In today’s world of e-commerce with its fast financial deals and virtual business transactions, people are lured to get into businesses that they are not entirely sure of.

Online scams and deceit in financial deals done over the Internet are quite common nowadays. And it pervades every kind of industry, from selling, manufacturing to pyramid.

In fact, there have been a lot of elderly Americans who were cheated of their retirement money when they decided to invest in get-rich-quick schemes over the Internet.

Yet despite the many warnings of these scams, the examples being portrayed in media and the exposes on these deceitful financial deals, more and more people still get victimized. And you can’t really blame them.

Who would not want to suddenly have a bank account so huge you don’t have to work a single day of your life? And in a way, therein lie the problem and the charm of these dubious virtual financial deals, they promise instant riches to people without them giving so much effort.

Avoiding dubious financial deals

Though these kinds of financial deals can be hugely attractive especially for people who cannot work because of old age, physical ailment or just plain laziness, there are still ways to discern the good deals from the bad ones. Here are some tips that will teach you to be smart enough and avoid dubious financial deals.

Too good to get into

The general rule that people advise is that if the business transaction or the package being offered is too good to be true, then it probably is. Avoid financial deals that promise a relatively fast return of investments especially those that require huge sum of money.

Somewhere in the terms of the contract, there is a catch that may cause you a lot, not only in terms of money but also in reputation.

Never believe the testimonials

Often, websites of these dubious virtual financial deals will contain testimonials from people who have supposedly tried out the service or scheme that they are offering.

Many believe these testimonials are legitimate especially if they are accompanied by photos and email addresses where the endorsers can be reached. Do not believe these testimonials.

Read the contract

It is also important that you read every word written in the contract of the financial deal, whether it is in hard copy or in electronic copy before you make the decision of getting into one.

This is especially true if you will make a huge investment in the financial deal. Reading the contract word for word can be time-consuming and really tiring but what is a few hours of to your time to your life’s savings?

Ask others

If the financial deal is already something that you have heard of, it is better to ask people’s opinion about it. Chances are, there are some who will be able to tell you if the financial deal is legitimate or not.

If everyone you know do not have an idea on what it is all about, there are forums and chat rooms over the internet that you can join. Post a topic about the financial deal or ask a direct question.

You’ll find that people are glad to help out. You’ll even find some who have actually come across the same financial deal. Of course, in listening and reading their opinions, you also have to remember that this is virtual, so not everything is true. Be discerning and try to get as many opinions on the subject as you can.

James Monahan is the owner and Senior Editor of TotallyDeal.com and writes expert articles about deals.

If you are actively working online than there is a huge possibility that in some way Spyware will get installed in your computer. After all, it takes is only clicking the wrong site or by downloading some programs. Nowadays there is a new form of Spyware everyday, which has been created by the people or company that is desperately seeking information. Spyware is also known as a great damager to the companies. It is not so noticeable like spam and virus attacks to the systems.

Spyware, it is almost an invisible software programs that gathers and transmits personal or company’s important data and files without being noticed. The transferred data could be utilized for smashing up your company’s credit or might hit hard to its profits. Spyware also cripples your computer and slow your computer to a crawl this is due to the way installs itself and configured to start whenever you boot up your computer system and runs all the time.

Another issue with Spyware is the privacy assault, as these programs can gather all types of data from you computer system. Spyware may also collect personal information such as financial, credit card and personal ID along with email accounts for spamming.

Even, anti-virus software and firewalls does not completely protect the computers against the mainstream of spyware and privacy intimidation. Spyware is normally buckled up with software downloads, attached to e-mails, or transferred through networks, so it can appear to be lawful software.

Protection against Spyware - It is recommended that user should fully read and be aware of the license agreement before downloading any software. Stay away from downloading unheard of and fallacious software from the internet. Avoid away from clicking pop-up.

Constantly utilization of anti-Spyware software could prevent incoming of such detrimental programs to your system. The best precautious step is that, a user could apply to block Spyware access via gateway security solutions like the NetApp Internet access and security (IAS) solution, which stops admittance to Web sites offering Spyware.

There are numerous anti-spyware programs available online. These programs search and eradicate Spyware and adware. They can detect and sweep off large number of adware files and modules. You can also download some free software on authentic sites like www.download.com, www.mcafee.com, www.spywareinfo.com, www.all-internet-security.com, www.tucows.com etc or you can use keyword “free antiSpyware download” in search.

