Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - masud895

Pages: 1 [2] 3 4 ... 6
Internet / Multiprotocol Label Switching (MPLS)
« on: May 16, 2016, 11:02:44 AM »
Multiprotocol Label Switching (MPLS) is a protocol for speeding up and shaping network traffic flows. 
MPLS allows most packets to be forwarded at Layer 2 (the switching level) rather than having to be passed up to Layer 3 (the routing level). Each packet gets labeled on entry into the service provider's network by the ingress router. All the subsequent routing switches perform packet forwarding based only on those labels—they never look as far as the IP header. Finally, the egress router removes the label(s) and forwards the original IP packet toward its final destination.

Internet / Top Five VPN Advantages And Benefits
« on: May 16, 2016, 11:01:30 AM »
VPN is a technology which creates a virtual private network to which end users are connected via an encrypted channel.

VPN is popular both among home and corporate users. Its popularity is due to the fact that it brings unmatched benefits in an interconnected world full of challenges to information security and privacy.

VPN has unique advantages from which the top ones are improved security, privacy protection, access to restricted resources and better connectivity.

Security is one of the biggest challengers in today’s interconnected world. As soon as your PC and mobile phone are connected to the Internet, you are being targeted by unlimited number of malicious programs, viruses, hackers and other unknown new threats appearing every day. Not only this but also the information you send and received might be intercepted, read and even altered.

Local security solutions such as antivirus, firewall, etc., are not sufficient to protect you unfortunately. A separate, external solution is needed to protect the communication from you to the outside world.

That’s where VPN comes to play. VPNs secure the otherwise insecure connection between you and remote resources. VPNs should be used especially in public networks such as WiFis. In any case, as a general rule no network should be considered secure because the communication flow passes through numerous points (routers) and for an attacker is sufficient to compromise any one of these points in order to compromise the communication channel and its information flow.

However, even if the communication channel is compromised, you cannot be harmed or the harm will be minimal if you are connected to a VPN. This is because the VPN connection is encrypted and cannot be decrypted and thus read. When an attacker captures VPN traffic he will be able to see only incomprehensible characters going from you to a VPN server. Thus, the attacker is not even able to see to what remote resources you are connected (sites, chats, etc).

Privacy protection
Nowadays privacy is another serious challenge because you can be easily identified when you are online. This means that anyone from curious people and aggressive marketing company representatives to government officials can find your name, address and location with little difficulty.

As soon as you are connected online with your pc or mobile phone you are leaving traces such as your IP address and Internet service provider. This ultimately reveals essential personal information. To protect yourself from such highly undesired disclose you cannot count on any official regulations or Internet service providers.

Instead, to protect your privacy you should use VPN again. Thus, with VPN whenever you visit web sites, listen to radio, chat, etc. you will be identified with the VPN provider, i.e. his IP address, location etc. Essentially, your own IP address and personal details will remain hidden.

Using VPN for privacy protection is more than just recommended because of the frequent abuses with personal information. Furthermore, VPN is absolutely a must for any political activist or other people who have reasons to avoid disclosing their identity.

Even though there are other solutions such as web proxies to protect your identity they are not as efficient as the VPN technology. Proxies, for example, usually send information about the original IP of the client which makes them useless in regards to privacy protection.

Access to restricted resources
Sometimes service providers such as online radios, TVs, etc restrict access only to clients within certain geographical areas or Internet service providers. Other times company policies prevent employees to connect to generally available sites or resources such as Facebook. Such not always reasonable restrictions leave you with no option but to use VPN.

VPNs have multiple points of presence in different geographic regions. The fact that you are identified only with the VPN provider allows you to circumvent any geographical restrictions.

VPNs are especially popular in countries such as China where access to sites / resources is heavily restricted. In such countries you can access anything online as long as you are connected to a VPN.

VPNs also work the other way around in access restrictions. You or your organization may wish to limit the access to certain private resources such as file shares only to a certain network segment. This is essential from security point of view because authentication is rarely enough to protect the security of sensitive information.

Here again VPNs can be used and you can allow only the VPN network to connect to such private sensitive resources.

