Andy Green's Blog

A web-workers world…

Firewalls – Hardware Versus Software

The system that provides the barrier between the outside world and your computer is the firewall. The firewall examines all of the traffic that your computer sends and that comes to your computer. It will only open its gates if the traffic is on an allowed list of traffic sources and destinations. This vital computer system is nearly a requirement on all computer systems in order to protect them from viruses, worms, Trojans, and other threats. The question becomes: Should one choose a hardware firewall option, or a software option?

To better decide, it is beneficial to talk about what a firewall does. The firewall is a computing device whose sole purpose is to monitor and filter traffic. Internet communication is a process not unlike a major highway system. When you enter a address into your browser, your computer sends a signal along a network route (numbered by a port number) to another computer (described by an IP address). The port number can be between 1 and 65535, while the IP address is four numbers each between 0 and 255. The firewall will note the port and IP of each request, and based upon a set of rules the firewall will either allow or block the request. At the minimum, it will record the numbers of traffic going either way, giving a log of traffic for later review.

The difference between a hardware and software firewall arises from where the firewall sits and the mechanism it works with. A hardware firewall is a separate computing device which sits between the computer and the outside world. When the computer sends a request and the outside world replies, the firewall will review and log the request before it passes the firewall. A software firewall sits on the computer being protected reviewing all requests on the software level. Both work to protect the computer from threats entering the computer, and an infection sending data into the outside world.

The hardware firewall has the benefit of separating your computer from the process. It will review the traffic before it reaches the computer. This extends a protection that the software does not possess. The hardware firewall also has the benefit of its own resources. The firewall can also hold intelligence, filtering packets by not only where it said they came from, but where they actually came from, and their contents to an extent. The hardware firewall can also protect a number of computers on the network, as multiple computers can be on the computer side.

The shortcoming of the hardware firewall is that it does not look as hard at outgoing traffic. This can be a big problem, as some malicious programs could transmit data or launch attacks from your computer. Also, if too many computers are on the network, then the firewall will get bogged down with traffic requests, slowing the entire network down.

Software firewalls work on the individual computer. The user can choose specific programs to allow sending traffic to the outside world, and the protocol for other programs. It can be configured to deny everything but what is listed on a safe list, or it can prompt you to decide of you want to keep the site on the safe list. The big problem with the software filter is that it will only protect the computer it is on. As a result, if there are a number of computers on the network, each will need its own firewall, making it more complex to setup the network.

The question of which is better is a challenging one. Each has its own strengths. The hardware firewall is good at blocking direct intrusions and any incoming malicious code. The software firewall is better at identifying Trojans and email viruses trying to turn your computer into a zombie terminal (one that launches denial of service attacks or spam messages).

The minimum amount of protection that should be had is a hardware firewall. Upgrades and additions to your computer and its network will not affect your network security and firewall. To boost the protection, supplanting the hardware firewall with the addition of a software firewall will give a near complete protection passage. No protection is perfect; so long as there is an internet connection, then there is a possibility for someone who is highly skilled getting into your computer. The addition of firewalls will deter most attackers and block automatic, malicious scripts.

Advertisements

December 5, 2008 Posted by | Online Security | , , , | Leave a comment

How to Avoid the Google AdWords Email Scam

With the vast increase in scams going around on the Internet these days, we have to be careful. Even the best of us have been scammed at some point. Hackers are becoming more and more advanced in their scamming processes. You might think you’re at the actual site of a big name company only to be at a fake site. You could enter your credit card information into a form and the hacker now has what they need. One of the biggest and most dangerous scams going around is related to search engine giant, Google. What is involved in the scam and how can you prevent it from hurting you? Let’s look at the basics of the scam.

You get an email from what appears to be Google AdWords. AdWords is Google’s contextual ad branch that allows you to put ads up on their network of sites. If you are a webmaster you pay Google each time someone clicks on an ad. You happen to be a webmaster that has a Google AdWords account and you’ve been advertising with them.

The email that you receive tells you that there is a problem with your account. You read on to see what is going on. The email tells you that they are having a problem processing your payment with your credit card. It tells you to go to a link with “Google” in the address to enter an alternative credit or debit card. They warn you that your AdWords account will be shut off soon if your payment is not received. This worries you, as AdWords is a huge part of your online business. Without AdWords, your sales would basically be non-existent. You click on the link without thinking about it and follow the prompts. You enter your login information and then follow that up with your credit card. It tells you that your payment was accepted and you go on about your day.