Allen Brown is a freelance writer for http://www.1888SoftwareDownloads.com, the premier website to find Free Software Downloads including free anti-virus software, free spyware detection software, free toolbars, free chat software and more. He also freelances for http://www.1888FreeOnlineGames.com

The online scams on the Internet are hidden like landmines, ready to explode on the unsuspecting surfer who happens to believe what they say. These web scams have the ability to take not just your cash but also your identity if you don’t know how to protect yourself.

Most of the sites that you find online are legitimate and offer you goods or services with a secure method of payment. However, there are web scams where scammers set up mirror sites to the original site and hope to trick online shoppers into believing they are at the real website.

The most common way that scammers manage to get away with this is by setting up their site so that it is almost identical to one that already exists.

Then they run an email advertising campaign relating to the products they sell at the site. The links in the email look as if they are going to the real site, but they actually lead to the mirror site and anything ordered at the fake site doesn’t really exist and the scammers take the money.

Identify theft scams work in a similar way. The scammers send out emails which look as if they come from well known websites. These types of online scams are commonly known as phishing.

They harvest email addresses from various sources and send out emails requesting you to update your information at whichever site they are copying.

When you click on the link contained in their email, you will not be taken to the real site, but rather one that has been set up by the scammers to appear legitimate. Any information you put into this site will be able to be used by the scammers, including your address and credit card number.

It’s easy to become a victim to these online scams because they are very convincing. But there are a few steps you can take to reduce the chances of being caught in these online scams.

1. Don’t visit or shop at the site named in the email - delete it immediately.

2. If you do use the site, read the email carefully but DO NOT click on any of the links contained in it. Instead, open up your web browser and type in the URL of the site and then check your account status.

If there is nothing there that looks wrong, forward the email to the people who run the site. Many of the more popular sites have emails specifically for this such as "scam@ abc.com…"

3. When using your credit card to pay for items online, make sure that there is a secure payments system in place. If there isn’t use a paypal account instead.

That way if you have fallen victim to scammers tricks, you will only lose the actual amount of the transaction but you won’t have given out your credit card information.

Scammers are smart and very convincing but hopefully these few tips can help you reduce the chances of being caught in any of these online scams.

Copyright © 2005 Spyware-Information.com All Rights Reserved.

This article is provided by http://www.spyware-information.com where you will find free spyware cleaners, downloads, removal software, computer firewalls and valuable tips. For regularly updated articles about adware, spyware and protection from identity theft go to http://spyware-information.com/articles_1.html

Be aware of scams/fraud from people that say they have a client or they represent a potential buyer. They usually have a email from a free email host such as Yahoo or Hotmail or the like. The scammers are usually from Western Europe and Africa but many are right here in the U.S. What to watch out for:

* Do not buy or sell any vehicles outside the U.S. Usually anything to do with shipping across the ocean means a scam.

* Do not accept a cashiers check without contacting the phone number of the issuing bank. Once you contact the bank, make sure to validate its authenticity and have your bank verify it too. It may be a foreign or out-of-state cashiers check that looks extremely real.

* Then you must wait at least 3-4 weeks for the check to clear the bank and then you may release the vehicle. In todays world, anyone can print a cashiers check using a phony bank name, while the banking system has no way of validating the check quickly or efficiently.

* Do Not Refund an Overpayment. If a buyer proposes to buy your vehicle, whether it is a car, motorhome, classic car, motorcycle, or boat, and sends you a check for MORE than the asking price to pay for the shipping of the vehicle. They request that you refund the balance or extra amount. There have been cases whereas the seller sent off their car and lost it and the money for the shipping.

* Do Not Give Out Personal Information. Identity theft is rampant in todays world especially when it comes to credit cards.

Please take every precaution to protect your identity. Never release any of your personal information. Everyone has heard the old saying, "If it seems to good to be true, it probably is!"

These scams occur to people that are not only selling cars, motorhomes, classic cars, motorcycles and boats. The list is much more extensive. If these scammers can make even a few dollars, it’s worth it to them. Especially if they come from an impoverished country.

If you have any questions, feel free to visit http://www.Trader4Less.com and go to our contact us page. We will try to answer any questions that you may have.

This article was provided by Manny Ahles, the owner of Trader4Less.com. At Trader4Less you can buy your next motorized vehicle or sell your existing vehicle. Mr. Ahles specializes in writing articles in the fields of Automotive, Recreational Vehicles, Motorcycles, Classic Cars, and Boats.

Are you looking to sell your vehicle? If so, click here—-> Trader4Less.com

Perhaps you are looking for your next vehicle, click here —-> Search

Buying products and services on the Internet has never been as easy and safe as it is today.

In the early days of the Internet, the fear of electronic crime nearly strangled the growth of e-commerce.

