surreptitiously installed on your computer to let others peer into your activities on the computer. Some spyware collects information about you without your consent or produces unwanted pop-up ads on your web browser. Some operating systems offer free spyware protection, and inexpensive software is readily available for download on the Internet or at your local computer store. Be wary of ads on the Internet offering downloadable antispyware—in some cases these products may be fake and may actually contain spyware or other malicious code. It’s like buying groceries—shop where you trust.
- Keep Your Operating System Up to Date: Computer operating systems are periodically updated to stay in tune with technology requirements and to fix security holes. Be sure to install the updates to ensure your computer has the latest protection.
- Be Careful What You Download: Carelessly downloading e-mail attachments can circumvent even the most vigilant anti-virus software. Never open an e-mail attachment from someone you don’t know, and be wary of forwarded attachments from people you do know. They may have unwittingly advanced malicious code.
- Turn Off Your Computer: With the growth of high-speed Internet connections, many opt to leave their computers on and ready for action. The downside is that being “always on” renders computers more susceptible. Beyond firewall protection, which is designed to fend off unwanted attacks, turning the computer off effectively severs an attacker’s connection—be it spyware or a botnet that employs your computer’s resources to reach out to other unwitting users.

23
IT Forum / Need for Network Security and Types of Attack
« on: June 24, 2015, 10:38:51 AM »
Need for Network Security
In the past, hackers were highly skilled programmers who understood the details of computer communications and how to exploit vulnerabilities. Today almost anyone can become a hacker by downloading tools from the Internet. These complicated attack tools and generally open networks have generated an increased need for network security and dynamic security policies.
The easiest way to protect a network from an outside attack is to close it off completely from the outside world. A closed network provides connectivity only to trusted known parties and sites; a closed network does not allow a connection to public networks.
Because they have no Internet connectivity, networks designed in this way can be considered safe from Internet attacks. However, internal threats still exist.
There is a estimates that 60 to 80 percent of network misuse comes from inside the enterprise where the misuse has taken place.
With the development of large open networks, security threats have increased significantly in the past 20 years. Hackers have discovered more network vulnerabilities, and because you can now download applications that require little or no hacking knowledge to implement, applications intended for troubleshooting and maintaining and optimizing networks can, in the wrong hands, be used maliciously and pose severe threats.
Types of attack:
Classes of attack might include passive monitoring of communications, active network attacks, close-in attacks, exploitation by insiders, and attacks through the service provider. Information systems and networks offer attractive targets and should be resistant to attack from the full range of threat agents, from hackers to nation-states. A system must be able to limit damage and recover rapidly when attacks occur.
There are five types of attack:
Passive Attack
A passive attack monitors unencrypted traffic and looks for clear-text passwords and sensitive information that can be used in other types of attacks. Passive attacks include traffic analysis, monitoring of unprotected communications, decrypting weakly encrypted traffic, and capturing authentication information such as passwords. Passive interception of network operations enables adversaries to see upcoming actions. Passive attacks result in the disclosure of information or data files to an attacker without the consent or knowledge of the user.
Active Attack
In an active attack, the attacker tries to bypass or break into secured systems. This can be done through stealth, viruses, worms, or Trojan horses. Active attacks include attempts to circumvent or break protection features, to introduce malicious code, and to steal or modify information. These attacks are mounted against a network backbone, exploit information in transit, electronically penetrate an enclave, or attack an authorized remote user during an attempt to connect to an enclave. Active attacks result in the disclosure or dissemination of data files, DoS, or modification of data.
Distributed Attack
A distributed attack requires that the adversary introduce code, such as a Trojan horse or back-door program, to a “trusted” component or software that will later be distributed to many other companies and users Distribution attacks focus on the malicious modification of hardware or software at the factory or during distribution. These attacks introduce malicious code such as a back door to a product to gain unauthorized access to information or to a system function at a later date.
Insider Attack
An insider attack involves someone from the inside, such as a disgruntled employee, attacking the network Insider attacks can be malicious or no malicious. Malicious insiders intentionally eavesdrop, steal, or damage information; use information in a fraudulent manner; or deny access to other authorized users. No malicious attacks typically result from carelessness, lack of knowledge, or intentional circumvention of security for such reasons as performing a task
Close-in Attack
A close-in attack involves someone attempting to get physically close to network components, data, and systems in order to learn more about a network Close-in attacks consist of regular individuals attaining close physical proximity to networks, systems, or facilities for the purpose of modifying, gathering, or denying access to information. Close physical proximity is achieved through surreptitious entry into the network, open access, or both.
One popular form of close in attack is social engineering in a social engineering attack, the attacker compromises the network or system through social interaction with a person, through an e-mail message or phone. Various tricks can be used by the individual to revealing information about the security of company. The information that the victim reveals to the hacker would most likely be used in a subsequent attack to gain unauthorized access to a system or network.
Phishing Attack
In phishing attack the hacker creates a fake web site that looks exactly like a popular site such as the SBI bank or paypal. The phishing part of the attack is that the hacker then sends an e-mail message trying to trick the user into clicking a link that leads to the fake site. When the user attempts to log on with their account information, the hacker records the username and password and then tries that information on the real site.
Hijack attack
Hijack attack In a hijack attack, a hacker takes over a session between you and another individual and disconnects the other individual from the communication. You still believe that you are talking to the original party and may send private information to the hacker by accident.
Spoof attack
Spoof attack In a spoof attack, the hacker modifies the source address of the packets he or she is sending so that they appear to be coming from someone else. This may be an attempt to bypass your firewall rules.
Buffer overflow
Buffer overflow A buffer overflow attack is when the attacker sends more data to an application than is expected. A buffer overflow attack usually results in the attacker gaining administrative access to the system in a ommand prompt or shell.
Exploit attack
Exploit attack In this type of attack, the attacker knows of a security problem within an operating system or a piece of software and leverages that knowledge by exploiting the vulnerability.
Password attack
Password attack An attacker tries to crack the passwords stored in a network account database or a password-protected file. There are three major types of password attacks: a dictionary attack, a brute-force attack, and a hybrid attack. A dictionary attack uses a word list file, which is a list of potential passwords. A brute-force attack is when the attacker tries every possible combination of characters.


