Sunday, May 29, 2016

Annoying Ask-Agains

Hello reader!  Ready for my Week 11 post?  Are you sure?  Are you sure you're sure?

That was fun, right?  Right?  Right.

You hate the dreaded Windows "Are you sure" boxes, and I'm sure you equally hate the "This programs wants to access your system, will you let it?" boxes too.  Guess what, those are actually a good thing!

Have you ever accidentally deleted an important file, or clicked no too quickly on for something you meant to click yes for?  Of course you have, you're a person with a computer.  Don't be offended, I've done it more than you.

When the operating system asks you if you're sure about an action, it's not trying to be a jerk (contrary to common belief).  It is making sure you meant to do it and keep you safe all at the same time.

Most of the time when you are asked if you want to let so-and-so program run, it's because you asked it to run.  But, what if you didn't ask it to run?  Wouldn't you want the OS to keep you safe and not run a random malicious software you accidentally downloaded along with the latest bootleg of Civil War?  (I'm looking at you Henry, be ashamed)

As annoying as it might be, those pop-ups from Windows are there to keep your system and your information safe.  If random malware was able to run, you would blame Microsoft for not protecting your dirty Internet activity.  Instead, you curse them for making it too difficult to navigate and execute peacefully.

But I digest...digress...something like that.

Thanks for reading for the past few months.  Looking at what is due next week, I probably won't post for a little bit.  However, if you really like to read my randomness all that much, post a comment!  I'm here to support you and will be happy to keep going if you want me to...at least until my next class requires it.  Again, thank you for the support.  Stay safe on the Internet, it's a dangerous place!

REFERENCES:
http://www.howtogeek.com/173478/10-important-computer-security-practices-you-should-follow/
http://www.digitalcitizen.life/uac-why-you-should-never-turn-it-off
http://windows.microsoft.com/en-us/windows/what-is-user-account-control#1TC=windows-7

Sunday, May 22, 2016

Eerie Emergency Prep

Hey reader!  Welcome back to Week 10!

A few weeks ago we talked about backing up your system.  If you don't remember, here is the link: http://cyberschopp.blogspot.com/2016/04/baffling-backups.html

However, there is more to preparing for an emergency than backing up your system.  If something were to happen in your home, how would you know what to do to get your computer(s) up and running again?

Having a plan, sharing it with your family, and updating it regularly are necessary parts of an emergency action plan.  Another step is exercising the plan.  Simulating a loss of data integrity or availability and following your plans' checklist is a great way to make sure you haven't missed anything.

Some of the things you want to consider in your network emergency plan include (but are not limited to):
- reactions to specific events, such as discovered malware or hardware failure
- checklists covering broad responses as well as specific events with special actions
- notification lists, i.e. call Dad if..., or call police if...

Thinking of situations, or pulling crazy ideas from TV or movies is a great way to think about what your reactions would be in a variety of situations.

Thanks for reading!  See you next week.

Sunday, May 15, 2016

Disturbingly Disposal E-mail Addresses

Welcome back for my Week 9 post!

Do you love spam?  I know I do!  Actually, I really don't know because my spam filter gets rid of most of it.

I only have one personal, one business, and one school e-mail address.  So, 3 in all.  Amazingly, I don't see all that much spam...except for what my Gmail filters out that I peruse through on occasion. All that aside, there is much to be said for creating and maintaining an arsenal of disposal e-mail addresses.

If you sign up for more than one service out there, you are bound to come across a company who has no problem selling your e-mail to Hank, the lowly Burger King employee.  Hank will gladly send you spam in hopes you will click on a link of give him a million likes on Facebook.  Nothing against Hank, but ain't nobody got time for that!

Using a disposable address for signing up for site is a great way to not care about what random correspondence you get.

This also clears up your main e-mail to make sure the cookie recipe from Mom doesn't get lost in the crap!

Thanks for reading...if you don't normally look at my references, please look at the second one about responding to a spam e-mail.  It is totally worth the 10 minutes.

REFERENCES:

https://www.google.com/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8#q=disposable%20email%20address
https://www.youtube.com/watch?v=_QdPW8JrYzQ

Sunday, May 8, 2016

Inconceivable Identity Theft

Hello reader, welcome to my Week 8 post!

If you had just stolen a few million passwords, how much would you sell them for?  I'm making a big assumption that you are some kind of criminal seeking a profit from someone else's info.  So, how much would you make off this score?