THE HOLLYWOOD EFFECT

Movies such as "The Net" which told a story of identity theft, and "Hackers" which told of the antics of some teenage hackers who used the Internet to stay one step ahead of the law, put the fear of the worst into online consumers.

We should all know Hollywood well enough by now to know that we should put little faith into the exactness of the details of their plots. No one believes that real secret agents will have the same capabilities as "James Bond", right? So, why should we give more credence to the other stories coming out of Hollywood? We shouldn’t.

Fear mongers of all sorts also played their part in nearly scaring consumers away from the Internet.

As a result of the negative publicity in relationship to the Internet, e-commerce had very difficult beginnings.

WE ARE NOW TEN YEARS INTO THE GRAPHICAL INTERNET

We are now ten years down the road now from the creation of the first graphical Internet browser. The first such computer application was called Mosaic and was released for public use by Netscape in 1993. The release of Mosaic actually signaled the creation of the modern graphical Internet.

ENCRYPTION ASSURES THE SECURITY OF THE INTERNET

Today, people do not have much concern about the safety of the Internet to make purchases. There is a good reason for the confidence that people now possess in this regard.

Encryption is the most important factor in turning around the negative perception of the safety of the Internet to conduct financial transactions.

Encryption is a method of coding a conversation between two computers so that a third computer cannot understand the conversation. Encryption uses a key to create a secret language for the two conversing computers to talk without fear of a third being able to translate the original conversation.

WHAT IS ENCRYPTION AND HOW DOES IT WORK?

To better understand the nature of encryption, one only needs to think about the science of cryptography. In the old days, people would only substitute one letter for another letter of the alphabet and assign a key for the reader to understand which letter has been substituted for the other.

Even the cryptogram in your daily newspaper is a very simplistic rendition of the basic encryption methods used by our computers every day.

Computers use what is called public-key encryption. Public-key encryption uses a combination of a private key known only to your computer and a public key, which will be passed to the computer trying to communicate with yours.

If you want a deeper understanding of computer encryption than what I am going into here, you can read up on the subject at HowStuffWorks.com: http://computer.howstuffworks.com/encryption.htm

HOW CAN WE BE SURE OUR INFORMATION IS SECURE?

Skipping right to the meat of the encryption equation, the technology guru’s have created a system by which we the consumers can take one look at our browser to know whether the information we are getting ready to transfer is secured.

When you reach a page that asks for you to type in your financial information for delivery to another computer, you should look for two pieces of information from your browser.

Whenever you are on a website or a web page that protects your information, you will notice a small lock in the bottom of your browser — either on the left-hand side for Netscape or the right hand side for Internet Explorer.

Additionally, you can look at the URL in your Address Bar. If the page location is preceded by "http://" then you are on an unsecured page. On the other hand, if the page location is preceded by "https://" then Secure Sockets Layer (SSL) is securing your personal information.

As part of the global Internet security protocol — SSL enables browsers and servers to safely transmit sensitive information across the global network.

HOW SECURE IS SECURE?

My descriptions here have been very basic. Public keys use very complex algorithms for encrypting the data being transported between computers.

From the need for this technology to work in the open environment of the web, special private keys called Digital Certificates were created to enable online businesses to offer secured communications to their customers.

Digital Certificates from GeoTrust, Thawte, Verisign and others are distributed in 40-bit or 128-bit format. The higher the -bit numbers the higher the level of security being offered.

To put 128-bit encryption technology into perspective, a 128-bit number has a possibility of 3,402,823,669,209,384,634,633,746,074,300,000,000,000,000,000,000 ,000,000,000,000,000,000 different combinations!

With 128-bit encryption in place, a third computer, which might be able to intercept a single piece of information, will not be able to interpret the captured information.

HOW CAN WE USE THIS INFORMATION TO PROTECT OURSELVES?

Just because the company you wish to do business with does not have their own Digital Certificate does not mean that you cannot have secure transactions with them. Digital Certificates are expensive to purchase and to set up on a server — the last time I went through that process, the cost of setup was in excess of $1400!

Granted, my current domains do not have SSL encryption on them. However, all transactions for my domains are in fact handled through a secure server.

How is this possible?

Like many small businesses, I employ a third-party payment processor to secure my transactions.

SECURE ONLINE TRANSACTIONS THROUGH A THIRD-PARTY PROVIDER

StormPay is one of the newer payment processors on the Internet. More and more online companies are beginning to join with us in offering additional payment options through the StormPay secure transaction center.

StormPay permits people to place money into their online accounts through more methods than the majority of their competitors.

Like PayPal, StormPay permits people to put money into an account for the purpose of making purchases online. Like PayPal, StormPay permits credit card holders to make a purchase directly through the StormPay system.

