The dangers of using outdated software


 Outdated software contains security flaws which cybercriminals can use as avenues to infiltrate the corporate network.

The dangers of using outdated software.

Installing Linux Lite – A mini review

Home users that ONLY check email and use very few other programs may consider replacing their OS.   Linux has made an exceptional gain over the past several years with a Programs (Add/Remove) component and with hardware drivers.

To see just how Linux Lite stacked up other OSs, I decided to load it in Oracle’s VirtualBox.  The little over 600+mb download is comparable in size to Windows XP.  The ISO can be burned with an image burner to make a bootable CD/DVD.  Before you decide to switch, remember there are limitations to Windows software even with Wine.  Wine is a software application that allows you to run Windows programs.  Hunting around the internet you’ll find hundreds of Linux programs comparable to Windows programs.  You don’t have to look far considering the Linux repository has hundreds of programs.

After loading Oracle’s VirtualBox, simply walk through the New OS wizard, select Linux, allocate 2 GB of RAM and 8 GB of HDD space if you can.  Once you have completed this step, click on Settings and select bridge on the Network Card and load the ISO under storage.

Once you complete that step, start the OS and follow the on screen prompts.

1

(Above) – initial load screen.

2

Loading the OS into RAM

3

Load time of around two minutes for the initial screen to appear.

4

Select your language.

5

The above screen is checks to insure hardware and internet connectivity is ok.

6

Erase the hard drive.

7

Below – set your location for the time.

8

Select the keyboard layout.

9

Setup an initial user and password.

10

Copying files

11

After the installation, Restart your computer (VirtualBox)

12

Booting up from the hard disk drive.

13

Login and options.

14

The initial desktop is clean.  Don’t let this fool you.  The amount of programs and options for an internet user is excellent.

15

 

17 updates

 

Checking for updates is easy.  Simply click on the menu and select update.  Provide your login password and Linux Lite does the rest.

Printer setup

If you have a printer that supports IPP Protocol, login to the printer’s web address and Enable IPP.   The printer in our home is the Samsung SCX-3400 wireless.  An inexpensive laser printer that provides for thousands of pages with Samsung’s toner cartridge.  The printer provides hundreds of options for Windows, Apple, Linus or mobile devices.

printer

 

What programs come with Linux Lite?  Hundreds of items.  Here’s the main categories.

  • Office
  • Games  (Such as steam and others)
  • Graphics  (Gimp and more)
  • Accessories
  • Internet (email and browsers)
  • Multimedia
  • System (dozens of tools)
  • Settings

accessories Games Graphics Internet Multimedia Office settings Sharing System

 

If you ONLY use the internet and want to look into an alternate operating system.  Linux Lite may be for you.  It is easy to use, install and offers hundreds of programs.

How to guard your wireless network and see intruders

100% credit goes to Bill Mullins for sharing this information. (BillMullins.wordpress.com).

Softperfect has some of the best freeware for Windows.   With Netscan you can see devices on your network and find information about the  devices.  Now with their software “WiFi  Guard”, you can use a device on your network and find the devices that are attached to it.

While you should take precautions to secure your wireless network, is someone accessing your network without your knowledge?

Installation is fast and easy.  Simply follow the wizard and make sure you run the software at startup.

Scan

Once you install the software, select the adapter and scan your network.  Next double click on known devices and select “I know this device.”  Let the software run and periodically scan your network.   If you find a device connecting to it,   locate the device and remove it from the network or take action to prevent unknown devices from connecting.

I Know

The software is designed to run on Apple, Windows or Linux.

Note: The above pic is from a lab environment and the addresses and macs do not represent real machines or a production environment.

Protecting your network by pen testing it

This post is for educational purposes and any use of these tools against a network without explicit permission could be illegal.   Metasploit is designed to identify weaknesses in networks and hardware/software on a network.  Do NOT use metasploit for other reasons.

Want to protect your network and the computers in your network?  You can get updates for your operating systems (Linux, Mac, iOS, Android, Windows or whatever) along with updates for third party programs yet you can still be unsecure.    When updating these products, you also have to remember firmware and updates for wireless devices, access points, bridges, firewalls, routers, switches, SCADA devices, robots, mobile devices, printers and any device on your network.

