Read my latest posts!

Wednesday, October 10, 2007

National Cyber Security Awareness Month 2007

Did you know that it is National Cyber Security Awareness Month 2007? What have you done this month to increase or even check your secutity? I didn't even know it was such a month and I have implemented a little troll blocking. I'm looking at the Google authentication API, and thinking that making a widget to make sure folks have to login with a Google account to see your blog wouldn't be a bad thing, and that using that to see if they are are on a list of people you don't want on your blog might be good. Kicking them out, if they are would be better.

I'd urge that anyone who doesn't use FireFox, to move to using it as their primary browser. I have seen many a time I would read of an exploit, only to have Firefox updated within a couple of days patched and updating, something you won't see with IE.

For those who have the resources and the technical leanings, there are other things you may want to do. Like installing an Intrusion Detection System. You've probably seen these referred to on TV(i.e. Criminal Minds, NCIS, etc.) Its good to know if somebody has been snooping on your systems. Always think security, it might save your life, or your bank account.

Don't show people screen-shots of your desktop! It gives them too many clues as to what you are running, what browser, what other software you might have that can be exploited to gain access. Just kindly decline for security reasons. Let them know what the reason is, so that if they don't know, they aren't exploited.

UPDATE Oct 19, 2007:
I just ran across this on Slashdot:
"ZDNet is reporting that hackers are actively exploiting a zero-day hole in RealNetworks' RealPlayer media player, a software program installed on tens of millions of Windows computers worldwide. The in-the-wild attacks targets a previously unknown and unpatched ActiveX vulnerability in the way RealPlayer interacts with Microsoft's Internet Explorer browser. The flaw is causing drive-by malware downloads when an IE user simply browsers to a maliciously rigged Web page."

Labels:

28 Comments:

At Wednesday, October 10, 2007 at 8:55:00 PM EDT, Blogger Little Wing $visitorIP said...

Great tips Charles. I am looking into that intrusion detection system you mentioned.

At Thursday, October 11, 2007 at 7:03:00 AM EDT, Blogger Top cat $visitorIP said...

charles..thanks for this great information and your tip about the desktop screenshot was greatly appreciated.:)
tc

At Thursday, October 11, 2007 at 9:51:00 AM EDT, Blogger MONA $visitorIP said...

I guess you are right about the intrusion detection instrument. I must see to that too lest some chicken wi...er bad guys get in.

I hope you have one against wi... er.. bad guys too...

At Thursday, October 11, 2007 at 6:31:00 PM EDT, Blogger jillie $visitorIP said...

Give Hallmark a chance and they'll soon have a card made for this day/month as well. pfffft!!

But I will check it out ;o)

At Friday, October 12, 2007 at 8:07:00 AM EDT, Blogger Mike M $visitorIP said...

Here are a few more tips:

1) Avoid using the admin account on your computer. Hackers assume you have full rights to the computer so they write their viruses and bad code to that. Create a user account with limited rights so you are protected.

2) Change your password often (every 3 months)

3) Verify web addresses before clicking on a link in an email. Bad links can be sent to you masking a ligit site, but the underlining link takes you to a hacker site.

4) NEVER give up personal information via email.

5) If you suspect you have been compromised, ask for help from experienced computer support.

Being safe is taking responsibility for your protect.

At Friday, October 12, 2007 at 9:16:00 AM EDT, Blogger Charles $visitorIP said...

Mike,
Thank you for that, I didn't go into a lot of detail on this post, my desire was to raise awareness of security, but since you started perhaps others would like to chime in with suggestions.

I'll add that passwords should be at the least 8 characters long, and longer is far better, and they should include mixed case (upper and lower case) at least one digit and a special character that is neither letter or number. They should not be things like mother's name, the name of your pet, etc. Including two unrelated words is a good strategy (i.e. R2ocket_Bather!(please don't use my actual example).)
BTW. Notice, I broke up a word, this too is a good thing. By Using two words, breaking them up and using numbers and special characters, you reduce the possibility of hackers successfully using what is known as a dictionary attack. By its being long(I wouldn't recommend more than 15 characters, some systems want to puke when you do,) you DRASTICALLY increase the time and calculations necessary to crack your password. By breaking the words, even use of Rainbow tables are crippled, since most are created from entire words.

At Friday, October 12, 2007 at 1:54:00 PM EDT, Blogger Little Wing $visitorIP said...

It burns me up that we even have to be concerned about all of this.
More good tips, Charles and Mike.
Thanks for sharing, I will take all the help I can get.
I was amazed about the fact that putting up a profile pic. can keep the slugs from faking your comments.
I was clueless when it came to blogs.

At Saturday, October 13, 2007 at 6:48:00 PM EDT, Blogger snowelf $visitorIP said...

Charles, you rock!

National security month, huh?

What an ironic coincidence! ;)

(See, they are contagious!!)

hugs,
--snow

At Saturday, October 13, 2007 at 8:15:00 PM EDT, Blogger Charles $visitorIP said...

Snow,
HUH? What did I do? Did I miss something?

