DanielSecurities

About Us | Contact Us
Web Site Development | Hosting | Dedicated Servers | Security Auditing | Security Consultation | Vulnerability Testing | Performance Consultation
Web Site Development | Hosting | Dedicated Servers | Security Auditing | Vulnerability Testing
Web Site Development | Hosting | Virtual Servers | Security Auditing | Vulnerability Testing
Web Site Development | Hosting | Vulnerability Testing | Free Applications
Whitepapers
Just a Little Bit

Site Map

logo
Logo

Blogs: Just a Little Bit

With computers creeping up everywhere, it is important to look beneath the labels, packaging, dogma, and the lies to see the truth behind products, to educate the consumers, and to better serve ourselves because the internet isn't about you or me, it's about everyone. Anyone who connects to the internet is responsible for its well being; the internet is about community, not disunity and in order to serve it, ourselves, and each other we must look through the vail of HTML and half-truths to find the reality.

December 7, 2006

Cell Phones Only, Please

Cell phones are in high demand and have been for many years. People are even getting rid of their land-lines in favor of just using their cell phones. Before you decide that your cell phone is the only way to go, here are a couple of things to remember: 911 doesn’t always give you 911, cell phones (like wireless networks) can be listened in on very easily, and they don’t work everywhere. There are service providers who have routed 911 to go to various places other than the 911 call centers. This means that you might have to wait a couple of minutes before ever even getting a professional who can get you the help that you need or walk you through the steps to save a life while waiting for help to arrive. Furthermore, cell phones mean that your system can be broken into while you are walking around, so long as it gets service. We must remember that the second you put internet capabilities on something, you let the internet have access to it, and once you put a transmitter/receive you introduce it to the world. Your cell phone could get attacked by a malicious person leaving you without your contacts list or even without a working cell phone. The last point needn’t even be discussed in depth… you don’t get service everywhere you go (no matter who you have as a carrier). So before you get rid of your land-line, remember these points and think about the possible repercussions.

November 27, 2006

Buggy Coding

Most companies do a poor job error testing their code. Companies are luck to test even 80% of the code that they write, leaving at least 20% completely untested. Of the 80% that is tested, most is barely tested, leaving many issues undiscovered. While it is impossible to find all bugs, more companies need to invest more time, energy, and money into better testing their software (and hardware). Many vulnerabilities involve indices being out-of-bounds, something that is easy to test against (and prevent) if more time were taken ensuring that code was properly written. While it is impossible to find all bugs, the basic ones should be trivial and should be caught during testing. All software should be checked for the most common issues before the product ever enters the real world. Once that is done, the less common coding errors should be checked, but at least get the most common!

November 10, 2006

Choose the Right Database

Many companies use databases. In fact, most computer users use a database every day. The databases in question are not those used to index files on a system, but rather those used to store information for businesses. More often than not, companies will use a database system that is not right for the job. For instance, Microsoft Access appears in many small businesses and even in some medium and large businesses. Access is a very light database and cannot handle large amounts of data efficiently; that was never its purpose. Medium and large companies should use SQL, DB2, MySQL, or something of that type, never Access. In fact, MySQL and DB2 are free, so the only reason for a business to not use them is if they want to pay for a better database or if they don’t want to hire database administrators.

The issues that arise because the wrong database is being used in a situation are too many to enumerate, however they include data lose, slow queries, inefficient data storage resulting in wasted hard drive space, and even the entire database being lost. It is important that databases be chosen based on how well they fit the task, not solely on the price or ease of administration (although those should be factors). You can hire more personnel, but it can be hard, if not impossible, to recover data lost, and having to constantly buy more hard drives can become expensive if your database wastes space. It is important to also note that a good administrator is required to produce the best results with ANY database system.

