articles

How many ip addresses are there worldwide?

Fri, 26 Nov 2010 11:07:07 +0100

This page provides an overview of the number of IP addresses used in every country of the world. The numbers are generated from information published by the Regional Internet Registries (AfriNIC, APNIC, ARIN,LACNIC and RIPE NCC) published on their FTP servers. This information is retrieved at least once a week.

Total number of IPv4 addresses:

2^32:           4294967296      4294.97 million
Class D+E:       536870912 -     536.87 million -
Nets 0 and 127:   33554432 -      33.55 million -
RFC 1918:         17891328 -      17.89 million -
                ----------      --------------- -
Usable:         3706650624      3706.65 million



IPv4 addresses per country:

Country                      Country code    Addresses      Per capita

United States                     US      1514.647 million    5.441
China                             CN       270.909 million    0.212
Japan                             JP       186.408 million    1.471
Europe, country unspecified       EU       151.861 million
South Korea                       KR       102.141 million    2.180
Germany                           DE        90.748 million    1.104
Canada                            CA        79.430 million    2.550
France                            FR        79.010 million    1.334
United Kingdom                    GB        76.857 million    1.289
Australia                         AU        44.585 million    2.361
Brazil                            BR        40.241 million    0.237
Italy                             IT        35.993 million    0.624
Russian Federation                RU        34.138 million    0.232
Taiwan                            TW        30.385 million    1.365
Mexico                            MX        27.794 million    0.281
India                             IN        27.610 million    0.027
Spain                             ES        24.148 million    0.612
Netherlands                       NL        23.983 million    1.512
Sweden                            SE        20.687 million    2.335
South Africa                      ZA        17.419 million    0.431
Poland                            PL        16.075 million    0.416
Vietnam                           VN        12.570 million    0.157
Turkey                            TR        11.624 million    0.175
Denmark                           DK        10.676 million    2.003
Switzerland                       CH        10.485 million    1.464
Indonesia                         ID        10.267 million    0.048
Argentina                         AR        10.232 million    0.276
Hong Kong                         HK         9.650 million    1.423
Finland                           FI         9.335 million    1.805
Norway                            NO         8.784 million    1.961
Austria                           AT         8.347 million    1.032
Belgium                           BE         8.311 million    0.812
Ukraine                           UA         8.078 million    0.160
Czech Republic                    CZ         7.687 million    0.748
Romania                           RO         7.600 million    0.338
Thailand                          TH         6.764 million    0.110
New Zealand                       NZ         6.588 million    1.706
Colombia                          CO         6.029 million    0.142
Malaysia                          MY         5.791 million    0.260
Chile                             CL         5.679 million    0.373
Egypt                             EG         5.370 million    0.078
Portugal                          PT         5.155 million    0.516
Singapore                         SG         5.136 million    1.440
Israel                            IL         5.031 million    0.809
Ireland                           IE         4.866 million    1.289
Philippines                       PH         4.715 million    0.062
Venezuela                         VE         4.560 million    0.189
Greece                            GR         4.354 million    0.413
Hungary                           HU         4.231 million    0.421
Iran                              IR         4.053 million    0.060
Bulgaria                          BG         3.810 million    0.465
Saudi Arabia                      SA         3.597 million    0.166
Pakistan                          PK         2.908 million    0.019
Tunisia                           TN         2.729 million    0.285
United Arab Emirates              AE         2.549 million    1.044
Lithuania                         LT         2.114 million    0.572
Peru                              PE         2.101 million    0.082
                                  RS         2.060 million
Slovakia                          SK         1.970 million    0.365
Algeria                           DZ         1.831 million    0.058
Slovenia                          SI         1.766 million    0.888
Croatia                           HR         1.742 million    0.389
Kazakstan                         KZ         1.709 million    0.105
Costa Rica                        CR         1.596 million    0.397
Latvia                            LV         1.482 million    0.611
Panama                            PA         1.386 million    0.485
Ecuador                           EC         1.314 million    0.104
Morocco                           MA         1.260 million    0.044
Kenya                             KE         1.171 million    0.039
Belarus                           BY         1.113 million    0.109
Kuwait                            KW         1.013 million    0.514
Estonia                           EE         0.991 million    0.689
Puerto Rico                       PR         0.948 million    0.245
Uruguay                           UY         0.916 million    0.274
Bangladesh                        BD         0.850 million    0.007
                                  AP         0.806 million
Georgia                           GE         0.768 million    0.155
Cyprus                            CY         0.752 million    0.997
Nigeria                           NG         0.669 million    0.006
Iceland                           IS         0.621 million    2.226
Luxembourg                        LU         0.613 million    1.407
Syria                             SY         0.591 million    0.037
Malta                             MT         0.581 million    1.527
Bosnia and Herzegovina            BA         0.559 million    0.141
Dominican Republic                DO         0.557 million    0.066
Mauritius                         MU         0.550 million    0.475
Macedonia                         MK         0.535 million    0.264
Moldova                           MD         0.532 million    0.121
Bolivia                           BO         0.530 million    0.064
Sri Lanka                         LK         0.519 million    0.028
Guatemala                         GT         0.518 million    0.046
Qatar                             QA         0.512 million    0.855
Jordan                            JO         0.461 million    0.091
Armenia                           AM         0.449 million    0.127
El Salvador                       SV         0.441 million    0.070
Trinidad and Tobago               TT         0.437 million    0.337
Lebanon                           LB         0.436 million    0.133
Palestine                         PS         0.416 million    0.134
Bahrain                           BH         0.373 million    0.605
Nepal                             NP         0.329 million    0.014
Azerbaijan                        AZ         0.319 million    0.041
Libyan Arab Jamahiriya            LY         0.299 million    0.053
Paraguay                          PY         0.293 million    0.053
Senegal                           SN         0.289 million    0.030
Netherlands Antilles              AN         0.281 million    1.293
Macao                             MO         0.261 million    0.553
Tanzania                          TZ         0.257 million    0.008
Oman                              OM         0.248 million    0.097