Better connectivity
Sometimes your Internet routes may not be optimal or your bandwidth may be limited especially towards International online resources. This leads to poor web experience and slow browsing especially for certain resources which are distant from your physical location.

In such cases you can connect to a local VPN point of presence which further routes your traffic. This will allow you to have a bandwidth to distant destinations similar to the bandwidth available between you and your local VPN server.

Such better connectivity can be observed especially in users whose ISPs differentiate local (usually country-wide) resources and international such. These providers will enforce bandwidth limits on access to International resources and you can avoid these resources only by using VPN.

Other benefits
VPNs have also other benefits depending on the VPN service provider you are using. For example, some VPN service providers allow their users to share more easily and faster information between themselves, play games and perform any other activity as if they are within a local area network (LAN).

Another benefit may include port forwarding. This means that if you have a resource, e.g. web server, IP camera, etc, you wish to share to the world or access remotely you may use the VPN for this purpose. This is especially useful if your resource is located inside a local network and has an internal IP address. In such cases this resource can be configured to connect to the VPN and thus receive an external IP at which it can be accessed

Internet / Virtual private network (VPN)
« on: May 16, 2016, 10:58:28 AM »
A virtual private network (VPN) is a technology that creates an encrypted connection over a less secure network. The benefit of using a VPN is that it ensures the appropriate level of security to the connected systems when the underlying network infrastructure alone cannot provide it. The justification for using a VPN instead of a private network usually boils down to cost and feasibility: It is either not feasible to have a private network (e.g., for a traveling sales rep) or it is too costly to do so. The most common types of VPNs are remote-access VPNs and site-to-site VPNs.

Computer forensics is the application of investigation and analysis techniques to gather and preserve evidence from a particular computing device in a way that is suitable for presentation in a court of law. The goal of computer forensics is to perform a structured investigation while maintaining a documented chain of evidence to find out exactly what happened on a computing device and who was responsible for it.

Uses of computer forensics

There are few areas of crime or dispute where computer forensics cannot be applied. Law enforcement agencies have been among the earliest and heaviest users of computer forensics and consequently have often been at the forefront of developments in the field.

Computers may constitute a ‘scene of a crime’, for example with hacking [1] or denial of service attacks [2] or they may hold evidence in the form of emails, internet history, documents or other files relevant to crimes such as murder, kidnap, fraud and drug trafficking.

It is not just the content of emails, documents and other files which may be of interest to investigators but also the ‘metadata’ [3] associated with those files. A computer forensic examination may reveal when a document first appeared on a computer, when it was last edited, when it was last saved or printed and which user carried out these actions.

More recently, commercial organisations have used computer forensics to their benefit in a variety of cases such as;

* Intellectual Property theft
* Industrial espionage
* Employment disputes
* Fraud investigations
* Forgeries
* Bankruptcy investigations
* Inappropriate email and internet use in the work place
* Regulatory compliance

Internet Risk / How to safe your Facebook Account?
« on: May 04, 2016, 02:03:10 PM »
Security Tips for Facebook
Here are 6 things you can do to help keep your account safe:
1.   Protect your password:
   Don't use your Facebook password anywhere else online.
   Never share your password. You should be the only one who knows it.
   Avoid including your name or common words. Your password should be difficult to guess.
2.   Use our extra security features.
3.   Make sure your email account(s) are secure.
4.   Log out of Facebook when you use a computer you share with other people. If you forget, you can log out remotely.
5.   Run anti-virus software on your computer:
   For Windows
   For Mac OS
6.   Think before you click or download anything.

Cyber Security / Protect Your Passwords
« on: October 08, 2015, 02:01:23 PM »
Here are a few principles for creating strong passwords and keeping them safe:

   The longer the password, the tougher it is to crack.  Use at least 10 characters; 12 is ideal for most home users.
   Mix letters, numbers, and special characters.  Try to be unpredictable – don’t use your name, birthdate, or common words.
   Don’t use the same password for many accounts.  If it’s stolen from you – or from one of the companies with which you do business – it can be used to take over all your accounts.
   Don’t share passwords on the phone, in texts or by email.  Legitimate companies will not send you messages asking for your password.  If you get such a message, it’s probably a scam.
   Keep your passwords in a secure place, out of plain sight.