This past week a Russian hacker was selling 272 million unique e-mail addresses and passwords for the whopping price of 50 rubles.  Folks, that about $0.75.  The hacker was quoted as saying, "I am just getting rid of it but I won't do it for free."

This story got me thinking, was my e-mail and/or password one that he was selling?  I took the opportunity to see if I had been "pwned" at the fittingly named https://haveibeenpwned.com/.  It turns out, I have been, but not too recently.  My data was potentially taken during two different breaches in 2013.

So, what should I do?

The Federal Trade Commission has authored a handy guide to help you along if you are unfortunate enough to have your identity stolen, so I won't pretend I can help other than giving you the link below.  But here's the short-and-sweet:

1. Plan ahead - if you have a personal recovery plan to help you through, the process will be much much smoother.
2. Update and track your plan - if a step in your plan doesn't work, or something changes, it won't do you much good at all.  Updating it with current info will be your lifeline if you ever have to use it.
3. Contact - you need to get in touch with the credit bureaus and your banking institutions.  Having preprinted letters for each establishment, again, will help you in the process.

I hope you never have to deal with a full identity theft.  If you do, follow the guide and be committed to clearing your name.  Good luck!!!


REFERENCES:
http://www.vocativ.com/315608/russian-hacker-email/
https://haveibeenpwned.com/
https://www.consumer.ftc.gov/articles/pdf-0009-taking-charge.pdf

Sunday, May 1, 2016

Perplexing Power

Hello reader!  Welcome to my Week 7 post.

When you are done with your computer at the end of the day, do you turn it off or leave that sucker running into the wee hours of the night?  Does it matter?  This weeks post will touch on some benefits for both and then I will give you my recommendation on what you should do.

Leaving it on.  If you leave your system on between uses, this can be used for other tasks.  System updates can be applied at scheduled times during the night when you are less likely to be using the system.  You can also schedule backups, virus scans, or disk defragmentation.  These tasks are necessary to keep your system running optimally, but doing them when you aren't actively using your system keeps you from interrupting your work.  Additionally, you can donate your unused computing power for the greater good.  The World Community Grid will use your computers power to assist their research a variety of problems, such as drugs to fight ebola or mapping cancer markers.  For a more comprehensive list, see the references below.

Turning it off.  Shutting your system down each night will do one thing really well...not use electricity!  If your system is in the same place as you or someone else sleeps, they will not be disturbed by any noises, such as the fan, while they are trying to sleep.  Also, your system does need a reboot occasionally anyway, so you are just helping along the process, but on a more daily basis.

As promised, here is my recommendation.  Turn it off...or leave it on.  Honestly, it depends on how often you use your system.  If you use it everyday for several hours, leave it on.  You won't have to wait for the start up.  If you rarely use it, turn it off after use, or donate your computing power.  The choice is yours, you have the power.

REFERENCES:
http://www.digitaltrends.com/computing/should-you-turn-off-your-computer-at-night/
http://motherboard.vice.com/read/7-ways-to-donate-your-computers-unused-processing-power
https://boinc.berkeley.edu/wiki/Project_list
https://www.worldcommunitygrid.org/discover.action
and just for fun, yet not related at all ;)
http://fivethirtyeight.com/features/the-worst-board-games-ever-invented/






Friday, April 22, 2016

Unfathomable Unnecessary Software

Welcome to my Week 6 post!

How much of the software on your system do you regularly use?  Chances are, there are programs the system manufacturer added before you bought it.  A term for this type of program is Bloatware.  However, you might have willingly installed something just as useless on your own.

Software that is never or rarely used can make your system more vulnerable to an attack.  Almost every piece of software has a flaw of some type that is an entry point for a malicious user.  Uninstalling that software removes any possiblity of exploiting those vulnerabilities.

So, first things first...what do you have installed on your computer?  If you don't know, that's a good place to start.  Since the majority of computers are running some version of Windows, this will be geared towards them.  If you are running another OS from Apple or a *NIX variant, the methodology still applies but you'll need to do more research on the actual process.

To start off, you need to know what you're dealing with.  In newer versions of Windows, you'll b looking for "Apps & Features", which is located in the Settings menu.  The quickest way to access this menu is to click this icon:
Then click the All settings button:









In the Find a Setting text box, start typing "uninstall," and your search results will populate.  Once you have results, select Programs and Features.  Doing this will bring up a list of programs installed on your system.