25
Thanks for very effective Post

26
IT Forum / Re: 3 Easy Ways To Install Windows 10 Technical Preview
« on: November 11, 2014, 03:47:22 PM »
Thanks

27
IT Forum / Re: Windows 9 Leaked Screens Revealing Known Unknowns
« on: November 11, 2014, 03:43:39 PM »
Thanks for your  very effective post.

28
IT Forum / Microsoft Office 365 Features and Benefits
« on: November 09, 2014, 05:53:45 PM »
Moving to the Office 365 cloud comes with some key features and benefits. Namely, your organization gets to continue to use the software you have been using for years, but you now get to shift the burden onto Microsoft. In addition to shifting the burden to Microsoft, there are some other key benefits.

Generate greater productivity with Office 365
Productivity is a great word that management-consultant types love to use. In the real world though, productivity can be summed up in a simple question: Can you do my job easier or not? Microsoft has invested heavily and spent a tremendous amount of time trying to make the user and administrator experiences of Office 365 as easy and simple as possible.
The idea is that increasing simplicity yields greater productivity. Whether it is an administrator setting up a new employee or a business analyst writing policy and procedure documents in Word. When the technology gets out of the way and you can focus on your job, you become more productive. Try using a typewriter instead of a Word processor. Whoever thought copy and paste would be such a game changer?

Access from anywhere with Office 365
Accessing your enterprise software over the Internet has some big advantages. For one, all you need is your computer — desktop, laptop, tablet, or phone — and an Internet connection or phone coverage. Because the software is running in a Microsoft data center, you simply connect to the Internet to access the software.

Another benefit of accessing centrally located data is that you always have a single source of the truth. If you make a change to a document from your tablet at home and then your colleague views the file from their phone, she will see the most up-to-date document. Gone are the days of e-mailing Excel documents between machines with long file names.
With SharePoint Online (part of the Office 365 package) a single file, say Forecast_Q1_2011.xlsx, lives out in the cloud (meaning in Microsoft’s globally distributed billion dollar data centers). Because the document lives in the cloud, the security permissions can be set up to allow anyone in the organization, regardless of geographic location, to view the document.
Security can be as strict or as lenient as desired. For example, you may want everyone in the organization to be able to see a company policy document but only want a select group of individuals to edit the document. In addition, SharePoint takes care of all the versioning and even lets you check out a document to edit so that nobody else can edit it at the same time.
Need to collaborate on the document in real time? No problem. You can do that by using nothing more than your web browse
Work with what you know with Office 365
Microsoft does not always come out with the best software. Remember Windows Vista? Shiver! Instead of running far away and never looking back at Windows again, users simply held their collective breath until Windows 7. And thank you for hurrying Microsoft!
One thing Microsoft did incredibly right is recognize that users don’t want to give up the things that make them comfortable. Office 365 hasn’t changed your favorites one bit. The only difference is that now they are seamlessly connected to the enterprise software living out in the cloud. In other words, your favorite applications are codified.
One of the coolest features about SharePoint 2010 and Office 2010 is that you can work with SharePoint without ever having to leave the Office applications. For example, you can fire up Word, check out a document stored in SharePoint, make some changes, check it back in, review versions, and even leave some notes for your colleagues.
All without even having to know that SharePoint is handling the content management functionality behind the scenes.