Then a few weeks later, you get your credit card statement and there are many unauthorized charges. The hacker took your credit card number and went on an online shopping spree. Since it has been so long, you might be liable for some of the charges, depending on your credit card company’s policy.

This is obviously every Internet user’s worst nightmare. They thought that they were receiving a simple email from Google. As it turns out, they were being scammed by some of the best in the business. If you don’t watch out, this could happen to you.

The Google scam email is just one of many that go around the Internet from time to time. Many large companies have been targeted as a potential means to scam customers. A really dangerous scam went around with PayPal as well. These hackers can make their “dummy sites” look exactly like the real thing. If you get a suspicious email, don’t be afraid to confirm it with the actual company. Never click on a link in an email if you are unsure. Open a web browser and type in the URL yourself. Make a phone call to the company’s help desk and get some answers. When it comes to your money and your identity, you can’t be too careful.

December 5, 2008 Posted by | Online Security | , , , | Leave a comment

How to Find Online Circumventors

There are many different reasons why you might be interested in online circumventors, which is another way of referring to a web proxy. At the most basic level, you will find that a circumventor allows you to look at a site which, for one reason or another, that you are blocked from. Finding a good one can be very important when you are looking at making sure that your online browsing is both free from restrictions and secure.

In the first place, you will want to think about the reasons why you might want to use a circumventor. For instance, there are some websites that are banned in some countries. In countries that have more strict obscenity laws, there are definitely some sites, some of them completely innocuous, that you may not be able to access, and this can be a problem for a number of different reasons. Going through a proxy server will make sure that you can access the site and that it will be more difficult to detect when you do so.

Circumventors can also ensure that you are able to get around security locks or protections that have been put on your computer. For instance, if you have a young child in the house, there is a good chance that you have programs on your computer that essentially make their browsing safer or that will keep them from objectionable sites. On the other hand, you will find that it can be pesky to have to turn the securities off and on whenever you need to browse yourself, and using a circumventor can help keep this straightforward for you.

When you are looking at circumventors, you will find that they can also hide where you have been. When you go through one, it gets significantly harder to track the sites that a certain browser has been using and you will discover that this something that can be quite attractive. If you have an interest in keeping your browsing private and in making sure that your family or your co-workers can’t get into your private affairs, you will find that the use of circumventors can be quite important.

As you can see, the benefits for using circumventors can be immense; now you just need to find one that works! When you start looking, you will find that there are quite a lot out there, so make sure that you find one that will meet your needs. Are your interests in simply making sure that people can’t see where you have been, or are you more concerned about getting to sites that might have otherwise been blocked? This can tell you what kind of circumventor you are looking for.

In the first place, you may be interested to know that there are some circumventors which are very subtle. Some circumventors function in the background quite well; for instance there is an add-on on the Firefox browser that allows you to do all of your browsing through a circumventor. You will find that you can easily download this application and forget about it, and you will also find that this can be very convenient for you. You will also find that there are a number of different options that will allow you to simply type a website into a web form and pull it up.

You will find that doing a simple search on a good search engine will give you plenty of different circumventors to work with, but keep in mind the fact that you need to filter for the ones that will be most handy to you. Remember to think about what your needs are when it comes to security or convenience. There are plenty of them out there, but remember that they are not all intended for the same thing. Choosing the one that is right for your needs is quite important.

When you are looking at making sure that you get the right result in your search for a good circumventor, remember to first assess your needs and then to find a circumventor that will meet it.

December 3, 2008 Posted by | Online Security | , , , | Leave a comment

How to Reduce Fraudulent Transactions

Electronic commerce, or e-commerce, is one of the largest and fastest growing types of business today. Millions of people buy and sell products and services over the Internet. As with any type of system involving transactions of money, there are pitfalls and scammers that are just waiting for a chance to get away with theft. In order to have a productive and workable business over the Internet, you are going to have to make sure that the right steps are being taken to protect yourself.

The first step to helping reduce the chance of fraudulent transactions is to verify the customer. This means getting enough information so that you know you are going to receive payment. Some of the things that you need to be sure of is what the potential customer’s real name is, a home address to where the product is being shipped, the IP address of their computer, and a valid email address.

Though some customers may find it invasive, these types of questions need to be answered in order to protect yourself. One special part to be aware of is the email address. Free email addresses can be set up with almost no credible information needed, so being able to use it to trace a customer can be pointless. It is a better idea to deal with customers who have specified domains for their emails.