October 21, 2006

Minimize Exposure

Systems across the internet are overexposed. This means that ports are open to attackers that don't need to be. There are many ways to reduce exposure, such as firewalls, but the most basic is to close services that are not needed. For instance, most CISCO servers need not have small-tcp-servers or small-udp-servers turned on. Home computers should be behind a gateway, be it a router or intelligent switch that blocks most, if not all, unsolicited traffic. By doing as such, a home computer has reduced the surface for attacks, but has also made it so that its vulnerabilities are not exposed directly to the internet. All systems should have antivirus software if they download information or if information is uploaded onto them. It is not wise to be cheap with an antivirus system because you are paying for updates and, hopefully, a good detection engine. If you use free software, you might get updates weekly, thereby exposing you to new viruses for at most a week before you could possibly get an update to prevent infection. The key to limiting exposure is to hide systems that don’t have to be on the border, firewall those that do (good practice is to firewall those on the inside, as well), and to put an antivirus system on all computers that upload and download files.

October 5, 2006

802.11 n

What does 2007 bring in terms of hope for the many who are tired of their wireless connections being so slow? The newest standard in wireless technology is to become official. While it will not replace, or even compare with, a gigabit connection, it will beat anyone who has a 100 megabit connection. While this new standard is expected to come out in July of 2007, consumers should expect products to be available beginning around November of that year. The new standard should have increased range, about 50 feet indoors, and increase throughput, with a theoretical max of 540 megabits per second. This is an increase of 10 times that of the current 802.11g standard in throughput, so you will certainly know the difference! If you have a wired network, you shouldn't hold your breath waiting for a standard that will beat the current wired maximum any time soon. The freedom to roam might be a nice price for half of the speed, though. Just remember that wireless is inherantly insecure, so don't run too much personal information through such a connection if you don't have to!

September 22, 2006

Mixed Environments

Mixed environments are very similar to dual boots, except that the different Operating Systems are on the network level, not on a single system. For instance, if you build a network that has one Windows system and one *NIX system, you have created a mixed environment. The problem comes in when you have them on the same domain. If on the same domain, you must now get the systems so that they can both log into the domain server as well as, perhaps, talk to each other. In most cases, you must use weaker encryption schemas for transmitting passwords. This obviously lowers the security of the system, but what is worse is that many times, *NIX will send passwords in clear-text when present in a mixed environment. Clear-text means that it is completely unencrypted. If you wish to keep your passwords safe, it is recommended that you separate the domains and never have a mixed environment. Once again, you simply provide more surfaces for malicious users to attack, you complicate things, and you lower your security settings.

September 7, 2006

Dual Boot

Many "techies" like to discuss how they have their system set up to be a dual boot system. This just means that they have multiple Operating Systems installed on the same system and can choose which one to boot. The problem is that is makes for a very insecure system, as one Operating System can mess with the files of the other one, without the user restrictions applying that the other one had (we are assuming that the OS’ are different and something like *NIX and Windows) on the files. For instance, if you have a dual boot set up, it is trivial to boot into one OS and grab the password file of the other, as it is no longer protected. Furthermore, since a chain is as weak as its weakest link, you simply introduce more vulnerabilities (since you have now the vulnerabilities of both OS’ as well as the practical ones stated above). It is recommended that you never dual boot with multiple OS’, particularly if you have sensitive information on the system.

August 25, 2006

Intrusion Prevention Systems

IPS software is designed to use signatures to detect and block malicious network traffic. These systems work by examining packets, just as IDS software does, and checking to see if the packet has a known or similar signature to malicious traffic. The difference between an IDS and an IPS is that the IPS will then block that traffic. Intrusion Detection Systems are great for monitoring that internal users are not violating company (or parental) policies. Intrusion Prevention Systems, however, allow you to enforce the policies and are of greatest use when preventing malicious external users from entering or attacking the network. If your router or the IPS server is powerful enough, it is best to use an IPS to monitor and control both internal and external network traffic; however you should at the very least monitor external network traffic. If you use the IPS on all networks, just make certain that the hardware can monitor all of the traffic without too much trouble.