Ghana                             GH         0.245 million    0.012
Nicaragua                         NI         0.234 million    0.046
Uzbekistan                        UZ         0.204 million    0.008
Mongolia                          MN         0.191 million    0.072
Brunei                            BN         0.191 million    0.584
Jamaica                           JM         0.185 million    0.072
Cambodia                          KH         0.183 million    0.016
Uganda                            UG         0.177 million    0.008
Albania                           AL         0.177 million    0.052
Guam                              GU         0.174 million    1.033
Sudan                             SD         0.167 million    0.006
Gabon                             GA         0.166 million    0.136
Namibia                           NA         0.165 million    0.096
Rwanda                            RW         0.161 million    0.021
                                  ME         0.145 million
Kyrgyzstan                        KG         0.139 million    0.030
Barbados                          BB         0.137 million    0.507
Zambia                            ZM         0.134 million    0.015
Fiji Islands                      FJ         0.131 million    0.160
Iraq                              IQ         0.129 million    0.006
Mozambique                        MZ         0.126 million    0.006
Côte d’Ivoire                     CI         0.125 million    0.008
Cameroon                          CM         0.117 million    0.008
Haiti                             HT         0.116 million    0.014
Honduras                          HN         0.115 million    0.018
Bahamas                           BS         0.113 million    0.367
Cuba                              CU         0.110 million    0.010
Angola                            AO         0.105 million    0.008
New Caledonia                     NC         0.105 million    0.493
Botswana                          BW         0.094 million    0.058
Virgin Islands, U.S.              VI         0.087 million    0.936
Afghanistan                       AF         0.086 million    0.004
Bermuda                           BM         0.086 million    1.315
Gibraltar                         GI         0.070 million    2.806
Malawi                            MW         0.058 million    0.005
Monaco                            MC         0.058 million    1.696
Liechtenstein                     LI         0.056 million    1.745
Antigua and Barbuda               AG         0.056 million    0.828
Madagascar                        MG         0.055 million    0.003
Maldives                          MV         0.054 million    0.188
Tajikistan                        TJ         0.053 million    0.009
Belize                            BZ         0.052 million    0.215
Laos                              LA         0.051 million    0.009
Zimbabwe                          ZW         0.046 million    0.004
Yemen                             YE         0.045 million    0.002
Papua New Guinea                  PG         0.045 million    0.009
Suriname                          SR         0.044 million    0.106
French Polynesia                  PF         0.039 million    0.168
                                  JE         0.039 million
Aruba                             AW         0.039 million    0.378
Faroe Islands                     FO         0.038 million    0.881
Mali                              ML         0.037 million    0.003
Guyana                            GY         0.037 million    0.043
Cayman Islands                    KY         0.036 million    0.943
Swaziland                         SZ         0.035 million    0.034
                                  IM         0.033 million
Réunion                           RE         0.033 million    0.047
Mauritania                        MR         0.033 million    0.012
Andorra                           AD         0.033 million    0.420
Burkina Faso                      BF         0.031 million    0.003
Benin                             BJ         0.031 million    0.005
San Marino                        SM         0.027 million    0.986
Saint Kitts and Nevis             KN         0.027 million    0.701
Seychelles                        SC         0.026 million    0.332
Bhutan                            BT         0.023 million    0.011
Niger                             NE         0.018 million    0.002
Congo, The Democratic Republic of the  CD         0.018 million    0.000
Sierra Leone                      SL         0.018 million    0.004
Greenland                         GL         0.016 million    0.293
Ethiopia                          ET         0.016 million    0.000
Samoa                             WS         0.016 million    0.087
Lesotho                           LS         0.015 million    0.007
Saint Vincent and the Grenadines  VC         0.014 million    0.126
Gambia                            GM         0.013 million    0.010
Togo                              TG         0.013 million    0.003
Myanmar                           MM         0.012 million    0.000
Cape Verde                        CV         0.012 million    0.029
Djibouti                          DJ         0.012 million    0.019
Northern Mariana Islands          MP         0.012 million    0.158
Liberia                           LR         0.009 million    0.003
Solomon Islands                   SB         0.009 million    0.020
Tuvalu                            TV         0.008 million    0.683
Cook Islands                      CK         0.008 million    0.410
Nauru                             NR         0.008 million    0.683
Turkmenistan                      TM         0.008 million    0.002
Virgin Islands, British           VG         0.008 million    0.390
Turks and Caicos Islands          TC         0.008 million    0.482
Holy See (Vatican City State)     VA         0.008 million    8.192
Vanuatu                           VU         0.007 million    0.039
Tonga                             TO         0.006 million    0.065
                                  MF         0.006 million
                                  GG         0.006 million
Micronesia, Federated States of   FM         0.006 million    0.052
Grenada                           GD         0.004 million    0.046
Central African Republic          CF         0.004 million    0.001
                                  TL         0.004 million
Saint Pierre and Miquelon         PM         0.004 million    0.585
Palau                             PW         0.004 million    0.216
                                  AX         0.004 million
Congo                             CG         0.004 million    0.001
Anguilla                          AI         0.004 million    0.512
American Samoa                    AS         0.004 million    0.060
Chad                              TD         0.004 million    0.001
Eritrea                           ER         0.004 million    0.001
Kiribati                          KI         0.003 million    0.037
Wallis and Futuna                 WF         0.003 million    0.205
Guadeloupe                        GP         0.003 million    0.007
British Indian Ocean Territory    IO         0.003 million
Burundi                           BI         0.002 million    0.000
Marshall Islands                  MH         0.002 million    0.032
Equatorial Guinea                 GQ         0.002 million    0.005
French Guiana                     GF         0.002 million    0.011
Tokelau                           TK         0.002 million    1.024
Norfolk Island                    NF         0.002 million    0.768
Montserrat                        MS         0.001 million    0.116
Somalia                           SO         0.001 million    0.000
Guinea-Bissau                     GW         0.001 million    0.001
North Korea                       KP         0.001 million    0.000
Guinea                            GN         0.001 million    0.000
Niue                              NU         0.001 million    0.512
Saint Lucia                       LC         0.000 million    0.002