Cyber Security / Computer Security (How to protect your information?)
« on: October 08, 2015, 01:45:10 PM »
Scammers, hackers, and identity thieves are looking to steal your personal information – and your money. But there are steps you can take to protect yourself, like keeping your computer software up-to-date and giving out your personal information only when you have a good reason.

   Use Security Software That Updates Automatically
   Treat Your Personal Information Like Cash
   Check Out Companies to Find Out Who You’re Really Dealing With
   Give Personal Information Over Encrypted Websites Only
   Protect Your Passwords
   Back Up Your Files

IT Forum / How to Protect Your Computer
« on: June 24, 2015, 11:19:34 AM »
The same advice parents might deliver to young drivers on their first solo journey applies to everyone who wants to navigate safely online. A special agent in our Cyber Division offered the following:
- “Don’t drive in bad neighborhoods.”
- “If you don’t lock your car, it’s vulnerable; if you don’t secure your computer, it’s vulnerable.”
- “Reduce your vulnerability, and you reduce the threat.”
Below are some key steps to protecting your computer from intrusion:
- Keep Your Firewall Turned On: A firewall helps protect your computer from hackers who might try to gain access to crash it, delete information, or even steal passwords or other sensitive information. Software firewalls are widely recommended for single computers. The software is prepackaged on some operating systems or can be purchased for individual computers. For multiple networked computers, hardware routers typically provide firewall protection.
- Install or Update Your Antivirus Software: Antivirus software is designed to prevent malicious software programs from embedding on your computer. If it detects malicious code, like a virus or a worm, it works to disarm or remove it. Viruses can infect computers without users’ knowledge. Most types of antivirus software can be set up to update automatically.
- Install or Update Your Antispyware Technology: Spyware is just what it sounds like—software that is surreptitiously installed on your computer to let others peer into your activities on the computer. Some spyware collects information about you without your consent or produces unwanted pop-up ads on your web browser. Some operating systems offer free spyware protection, and inexpensive software is readily available for download on the Internet or at your local computer store. Be wary of ads on the Internet offering downloadable antispyware—in some cases these products may be fake and may actually contain spyware or other malicious code. It’s like buying groceries—shop where you trust.
- Keep Your Operating System Up to Date: Computer operating systems are periodically updated to stay in tune with technology requirements and to fix security holes. Be sure to install the updates to ensure your computer has the latest protection.
- Be Careful What You Download: Carelessly downloading e-mail attachments can circumvent even the most vigilant anti-virus software. Never open an e-mail attachment from someone you don’t know, and be wary of forwarded attachments from people you do know. They may have unwittingly advanced malicious code.
- Turn Off Your Computer: With the growth of high-speed Internet connections, many opt to leave their computers on and ready for action. The downside is that being “always on” renders computers more susceptible. Beyond firewall protection, which is designed to fend off unwanted attacks, turning the computer off effectively severs an attacker’s connection—be it spyware or a botnet that employs your computer’s resources to reach out to other unwitting users.