Contrary to PayPal, StormPay permits people to put money into their accounts by billing their telephone, by using online checks, and by eighteen other methods.

StormPay also permits people from more foreign countries to actively participate in the global Internet economy.

Unlike PayPal, StormPay will not freeze your funds without explanation or recourse. (Please read the documentation at: http://www.PayPalSucks.com) StormPay will only freeze an account due to Spam or Fraud.

You can sign up for a free account at StormPay by visiting the following link: https://www.stormpay.com

If you are so inclined, you may also make a few extra dollars by referring your friends to the StormPay program.

StormPay uses the 128-bit Digital Certificate from GeoTrust to secure all of your transactions.

Copyright Bill Platt - All Rights Reserved

Bill Platt is the owner of http://www.LinksAndTraffic.com

• When you are tired of the struggle of the link building process, it might be time to consider our "Links And Traffic" services.

When you are ready to employ more Natural Linking Strategies in increasing your link popularity, "Links And Traffic" can help.

When you are ready for your links to actually generate click-through traffic, we are here.

This is not a link rental system or a reciprocal linking scam. We Guarantee our results.

Methods that guarantee a computer or network is safe from computer viruses, worms and trojan horses simply do not exist. Users can take several precautions, however to protect their home and work computers from these malicious infections. The precautionary measures are:

1. Never start a computer with a floppy disk in drive A; unless it is an uninfected recovery disk.

2. Set the macro security in programs so you can enable and disable macros. Only enable macros if the document is from a trusted source and you are expecting it.

3. Install an antivirus program on all of your computers. Obtain updates to the antivirus signature files on a regular basis.

4. Check all downloaded programs for viruses, worms, or trojan horses. These malicious-logic programs often are placed in seemingly innocent programs, so they will affect a large number of users.

5. Never open an e-mail attachment unless you are expecting it and it is from a trusted source. Scan for viruses in all e-mail attachments you intend to open. Turn off message preview.

6.Write-protect your recovery disk by sliding the write-protect tab into the write-protect position.

7.If the antivirus program flags an e-mail attachment is infected, delete the attachment immediately.

8. Before using any floppy disk or zip disk, use the antivirus scan program to check the disk for infection. Incorporate this procedure even for shrink-wrapped software from major developers. Some commercial software has been infected and distributed to unsuspecting users this way.

9. Back up your files regularly. Scan the backup program befor ebacking up disks and files to ensure the backup program is virus free.

http://www.for-the-touchdown.com/pc_security_new.htm

In a word, No. No machine connected to the internet is 100% secure. This doesn’t mean that you are helpless. You can take measures to avoid hacks, but you cannot avoid them completely. This is like a house — when the windows and doors are open then the probability of a thief coming in is high, but if the doors and windows are closed and locked the probability of being robbed is less, but still not nil.

1 What is Information Security?

For our purposes, Information Security means the methods we use to protect sensitive data from unauthorized users.

2 Why do we need Information Sec?

The entire world is rapidly becoming IT enabled. Wherever you look, computer technology has revolutionized the way things operate. Some examples are airports, seaports, telecommunication industries, and TV broadcasting, all of which are thriving as a result of the use of IT. "IT is everywhere."

A lot of sensitive information passes through the Internet, such as credit card data, mission critical server passwords, and important files. There is always a chance of some one viewing and/or modifying the data while it is in transmission. There are countless horror stories of what happens when an outsider gets someone’s credit card or financial information. He or she can use it in any way they like and could even destroy you and your business by taking or destroying all your assets. As we all know "An ounce of prevention beats a pound of cure," so to avoid such critical situations, it is advisable to have a good security policy and security implementation.

3 Security Framework

The following illustrates the framework needed to implement a functioning security implementation:

[ Risk Analysis ] [ Business Requirements ]

|

[ Security Policy ]

|

[ Security Service, Mechanisms, and Objects ]

|

[ Security Management, Monitoring, Detection and Response ]

This framework shows the basic steps in the life cycle of securing a system. "Risk Analysis" deals with the risk associated with the data in the server to be secured. "Business Requirements" is the study which deals with the actual requirements for conducting business. These two components cover the business aspects of the security implementation.

The "Security Policy" covers 8 specific areas of the security implementation, and is discussed in more detail in section 4

below. "Security Service, Mechanisms and Objects" is actually the implementation part of security. "Security Management, Monitoring, Detection and Response" is the operational face of security, where we cover the specifics of how we find a security breach, and how we react if a breach is found.

4 Security Policy

The Security Policy is a document which addresses the following areas:

• Authentication: This section deals with what methods are used to determine if a user is real or not, which users can or cannot access the system, the minimum length of password allowed, how long can a user be idle before he is logged out, etc.

