Category Archives: security
Content control software/ Web Content filtering using SquidGuard for enterprise network
Content filtering for enterprise network or educational institution can be a mandatory requirement in many institutions/organizations. Besides filtering web content by category, content control/filtering software can also helps us to filter out malware and virus sites, unwanted advertisements etc. Finding the right product and making it work for your organization can be a challenge. Click to find a list of content control software. When I first tried to implement content filtering system in my organization, the biggest challenge was to find the right product and get a demo running to check the integration aspects. After spending significant amount of time to identify a content filtering system that best fits my organization I did not get enough support from the local vendors. So later one decided to go with Squid Proxy with SquidGuard (some thing I used before). This works out very well for me. Besides being a little heavy on administration side, I have not much to complain about. This content filter can sit on the network as a proxy server and filter all web traffic as per the organization policy.
Educational institutors in many part of the world are bound by the law to protect children from inappropriate Internet contents. In business organizations or organizations of any type, Internet resources can be filtered for unwanted advertisements, malware, virus, pornography sites etc. Web content filtering or content control software is a smart way to address these issues and help enforce organizations policy and protect the network and its users.
Some of the categories that can be used to guide browsing behaviors are following
Advertisements, automobile, dating, education, gamble, hobby, isp, models, podcasts, recreation, ringtones, shopping, updatesites, weapons, webtv, aggressive, chat, downloads, finance, homestyle, jobsearch, movies, politics, redirector, science, socialnetwork, urlshortener, webmail, alcohol, drugs, fortunetelling, government, hospitals, library, music, pornography, religion, searchengines, spyware, violence, webphone, anonymous vpn, hacking, imagehosting, military, news, radio, tv, remotecontrol, sex, tracker, warez, webradio and more. These lists can be used to allow or disallow certain category of sites
SquidGuard implementation for enterprise network
SquidGuard is a content filtering tool used in enterprise network to control/filter sites that end users/hosts can access.
SquidGuard is built to work as a plug-in for squid. It uses black lists and url redirection technology to make this content filter work.
There are many free/paid black lists available in the internet, that SquidGuard can work with. These black lists includes, list of url and domain, usually categorized into content group such as advertising, chat, social network, proxy, porn, webmail, education and many more.
We see content filtering requirements in educational institutions, corporate network etc.
SquidGuard is open source, works with your Squid Proxy server. I have done my implementation on Redhat EL 5.x with squid 2.6
They sell your privacy! We don’t know who they are!
Reading a blog on Acxiom Corporation making billion dollar of sales having over 1,500 data points on half a billion people makes me think what future does a privacy free internet hold for us. On one side we want to see internet to be freed from government regulation, on the other hand we as a community doing a very little on protecting individual privacy.
Image from Fotolia
I have always been annoyed receiving tele-marketing calls at all odd times of the day for the things I am rarely interested in. There is also a great deal of emails (used to be called junk) gets delivered in my mail box instead of junk box, which are somewhat targeted and related to something I might be interested in. I have spent a lot of time in earlier my life doing mail server administration. Seeing these emails makes me think that how far we have come after we started fighting SPAM. Now first they want to know everything about you.
I am no high valued customer but I always get this feeling that people targeting me has a fair deal of idea on who I am, what I do, what I am looking for. I understand sharing and publishing my information online/offline has made me a part of many marketing database. In these case I would like to refer to this known quote “if you’re not paying for something, you’re not the customer; you’re the product being sold” but then the question is how many times they would sell my information complete or incomplete, right or wrong to how many people? Is there a limit on how many time can I be targeted of my information can be sold?
I know many countries has a national DND data base, if you register you and still receive unwanted call you can take some action against them, but I don’t know of any authority which can protect me against my information being traded in an open/private market.
I surely would like to see a community to guideline for such activity where user rights more importantly human rights to comes first
Read more on what you can do to protect yourself from being targeted by random information collectors
Do not track IE, firefox, chrome? Who is on your side?
Who is tracking you online? The BIG Brothers? So many of them?
Inspired by
You for Sale: Mapping, and Sharing, the Consumer Genome
“Right now in Conway, Ark., north of Little Rock, more than 23,000 computer servers are collecting, collating and analyzing consumer data for a company that, unlike Silicon Valley’s marquee names, rarely makes headlines. It’s called the Acxiom Corporation, and it’s the quiet giant of a multibillion-dollar industry known as database marketing.”
The Faceless Organization That Knows Everything About You
“We all know such organizations exist, of course, by Acxiom operates on a terrifying scale. The Times reports that Acxiom’s servers process more than 50 trillion data transactions a year. Its database, apparently, contains information about 500 million consumer worldwide—including the majority of US adults— and on average holds 1,500 data points for each of them.”
Tag: Privacy, data, security, information, internet, Acxiom Corporation, protection, tele marketing, spam
How Safe is your password?