Another reason to get into so much detail is that you will be able to compare the country that the IP address is found in to where the customer says they are located at. This will be able to lend credibility to the customer if this information matches. Also, there are some countries that are actually known to have more problems with scammers and frauds. By getting a list of these countries, you will know when to require more information.

One more point to remember when looking at the customer’s address is whether it is a PO, or Post Office box or a publicly rented mailbox. Both of these can make it virtually untraceable when trying to run down customers who have committed a fraudulent transaction. Do keep in mind that when shipping a product to a company or business that they may indeed work with a PO box, but that it is verifiable that it is actually theirs used for company business.

The basic rule of thumb is if you are just not sure about the transaction, then cancel it. If there is any question about false credit card information, then do not mail the product. When a person sends a check, be sure that it clears for payment before sending the product. Another reason why it would be important to have payment in hand first is to make sure that the cost for shipping and handling is paid. Since the person who is ordering is responsible for the charges, it makes sense that you would need that payment before sending the merchandise.

November 14, 2008 Posted by | Online Security | , , | Leave a comment

Security on the Internet – KeePass For Your Computer

Hectic schedules and fast-paced lives mean that more and more people are taking advantage of doing their business over the Internet. Everything from paying bills to running online businesses can be done at a person’s leisure, when they are ready to get onto their computer. Along with so many trying to make use of the convenience of doing business online are those who want to take advantage of the system.

Computer hackers have been around just as long as the Internet. As soon as more technological advances in computer security are made, there are people who are trying to break through those measures. The one thing that usually keeps the bad guys from getting into a personal account is a password.

There are a lot of people who may use the same pass word for just about every account they have. Though this makes it easier to remember of course, think about what may happen if one of these hackers gets a hold of the “master pass word.” Everything from work and bank accounts to social sites can be gotten into, and that type of damage can be almost impossible to control. Once your personal information has been tainted on the web, it can be past difficult to repair.

One solution to that type of problem is to use a different, creative password for every single account or login that a person uses. Most folks would think that is a crazy idea to try to remember a different password for every account, but there is a way to organize and protect personal information like this. That is where a password manager program comes in.

Out of the different password programs that are available, the public open source type would be more secure. One of these that come highly recommended is KeePass which is downloadable from their web site. The way that KeePass and other programs like it work is by holding all of the various passwords that a person uses in one database that can be unlocked by one “key” password.

Part of the reason why the KeePass program is a popular choice is because there is no installation required. It is a portable program that can actually be carried on a person via a USB stick. Another major consideration for using this particular program is that it is totally Windows compatible.

Since security is the major draw for using the program, it is good to know that not only the list itself is securely encrypted, but the whole working database is as well. Options of how to access this information is important as well. KeePass gives a couple different options such as burning the “master key” file onto a disc to use for accessing the information. Or, a person can elect to open it with just one main password. For anyone who is interested in very high security, both of these access points can be combined.

Anyone doing serious business over the Internet needs to be able to protect themselves. Being able to manage passwords is a crucial part of this protection. One last bonus of the KeePass program is that it can generate passwords at random. This can be helpful to come up with new passwords for all of a person’s logins.

November 14, 2008 Posted by | Online Security | , , , | Leave a comment

How to Detect a Scam

The Internet is a great tool that has revolutionized the way we do business. While it offers a lot of good things for buyers and sellers, it also has a downside. Although most products are from a reputable source, some people are out there trying to scam you out of your money. Regardless of how you do business, there will always be certain people that are dishonest. There’s really no getting around that fact. So how can you protect yourself and make sure that you’re not scammed? Let’s look at a few ways that can help.

Most of these tips are pretty much common sense to most people. If you keep your head at all times, there’s no reason that you should be scammed. However, many competent people make the mistake of being careless. Sometimes it comes back to bite them.

Buy from reputable companies whenever possible. If you know the company, like Wal-mart or Target or something like that, you’re obviously going to be ok. When you can’t buy from them, be careful of the companies. If you’ve never heard of the company that you’re going to buy from, check them out on Google. Usually if there is a scam to be found, it will come up on Google as soon as you type it in. Others have usually been scammed by the same company and you can avoid them right off the bat. You can also visit scam.com and see if the company is listed on there. If you think it might be a scam, many other people have probably been scammed as well. Use the experiences of others to your advantage.

If it sounds too cheap, then you should probably steer clear. Let’s say that someone claims that they’re going to sell you a brand new Mercedes Benz for $500. Would you actually believe that? Of course not! However, there are claims that ridiculous being made by scammers every day and people believe them. No one is going to be able to give things like that away for free on the Internet. Always ask yourself how the company is going to make money from this transaction. If you think they’d be losing money in order to make it happen, you should probably stay away.