Authorization: This area deals with classifying user levels and what each level is allowed to do on the system, which users can become root, etc.

Data Protection: Data protection deals with the details like what data should be protected and who can access which levels of data on the system.

Internet Access: This area deals with the details of the users having access to the internet and what they can do there.

Internet Services: This section deals with what services on the server are accessible from the internet and which are not.

Security Audit: This area addresses how audit and review of security related areas and processes will be done.

Incident Handling: This area addresses the steps and measures to be taken if there is a breach of security. This also covers the steps to find out the actual culprit and the methods to prevent future incidents.

Responsibilities: This part covers who will be contacted at any given stage of an incident and the responsibilities of the administrator(s) during and after the incident. This is a very important area, since the operation of the incident handling mechanism is dependent on it.

5 Types of Information Security

There are 2 types of security. (1) Physical security / Host Security and (2) Network security. Each of these sections has 3 parts:

• Protection: Slow down or stop intrusions or damage

Detection: Alert someone if a breach (or attempted breach) of security occurs, and quantify and qualify what sort of damage occurred or would have occurred.

Recovery: Re-secure the system or data after the breach or damage and where possible, undo whatever damage occurred

5.1 Host Security / Physical Security

Host Security / Physical Security means securing the server from unauthorized access. For that we can password protect the box with such steps as setting up a bios password, placing the computer box in a locked room where only authorized users have access, applying OS security patches, and checking logs on regular basis for any intrusion and attacks. In Host security we check and correct the permissions on all OS related files.

5.2 Network security

Network security is one of the most important aspects of overall security. As I mentioned earlier, no machine connected to the internet is completely secure, so security administrators and server owners need to be alert, and make sure that they are informed of all new bugs and exploits that are discovered. Failure to keep up with these may leave you at the mercy of some script kiddy.

5.3 Which operating system is the most secure?

Every OS has its own pros and cons. There are ways to make Windows more secure, but the implementation is quite costly. Linux is stable and reasonably secure, but many companies perceive it as having little vendor support. My vote for the best OS for security purposes goes to FreeBSD, another free Unix-like OS, but not many people are aware of its existence.

6 Is a firewall the final solution to the Network Security problem?

No, a firewall is just a part of the security implementation. Again, we will use the example of a house. In a house all the windows and doors can be closed but if the lock on the front door of the house is so bad that someone can put just any key-like thing in and open it, then what is the use of the house being all closed up? Similarly, if we have a strong firewall policy, it will restrict unauthorized access, but if the software running on the box is outdated or full of bugs then crackers can use it to intrude into the server and gain root access. This shows that a firewall is not the final solution. A planned security implementation is the only real quality solution to this issue.

7 Security is a continuous process

Continuing security is a on-going process. Security administrators can only conduct their work on the basis of the alerts and bugfixes released up to the date of securing, so in order to accommodate all of the fixes for the latest bugs, security work has to be done on a regular basis.

8 Does Security implementation create overhead and/or reduce performance?

Yes, Security implementation creates a small amount of overhead, but it need not reduce overall performance drastically. In order to take care of such things, a well done security implementation has an optimization section where the security administration gives priority to both performance and security. While securing any software, we should secure it in such a way that it provides maximum performance.

9 Security Audits - What Should be Checked

A security audit is a part of security implementation where we try to find out the vulnerabilities of the system and suggest actions to improve the security. In a normal audit, the points below should be checked, and a report with the results of that audit should be created.

• Check intrusion detection. Use chkrootkit or rkhunter for this purpose.

Check for known bugs in the software installed on the server - the kernel, openssl, openssh, etc.

Scan all network ports and find out which ports are open. Report the ports that should not be open and what program is listening on them.

Check whether /tmp is secured.

Check for hidden processes.

Check for bad disk blocks in all partitions. (This is just to make sure that the system is reasonably healthy.)

Check for unsafe file permissions.

Check whether the kernel has a ptrace vulnerability.

Check the memory (Another system health check.)

Check if the server is an open e-mail relay.

Check if the partitions have enough free space.

Check the size of the log files. It’s better that the log size remains in megabytes.

10 How to know if you are being hacked?

To find out if your box is compromised or not, follow these steps. These are the steps which I used to do and will be handy in most of the situations.

10.1 Check your box to see if your performance has degraded or if your machine is being over used.

For that, use the commands

vmstat - Displays information about memory, cpu and disk.

Ex: bash# vmstat 1 4 (where 1 is delay and 4 is count)

mpstat - Displays statistics about cpu utilization. This will help us to see if your cpu is over worked or not.