Metasploit

http://www.metasploit.com/download/

Metasploit Community is free and allows for a free scan of your network or server. Although limited (Try Pro for details and Brute Force), Metasploit Community is a first step in finding open services and ports on your operating system, hardware devices such as routers and other devices.   The trick to installing Metasploit is to disable your antivirus or make exceptions to what your antivirus finds.   You should truly install the software inside of a VM (Virtual Machine) so that your computer remains protected.

You can use Metasploit to protect your network by ‘seeing’ what a hacker or malicious person would see.  Truly for network professionals and auditors, this software can help you identify services, ports and weaknesses in your network.

There are several versions of Metasploit – Community, Pro, Express and Framework (Compare Editions)

Metasploit     Metasploit Two

Metasploit Scan Complete     metasploit Hosts

Metasploit Services After Scan

The above scan was in a controlled lab.  Malicious scanning of networks may be illegal.  Read  Penetration Basics on Metasploit’s website.

Tutorials (Videos)

Your business and home needs a firewall…why?

So what happens when you install a firewall and make sure all operating systems on your home network are fresh installs?

craziness

 

You’ll probably see hits from foreign and U.S. IP addresses trying to make connections to your computers, phones and other devices on your network.   You’ll also notice common port numbers in the above log.  So what would happen if any of the services and ports were open?  It could result in the loss of data.

What should you do?  Install a hardware SOHO firewall and keep your OS firewall on.  While there are tons of other precautions you also need to take, ultimately this is a form of protection most home users and business users fail to implement.

Credit: Chris Davis

What should you do with an old computer? Create a home router/firewall!

ITX-motherboards can often be found in older computers from garage sales or thrift stores.  What is the practical use for these motherboards or older computers?

Here’s a small project that involves protecting your home.

After finding an ITX motherboard and gathering extra parts from broken laptops and computers, this project will put the software SMOOTHWALL Express onto the computer to make a mini firewall.  Total cost?

  • $22 250watt power supply
  • $5 Gearhead mini keyboard

0306141659a

Base processor
Athlon 64 X2 (B) 5400+ 2.8 GHz (65W)
800 MHz front side bus
Socket AM2

Chipset
GeForce 9100

Motherboard

  • Manufacturer: Pegatron
  • Motherboard Name: APX78-BN
  • HP/Compaq motherboard name: Nutmeg-GL6E

Power supply
250W

Memory
240 Pin DDR2 PC2-6400 MB/sec
4GB
Hard drive
120 GB SATA 6G (6.0 Gb/sec)
7200 rpm

Video Graphics

Integrated on motherboard (NVidia 9100)

Sound/Audio
High Definition 6-channel audio
ALC 888S chipset

Network (LAN)
Integrated 10/100 Base-T networking interface
Added Broadcom wireless to create a wireless router

External I/O ports connections – 6  USB

Expansion slots

PCI Express mini card socket – added Broadcom Wireless
PCI Express x16
PCI Express x1

Additions-

  • 2″ Fan for Chipset

In the video below, HAK5 shows just how to make a motherboard like this into a nice home router/Firewall.

Solving The Security Workforce Shortage – DarkReading

According to the study, the most sought-after quality is a broad knowledge of security — more of a strategic understanding than technical know-how followed by certifications.  Read More

Opinion – While certifications are an important part of IT, the technical know-how is the most important. Getting a degree or a certification is a great advancement for your education but can you configure a firewall? Run Linux-OSX- Windows? Support mobile, wireless, servers with Active Directory and monitor and control an IT environment?   That’s the difference between $12 an hour and a career.

Thrift stores -an Internet and computer goldmine

Thrift stores and yard/garage sales can become a goldmine for computer geeks.  You have to know your technology and how to upgrade the device – and you have to truly know the value of a device/computer you stumble on.  Here’s an example -

The D-Link Dir-601 is a home router that lacks many features of other Wireless N routers.   This $60 router lacks MIMO antennas and has a throughput of about 65 -150 mbps.  However, the router can be upgraded to DD-WRT and dozens of features are added to this little router including power settings, virtual wireless, IPv6, QoS and more.

Dir-601

Amanda picked one up for the class for $1.99.   A real bargain for anyone.  So what can you get for $20 ?

D-Link, Belkin, Hawking, Linksys (WRT-54g), Cisco 150  - Most of which can take alternate firmware.

2310 Belkin Hawking wrt54g WRT120N

How about a cool project with a Pegatron motherboard so you can make a hardware firewall (Picked up for $0) -it included a quad core AMD processor and fan and 2 Gb of Ram.  Add a laptop hard drive, a 220 watt power supply and Smoothwall firewall to create a tiny firewall that protect you from malicious activity.   Total investment – $22.  I have a hard drive from Amanda’s old computer and ordered the power supply from Amazon.