August 7, 2006

Creating Secure Passwords

The length of any given password can mean a lot in terms of how secure the system is as a result. All passwords should be, in an ideal world, over fourteen characters long, easy to remember, and use some substitutions. For instance, ‘a’ can be replaced by ‘@’, ‘t’ with ‘7’, ‘i’ with ‘:’, etc. The best passwords are not words at all, but rather, they are sentences, without the spaces. There are three major benefits to using a sentence: it is long, easy to remember, and a “dictionary attack” (where someone attempts to break a password using a dictionary) will produce nothing of any use. Also, if you know multiple languages, having a password use multiple languages helps further complicate breaking the password. Lastly, all passwords that you use should be different. The best way to achieve this is to have each password mention something about where you are logging into. By doing this, you have unique passwords, but you merely have to think about where you are logging into and you will know which password to use (never write the password down, but you will have a mental hint).

An example that demonstrates all of this would be if you are logging into your work and created the password “Ano7h3rD@yAno7h3rDoll@r.” This password is the phrase “Another day another dollar.” and contains upper and lower case letters, numbers, and non-alpha-numeric symbols as well as being 24 characters long (including the period at the end). Cracking a password such as this is very difficult and time consuming (unless the encryption scheme is broken), so your account is now much safer than before.

July 24, 2006

It's All In A Name

There are many different facets to securing a system and many different ways to help lock it down. A key step that will help secure your system is to either rename or remove default accounts. For instance, Microsoft Windows NT based systems have two major default accounts: Administrator and Guest. A simple way to help keep people who are clueless from breaking into your computer would be to rename those accounts to more meaningful names. If your Administrator is named John Smith, you can rename the account to jsmith, smithj, or something of the sort. One should be careful, though, that you not rename it to JohnSmith if everyone knows that John Smith is the Administrator. This is a quick and easy way to help prevent people from mindlessly guessing passwords if they don’t even know the account name! For those of you readers at home, open the Control Panel and go to Administrative Tools. From there open Computer Management. In the Tree Menu to the left, you will see System Tools (click on it), then Local Users and Groups (double click), and then Users (double click). Now, select the Administrator account (click once) and then press F2. Now you can rename the account and always use that name as the log in name (although we do not advise that you use this account unless you have to)!

July 10, 2006

Website Graphics

Pictures… flash media… Java applets… they are all great media to illustrate your point and your company’s capabilities, but they are dangerous in the wrong hands. How so? Many websites use graphics, styles, and media files that are either large to download or distracting. Both of these can kill a site for even the most determined pursuer of your content. The worst thing that you can do is make your clients download software just to view your website. If they need it to visit are particular part, it is still an annoyance, but if they can’t even use your website, probabilities are that they will just go elsewhere. When file size gets out of hand (keep in mind that most homes still use phone modems for connectivity) and the download takes forever, the user will not likely stick around and wait. If you have a hideous, distracting, or overpowering graphic, you will loose your message. Keep all of this in mind when you are building or revamping your website, because the company website is becoming the first impression for many of your customers and will likely remain as such!

June 30, 2006

Backing Up Information

Computers are like people: when young they are agile, fast, and are able to do stupid things; as they grow older, the youthful activity catches up with them and memory might start to fade (… and things might need replaced). The worst thing that can happen is for information to be lost, especially if you never back up your system. While we are not the “typical” users, we back up at least once every week anything major, volatile projects might even be backed up after every change, and the minor files are backed up about once a month. Computers don’t normally crash, but they will eventually die, so play it safe, play it smart… back up your system and the important files. Our experience has been that even the largest company (or government) can back up a system with only a one time effort using some FTP clients that allow synchronizing with a back up server. If you can do this, it would be the easiest method and could be the fastest. If you can’t, external drives are great (better than DVDs, which get lost easily, mixed up, and are fragile). Just remember to back up often, no matter if you are a person or a business.