Ex: bash# mpstat 1 4 (where 1 is delay and 4 is count)

iostat - This command displays statistics about the disk system.

Useful options:

-d - Gives the device utilization report.

-k - Display statistics in kilobytes per second.

Ex: bash# iostat -dk 1 4 (where 1 is delay and 4 is count)

sar - Displays overall system performance.

10.2 Check to see if your server has any hidden processes running.

ps - Displays the status of all known processes.

lsof - List all open files. In Linux everything is considered a file, so you will be able to see almost all of the activity on your system with this command.

10.3 Use Intrusion Detection Tools

• rkHunter ( http://www.rootkit.nl/ )

chkrootkit ( http://www.chkrootkit.org/)

10.4 Check your machine’s uptime.

If the uptime is less than it should be, this can mean that your machine’s resources are being used by someone. Linux doesn’t crash or reboot under normal conditions because it is such a stable OS. If your machine has been rebooted try to find out the actual reason behind it.

10.5 Determine what your unknown processes are and what they are doing.

10.5.1 Use commands like the following to take apart unknown programs

readelf

This command will display what the executable’s program is performing.

ldd - This command will show the details of libraries used by a executable.

string - This command will display the strings in the binary.

strace - This command will display the system calls a program makes as it runs.

11 Hardening Methodology

• Read all security related sites and keep up to date. This is one of the main things a security administrator or server owner should do. Server owners should be made aware of security and its importance. Security training is an important part of an overall security package.

Create a good security policy. Conduct security audits on the basis of this policy.

Keep your OS updated by applying all patches.

Install a custom kernel with all unwanted services removed and patched with either grsecurity or openwall.

Disable all unwanted services and harden the services you leave running; Change file and directory permissions so that security is tightened.

Install a firewall and create good rule sets.

Test and audit the server on regular basis

Install an intrusion detection system, log monitor, all of the Apache security modules, bfd, faf and tmp monitor. Make your partitions secure.

Run a good backup system to recover data in case of an intrusion, crash, or other destructive incident.

Install a log analyzer and check your logs for any suspicious entries.

Install scripts to send out mail or enable notifications when a security breach occurs.

After a security breach try to find out how, when and through what the breach occurred. When you find a fix for it, document the details for future reference.

12 Summary

Now lets conclude by covering the main steps by which a hosting server can be secured.

12.1 Determine the business requirements and risk factors which are applicable to this system

12.2 Devise a security policy with the above data in mind. Get management’s approval and signoff on this security policy.

12.3 On approval of the policy, do a security audit on any existing systems to determine the current vulnerabilities and submit a report regarding this to the management.

The report should also cover the methods needed to improve existing security. A quick checklist:

• Software Vulnerabilities.

Kernel Upgrades and vulnerabilities.

Check for any Trojans.

Run chkrootkit.

Check ports.

Check for any hidden processes.

Use audittools to check system.

Check logs.

Check binaries and RPMS.

Check for open email relays.

Check for malicious cron entries.

Check /dev /tmp /var directories.

Check whether backups are maintained.

Check for unwanted users, groups, etc. on the system.

Check for and disable any unneeded services.

Locate malicious scripts.

Querylog in DNS.

Check for the suid scripts and nouser scripts.

Check valid scripts in /tmp.

Use intrusion detection tools.

Check the system performance.

Check memory performance (run memtest).

12.4 Implement the security policy

12.4.1 Correct all known existing software vulnerabilities either by applying patches or by upgrading the software.

12.4.2 Implement host security

• Protect your systems with passwords

Check the file systems and set correct permissions and ownerships on all directories and files

chmod -R 700 /etc/rc.d/init.d/*

Use rpm -Va to find out if an rpm is modified

• Apply security patches to vulnerable software (ie. patch -p1 < patch file)

Remove all unneeded ttys and console logins by removing the entry from /etc/securetty

Check system logs (eg: /var/log/messages, /var/log/secure, etc.)

Set a password on the boot loader (lilo and grub both support this)

Monitor the system (nagios or big brother)

12.4.3 Implement Network security

• Remove all unwanted users and groups.

Use custom security scripts which will send out notification when sshing as root or while creating a user with uid of 0, etc.

Require passwords with 16 characters (can be done by making changes in login.def).

Disable unwanted services using tcpwrapper (unwanted services can also be disabled through xinet.d or xinetd.Conf).

Set up an idle timeout, so that idle users will be logged out after a certain amount of time.

Disable all console program access (eg: rm -rf /etc/security/console.app/.)

Enable nospoof option in /etc/host.conf.