Motherboard

Speaking of Firewalls – How about a Netgear FVS328 VPN firewall for the home.  Although it has reached EOL, $1.99 and uploading the latest firmware will still add extra protection to your home.

prosafe

FREE – Security engineering training by SAFECode

FREE – How can you beat it?  Once again, another excellent site has training that is Free.   While we have found Rackspace’s Cloud University,  Free Microsoft Training and virtualization this site adds an additional form of training that can help you supplement your training programs.

“Security engineering training by SAFECode is an online community resource offering free software security training courses delivered via on-demand webcasts.

Covering issues from preventing SQL injection to avoiding cross site request forgery, the courses are designed to be used as building blocks for those looking to create an in-house training program for their product development teams, as well as individuals interested in enhancing their skills. All courses are free and published under a Creative Commons license and open, non-commercial usage of the content is encouraged.

SAFECode will be adding new courses to the site on an ongoing basis. Our goal is to create a diverse catalog of security engineering training courses for all expertise levels as a community resource.”
https://training.safecode.org/

SAFECODE

“While registration is not required to view the courses, registered users of the site will benefit from the ability to:
–Download courses for offline viewing
–Post comments to provide feedback on the courses and ideas for updates.
Your feedback will be used to help keep the material up-to-date and ensure it best meet the needs of the community it aims to serve.
–Receive email updates when new courses and resources are available”

 

US businesses suffered 666,000 internal security breaches

Over 666,000 internal security breaches took place in US businesses in the last 12 months, an average of 2,560 per working day, new research has revealed. The findings, revealed by IS Decisions, also found that despite this regular occurrence, only 17.5% of IT managers consider insider threats to be in their top three security priorities.

US businesses suffered 666,000 internal security breaches.

800M exposed records make 2013 record year for data breaches

While the number of incidents data loss incidents in 2012 is almost by a third bigger that that for 2013, the number of records exposed in 2013 breaches has reached a record 823 million.

800M exposed records make 2013 record year for data breaches.

Resizing your HDD partition to improve performance

Gamers and IT professionals along with home users that are power users can significantly improve HDD performance by shrinking the partitions on their HDDs.

By using the Disk Management utility in Windows you can shrink large HDDs as needed to increase performance.

How does this work?

For optimal system performance on an IIS server, you should install Windows and IIS on one drive and data on another drive.  When you install Windows, you can partition the entire drive with the full amount and use disk management to shrink the drive later OR you can give yourself enough space +30% for temp files (etc.).  By shrinking the drive, this optimizes the drive by not only placing files where they should go but allows the drive to become efficient by having only a certain amount to index and read.

The same should be done for the data drive.  You can extend the partition as data grows and space is needed.

Hopefully my math is right on the percentages…

Windows IIS Partition (Before and After)

Western Digital Black Edition WDC2002FAEX 2TB

HD Tune 5.0 (read test)      FULL 2 TB partition        Shrank to 1 TB     Increase or Decrease
Average transfer rate

80.1 MBps

119.9 MBps

34.2%

Minimum transfer rate

42.2 MBps

50.0 MBps

16.00%

Maximum transfer rate

123.4 MBps

143.1 MBps

14.8%

Burst rate

184.6 MBps

197.3 MBps

6.50%

Access time*

13.2 ms

10.1 ms

24.00%

Data Drive (Before and After)

HD Tune 5.0 (read test)      FULL 2 TB partition        Shrank to 1 TB     Increase or Decrease
Average transfer rate

94.1 MBps

113.9 MBps

17.4%

Minimum transfer rate

48.7 MBps

69.3 MBps

29.8%

Maximum transfer rate

131.4 MBps

143.3 MBps

8.3%

Burst rate

189.8 MBps

190.7 MBps

.50%

Access time*

11.2 ms

9.6 ms

14.3%

IIS using HD Tune 2.55

IIS

Data Drive using HD Tune 2.55

Data

Test your HDD Software (Freeware)

Notes:

Partitioning SSD drives will show a gain, but because of the economics behind SSDs at this time, it may not be economically feasible.  SSD drives can be optimized in other ways.

Linux and Apple drives can be optimized by partitioning.

Golden Rule – Do not use the unallocated amount.  Save it for growth or files that are not accessed often.

How to Shrink or Extend a partition