Michael Goodwin on February 2, 2010
This Web site was designed to be a clearing house for technical IT security queries. However, readers continue to submit a broad range of fascinating questions exploring the interface between technology, morality, security, ethics and sexuality — not to mention employment opportunities in the IT security field, and requests for secret hacking tools. (Sorry, we don't give those out.)
Here are the top five queries for January, 2010:
MAC attack: Johnny has a small wireless network. Now and then friends drop over and need to get on the Net. Johnny wants the network to be secure, but he doesn't want his friends to have to remember a password, so he uses a list of MAC addresses. Anyone who’s on the list can access the network without a password, but if you’re not on the list you don’t get access. Recently someone told Johnny that restricting access based on a list of MAC addresses is not secure — so he asked the IT security Experts. In fact, so far our Experts are evenly divided. The first expert points out that a hacker can sit outside Johnny's house and see his traffic, which includes the MAC address. Then the hacker can set his NIC to use one of Johnny's friends' MAC addresses and gain access to offensive sites, while Johnny gets the heat. However, another expert notes that the risk of someone specifically targeting Johnny's wireless network in this way is very small.
Can the IT manager at work read personal email on your smartphone?: John recently purchased a smartphone and set it up to receive his personal email. Since he doesn't have a mobile signal at work, he set the phone to access his email via the company's WLAN. Now he's worried that his IT manager may be able to read his personal email by accessing his phone while it’s connected to the WLAN at work. Expert Simon Heron points out that it will be far easier for the sneaky IT manager (or anybody else) to read John's emails as they stream down from his email server if John is using POP3 to download his emails. Simon recommends switching to “https” which is considerably harder to hack. For more, including information on tcpdump and wireshark, see here.
Are two anti-virus programs better than one?: Readers have submitted this question before. Beatriz has McAfee’s anti-virus program but she also uses Comodo Internet Security — which acts mostly as a firewall and comes with an anti-virus program too. Recently, Comodo identified some malicious files and Beatriz put them in the quarantine folder. Her question is, should she keep both anti-virus applications? She's heard that ideally one should have only one anti-virus program installed, but now that those malicious files are quarantined on her hard drive she's afraid to remove Comodo. Expert David Harley notes that the detection advantage of having two anti-virus solutions running at the same time isn’t worth the additional system load and possible conflicts. He believes that it’s unlikely that Comodo would catch much that McAfee wouldn’t — plus it has something of a reputation for false positives. This is similar to what our Experts have recommended before.
IT supervisor wants Jasmine's password: Recently Jasmine had an issue with one of the network applications she uses at work. The IT supervisor emailed her asking for her username and password so he could diagnose the problem. Initially, Jasmine was hesitant about giving her username and password to the IT guy, but finally she did so. Now she's concerned — especially since it's been two days and he still has not resolved the problem. Is it normal, she wonders, for IT supervisors and network administrators in corporate America to ask for your username and password? One Expert notes that if Jasmine's boss wants her personal Facebook password, that would definitely not be normal. However, if an IT person wants Jasmine's password for logging onto business apps on the office server, that seems like a reasonable request, though it’s a bit odd that IT wouldn’t have that information in its records already. A second expert disagrees, observing that it’s quite unusual for a competent support analyst to need a user's credentials in order to resolve a problem within his or her own network — and he strongly recommends that Jasmine change her passwords once the problem is resolved.
How do I remove Sucurty Tool?: Robert wants to know how he can remove a program called "Sucurty Tool." He complains that it won’t let him do anything, and it keeps urging him to buy the program, which he doesn't want. Expert David Harley suspects that Robert has been ambushed by a rogue security program. If Robert doesn't already have anti-virus and/or anti-spyware installed, Harley suggests trying one of the free Web scanners like ESET’s or Trend Micro’s as a first step.
This Web site was designed to be a clearing house for technical IT security queries. However, readers continue to submit a broad range of fascinating questions exploring the interface between technology, morality, security, ethics and sexuality — not to mention employment opportunities in the IT security field, and requests for secret hacking tools. (Sorry, we don't give those out.)
Here are the top five queries for January, 2010:
MAC attack: Johnny has a small wireless network. Now and then friends drop over and need to get on the Net. Johnny wants the network to be secure, but he doesn't want his friends to have to remember a password, so he uses a list of MAC addresses. Anyone who’s on the list can access the network without a password, but if you’re not on the list you don’t get access. Recently someone told Johnny that restricting access based on a list of MAC addresses is not secure — so he asked the IT security Experts. In fact, so far our Experts are evenly divided. The first expert points out that a hacker can sit outside Johnny's house and see his traffic, which includes the MAC address. Then the hacker can set his NIC to use one of Johnny's friends' MAC addresses and gain access to offensive sites, while Johnny gets the heat. However, another expert notes that the risk of someone specifically targeting Johnny's wireless network in this way is very small.
Can the IT manager at work read personal email on your smartphone?: John recently purchased a smartphone and set it up to receive his personal email. Since he doesn't have a mobile signal at work, he set the phone to access his email via the company's WLAN. Now he's worried that his IT manager may be able to read his personal email by accessing his phone while it’s connected to the WLAN at work. Expert Simon Heron points out that it will be far easier for the sneaky IT manager (or anybody else) to read John's emails as they stream down from his email server if John is using POP3 to download his emails. Simon recommends switching to “https” which is considerably harder to hack. For more, including information on tcpdump and wireshark, see here.
Are two anti-virus programs better than one?: Readers have submitted this question before. Beatriz has McAfee’s anti-virus program but she also uses Comodo Internet Security — which acts mostly as a firewall and comes with an anti-virus program too. Recently, Comodo identified some malicious files and Beatriz put them in the quarantine folder. Her question is, should she keep both anti-virus applications? She's heard that ideally one should have only one anti-virus program installed, but now that those malicious files are quarantined on her hard drive she's afraid to remove Comodo. Expert David Harley notes that the detection advantage of having two anti-virus solutions running at the same time isn’t worth the additional system load and possible conflicts. He believes that it’s unlikely that Comodo would catch much that McAfee wouldn’t — plus it has something of a reputation for false positives. This is similar to what our Experts have recommended before.
IT supervisor wants Jasmine's password: Recently Jasmine had an issue with one of the network applications she uses at work. The IT supervisor emailed her asking for her username and password so he could diagnose the problem. Initially, Jasmine was hesitant about giving her username and password to the IT guy, but finally she did so. Now she's concerned — especially since it's been two days and he still has not resolved the problem. Is it normal, she wonders, for IT supervisors and network administrators in corporate America to ask for your username and password? One Expert notes that if Jasmine's boss wants her personal Facebook password, that would definitely not be normal. However, if an IT person wants Jasmine's password for logging onto business apps on the office server, that seems like a reasonable request, though it’s a bit odd that IT wouldn’t have that information in its records already. A second expert disagrees, observing that it’s quite unusual for a competent support analyst to need a user's credentials in order to resolve a problem within his or her own network — and he strongly recommends that Jasmine change her passwords once the problem is resolved.
How do I remove Sucurty Tool?: Robert wants to know how he can remove a program called "Sucurty Tool." He complains that it won’t let him do anything, and it keeps urging him to buy the program, which he doesn't want. Expert David Harley suspects that Robert has been ambushed by a rogue security program. If Robert doesn't already have anti-virus and/or anti-spyware installed, Harley suggests trying one of the free Web scanners like ESET’s or Trend Micro’s as a first step.
No comments:
Post a Comment