Specify the order in which domain names should be resolved (eg: order bind hosts).

Lock the /etc/services file so that no one can modify it.

Restrict direct root login (comment out the PermitRootLogin login option in sshd_config).

Restrict su, so that only wheel group members are able to su. (can use pam or disable the permission of other for the su binary).

Limit users resources (using pam, specify the limits for each user in /etc/security/limit.conf).

Secure /tmp (mount /tmp with noexec,nodev,nosuid).

Hide the server details. Remove /etc/issues and /etc/issues.net.

Disable unwanted suid and sgid files (eg: find -type -perm -04000 -o perm 02000.)

Examples of these: gpasswd, wall, and traceroute

• Using iptables, allow only pings from a specific locations (for monitoring systems to work).

Take preventive measures against DOS, "ping of death" attacks, etc.

Install a firewall (eg: apf and iptables) and only allow ports to operate which the box needs for its normal functions; block all other ports to prevent mischief.

Links: http://rfxnetworks.com/ and http://yolinux.com/TUTORIALS/LinuxTutorialIptablesNetworkGateway.html">

Install intrusion detection (eg: install tripwire or aide).

Links: http://www.cs.tut.fi/rammer/aide.html and http://redhat.com/docs/manuals/linux/RHL-9-Manual/ref-guide/ch-tripwire.html

• Install sxid to keep an eye on suid and sgid scripts.

Link: http://linux.cudeso.be/linuxdoc/sxid.php

Restrict ssh to specific IP addresses and specific users (I suggest key authentication using passphrase).

Install logcheck to check the logs.

Install tmpwatch to delete the unused files from /tmp directory.

Install and setup portsentry and configure it to use iptables to block IPs.

Install mod_security and mod_dosevasive to safe guard apache.

Delete files with nouser and nogroup.

Deleted unwanted files/folders in htdocs, disable directory indexing.

Check for unwanted scripts in /root, /usr/local, /var/spool/mbox.

Install BFD and FAF for additional security.

Disable open email relaying.

Submit a status report to management detailing all discovered vulnerabilities and fixes.

12.5 Testing phase

Use tools like nessus, nikto, and nmap to do a penetration test and see how well your server is secured. Also do a stress test.

Security is of utmost importance to a server, compromising security is compromising the server itself. Hence, an understanding of the same is a prerequisite to server ownership and administration.

Blessen works as Executive team member in Bobcares.com.

He is an Engineer in Computer Science from the College of Engineering, Chengannur. He is passionate about Linux security and looks forward to grow in that field.

With the proliferation of the Internet, many websites promote themselves by sending you spam junk mails, advertisings and even embed spyware that is difficult to remove onto your computer. These things not only keep track of your personal information, but also enable hackers and crackers to infiltrate your system. Anonymous proxy servers act as a wall between your data and the Internet, whereby providing security to your system and data. There are however, other reasons to use an anonymous proxy server.

If your work or school has any type of filtering in place to prevent people from visiting certain websites, an anonymous proxy server is a great way to get around such restrictions. Anonymous proxy servers work by acting as a "middle man"; they download the requested pages to their proxy server and in turn you download the page, all images and other such objects from the proxy server to your browser, thus bypassing any filters or annoying firewalls. Not only is this a viable alternative for students to bypass their school’s filter to access such popular student sites such as Myspace or Xanga but can be used if your workplace has strict limitations on which websites you can access. Most anonymous proxy bypass servers use one of two program, PHProxy or CGIProxy, both of which are excellent proxy software packages.

After you have discovered the benefits of using anonymous proxy servers, you will probably want to try it out. There are numerous free proxy services out there, one of the most popular is SpySurfing ( http://www.spysurfing.com/ ) and is a really fast proxy server that is popular among both students look to bypass their school filters and adults looking to bypass their work place firewalls.

Steve Avery, http://www.spysurfing.com

Spyware is getting a lot of bad press. Now don’t get me wrong. I’m not saying I love the idea of spyware but most of it is not as bad as people make it out to be. Before I go on I guess I should give a brief, if incomplete definition of what spyware is. Spyware is a program or group of programs that monitor your computer and report back to the company that installed the spyware, all of your Internet activities such as search engine searches, purchases, or just simply sites that you visit.

Now the legitimate companies use this spyware as marketing tools to find out people’s Internet viewing habits and quite honestly there’s nothing wrong with that if used legally. Sure, some people may feel that their privacy is being invaded and might object to this and if that’s the case they can always uninstall the spyware. Of course that’s not as easy as it sounds. But I’ll get into that later.