Another steadfast rule that you should always obey is staying away from unreachable companies. An even better rule should be to stay away from companies that you can’t call and talk to on the phone. If they only have an email address, they still might be shady. It’s too easy to come up with a fake email address these days. If they don’t have any contact information then stay as far away from the deal as possible. This has scam written all over it.

Overall, scams are usually easy to stay away from. However, sometimes an exceptionally talented scammer gets through and comes up with one that is hard to spot. If this happens, just use caution. If you always use common sense and keep your personal information guarded, you’ll usually be fine.

October 15, 2008 Posted by | Online Security | , , | Leave a comment

How to Avoid Online Fraud

Whether you have been burned in the past by online fraud, or you are simply interested in never being in such a situation, you will find that the more good information that you have under your belt, the better. Online fraud can take many forms, and you will find that the consequences can range from being mildly inconvenient to being extremely damaging, so take some time and make sure that you have protected yourself as best as you can.

1. Be aware of phishing

Phishing is a technique that is used by many people who are attempting to scam money online. You will receive an email that seems completely sincere that will direct you to a site where you will enter your bank information, credit card information, Social Security Number or some other designation. The truth is that while some of these attempts are quite crude, others are extremely sophisticated. They might pretend to be from your bank, or from some another trusted source, like a business that you have previously dealt with. Whenever you are asked to divulge information like this, contact the organization and ask why.

2. Check your bank balances regularly

One way that many people become victims of fraud is when their credit cards are skimmed. Skimming involves someone taking the numbers from your credit card and using them in online transactions. Stay up to date on how much money is in your account and figure out what you have been spending your money on and where. Whether you trade with a lot of small merchants or you have worked with larger retailers, this is usually an inside job, so be aware of where you use your credit cards.

3. Know what you are buying

One of the most common types of online fraud is where you will simply buy something and what you receive is not what you expect. In this, your only defense is to be a savvy consumer. Read up on who you are buying from, and figure out what their track record is. While you can and should read their testimonials, spend some time researching them online as well. Are they trusted merchants, and do they deliver what they say that they will? When you are on auction sites, always check their buyer reviews.

4. Shopping securely

Whenever you are on a page that asks for your personal information find out if it is secure. A secure page is one that is protected from incursions by non-authorized persons. An indication that the page is secured is a small lock icon somewhere on the address bar and a URL that begins with “https” rather than “http.” If the page is not secured, find another way to order.

Take some time and make sure that you are dealing with a reputable party. The more that you know about the people that you are dealing with, the better off you are going to be. A little bit of knowledge goes a long way, so be sure to be as safe as you can when you are shopping.

October 15, 2008 Posted by | Online Security | , , | Leave a comment

How to Permanently Remove Sensitive Data From Your Hard Drive

What ever the reason you may have for wanting to permanently remove all the data from your hard drive, there are several really great data shredders, and hard drive cleaners on the internet today.

If you are part of a company that is upgrading their computer systems and they want to donate the old ones, it is important that you know exactly how to permanently remove sensitive data from your hard drive. Getting rid of all those important files consists of more than just deleting the cookies, and the history. You need to go into the hard drive and delete the files themselves; however, this is not done by going into the hard drive and deleting the folders yourself. A good computer operator will know how to go back into the hard drive and do a systems recovery and bring all those files back up.

Every time you go to a website of any sort your computer is tagged by the website. This means that your computer identification is automatically given to the website, resulting in unwanted email, or advertisements. By using a shredder or a hard drive cleaner, your hard drive is swiped and all of your files are deleted permanently; however, when you are deleting the file this way, do not stop at one time, go through the process of swiping your files at least two more times to ensure that all the files have been permanently deleted.

A good hard drive cleaner will not only delete the files and folders that were previously deleted, but it sort of Nuke’s the system, deleting all the hard drives. It will also erase the index.dat, and any encrypted files and other devises; the network files will also be erased permanently as well as the temporary files, the cookies, the history, and the internet cache which will defeat a file recovery after it has been swiped.

As to what is the best hard drive cleaner on the market, that is left up to each individual. Every person has their own preferences, and what one person likes another person may not. When you are searching for just the right cleaner beware of any free software or Freeware, these programs tend to only swipe part of your hard drive. It is much better if you are doing this for your own computer before you are going to upgrade it for a newer model, that you research the hard drive cleaners, decide which one you want to use for yours, then purchase it and use it. The one thing that is really important before you purchase your hard drive cleaner is to make sure that the program is compatible with your version of Windows.