Cloud Computing Security

Sun, 21 Nov 2010 07:29:39 +0100

Before diving into the security aspects of cloud computing, let us first understand the basic concept of cloud computing. In cloud computing, cloud stands for internet and computing means using computer technology, hardware, and software, i.e. using or sharing the computer technology, hardware and software over the internet. Different cloud service models are as follows:

Cloud Software as a Service (SaaS): In this service model, the consumer uses the provider’s applications on a cloud infrastructure. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, storage, or even individual application capabilities. However, the consumer might have access to limited user-specific application configuration settings.

Cloud Platform as a Service (PaaS): This service model allows the consumer to deploy consumer-created or acquired applications onto the cloud infrastructure, using programming languages and tools supported by the provider. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, or storage, but controls deployed applications and possibly application-hosting environment configurations.

Cloud Infrastructure as a Service (IaaS): This service model allows the consumer to provision processing, storage, networks, and other fundamental computing resources. The consumer is hence able to deploy and run arbitrary software, which an include operating systems and applications. The consumer does not manage or control the underlying cloud infrastructure, but controls operating systems, storage and deployed applications.

Let us see an example of the PaaS cloud service model with the help of a diagram (shown below). In this example, Demo Bank is a cloud user (consumer) and his vendor (cloud service provider) is ABC. ABC is providing PaaS (Platform as a Service) to Demo Bank and Demo Bank has deployed his application (http://public.demobank.com) on an ABC server called CCServer. Here, Demo Bank doesn’t have to worry about the infrastructure cost and maintenance, and has control over the deployed application and possibly application-hosting environment configurations. Eventually, a Demo Bank client accesses the http://public.demobank.com application as if the application is hosted by Demo Bank itself.

Diagram: Example of PaaS - Demo Bank Using PaaS cloud service provided by ABC

Now we know what cloud computing is, but why do we need cloud computing? Well, the answer is simple - it facilitates deployment of applications without the cost and complexity of buying and managing the underlying hardware and software layers.

However, due to security issues, the benefits of cloud computing are not being reaped to their fullest. Some of the important security issues are:

In cloud computing, a single server hosts multiple applications of different users. Now, if any of the applications hosted on the server is vulnerable, it might lead to compromise or unavailability of other applications as well.
Since a variety of applications are hosted on a single server, it is very likely that a large number of ports are open on the server, thus widening the network-level attack surface. If any of the services running on these ports are vulnerable, the server can be compromised.
Many cloud vendors use virtual machines to run different OS instances on a single hardware platform for serving multiple users, which opens up a new attack vector. These virtual machines have multiple flaws that can be exploited in order to compromise the server
If an application with critical data is hosted on cloud, all sensitive and critical information remain with the cloud service provider and there is always a threat of theft of company proprietary information by the cloud provider itself.
Due to lack of transparency, auditing is very difficult and at times not possible in cloud computing. If something goes wrong with your application or there is a possibility of unauthorized access, it would be very difficult to conduct forensic investigations in cloud environment.
It is difficult to ensure the integrity of computational results of an application in a cloud environment.
It is difficult to enforce the enterprise authentication and authorization framework in cloud.