IT Forum / Need for Network Security and Types of Attack
« on: June 24, 2015, 10:38:51 AM »
Need for Network Security
In the past, hackers were highly skilled programmers who understood the details of computer communications and how to exploit vulnerabilities. Today almost anyone can become a hacker by downloading tools from the Internet. These complicated attack tools and generally open networks have generated an increased need for network security and dynamic security policies.
The easiest way to protect a network from an outside attack is to close it off completely from the outside world. A closed network provides connectivity only to trusted known parties and sites; a closed network does not allow a connection to public networks.
Because they have no Internet connectivity, networks designed in this way can be considered safe from Internet attacks. However, internal threats still exist.
There is a estimates that 60 to 80 percent of network misuse comes from inside the enterprise where the misuse has taken place.
With the development of large open networks, security threats have increased significantly in the past 20 years. Hackers have discovered more network vulnerabilities, and because you can now download applications that require little or no hacking knowledge to implement, applications intended for troubleshooting and maintaining and optimizing networks can, in the wrong hands, be used maliciously and pose severe threats.
Types of attack:
Classes of attack might include passive monitoring of communications, active network attacks, close-in attacks, exploitation by insiders, and attacks through the service provider. Information systems and networks offer attractive targets and should be resistant to attack from the full range of threat agents, from hackers to nation-states. A system must be able to limit damage and recover rapidly when attacks occur.
There are five types of attack:
Passive Attack
A passive attack monitors unencrypted traffic and looks for clear-text passwords and sensitive information that can be used in other types of attacks. Passive attacks include traffic analysis, monitoring of unprotected communications, decrypting weakly encrypted traffic, and capturing authentication information such as passwords. Passive interception of network operations enables adversaries to see upcoming actions. Passive attacks result in the disclosure of information or data files to an attacker without the consent or knowledge of the user.
Active Attack
In an active attack, the attacker tries to bypass or break into secured systems. This can be done through stealth, viruses, worms, or Trojan horses. Active attacks include attempts to circumvent or break protection features, to introduce malicious code, and to steal or modify information. These attacks are mounted against a network backbone, exploit information in transit, electronically penetrate an enclave, or attack an authorized remote user during an attempt to connect to an enclave. Active attacks result in the disclosure or dissemination of data files, DoS, or modification of data.
Distributed Attack
A distributed attack requires that the adversary introduce code, such as a Trojan horse or back-door program, to a “trusted” component or software that will later be distributed to many other companies and users Distribution attacks focus on the malicious modification of hardware or software at the factory or during distribution. These attacks introduce malicious code such as a back door to a product to gain unauthorized access to information or to a system function at a later date.
Insider Attack
An insider attack involves someone from the inside, such as a disgruntled employee, attacking the network Insider attacks can be malicious or no malicious. Malicious insiders intentionally eavesdrop, steal, or damage information; use information in a fraudulent manner; or deny access to other authorized users. No malicious attacks typically result from carelessness, lack of knowledge, or intentional circumvention of security for such reasons as performing a task
Close-in Attack
A close-in attack involves someone attempting to get physically close to network components, data, and systems in order to learn more about a network Close-in attacks consist of regular individuals attaining close physical proximity to networks, systems, or facilities for the purpose of modifying, gathering, or denying access to information. Close physical proximity is achieved through surreptitious entry into the network, open access, or both.
One popular form of close in attack is social engineering in a social engineering attack, the attacker compromises the network or system through social interaction with a person, through an e-mail message or phone. Various tricks can be used by the individual to revealing information about the security of company. The information that the victim reveals to the hacker would most likely be used in a subsequent attack to gain unauthorized access to a system or network.
Phishing Attack
In phishing attack the hacker creates a fake web site that looks exactly like a popular site such as the SBI bank or paypal. The phishing part of the attack is that the hacker then sends an e-mail message trying to trick the user into clicking a link that leads to the fake site. When the user attempts to log on with their account information, the hacker records the username and password and then tries that information on the real site.
Hijack attack
Hijack attack In a hijack attack, a hacker takes over a session between you and another individual and disconnects the other individual from the communication. You still believe that you are talking to the original party and may send private information to the hacker by accident.
Spoof attack
Spoof attack In a spoof attack, the hacker modifies the source address of the packets he or she is sending so that they appear to be coming from someone else. This may be an attempt to bypass your firewall rules.
Buffer overflow
Buffer overflow A buffer overflow attack is when the attacker sends more data to an application than is expected. A buffer overflow attack usually results in the attacker gaining administrative access to the system in a ommand prompt or shell.
Exploit attack
Exploit attack In this type of attack, the attacker knows of a security problem within an operating system or a piece of software and leverages that knowledge by exploiting the vulnerability.
Password attack
Password attack An attacker tries to crack the passwords stored in a network account database or a password-protected file. There are three major types of password attacks: a dictionary attack, a brute-force attack, and a hybrid attack. A dictionary attack uses a word list file, which is a list of potential passwords. A brute-force attack is when the attacker tries every possible combination of characters.