Now you need to start looking through the list.  What programs are on the list that you don't recognize?  You can either make a list of what you don't know, or you can start researching them as you go down the list.

For instance, I have a program called ETDWare X64 15.7.0.1_WHQL published by ELAN Microelectronic Corp...no idea what this is!!!!  Time to pull off some Google-Fu!  When I start looking into this mysterious program, the first hits from Google are for a site called www.shouldiremoveit.com.  According to this site, this is program that allows my laptop touch pad work.  I don't think I'll be removing it.

I recommend that you keep moving down the list and research everything you don't recognize.  Even if the program is legitimate, you might still not want it.  My system came preinstalled with some trial versions of software I had no intention of using, such as movie or music players.  These were some of the first programs to disappear from my system.  I recommend you do the same thing, your computer will thank you.

REFERENCES:
https://www.us-cert.gov/ncas/tips/ST15-003
http://www.computerworld.com/article/2966113/windows-pcs/bloatware-what-it-is-and-how-to-get-rid-of-it.html

Saturday, April 16, 2016

Elusive Encryption

Most likely, you've had something go wrong with a hard drive turning it unusable, at least temporarily.  Maybe your operating system was corrupted in some way, but you still had data on the drive you needed/wanted.  If you had the availability, you removed the drive and put it in another system to pull the data off before reinstalling your system.  Time consuming but easy, right?

As easy as that process is, it is just as easy for someone with malicious intent to steal your data by physically taking the drive.  Yet, there is a way to protect it.  For this week 5 post, I will be talking about encrypting your data in order to safeguard it.

One method to safeguard your data is to use whole disk encryption.  This is most commonly used on removable media such as a flash drive, but can be applied to your internal (laptop or desktop) hard drive(s).  When the drive is encrypted like this, you will be prompted for a pass phrase each time it is plugged in and/or turned on.  The pass phrase is the key to unlock the system and allow it for use.  Without it, the hard drive is just a fancy paperweight.  One drawback of using this method is the time it takes for the initial setup, which can last several hours depending on system performance.  Another drawback is security while in use.  Once the pass phrase is entered and the drive is unlocked, it can be accessed by other users on the network or locally on the system.

You can use file encryption to protect specific files on your system.  File encryption works in pretty much the same way as the whole disk method, but is very focal on what is encrypted.  Protecting financial, medical, or other private data should be the main focus.  Your iTunes library should be protected just fine without encrypting each MP3.

Using these methods together is a great way to protect your data while at rest.  But what about in transit via e-mail or other transportation methods?  While it can take sometime to set it up, it could be worth it to use a secure messaging program called Pretty Good Privacy (PGP).  PGP can be integrated into different web-mail programs, like with the Chrome plug-in.

There are many different options for each of these methods, so it's best to do some research to find out which one will work best for you.

As always, thanks for reading!

References to checkout:
https://www.symantec.com/content/en/us/enterprise/white_papers/b-pgp_how_wholedisk_encryption_works_WP_21158817.en-us.pdf
http://lifehacker.com/five-best-file-encryption-tools-5677725
http://lifehacker.com/how-to-encrypt-your-email-and-keep-your-conversations-p-1133495744
http://encryption-software-review.toptenreviews.com/
http://www.howtogeek.com/200113/htg-explains-when-should-you-use-encryption/
http://www.pcworld.com/article/2025462/how-to-encrypt-almost-anything.html
https://www.theguardian.com/technology/askjack/2013/jun/06/laptop-encrypt-personal-data
https://en.wikipedia.org/wiki/Pretty_Good_Privacy
https://www.comodo.com/home/email-security/free-email-certificate.php



Thursday, April 7, 2016

Baffling Backups

Welcome to Week 4!

Our assignments this week are all related to contingency planning.  This got me thinking about what to do for your home network that most people don't, backup your data.

Most operating systems have built in backup/restore programs, but there are many third-party programs as well.  Just like my recommendation last week for antivirus software, do your research and go with the option that works best for you.  I'm not here to tell you which program to use, just some methods to getting the job done!

If you are new to the backup game, here is some terminology to help you get started:

- Full backup - this is pretty self explanatory.  This will make a full and complete copy of all data to an alternate media.  Because this is the most complete type of backup, it is also the fastest in terms of recovery time.  Unfortunately, because the data is completely copied, it takes the longest to complete.