Furthermore, the accumulative effects of the above-mentioned issues result in many legal implications and noncompliance to the industry standards for cloud consumers. Hence, as with any security area, organizations should adopt a risk-based approach of moving to the cloud and selecting security options. Some of the important security options are:

Identify the asset for the cloud deployment: Identify wherever it is possible to shift only part of the application functions to the cloud rather than the complete application and data. Evaluate the criticality of these assets and the corresponding impact on business in case of unavailability of these assets due to whatsoever reason.

Take Back Authentication Control: Most of the time, the authentication mechanism used for accessing (for management, administration, or usage) cloud application is too weak. This results in a breach, in which case, taking the authentication control back from the cloud service provider is a good option. Obviously, it reduces some of the benefits of the cloud, but it allows you to use strong authentication mechanisms and implement the company standard password policy, etc.

Data storage and segregation: Typically the data in the cloud is in a shared environment, which is why it is important to find out what is done to segregate data at rest. The cloud provider should provide evidence that encryption schemes were designed and tested by experienced specialists.

Transparency: Data owners wish to audit how their data is being handled at the cloud, and in particular, ensure that their data is not being abused or leaked, or at least have an unalterable audit trail when it does happen. Hence, ensure that the cloud vendor provides enough transparency.

Choose Appropriate Cloud Deployment Model: Regardless of the service model utilized (SaaS, PaaS, or IaaS), there are four deployment models for cloud services. The appropriate cloud deployment model is selected depending on the criticality of the asset and specific requirements. Different cloud deployment models are:

Public Cloud: The cloud infrastructure is owned by an organization selling cloud services and is made available to the general public or a large industry group.
Private Cloud: The cloud infrastructure is operated solely for a single organization. It may be managed by the organization or a third party, and may exist on premises or off premises.
Community Cloud: The cloud infrastructure is shared by several organizations having similar requirements. Since the cloud infrastructure is shared among fewer organizations, it provides a higher level of security and privacy in comparison with public clouds. Community cloud may be managed by the organizations or a third party, and may exist on premises or off premises.
Hybrid Cloud: The cloud infrastructure is a composition of two or more clouds (private, community, or public). The objective of hybrid cloud is to provide the local data benefits of the private clouds with the economies, scalability, and on-demand access of the public cloud.

References

Security Guidance for Critical Areas of Focus in Cloud Computing V2.1 - For Service and Deployment models

How to Customize Firefox about:blank page

Thu, 24 Jun 2010 06:02:25 +0100

Every time I open a new tab in Firefox, I'm greeted with about:blank. As far as creative names go, the name of this page is not very creative because it is just that - blank:

For most of us this isn't a big deal because we don't really spend much time staring at a new, open tab. However others may want to customize it. This article will teach you how to do just that.

To customize your about:blank page, you'll need a user-content.css file. To make one, press the Windows key and R simultaneously. A box titled "Run" will pop up. In it, type %APPDATA%. Then go to Mozilla\Firefox\Profiles. In that folder you should see a folder named something like [randomtext].[profilename]:

For most of us there should only be one folder like this. For others (who created multiple profiles) there will be multiple folders. If there are multiple folders, select the folder corresponding to the profile that you want to customize about:blank for.

Once you are in the [randomtext].[profilename]: folder, look for the chrome folder. In that folder, find userContent-example.css and rename it to userContent.css.

Next, open userContent.css in Notepad or any other text editor (Notepad is preferred over something like Word because it is more simple) add the following code to the end of the file:

@namespace url(http://www.w3.org/1999/xhtml);
@-moz-document url("about:blank") {

* {
background: url('[INSERT IMAGE URL HERE]');
background-color: #000000;
background-position:center center;
background-attachment:fixed;
background-repeat:no-repeat;
}
}

Where it says [INSERT IMAGE URL HERE], put the URL of either an image from the web (Ex: http://www.google.com/logos/giroux1.gif) or the URL of an image on your computer (Ex: file://C:/Users/Public/Pictures/Sample Pictures/desert.jpg).