Robust security and reliability comes with Office 365
With Microsoft taking on all the responsibility for security and reliability, your IT team can rest on their laurels. Letting Microsoft do the heavy lifting frees up the IT team to do more important things such as helping users get the most out of enterprise software.
Microsoft understands if you aren’t fully comfortable about letting them do the heavy lifting. To address some of the questions, however, Microsoft has extensive service level agreements to help put your mind at ease.

Office 365 provides IT control and efficiency
IT personnel like to know exactly what everyone is doing with their systems at all times. If something goes wrong, then it is probably due to user error. Your systems do what they are supposed to do. Microsoft has gone out of its way to create an unprecedented level of control for administrators. But that is not all. Not only do administrators have control over the environment, but it is also actually designed to be simple in nature and intuitive.

29
IT Forum / What is IPv6 -- Internet Protocol Version 6?
« on: October 26, 2014, 10:28:28 AM »
IPv6 (Internet Protocol Version 6) is also called IPng (Internet Protocol next generation) and it is the newest version of the Internet Protocol (IP) reviewed in the IETF standards committees to replace the current version of IPv4 (Internet Protocol Version 4).

IPv6 is the successor to Internet Protocol Version 4 (IPv4). It was designed as an evolutionary upgrade to the Internet Protocol and will, in fact, coexist with the older IPv4 for some time. IPv6 is designed to allow the Internet to grow steadily, both in terms of the number of hosts connected and the total amount of data traffic transmitted.

IPv6 is often referred to as the "next generation" Internet standard and has been under development now since the mid-1990s. IPv6 was born out of concern that the demand for IP addresses would exceed the available supply.

While increasing the pool of addresses is one of the most often-talked about benefit of IPv6, there are other important technological changes in IPv6 that will improve the IP protocol:

- No more NAT (Network Address Translation)
- Auto-configuration
- No more private address collisions
- Better multicast routing
- Simpler header format
- Simplified, more efficient routing
- True quality of service (QoS), also called "flow labeling"
- Built-in authentication and privacy support
- Flexible options and extensions
- Easier administration (say good-bye to DHCP)

30
After releasing a preview in May, Google is making its free Classroom tool available for anyone with a Google Apps for Education account.
Classroom offers a single dashboard and unified system for Google’s other services, such as Docs, Drive and Gmail, so that teachers can easily deliver classroom materials and assignments with their students.

Lecturers can create new classes and manually add students, or share a unique code so that relevant learners can add quickly add themselves. Likewise, assignments can be set up at any time from the Google Apps dashboard, with all the necessary information (assignment name and synopsis, deadline) and optional work materials linked from Drive, a webpage or YouTube video.
Furthermore, teachers can set the privileges for Docs/Drive files between: Students can view file, Students can edit file, and Make a copy for each student. The latter is particularly important, as it quickly duplicates worksheets, tests and so forth so that students aren’t overwriting each other’s work.
Students have access to a similar d
ashboard and can then work on their assignments in Google Docs. As learners turn in their projects, teachers are able to monitor exactly who has missed (or is likely to miss) the deadline, review work, provide grades and individual feedback.
Since the preview was released, Google says over 100,000 teachers from more than 45 countries have signed up. That initial period has also shaped the product; a number of users said they wanted to be able to collaborate with students while an assignment is ongoing, and Google has responded with updates that allow them to view and comment on work before a deadline.

After releasing a preview in May, Google is making its free Classroom tool available for anyone with a Google Apps for Education account.
Classroom offers a single dashboard and unified system for Google’s other services, such as Docs, Drive and Gmail, so that teachers can easily deliver classroom materials and assignments with their students.
Lecturers can create new classes and manually add students, or share a unique code so that relevant learners can add quickly add themselves. Likewise, assignments can be set up at any time from the Google Apps dashboard, with all the necessary information (assignment name and synopsis, deadline) and optional work materials linked from Drive, a webpage or YouTube video.
Furthermore, teachers can set the privileges for Docs/Drive files between: Students can view file, Students can edit file, and Make a copy for each student. The latter is particularly important, as it quickly duplicates worksheets, tests and so forth so that students aren’t overwriting each other’s work.
Students have access to a similar dashboard and can then work on their assignments in Google Docs. As learners turn in their projects, teachers are able to monitor exactly who has missed (or is likely to miss) the deadline, review work, provide grades and individual feedback.
Since the preview was released, Google says over 100,000 teachers from more than 45 countries have signed up. That initial period has also shaped the product; a number of users said they wanted to be able to collaborate with students while an assignment is ongoing, and Google has responded with updates that allow them to view and comment on work before a deadline.


Source : http://thenextweb.com/google/2014/08/12/google-classroom-education-platform-teachers-opens-apps-education-users/

Pages: 1 [2] 3 4 ... 6