June 12, 2006

Know When to Buy

No matter who you are, computers are expensive (Bill Gates didn’t get rich throwing money out the door). The only way that you can beat the prices is to shop around and buy near holidays. Many people make large purchases during the holiday seasons, which can be a smart buy if the store works that way. An interesting fact is that many stores actually sell products at the best price either before or after the rush of the season. In short, if you plan on purchasing computers or computer parts, shop around and wait a couple holiday seasons to discover when the sales really are. If you buy online, make certain that the store is reputable and do your homework!

May 22, 2006

Build Your Own Computer and Save

We’ve all seen the ads from Dell, Gateway, HP, and Apple for the "latest and greatest" computers. They all claim to have great gaming systems for less, but the reality is that if you were to build your own, or have someone else do it for you, you would get newer technology and a better price. Alienware, a company that prides itself on making gaming systems, computers can be up to three times more in cost than if you were to build the same system or have it built for you. Those preconfigured systems aren’t much less, either; if you think about it, that $600 computer from Dell had to have cost less to make, much less, or they couldn’t even build it because they have to pay workers, warehouse rent, office space, advertising, etc. What’s more is that if you have a computer costume built, you will have a computer that is capable of doing everything that you want it to with or without all of the extra stuff, such as a ruined Operating System that is top-heavy with ads and software that you don’t even want. Another advantage is the quality of the materials is under your control: you can spend the extra money for the name brand memory or save yourself money by buying from someone less well-known. Remember that it is always best to shop around and make certain that you buy from someone who knows computers because if they do you could just tell them what you want to be able to do and they could buy what you need.

May 9, 2006

Anonymity and the Internet

It is common for people to feel as though what they write or read on the internet is not only safe, but anonymous. Sadly, the internet is probably the least anonymous forum ever devised. For instance, when ever you use the internet your Internet Protocol address, also known as your IP address, is transmitted to allow information to travel both to and from your system. For those on a network that uses NAT, your local IP address is encapsulated so that you can still get information back, but your router’s IP address is also transmitted, so someone could actually figure out your exact computer anyway, as well as your router. If someone knows your IP address they could easily spy on the traffic that comes from your system, or if they want to they could find out such information as where you live. Social engineering is huge to a company such as ourselves; if we are able to use social engineering coupled with various penetration techniques, we could use your own company, or your internet provider, against you to gather important information. Remember that if you write something on the internet about someone, if anyone wanted to and was clever, they would be able to figure out who wrote it and gather massive amounts of information. So just be careful what you look at and write when it comes to the internet, because nothing is safe from someone who knows what (s)he is doing and has enough time to figure you out.

April 26, 2006

Why-less?

Many people are joining in on the wireless internet and devices craze without knowing even half of the risks involved. Bluetooth, a highly popular wireless specification, is one of the most popular specifications for mobile devices, however has been proven to be more than capable of being used as a vector of attack by hackers and easily used to spread a virus. With all wireless devices comes the ability for others to intercept traffic from the device to an access point, router, or other internet or intranet device. This means that anything that connects wirelessly to the internet can be easily turned into an intranet, which is best visualized as a local internet. The important thing about this is that many security policies are relaxed for intranets because it is often, falsely, assumed that the intranet is good traffic and needs to be shielded from the outside, not from itself. A virus that infects a computer which then in turn talks with a Bluetooth enabled device can spread to the device, which is then introduced to other networks, thereby spreading the virus even more. For those who think that the flu travels fast, you've never seen a virus spread among wireless devices. If you are on a wireless device, remember that you should treat all connections as being to the internet as communications are not terribly secure (merely use Cain&Abel and you will see this) and it is simple to have someone perform a man-in-the-middle attack on a wireless device and gather information or for a virus to spread from network-to-network via one wireless device. You should never link a wireless device into a network that is important or carries sensitive information for those reasons. Wireless seems to be the wave of the future, but insecurity abounds when your information travels through the air or when you can easily move from network-to-network. If you have a wireless device, you should invest in a firewall and antivirus system and most of all, be careful!