Managing and securing password has been one of the biggest challenges. Password leaks news on such a short span of time on linkedin, eHarmony, last.fm makes me think that, these events are gradually getting more widespread.
According to Wikipedia: A password is a secret word or string of characters that is used for authentication, to prove identity or gain access to a resource (example: an access code is a type of password). The password should be kept secret from those not allowed access.
There are always two parties who maintain the password, the user and the service provider. User should remember the password and not share with anyone and the service provider should all everything possible to make sure it is not exposed to any third party.
What we are seeing these days that the service providers are failing to secure their password storage and hackers are being able to extract it.
What is a password hack?
When someone gains access to the password database by exploiting the system or the process, if not in plain text! they will try to crack it
When someone gets to know your password, you may be targets for your data, access. The motive can vary. Many times hackers just do it to show off their ability and insult the service providers, which of course get big news coverage. In these cases most of the time you have a little to worry about. On the other times they will do targeted hack, can stay unnoticed for long or never be discovered.
What can i do to feel a little more safe with my password?
Avoid using week password, try not to use same password for all your services or even by changing a character or two.
Try using OAuth instead of creating account with each provider when supported.
Avoid using services that do not support authentication over SSL
Ask your provider how they store your password and secure your data
And the last one, this one has a very little to do with the service provider; ensure you always use a secured terminal to login. Not compromised, and protected by antivirus etc etc.
Do not track IE, firefox, chrome? Who is on your side?
Do-Not-track
After learning all about Collusion plug-in for firefox, few months back, looking at the images of network of tracker, it was always in the back of my mind while browsing how online advertising companies always trying to predict “what I am looking for” by putting on all these sponsored adds, which most of the time very annoying as they probably have a very little clue. However what concerns me the most is that they record and distribute my browsing history for indefinite time, which I don’t like at all.
Collusion Firefox Add-in
Essential tcp ip network tools, network Swiss army knife
Being a Network administrators, systems administrators we always like to have some tools handy to look into, troubleshoot or just to figure things out. There are many open source, free tools available specialized for different purposes
In this blog I shall attempt to list some of them, give a brief description and list the available platform. I prefer to run these tools from a laptop on both windows and linux platform. I also prefer to have the ability to carry them around in a pen drive in a portable format. Linux boot disks are also useful in these cases
The basic tools to check tcp/ip
Ping is the most basic tool we use to check connectivity. We also use arp to check the local broadcast domain and the arp resolution table. traceroute(linux)/tracert(windows) is used to check the path to the destination host. “mtr” is a powerful tool to view the network part for a longer period of time, usually installed as an additional package. Windows version of mtr is also available, even a portable version. One more useful tool comes mostly of out the box is nslookup (windows and linux) and dig for linux; they are very useful troubleshooting identifying dns related investigation. “whois” is one more tool useful to find out more in some ip or domain name, owner, contact authority, as number etc. Last but not the least netstat available both in windows and linux is a useful tool to find out the local network status easily. A follow the link for a detail tutorial on how to use these basic tools.
OpenVAS Screen shot
Read the rest of this entry
How to securely and effectively erase a disk with DD
At times we need to clean up our disks for whatever reason, like installation errors, privacy, security or to clean up an infected file you need a special deleting procedure.
Tools like regular delete only remove the inode of the file, which does not touch the data/contents. It is possible to recover these deleted files with simple utility. A secured delete tool like dd will overwrite the disk blocks with zero which makes the recovery impossible
To clean up the entre disk the only way to do it by booting via a boot disk, I prefer a linux boot disk
Economics of the Zero day exploit
What is a Zero day exploit?
A zero-day (or zero-hour or day zero) attack or threat is a computer threat that tries to exploit application vulnerabilities that are unknown to others or the software developer
A life cycle of the Zero-day exploit
- The developer creates software containing an unknown vulnerability
- The attacker finds the vulnerability before the developer does
- The attacker writes and distributes an exploit while the vulnerability is not known to the developer
- The developer becomes aware of the vulnerability and starts developing a fix.
The problem starts when the developer does not receive information about the exploit, while the applications are exploited. Longer the exploit remains in the hands of a few the more “valuable” and dangerous it becomes.
Economics of the Zero day exploits
A security whole can be around for a long time, unless it is known and fixed or the code causes the whole becomes obsolete. Our old understanding of using software product supported by an active community or a big organization makes you reasonably secured as long as you update the security patch as soon as they comes out. Providing our understanding that zero day exploits are publicly available and do not stay Zero-days for long.
Microsoft Store India has been hacked! So did your Password!!!
Password! Password!! Password!!!
What is worse then having a week password? Storing your password in clear text. Fortunately/Unfortunately It is nothing to do with you.
WP Sauce reports an attack took place yesterday, with the EvilShadow team replacing the front page to Microsoft’s online India store
with a page called evil.html. The site is still currently down.