October 15, 2008 Posted by | Online Security | , , | Leave a comment

Tips For Shopping Safely Online

Shopping safely online should be foremost on your mind before you hand over your financial details to any web store. Luckily, shopping online isn’t as risky as it used to be and millions of safe transactions are made each year. Still there are a few things to look for to ensure you have a safe shopping experience.

The best tip for shopping safely online is to make sure you do business with a reputable website. Just because someone creates a fancy looking website, it doesn’t mean it is a safe one. Investigate the company first as best you can. Even if you think you are shopping at a well known offline company, double check the URL in your browser’s toolbar. A common trick of identity thieves is to create a dummy site that looks identical to the real one. The only way you may be able to tell for sure is by looking at the website address. Another time to examine the toolbar is when you are entering your financial details into the order form. To indicate a site is secure the URL will begin with https instead of http. Some browsers will even display a secured site icon such as a closed lock to let you know it is safe to enter your personal details.

If the site you are ordering from does not have a well known offline reputation then you should be even more careful. Make sure the site displays a street address as well as a telephone number. The site should have both a ‘contact us’ and ‘privacy notice’ page. Additionally, the website may have third party endorsements such as a Better Business Bureau graphic or a Trust-e icon. Click those to make sure it pulls up the company’s profile and the graphics were not just stolen by an identity thief.

To help you decide if the website is reputable, run a web search on the site to see what other people are saying about them. Word of mouth is a great way to tell if the company delivers as promised or if they have ripped people off in the past.

Another tip for shopping safely online is that when you provide your financial and personal information, give only what is absolutely required. There should never be a reason to have to give your social security number when ordering products online.

Most credit cards and banks will reimburse you if your card was used fraudulently online. To help ensure you are shopping safely online, create a special account that you only use online, or pick up a prepaid credit card to use. That way you don’t have to worry about anyone getting to your main financial account. Even though reputable companies work hard to protect your information, at times hackers can still break into a database and steal credit card information.

Ultimately, it is up to you to protect your identity and your finances. Check your statements closely and check your credit report periodically to make sure everything is as it should be. By following these safe online shopping tips and keeping tabs on your accounts, you can enjoy the convenience and variety of choice that shopping online offers and have peace of mind knowing you are shopping safely online.

October 11, 2008 Posted by | Online Security | , | Leave a comment

How to Perform a Reverse IP Lookup

If you are the owner of a website or blog, you may want to keep track of your visitors, so that you can find out the reach of your website. Otherwise you may simply want to know who sent an anonymous email message to you, and hence you may often have wondered if there is any way to find out more about a person using only their IP address. There is a way to get some such information using a process known as Reverse IP Lookup.

In order to perform a Reverse IP Lookup, you first need to obtain the IP address of the person you want to trace. The IP address or the Internet Protocol address is usually a twelve digit number, unique to every computer connected to the internet. When you connect to the internet, your Internet Service Provider assigns a number to your computer, which acts as your universal address on the internet.

So, how do you find a person’s IP address? If you own a website or blog, then your server will usually have a log file containing a list of all visitors to your website. This log will have the person’s IP address recorded in it.

If you want to find the IP address of a person who sent you a mail, then you will need the full headers of the email message. Usually, there will be a button on the mail page which says “View Full Headers” or something similar to that. Clicking this button displays a large amount of extra information near the subject line of the email. The IP address of the sender will also be listed here.

So now that you have the IP address, what’s next? You will have to visit a site which offers IP lookup services such as Visual Route. There are a lot of free IP lookup services on the internet. Once you find a website of your choice, enter the IP address into the site, and it will perform a lookup. Once it is done, the results are displayed to you.

So now that you know how to perform a reverse IP lookup, can you find the address of the person who’s been spamming you all week? No, you can’t. Though some useful information can be obtained by doing a reverse IP lookup, there are some pieces of information that cannot be found using a reverse IP lookup. The name and address of the person are some of the information which cannot be obtained (unless you belong to a law enforcement agency that is).

Though you cannot obtain the name and address of the person, you can obtain some moderately useful information from a reverse IP lookup. Most sites offer various details about the IP address such as Internet Service Provider name, location, the time zone of the person, the international phone code. You can also obtain the state in which the person resides as well as a satellite map of the location.

Thus a reverse IP lookup yields a lot of useful information, which can be used to enhance the reach of your website or blog, or simply assist in helping pin down a spammer.

October 3, 2008 Posted by | Online Security | , , | Leave a comment