April 10, 2006

What is an IDS?

Intrusion Detection Systems are used by companies around the world, but should you have one for your home network? In a perfect world, you would; they offer extra security and many will stop attacks before they even get the chance to do anything. There are two major kinds of Intrusion Detection Devices: host and network. The host IDS serves to secure a single computer, which is good because it stops internal and external network attacks. Network IDS software serves to protect your network at the parameter, most likely a router or gateway, from external threats. Most IDSs are intelligent in that they can discover attacks without having a specific rule, but you should always make certain that if you are purchasing an IDS it is not purely rule-based, or you won't be as secure as you should be and you will have to update your signatures often. By being both rule and anomaly based, an IDS can protect from so called zero-day attacks, or attacks that occur the same day that the patch came out to fix the issue. Many firewalls claim to have IDS functionality, however they can be avoided by an attacker using a very slow, boring attack, or by fragmenting the packets in such a way that the firewall ignores what is happening. A true IDS will assemble the fragmented or slowly transmitted packets and examine them prior to handing the traffic over to the network, thereby preventing an attack from actually doing much of anything. So the next time that you download a free IDS, buy one, or get a firewall, look and see if it has packet filtering and is both rule and anomaly based as well as having stateful packet inspection (SPI) or you might not be nearly as secure as you think that you are.

March 28, 2006

A Windows Vista Warning

Windows Vista is the current "code name" for Microsoft's replacement for Windows XP. The operating system is scheduled to be sold to home users and companies alike near the beginning of 2007 and will have many security features missing in XP integrated into the operating system. Along with more security, Microsoft has made vast improvements to the GUI (Graphical User Interface) that are claimed to not only look good, but also to enable the user to do more. One of the interesting things about this new version is that not even most of the computers around today will be capable of taking advantage of the new Aero glass interface, which is one of the biggest features that Vista is thought to be providing. Sadly, for those who don't get to use the interface, there aren't currently too many security features to make it worth while for an upgrade, in our opinion, which you can't get for Windows XP. For instance, Internet Explorer 7, which is currently in the Beta stage, will be available to XP users and it offers not only security improvements, but it also offers more compatibility with the web standards of the W3C. We encourage everyone to see if they have a machine capable of using the new Aero interface prior to purchasing Windows Vista, or whatever it ends up being called, come 2007 because if you can't have that, you'll be missing the largest reason for upgrading that can't be put on your Windows XP machine!

March 11, 2006

What is virtual memory and do I NEED it?

Virtual memory is where your computer allocates a certain amount of your hard drive(s) to act as though it is memory. In most cases virtual memory is needed because the system doesn't have enough memory to do everything that you ask it to; however, those of you with large amounts of memory (1.5 GBs or more) will likely never have such a problem and can turn off virtual memory. The reason why you should try not to use virtual memory if you don't have to is that accessing your hard drive is much slower than accessing your RAM because the hard drive has to spin and find the destination, whereas RAM is "solid" in that it has no moving parts and electricity moves far faster than any disk could ever spin. With that said, your Operating System is likely very good at deciding when to use virtual memory and when to not use it, so leaving it there will not necessarily decrease performance on a machine that has a plethora of RAM. If you choose to disable virtual memory and have errors that say that you are out of memory or experience severe slowing of the system you should re-enable it and never ponder doing as such again. (This was written after someone was told by Best Buy that their RAM wasn't stated properly by the OS because it was "stolen by virtual memory", which is not true as the two have nothing to do with one another and that would not cause such issues)

February 17, 2006

What is W3C and this XHTML that you talk about?