In addition to changing the background image, you can

Change the background color via the background-color field. Change the #000000 code to whatever color you want (be sure to leave the # for whatever new code you enter). The code is in hex for colors is RGB. To find a list of colors and their corresponding codes, visit Wikipedia.
Change the position of the background image (assuming you have it set to no-repeat otherwise the position is pointless) via the background-position field. Here is a list of what you can enter:

top left
top center
top right
center left
center center
center right
bottom left
bottom center
bottom right
x% y%
xpos ypos
inherit

After you have edited the settings as you please, save the file and restart Firefox (if you had it open). You should then see something like this every time you open a new tab:

How to Block a Specific Website on your computer

Tue, 22 Jun 2010 19:14:15 +0100

There are many reason why you need to know how to block a website. Some of the most common reasons are you have been targeted by spammers who use adware and popups to attack your PC. Other reasons may be to prevent your children from having access to certain site content such as porn and gambling.

Depending on the level of security you wish, learning how to block a website may require a adjustments of your web browser, the use of internet filtering software or editing of your host file. At any rate you can try all methods to see which works best for you.

How to block a Website using Internet Explorer

Internet Explorer version 5 and later offer the ability for heighten security and privacy. You can block a site by following the directions below:

1. Load your Internet explorer
2. Click Tools
3. Click Internet Options
4. Click the Privacy tab
5. Under the Privacy window, Click Sites
6. Type in the site address that you want to Block and Click OK. Remember this technique only blocks on one site at a time. Parental control software will allow you to block multiple sites and categories.

Here are alternate instructions to block a website using Internet Explorer.
Tools ->Internet Options->Security->Restricted sites->Sites->Type in the site address and Click ADD then click OK

How to Restrict a Website using Firefox

Firefox requires an add-on to restrict sites. You can find many good ones at Mozilla.org.

How to block a Website using Google Chrome

1. Open your Chrome Web Browser
2. Click the wrench symbol in he upper right corner.
3. Choose Tools
4. Click Under the Hood tab.
5. Choose Change Proxy Settings.
6. Click Security, click Restricted Sites
7. Double click Sites and add the site you want block

How to Block A Website in All Web Browsers

This action will require you to edit your Host file. Your host file is a computer file used to store information on where to find a node on a computer network. For more a more detailed description. Check out this link Host File Description Link

In Windows XP

1. Click Start->All Programs->Accessories->Command Prompt.
2. Click Command Prompt This will open a DOS command window.
3. Type: notepad C:/Windows/System32/drivers/etc/hosts
4. Locate the line 127.0.0.1 localhost
5. To block the website google.com for example, just add this text under 127.0.0.1 localhost:

127.0.0.1 google.com
127.0.0.1 www.google.com

You can add as many sites any site, However you will need to prefix it with "127.0.0.1".

Google will now be blocked in all web browser. This is an advanced but easy method on how to blow a website.

The Ten Most Important Steps You Can Take to Protect Your PC

Sat, 01 May 2010 12:43:54 +0100

Many agree that Windows computers need to be protected with a strategy called defense in depth. This is not just for fighting off viruses. Clearly, network security and Internet Explorer also need defense in depth. When Internet Explorer was recently hacked in a public contest, Microsoft responded that "...defense in depth techniques aren't designed to prevent every attack forever, but to instead make it significantly harder to exploit a vulnerability."

To me, the term "defense in depth" means my having to do a lot of work. But what work? What steps offer the biggest bang for the buck?

1. To me, the most important thing you can do to protect your computer is to be skeptical. Start with the assumption that you are being lied to. No software can protect someone who lets the bad guys continually scam them.

For example, that email message may not have come from the visible FROM address. Even if it did, the senders email account may have been broken into and the message could be from a scammer. Same for instant messages.

Many tricks can be played with links to make them appear to go one place when they actually go somewhere else, and that was before link shorteners made hiding the true destination even easier. You probably don't need to install a new codec to see that enticing video. Your computer is probably not infected with 314 viruses. Even notices about updating software to install the latest patch may not be legit.

2. Software-wise, techies are always advising to keep up to date on patches for your installed software. What doesn't get said often enough is that this is an all but impossible task for Windows users. Thomas Kristensen of security company Secunia reported recently "that in order for the typical home user to stay fully patched, an average of 75 patches from 22 different vendors need to be installed [every year]..." Seventy Five patches/year seems low to me.

Without a standard pipeline through which all these companies can funnel patches, Windows users are forced to deal with many different and inconsistent patch delivery systems. It's a brutal mess, and one not likely to have a good solution for a very long time.

Secunia offers three patch related products. To me, the best bang for the buck is offered by their free Online Software Inspector. Their other products check more software, but the online service checks the most popular applications, offers a very simple and easy-to-read report and includes links to the latest software updates.

3. There is surprising resistance to my third suggestion, but it's a great way to protect yourself when keeping up to date on bug fixes is impossible: run as a limited (Windows XP term) or standard (Windows 7 term) user. I've been doing this for a while now on both Windows XP and 7. There is a small annoyance factor, but compared to the extra safety it offers, the tradeoff seems well worth it. The annoyance factor is higher in Windows XP. Much more thought seems to have gone into this in Windows 7.