- Incremental backup - this backup type will only copy data that has changed since the last backup.  This is accomplished by comparing file time-stamps.  This process enables these backups to be run very quickly and are smaller in size.  When restoring, these backups follow the full in the order they were taken in to make sure the most up-to-date data is restored

- Differential backup - this backup is similar to the incremental with one difference; the differential backup copies all changed files since the last full backup.  As these backups are performed, they eliminate the need to restore the last differential.  This reduces the restore time, but increases the time and space needed to preform the backup.

Now that you know the terms, you need to set your schedule.  When I was a system administrator responsible for backups, I ran the following schedule:

- Friday - Full Backup
- Saturday and Monday through Thursday - Incremental Backup

Just because I was backing up on a good schedule, doesn't mean everything was great.  In the 2 years at that job, I only had to run a restore once...and fortunately for me, it worked.  My main failure was that I didn't test my own product.

Backing up data is useless if the restore doesn't work.  If you are backing up daily or weekly, validating your data will restore properly should happen every month or two.

The last point I'd like to make is about storing your backups.  Ideally, you should be able to store your backups in a different location than where the data is processed.  For home data, some possibilities are at a friends or family members house, a bank safe deposit box, or a cloud-based service.  If this is not possible for you to do, storing the backups in a fireproof safe (or similar product) is the next best thing.

Now, stop reading this and backup your data!


Some pages to reference:
http://searchdatabackup.techtarget.com/feature/Full-incremental-or-differential-How-to-choose-the-correct-backup-type
http://windows.microsoft.com/en-us/windows/back-up-files
http://www.techradar.com/us/news/software/applications/best-free-backup-software-11-programs-we-recommend-1137924
http://data-backup-software-review.toptenreviews.com/
http://www.techrepublic.com/blog/10-things/10-outstanding-linux-backup-utilities/


Sunday, April 3, 2016

Vexing Virus Protection

Hello reader!  Welcome to my week 3 post.

To stay on track with general computer/network security, this week I'll be talking about virus protection.  Although Windows comes with the built-in Windows Defender, there are companies whose sole purpose is the development of antivirus and security software.

I'd like to take a moment to add a disclaimer here...I am not recommending for you to use any specific product.  What I am recommending you do is this...research your options, and decide for yourself what product fits your needs.

So, with so many products to choose from, where do you start?  There have already been several reviews for the best product of 2016.  Those links are below and a great place to start.

There are a variety of free and subscription based software to fill your security needs.  But here's the kicker...just installing it isn't enough.  You need to update the software frequently, at least once a week.  Also, you should be scanning your system on a scheduled basis just in case something slips by the active defense.

While malicious software still has the potential of getting past antivirus (most likely because of a previously unknown threat), not having any protective software installed opens you to everything!  Imagine your home without locked doors (or doors at all) to keep people out.  Honest people wouldn't dare enter without your knowledge, but the world isn't filled with only honest people.

Hopefully, this information nothing you will need.  This isn't groundbreaking, but unfortunately, I think too many people use the free 6-month trial version of software they get with their new PC and don't want to pay to renew it, so they use the outdated signatures and call it good.

Friends don't let friends surf the Internet without protection...get some antivirus!

http://www.top10antivirussoftware.com/shortened-link
http://www.techradar.com/us/news/software/applications/best-antivirus-10-programs-on-test-924608
http://www.tomsguide.com/us/best-antivirus,review-2588.html
http://www.pcmag.com/article2/0,2817,2372364,00.asp - Paid Antivirus List
http://www.pcmag.com/article2/0,2817,2388652,00.asp - Free Antivirus List

Sunday, March 27, 2016

Provoking Patches

Welcome to my Week 2 blog post!

Last week we discussed passwords, which their importance is often overlooked.  This week, I want to take a look at something that we are all probably doing, but might not know why: Patches.

Security patches are written and distributed by software vendors to correct a previously unknown vulnerability.  These vulnerabilities are discovered using a method called fuzzing.  At a VERY basic level, fuzzing is inputting unexpected data into a program, and watching how it reacts.  For example:

Enter a number between 1 and 10:

Now, a typical user would enter a number between 1 and 10, but a fuzzer might enter a 'q', just to see what happens.  If the software is coded correctly, the response would look something like this:

Invalid input, enter a number between 1 and 10:

However, if the software isn't written to validate input, you might see this:



The Blue Screen of Death is something we've all dealt with at some point, and it is the result of improperly coded software.  The reaction we have when this happens is usually one of frustration and anger, but we accept it and reboot.