W3C is the group that comes up with the Web standards (note that they don't come up with the internet standards, just the Web standards). W3C itself stands for World Wide Web Consortium and they come up with the standards as to what is proper coding for various Web formats such as XML, XHTML, HTML, RSS, etc, trying to keep everything the same no matter what country you are in or browser you are using so that everyone can view the same material in the same way. It is for this reason that we feel that they are important; if we code in the standards we can be confident that any web browser that follows them will view the content the same. With that said, we also understand that some browsers do not have complete compliance or are less strict with the standards and so we work hard to ensure that we code in such a way that even those browsers will view the material in a similar, if not the same, fashion. The internet is diverse, as are those viewing sites on it, and we and all developers should try to make it so that we code to the standards and are not lazy about doing as such so that all people wishing to explore the internet can do so without being impeded by poor coding or complete ignorance of the standards.

XHTML is a format that is a blending of two other formats, XML and HTML, with the intent of offering the simplicity of HTML and the power of XML. We use it because it is the latest format for making web pages and is far more powerful than HTML. For instance, we use XHTML and combine it with CSS, Cascading Style Sheets, which allows us to have a uniform set of style regardless of the web page and reduces download time as we decrease the amount that the browser must download. The reasons for using XHTML over HTML are numerous, but we chose to use it mostly because it is intended to replace HTML in the future and allows us to do more with much less. All Web Site developers should be using XHTML 1.1 wherever possible, there is no point in XHTML 1.0 Strict, or if need be they should use XHTML 1.0 Transitional or Frameset. If you are hiring someone to make a website for you and they mention that they will use HTML and not XHTML or that they will use XHTML 1.0 Strict, you should look elsewhere because that person is not thinking of the future and is likely not up to date with the standards, if they even code in them.

February 3, 2006

How Should I Make My Web Site Look?

Web sites are great places for sharing information, be it personal or business. If you have a business, no matter the size, you should have a web site of some sort that you can point people to for information. The real question in the case of a business is "How much is too much?" Here is a quick pointer for anyone searching for a web site designer or creator: if they advocate frills that you don't like, you're likely not alone. Many businesses make the mistake of making websites full of features that merely confuse and distract people who go there or bog down both the server and the client's connections. Take for instance, AJAX, a web site design craze that is over-used. It creates a constant connection between the client and the server, which obviously increases internet traffic. This technique is not very useful in most situations that it is currently implemented. If a designer tells you that you should have something and you don't think it is needed, then just say "NO."

The more difficult situation comes with personal web sites. Such sites as a baby site are expected to have download-intensive pictures near-everywhere, but what about a simple web site that talks about you? Although it is never wise to give out more information than needbe, particularly on the internet, many people want to post personal information. If you are going to do this, don't make it complete by posting full names or addresses, and keep it simple! Personal web sites with backgrounds that are images mostly confuse anyone who looks at them. The worst case is that the background annoys, repulses the person and makes the page impossible to read. Pictures are great, but put them on a page by themselves whenever possible, such as a Gallery, not all over a page mixed with text. Simplicity is beautiful, if you remember that, your personal web site will be one of the best on the internet and be much more appealing to others.

January 19, 2006

Multiple Operating Systems?

It is becoming popular to have multiple Operating Systems on a given computer or network. While it may save money to have free Operating Systems, such as various "flavors" of Linux, one must remember the security aspect and the impact that this may have. By introducing Linux, which commonly uses Blowfish and similar weak encryption schemes by default for password storage, into a Windows environment, most security features of Windows become unused for compatibility reasons. For this reason, one should be very careful when putting Linux, which passes many passwords in clear text (unecrypted) throughout the network, as Windows will then use a default of clear text passwords. This means that a malicious person could easily get passwords and take over the network.

If you instead do what is called a "dual boot", you make any security from either Operating System useless as if one if compromised, the attacker can get whatever information from the other, which isn't running, that (s)he wants. For instance, a compromised Linux machine would allow the downloading of the .sam files from the Windows Operating system, which can then be "brute forced", the process by which an attacker merely attempts to find the password by running through letter combinations, or cracked. This would mean that the entire computer would be "owned" by the attacker. Other protected information could also be easily discovered and stolen, leaving the victim with the possibility of even bank information being taken. It is never wise to mixed your environment, be it a network or a single computer, unless it is absolutely required; the consequences can be tremendous....