Here's my approach. My current Windows userid was typically "Michael" and it was an Administrator. First, I create another Windows user called "MichaelAdmin" with the same password as user "Michael". Then I log off user "Michael", log on to user "MichaelAdmin" and drop user "Michael" down to a limited/standard user. From here on in, I continue to use user "Michael", only logging on as "MichaelAdmin" when necessary to install software or otherwise update the system.

Windows 7 is pretty good about prompting standard user "Michael" for the password to user "MichaelAdmin" when necessary. Hardly ever do I have to actually logon as "MichaelAdmin". Windows XP often requires limited user "Michael" to switch to user "MichaelAdmin" but at least its a switch, user Michael can remain logged in.

On a new computer, I would start out with users "MichaelRestricted" and "MichaelAdmin".

4. Windows users should avoid Internet Explorer. You can't delete it, but you can ignore it. IE suffers both from having a target painted on its back, because it's so popular, and from Microsoft's being slow, in general, to issue patches. Plus, it has its fair share of bugs and design flaws. I run Internet Explorer once a month on my XP machine, just for Windows Update. Independent security expert Steve Gibson does this too.

Firefox is my preferred browser, but I also use Chrome. In both cases, I opt for portable versions from portableapps.com. A normally installed copy of Firefox can not be updated by a limited/standard Windows user, but the portable version can.

5. The Adobe Reader also best avoided. Like Internet Explorer, the Adobe Reader is extremely popular, so bad guys focus on it. Like Microsoft, Adobe is slow in issuing bug fixes. At least Microsoft issues IE patches monthly, Adobe thinks that every three months is a good idea. You are safer using software that is updated when bugs are found, not when corporate needs dictate.

Among alternatives, the Foxit PDF Reader is probably the most popular. I also like the free and portable Sumatra PDF Reader because it seems to be a low end product. Fewer features means fewer bugs and a smaller attack surface. Plus, by being relatively unpopular, bad guys have no reason to exploit any bugs the Sumatra Reader may have.

Malicious PDFs are very common. If someone sends you a PDF, stranger or not, you are much safer opening it with the Sumatra PDF Reader than with the Adobe Reader.

6. Turn off autorun. The ability to automatically run programs when inserting a CD or USB flash drive was a huge security mistake on the part of Microsoft. Making this worse, in the many years since, they have modified the rules over and over and issued multiple bug fixes to the software enforcing the rules. Anyone who thinks they understand the rules for how autorun works and can explain it to you, doesn't understand the rules.

The good news is that you can bypass the quicksand of autorun completely. Every variation and iteration of Microsoft's rules boils down to a file called autorun.inf. There is a simple registry update that tells Windows never, no matter what, ever pay attention to any autorun.inf file. It's ironclad safety.

7. Protect your WiFi network from snooping. The big issue with securing wireless networks is making sure that good encryption is used for all data traveling over the air. Never use WEP encryption. If that is the only option in your router, buy a new router. WPA encryption is good enough. There have been two holes discovered with it, but experts consider them minor. WPA version 2 (WPA2) is the best encryption and should be your first choice, assuming all your wireless devices support it.

Technically, the last paragraph is not true. What people call WPA encryption really refers to TKIP and what is called WPA2 encryption really refers to AES. I mention this because if you opt for WPA2 and then chose TKIP to use with it your security is the same as WPA.

Another possible problem with WPA, WPA2, TKIP and AES is the password. Bad guys can record WiFi transmissions over the air, and then try to crack the encryption later. If the WiFi password is short, or a word in a dictionary, your private transmissions will no longer be private. Don't think password, think pass sentence. Since the wireless password is typically entered only once per computer, something over 20 characters would serve you well and not be a constant annoyance. Nothing wrong with writing it on a piece of paper and taping it, face down, to the router.

8. If you have a router, open up the front and close the back.

By open up the front, I mean insuring that you can get into the routers internal website to make changes. To do so, you need to know three things: the IP address of the router and the userid and password for logging into the internal website.

Every computer on the LAN knows the IP address of the router, it's the default gateway. Windows users can enter the command "ipconfig" from a command prompt to learn the IP address of the default gateway. Enter this IP address into your web browser and you should be prompted for a userid/password. New routers will have the default userid/password somewhere in their documentation. Never use the default password. Like the WiFi password, it's probably a good idea to write this information on a piece of paper and tape it, face down, to the router.

By closing the back, I was referring to the firewall in the router. You can test how well the firewall is protecting your LAN with Steve Gibson's Shields Up! service.

9. Use OpenDNS. The system that translates computer names to the underlying IP addresses that computers actually use to transmit data on the Internet is called DNS. DNS is such a critical building block for the Internet that every Internet Service Provider has to maintain at least two computers dedicated to offering their customers DNS services.

Maintaining DNS computers is non-trivial and some ISPs do it better than others. OpenDNS offers a free service that is fast, maintained by specialists and offers a number of advantages over the DNS service from many ISPs. Perhaps the most visible advantage is protection from visiting some malicious websites. No such service can ever be anything close to perfect, but you are safer with it than without it.