The real problem is the companies that use this spyware to steal your credit card and other private information for the purpose of charging items, using your account, and who knows what other illegal activities. Credit card theft is rampant and easier to do than most people would think. The illegal spyware programs are responsible for many of these thefts.

The even bigger problem than what is done with this spyware is even detecting that the spyware is on your computer to begin with. I’ll give you an example of how you can innocently end up with spyware on your PC.

I was looking up some song lyrics one day and in order to view this particular song lyric the web site said that I had to download a special viewer but assured me that it would in no way harm my system. Now, I have Norton Security on my PC so if a program tries to attack me I am warned. Well, sure enough as soon as I tried to install this online viewer I was bombarded with attacks from the Internet. They wouldn’t stop no matter what I did. Norton kept warning me but couldn’t stop it unless I specifically pointed out each file I wanted access denied for. Finally I just let the installation complete. To make a long story short the viewer also installed spyware, that Norton reported to me, was sending info back to a site somewhere in Asia. I knew this wasn’t good. So I stopped the program from transmitting and immediately got a spyware removal program to get rid of this monster. It took me 4 hours that night to clean up my PC.

Spyware removal programs are just that. They scan your PC for anything they recognize as spyware and remove it if they can. Some spyware can only be removed through the uninstall programs that comes with the spyware. Funny thing is, when you try to uninstall these programs, you get all these messages saying that the software REALLY isn’t dangerous and you will lose all the benefits of the program, such as making your surfing experience faster. Trust me, the only thing these programs do is slow up your computer because they are constantly transmitting data.

Unlike viruses, security programs don’t stop the spyware in it’s tracks. You have to manually tell the system which files to disallow access to. This can be a real pain in the neck. So how DO you avoid getting hit with spyware? I wish there was an easy answer to this question. Security programs help but the best way to avoid it is to ONLY go to sites that you know you can trust. I’ll never go look up song lyrics again where I have to install a viewer to see them.

Michael Russell
Your Independent guide to Spyware

This morning talking with a fellow publisher, the topic of antivirus programs came up. Seems someone somewhere is always talking about them.

Why? Because without a good system in place not only do you run the risk of a potential, complete computer shutdown, but you put your friends and associates at risk each time you contact them.

Let’s face it, the world is full of brilliant people who’s only apparent source of satisfaction is to make the rest of us using the internet completely miserable.

Unfortunately, they do a good job of it. However, you can, and must, do everything to protect yourself and others.

A quick little story might help illustrate my point…

My son’s school is a public, charter affair. He "home schools," and the curriculum is on the internet. There are numerous families in Odyssey Charter, each emailing the teacher, and sometimes each other, with important information.

Last year, one of the mothers called me. She was desperate. Her child could not access the computer. She recalled getting a suspect email a few months earlier (few MONTHS?!) and since then nothing had been working right for them. Now it was a total disaster, the computer refusing to do anything.

After spending several hours a day at their house for several days, I did locate the problem - yes, a virus. A truly sneaky one at that.

Unfortunately, there was no saving anything nor any way to eliminate this threat. Yes, her hard drive had to be completely wiped. They lost everything - no backups, of course - but that’s another story.

The thing is this tragedy could have been avoided. Why DID it happen in the first place?

The reason? Oh, they had an antivirus program, Norton, a good one, but guess what…? They never updated it! However, the truly sad (and comical!) part of all of this was Norton had expired THREE YEARS earlier!!

True! They thought once it was on the computer, it magically did everything itself, with no assistance from them. They were "protected!" Nary one live update, nor renewal of their subscription!

Norton AntiVirus does have an automatic Live Update feature. However, you must TELL IT to update by opening your software and setting the settings TO update (and more!).

Symantec, producers of Norton products, also have another program for those truly at risk. It’s called the Intelligent Updater, and is located in their download area.

The Live Update virus definitions are released every Wednesday, more often if they deem it necessary. Manually downloading and installing (daily) through the Intelligent Updater link, your machine is always current - right then and there!

If you receive tons of email, and send lots of email in return, you’d do well to take a trip to Symantec’s website each day and keep your own antivirus program current, manually.

http://securityresponse.symantec.com/avcenter/defs.download.html

Remember, those out there causing the grief are smart, if misguided. You must be smarter! Make sure you know your own antivirus program inside and out - and keep it current!

To your success!

© Theresa Cahill - All Rights Reserved. Feel free to distribute this article. Please keep it intact and with the resource box included below.

ABOUT THE AUTHOR:

Theresa Cahill, a two decade veteran of marketing, is the owner of http://www.mywizardads.com and invites you to take a look at the services of MWA and download fr.ee helpful information and more at http://www.mywizardads.com/sitemap.html