January 11, 2006

Buying a New Computer?

For those interested in buying a new computer, perhaps you should either build a custom computer or wait a year. Why? For those interested in owning a computer with Microsoft Windows® some time after the next version comes out (Vista, but it used to be called Longhorn), the operating system looks like it will require a decent computer. Now, don't let this scare you because you want a cheap computer; companies will put out computers that can "handle" the new operating system with various prices and technology becomes cheaper as it becomes older. If you want the best price for the capabilities, or want a computer now, you should consider having a computer built by a company that builds custom computers, as DanielSecurities does, because they can work with you to figure out your needs and give you only what you need at a far cheaper cost than you would get from a company such as Dell®. No matter what you choose to do, just remember this advice from people who have a copy of the Beta: this next version will likely require a computer that is considered "good" right now and if you buy right, you can merely upgrade and update parts to help the computer with the new operating system.

December 9, 2005

Why You Should Update

Many businesses and home users have still not installed Windows XP's second service pack for various reasons. People should remember that Microsoft will not support Windows XP Service Pack 1 too much longer as they are to put out Service Pack 3 in a few months. Another thing that people should remember is that Service Pack 2 offers security enhancements, but that those who are afraid of the changes that would have to be made to allow for such security changes can always disable them.

It is recommended that people always patch their systems as soon as possible because malicious software is constantly being made to take advantage of those who don't. It is more than understandable for a company to say "I need to test the patch or update first," but they should do so with the most speed because every second counts in security; in less than three days you may be unlucky enough to attacked and exploited if unpatched.

Home users really should enable automatic updates, a feature that has been available in Windows for some time and isn't likely to go away. To those using operating systems other than Windows, be warned that the attitude of "No one attacks xxx operating system" is one of ignorance and that no operating system is safe. There are malicious applications for most any operating system that can be found today and that will likely always be true, so updating is important for everyone. Remember, the internet is a community and it is everyone's duty to try to ensure that we keep it safe.

December 7, 2005

It's Not a Router!

Walking through most any computer store, or perusing the internet looking at network devices one would think that they are what they claim to be. One might also think that the $150 device that you just bought is a router... why not? It says that it is… it routes traffic from my system to the internet, doesn't it? Sure it does, but the definition of a router, in the computer world, doesn't just mean that it is able to send your data from here to there, because that would make most any electronic device a router. The technical definition of a router means that it would separate domains and work at the Network Layer of the OSI model, something that you aren't likely to get at BestBuy or some website on the internet unless you are at a specialty site. A real router is expensive, hundreds if not thousands of dollars, and the capabilities of such devices would be far greater than the average “home user” could ever use. Perhaps this is a case of false advertising, not being a lawyer I wouldn't know, but it certainly is a scam as anyone who knows what a router is knows that those devices are merely switches and that many people are being sold products that aren't what the box claims to contain.

December 1, 2005

Avoiding Firewalls That Don't Do As Claimed

Stateful inspection firewalls are firewalls that don't merely observe the actions of individual packets passing through the system, but look at the packets in the greater scheme of things. Such firewalls watch connections and packets, so they do a much better job at stopping attacks because fragmenting the packets so that the malicious code is divided won't work. The interesting thing is how often you will find that most firewalls that claim to be S.I.F. really aren't. More often than not, you will find that these firewalls are only partial implementations of stateful inspection technology and that the most complete implementations are really not only firewalls, but also Intrusion Detection Systems, or I.D.S.s. When buying a firewall, be it hardware or software, be careful because if it's cheap, it's probably not all that it claims to be and merely fragmenting the packets and sending them slowly will expose the firewall's weak capabilities and could leave your network in shambles.

logo About Us | Site Map | Privacy Policy | Contact Us | ©2004-2010 DanielSecurities