There are two ways to get started with OpenDNS, you can either modify a single computer to use their DNS servers (208.67.222.222 and 208.67.220.220) or you can modify the router so that all computers on the LAN use OpenDNS. This is one reason for the previous item, being able to make changes in your router.

10. Finally, the mandated item in every article on this subject: anti-malware software. Rather than re-tread well worn advice, the only point I'll make here is about the choice between dedicated antivirus/antispyware/antimalware software and a suite of protection software that includes this along with many other types of defensive software. Avoid the suites.

Top 10 Hacker Attack Tools

Thu, 15 Oct 2009 19:33:22 +0100

Computer security "agents" must master the same tools used by the hackers they seek, and many of these programs are available to download for free. The man-in-the middle attack, (also known as the monkey-in-the middle) is a useful method of scanning network data and extracting what is known as interesting data, (passwords, e-mail, data files). Listed below you will find 10 programs used to assault and defend networks around the world.

1. Ethereal is the most widely used network protocol analyzer in the world. Ethereal is a multi-platform sniffer that captures data packets on a wired LAN or a Wireless network. Ethereal can capture up to 683 protocols.

2. DSniff is a suite of programs that can be used in auditing and penetration testing. (Wired network or wireless.) dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf and webspy monitors networks for interesting data (e-mail, files, and passwords). Arpspoof, dnsspoof, and macof intercepts network traffic. All of these tools facilitate the man-in-the middle attack against networks. (Also known as monkey-in-the middle)

3. Ettercap is a suite for man in the middle attacks on LAN. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive dissection of many protocols (even ciphered ones) and includes many feature for network and host analysis.

4. Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic.

5. NetStumbler is a tool for Windows that allows you to detect Wireless Local Area Networks (WLANs) using 802.11b, 802.11a and 802.11g. It has many uses:

6. AirSnort is a wireless LAN (WLAN) tool which recovers encryption keys. AirSnort operates by passively monitoring transmissions, computing the encryption key when enough packets have been gathered. 802.11b, using the Wired Equivalent Protocol (WEP), is crippled with numerous security flaws.

7. Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols. The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort. It covers some security aspects/weakness present in protocol's standards, authentication methods and caching mechanisms; its main purpose is the simplified recovery of passwords and credentials from various sources, however it also ships some "non standard" utilities for Microsoft Windows users..

8. EtherApe is a graphical network monitor for Unix modeled after etherman. Featuring link layer, ip and TCP modes, it displays network activity graphically. Hosts and links change in size with traffic. Color coded protocols display. It supports Ethernet, FDDI, Token Ring, ISDN, PPP and SLIP devices. It can filter traffic to be shown, and can read traffic from a file as well as live from the network.

9. Netcat: The network swiss army knife A simple Unix utility which reads and writes data across network connections, using TCP or UDP protocol. It is designed to be a reliable "back-end" tool that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities.

10. PsTools is a set of command line utilities that allow you to manage local and remote systems.

Utilities for Nothing, Security for Free

Thu, 15 Oct 2009 19:14:47 +0100

Free utilities may lack the polished interface and some of the features you typically get with commercial software, but for most people, free security software can be a cost-effective way to protect one or more PCs.

Protecting your PCs from online threats isn't as simple or inexpensive as it once was. Just like there's no single pill that covers everything from a headache to a sore throat, there's no one piece of software that will protect your system from the various Internet-borne nasties it might come in contact with on a daily basis.

The best way to protect a PC is by using a comprehensive Internet security suite, which usually includes all the utilities you need to help keep the bad stuff at bay. But at prices ranging from $50 to $80, such software isn't exactly cheap, especially if you need to protect multiple systems (though most sellers will let you install their software on three PCs for slightly more than their single-system price).

Of course, your costs don't end with the purchase of the software, because security software is usually sold on an annual subscription basis — if you don't ante up again in a year you won't be protected against the newest threats, and sometimes your software will simply stop working altogether.

But PC protection don't necessarily have to cost a bundle, because there are lots of tools available for download that don't cost a dime. To be sure, there are some trade-offs. For starters, most freebies are licensed for home use only, so installing them on a work system may be against the license agreement.

Free utilities may also lack the polished interface and/or some of the features you typically get with commercial software. You also forgo a certain level of integration by getting your security tools from multiple vendors rather than just one, and you may not be able to get timely (or any) technical support in the event of a problem.

But in spite of the limitations, for most people free security software can be an effective (and cost-effective) way to protect one or more PCs. What follows is a list of some of the more popular free tools for the Windows OS in several security categories. (In some cases there may also be Linux or Mac versions available, though with either of those operating systems the need for these tools is somewhat diminished.) Note that the same vendors that offer free software also sell commercial versions of their products, so when visiting their sites be prepared to be pitched on why you should consider the paid rather than free versions.

This only a sampling of the free tools that are out there — there are others, but be careful and do some research when seeking out free security software — some questionable utilities (particularly some anti-spyware ones) may be designed to infiltrate your system with the very stuff they claim to protect you from.