Thanks for very effective Post

IT Forum / Re: 3 Easy Ways To Install Windows 10 Technical Preview
« on: November 11, 2014, 03:47:22 PM »

IT Forum / Re: Windows 9 Leaked Screens Revealing Known Unknowns
« on: November 11, 2014, 03:43:39 PM »
Thanks for your  very effective post.

IT Forum / Microsoft Office 365 Features and Benefits
« on: November 09, 2014, 05:53:45 PM »
Moving to the Office 365 cloud comes with some key features and benefits. Namely, your organization gets to continue to use the software you have been using for years, but you now get to shift the burden onto Microsoft. In addition to shifting the burden to Microsoft, there are some other key benefits.

Generate greater productivity with Office 365
Productivity is a great word that management-consultant types love to use. In the real world though, productivity can be summed up in a simple question: Can you do my job easier or not? Microsoft has invested heavily and spent a tremendous amount of time trying to make the user and administrator experiences of Office 365 as easy and simple as possible.
The idea is that increasing simplicity yields greater productivity. Whether it is an administrator setting up a new employee or a business analyst writing policy and procedure documents in Word. When the technology gets out of the way and you can focus on your job, you become more productive. Try using a typewriter instead of a Word processor. Whoever thought copy and paste would be such a game changer?

Access from anywhere with Office 365
Accessing your enterprise software over the Internet has some big advantages. For one, all you need is your computer — desktop, laptop, tablet, or phone — and an Internet connection or phone coverage. Because the software is running in a Microsoft data center, you simply connect to the Internet to access the software.

Another benefit of accessing centrally located data is that you always have a single source of the truth. If you make a change to a document from your tablet at home and then your colleague views the file from their phone, she will see the most up-to-date document. Gone are the days of e-mailing Excel documents between machines with long file names.
With SharePoint Online (part of the Office 365 package) a single file, say Forecast_Q1_2011.xlsx, lives out in the cloud (meaning in Microsoft’s globally distributed billion dollar data centers). Because the document lives in the cloud, the security permissions can be set up to allow anyone in the organization, regardless of geographic location, to view the document.
Security can be as strict or as lenient as desired. For example, you may want everyone in the organization to be able to see a company policy document but only want a select group of individuals to edit the document. In addition, SharePoint takes care of all the versioning and even lets you check out a document to edit so that nobody else can edit it at the same time.
Need to collaborate on the document in real time? No problem. You can do that by using nothing more than your web browse
Work with what you know with Office 365
Microsoft does not always come out with the best software. Remember Windows Vista? Shiver! Instead of running far away and never looking back at Windows again, users simply held their collective breath until Windows 7. And thank you for hurrying Microsoft!
One thing Microsoft did incredibly right is recognize that users don’t want to give up the things that make them comfortable. Office 365 hasn’t changed your favorites one bit. The only difference is that now they are seamlessly connected to the enterprise software living out in the cloud. In other words, your favorite applications are codified.
One of the coolest features about SharePoint 2010 and Office 2010 is that you can work with SharePoint without ever having to leave the Office applications. For example, you can fire up Word, check out a document stored in SharePoint, make some changes, check it back in, review versions, and even leave some notes for your colleagues.
All without even having to know that SharePoint is handling the content management functionality behind the scenes.

Robust security and reliability comes with Office 365
With Microsoft taking on all the responsibility for security and reliability, your IT team can rest on their laurels. Letting Microsoft do the heavy lifting frees up the IT team to do more important things such as helping users get the most out of enterprise software.
Microsoft understands if you aren’t fully comfortable about letting them do the heavy lifting. To address some of the questions, however, Microsoft has extensive service level agreements to help put your mind at ease.

Office 365 provides IT control and efficiency
IT personnel like to know exactly what everyone is doing with their systems at all times. If something goes wrong, then it is probably due to user error. Your systems do what they are supposed to do. Microsoft has gone out of its way to create an unprecedented level of control for administrators. But that is not all. Not only do administrators have control over the environment, but it is also actually designed to be simple in nature and intuitive.

Pages: 1 [2] 3 4 ... 6