At Sunday, October 14, 2007 at 3:25:00 PM EDT, Blogger S E E Quine $visitorIP said...

` Wow, you know I saw a 'tag' thing on someone's blog where you show screen shots of your desktop! Wow, that sucks!
` Glad to know Firefox still rules! I really hate it when internet cafe people are angry that someone has installed Firefox.

At Sunday, October 14, 2007 at 4:26:00 PM EDT, Blogger Charles $visitorIP said...

Sara,
Yeah, its a tag I've seen a couple of times recently. When I see it I cringe, I've put the warnings out there, some listen, some don't. What more can I do?

At Monday, October 15, 2007 at 5:34:00 PM EDT, Blogger snowelf $visitorIP said...

Oh--cause you wrote this: "I didn't even know it was such a month and I have implemented a little troll blocking."

:)

--snow

At Tuesday, October 16, 2007 at 10:50:00 AM EDT, Blogger Mike M $visitorIP said...

Snow, being an IT Chick, you didn't know about NCSAM???

Snow, we gotta talk!!

At Tuesday, October 16, 2007 at 5:00:00 PM EDT, Blogger Little Wing $visitorIP said...

God knows we could all use a little troll blocking sooner or later.

At Thursday, October 18, 2007 at 2:16:00 AM EDT, Blogger S E E Quine $visitorIP said...

` What if I put this up? What can people find from me of that? (I hope Imageshack doesn't delete my account for this....)

At Friday, October 19, 2007 at 9:30:00 PM EDT, Blogger jillie $visitorIP said...

You know I have NO clue as to what the hell my comment is suppose to mean. I had been reading a different blog previously and for some reason I got a bit confused? Off the beaten path? Whew...talk about a blond moment....dang.

At Saturday, October 20, 2007 at 1:55:00 AM EDT, Blogger MONA $visitorIP said...

Gee Thanks for that update!

At Saturday, October 20, 2007 at 3:43:00 PM EDT, Blogger Charles $visitorIP said...

Jillie,
I assumed that you meant that the greeting card companies would make a card for National Cyber Security Month.

Mona,
This is the sort of thing we don't want folks to know about our systems, as far as what we may have installed.

At Thursday, October 25, 2007 at 9:53:00 AM EDT, Blogger Jessica $visitorIP said...

Wow, I had no idea. Thanks Charles, betcha thought I was never comin' back! *wink* :) Anyway, how are you, Charles? I'm good, I just posted something earlier, if you're interested.

At Thursday, October 25, 2007 at 10:20:00 AM EDT, Blogger Charles $visitorIP said...

Jessica,
I figured the new beau was taking up all your attention. I'll head over now.

At Monday, October 29, 2007 at 12:28:00 PM EDT, Blogger no.good.at.coding $visitorIP said...

This comment has nothing to do with this post but I just noticed that your blog had reached a Google Page Rank of 3! Cool! :D

At Monday, October 29, 2007 at 2:31:00 PM EDT, Blogger Charles $visitorIP said...

NGAC,
WHA? How'd that happen? You must have used some wacky search criteria.

At Monday, October 29, 2007 at 3:14:00 PM EDT, Blogger Jessica $visitorIP said...

Haha, very funny, Mr. Charles, you do know I'm into that....lol...anyway, hope you like the site...

At Monday, October 29, 2007 at 3:21:00 PM EDT, Blogger Jessica $visitorIP said...

dude, no good was right, just type in 'one man's intelligence'... google rocks

i don't even rank in the top 80...

At Monday, October 29, 2007 at 3:55:00 PM EDT, Blogger Charles $visitorIP said...

Thanks Jessica,
Court also sent me
Dig Pagerank in 700+ datacenters
.

At Monday, October 29, 2007 at 5:07:00 PM EDT, Blogger Charles $visitorIP said...

'm still a bit on the mystified side of things, since I really don't know what would have pushed my ranking up so. Perhaps someone at Google liked my Top Post (WMD? GWB.) Maybe it has to do with the NCSAM post or with Troll blocking. I really don't know. Its not as if I have been trying to get good page rankings. My posts are erratic at best. Perhaps the second heading with the CONTENT="no-cache" in it caused it. hmmm...
As Alice once said, "Curiouser, and Curiouser!"

At Monday, October 29, 2007 at 10:08:00 PM EDT, Blogger no.good.at.coding $visitorIP said...

Charles, I meant PageRank and not Google search result rankings.

You can check yours here or here

Here's the really strange bit- I have a PageRank of 2! I think it's probably because of you and Mona linking to me ( she has a PageRank of 4, it's been there for a long time ).

Weird.

P.S. I noticed because of the PageRank indicator on the Google Toolbar.

At Tuesday, October 30, 2007 at 1:11:00 AM EDT, Blogger MONA $visitorIP said...

Really! You Reached #3 with google!

ANOTHER TREAT!

Minus, Pizzas n coffee & buffalo wings...

:D :D :D

((((((((HUGE HUGS))))))))))

Post a Comment

<< Home