Anti-Virus
PC users needed to be wary of viruses long before the advent of the ubiquitous Internet, so a solid anti-virus utility has always been an absolute must. Two good ones are AVG Anti-Virus Free and avast! 4 Home Edition.

Firewall
Using the firewall built into Windows XP (or Vista for that matter) is far better than having no firewall at all, but since it only monitors incoming and not outgoing traffic, it doesn't provide full protection. Two alternatives are ZoneAlarm (When downloading ZoneAlarm be sure to click the "I only want basic ZoneAlarm protection" button) and Comodo Free Firewall.

Spyware and Adware
Spyware and adware has become the scourge of the Internet, with some hidden piece of software seemingly lurking within every other Web page or file download. Two venerable anti-spyware utilities are Ad Aware and Spybot - Search and Destroy . Microsoft also offers it's own free anti-spyware tool in the form of Windows Defender.

Rootkits
Rootkits are similar to spyware or adware in that they are designed to take control of your system, but rather than do it in an overt way (like changing your home page, default search engine, or spawning zillions of pop-ups) rootkits are designed to keep themselves well-hidden. Although they can sometimes have legitimate functions, they can also be used to monitor your system activity — including keystrokes — and open backdoors that other threats can exploit. To search for and remove rootkits, check out AVG Anti-Rootkit Free or Sophos Anti-Rootkit.

NewFolder.exe Virus

Mon, 12 Oct 2009 06:59:00 +0100

The real name of this virus is Iddono. This threat copies its file(s) to your hard disk. Its typical file name is Iddono. Then it creates new startup key with name Iddono and value newfolder.exe. You can also find it in your processes list with name newfolder.exe or Iddono.

NewFolder.exe File Behaviour

NEW FOLDER.EXE has been seen to perform the following behavior:

The Process is packed and/or encrypted using a software packing process

Found on infected systems and resists interrogation by security products

Executes a Process

Registers a Dynamic Link Library File

This process creates other processes on disk

Changes the Internet Explorer Home Page Settings

Looks at the contents of the autoexec.bat file

Reads email address and phone book details

Adds products to the system registry

Modifies Windows Security Policies to restrict/expand User Privileges on the machine

Disables the built in Windows File Protection System

This Process Deletes Other Processes From Disk

Can communicate with other computer systems using HTTP protocols

Changes of IE options including home page, security tab, colour, font, advanced, menu

Disables Access to the Windows Registry Editior

Disables Access to the Task Manager built into Windows

Adds a Link in the Start Menu

NEW FOLDER.EXE has been the subject of the following behavior:

Added as a Registry auto start to load Program on Boot up

Deleted as a process from disk

Executed as a Process

Created as a process on disk

Registered as a Dynamic Link Library File

Has code inserted into its Virtual Memory space by other programs

Added as a Link in the Start Menu

NewFolder.exe Manual Detection

Below are manual removal instructions for newfolder.exe so you can remove the unwanted file from your PC. Always be sure to back up your PC before you modify anything.

Step 1:End Task

Start> run

taskkill /f /t /im “New Folder.exe”

taskkill /f /t /im “SCVVHSOT.exe”

taskkill /f /t /im “SCVHSOT.exe”

taskkill /f /t /im “scvshosts.exe”

taskkill /f /t /im “hinhem.scr”

taskkill /f /t /im “blastclnnn.exe”

Step 2:Enable Task Manager

1. Start> run

reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 0 /f

2. Start> run

reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 0 /f

Step 3:Enable Regedit

1. Start> run

reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 0 /f

2. Start> run

reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 0 /f

Step 4:Folder Option & Hidden Files

1. Start> run

reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoFolderOptions /t REG_DWORD /d 0 /f

2. Start> run

reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoFolderOptions /t REG_DWORD /d 0 /f

3. Start> run

reg add HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v Hidden /t REG_DWORD /d 1 /f

4. Start>run

reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL /v CheckedValue /t REG_DWORD /d 1 /f

reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL /v DefaultValue /t REG_DWORD /d 2 /f

reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN /v CheckedValue /t REG_DWORD /d 2 /f

reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN /v DefaultValue /t REG_DWORD /d 2 /f

Other steps

Delete the files

C:\WINDOWS\SCVVHSOT.exe

C:\WINDOWS\SCVHSOT.exe

C:\WINDOWS\hinhem.scr

C:\WINDOWS\system32\SCVHSOT.exe

C:\WINDOWS\system32\blastclnnn.exe

C:\WINDOWS\system32\autorun.ini

C:\Documents and Settings\All Users\Documents\SCVHSOT.exe

Modify some registries

\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\ Shell REG_SZ –> explorer.exe

\Software\Microsoft\Windows\CurrentVersion\Run\ Yahoo Messengger –>delete

Precaution

Never double click on such files which look like folders, instead use folder view for navigation. You may like to disable “Shared Documents”.