What if the result is something more malicious, like administrative (root), or even SYSTEM access?  Now, the fuzzer just discovered a way to gain permissions that a standard user should never have.

If the fuzzer who discovered the vulnerability wears a White Hat, they report it to the software developer who then starts creating the patch to correct the vulnerability.

Now that the patch has been written, it's ready for distribution.  While you're working on your system, you get this notification:


I know when I see this, my inner-procrastinator wants to click the 'X'.  However, knowing what it might fix, I click on it, run the installer, and hope I don't need to reboot.

Security patches are distributed by the software vendor who created the software.  You should only download and install patches from them, and not from a third party.  Any developer, Microsoft, Adobe, Apple, etc. should periodically send notice of patches.  To help protect your system, set it to automatically download and install the patches.  If you choose not to do this, you will need to make sure you check for updates at least weekly.  Do this for all of your software to ensure maximum protection.

Patches, and now you know...

Thanks for reading!

Here are a few references:
https://www.owasp.org/index.php/Fuzzing
https://www.cert.org/vulnerability-analysis/research/discovery.cfm?
https://en.wikipedia.org/wiki/Blue_Screen_of_Death
https://www.cert.org/vulnerability-analysis/research/discovery.cfm?
https://en.wikipedia.org/wiki/White_hat_(computer_security)
https://en.wikipedia.org/wiki/Grey_hat
https://en.wikipedia.org/wiki/Black_hat
https://social.technet.microsoft.com/Forums/en-US/6259994a-80e9-4e2c-9fa8-4df6b614d641/no-windows-update-notifications?forum=W8ITProPreRel



Sunday, March 20, 2016

Pesky Passwords

Since this blog is in support of my MS in Cybersecurity program, I thought the perfect way to start it off would be to talk about something each of us have, but might neglect: passwords.

If you're reading this, chances are you have an account with a password that you created...hopefully none of these look familiar:

- 123456
- password
- 12345678
- qwerty
- 12345
- 123456789
- football
- 1234
- 1234567

These are the 10 most popular passwords in 2015. If you are using any one of these (or the other 15 of the top 25), pay special attention to the next three words: CHANGE YOUR PASSWORD!

Creating a password that is easy to remember and also complex enough to avoid being cracked is easier than you think. We need to establish some guidelines before we get started:

1. Length - your password should be at least 8 characters, but I recommend 12 or more
2. Character variance - use a mix of upper and lower case letters, numbers, and special characters
3. Avoid keyboard walks - this is a password that looks like this: qwertyuiop OR 1qw23er45ty6
4. Avoid dictionary words - at least avoid them as they appear in the dictionary

All set? Let's get started! One easy method is to pull a quote or lyric from your favorite movie or song...because I'm a nerd, let's use Star Wars - May the Force be with you.

Right away, we have 20 characters, excluding the spaces, which looks like this - MaytheForcebewithyou

We already have a couple different upper and lower case letters, so let's add some numbers and special characters. Since we will be swapping out some of our letters, we need to look at other characters that look like them. Here are a few that look similar:
I = 1
i = !
s = 5
E = 3
B = %
b = & (okay, the 'B's' might be a stretch but they work, right?)

Alright, time for the numbers!
MaytheForcebewithyou turns into Mayth3Forc3b3withy0u

Let's add some crazy special characters!
Mayth3Forc3b3withy0u turns into M@yth3Forc3&3w!thy0u

Right now, it's pretty good. But we're breaking the 4th guideline. One more change.
M@yth3Forc3&3w!thy0u turns into M@yth3Forc3&3w!t#y0u

The last change probably isn't necessary, since it would take a desktop computer 425 quintillion years to crack either way. But, you get the idea.

In addition to creating a good password, don't use the same password for everything.  Use a variety of passwords for your accounts.  In the event your password is compromised, the same key will open all doors.

One final thought.  You should change your password periodically.  Every 90 days is a good baseline, just make sure you create something hard to guess each time.

About Me

My name is Nick, and I have worked in as a system administrator and security operator for the past 16 years in the US Air Force.  I have a variety of certifications from GIAC, CompTIA, and LPI.  This blog is part of the curriculum for my MS in Cybersecurity program at Bellevue University.  Also, this is my first blogging experience, so I'll gladly take any constructive criticism to make it better.