Don’t lose your laptop
September 16, 2007
the laptop became one of the most priceless tech pieces we have, and securing it is one of our top concerns, there are two sides when it comes to the laptop security, one from the physical perspective and the other from the software/data perspective, just imagine how much it would cost you if you have lost your laptop just now, I bet you gonna be sick for a while, especially if you are storing some sensitive information whether it was your personal or your company’s sensitive information and add on this if you didn’t make backups on the right dates, here are some tips you can take to protect your laptop.
Encrypt your data: full disk encryption provides good protection as everything on your hard drive is protected and you don’t have to worry about saving them to a particular location, for the windows xp users there are many third party software available on the market just Google them, for the windows vista users may be you should consider using BitLocker drive encryption software. for the storage hosts, there is an exclusive encryption software by NTP Software the worldwide leader in the storage management, NTP Software Encryption Sentinel allows the organizations to designate sensitive data on their storage hosts and it then ensures that this data can only be copied to or read by an encrypted client.
Use a firewall software: many laptops often spend time outside your company firewall, so they will lose the important protection of those devices, especially if you are out using an unsecured wireless network a firewall will help to keep your laptop from being subject to attack.
Use a tracking software: you properly want your laptop back, it’s installed on undetectable location on the laptop and can’t be erased. each time the computer connects to the Internet it reports to the recovery software company, the company tracks down the physical location of the laptop and then notifies the authorities. if you have succeeded to recover the hardware you can’t be sure that the thief didn’t compromise your data, some tracking software includes the ability to remotely delete information from the laptop as well.
Disable windows services you don’t need: each service that runs on your laptop increases the attack surface, especially services that listen on particular ports, to help further protect your laptop disable any services that you don’t need to do your job.
Say no to WEP in your wireless network
August 8, 2007
if you started to read this post so properly you would have a wireless LAN in your home or office, so you will need to know the truth about the Wired Equivalent Privacy (WEP), some of us know that it’s not secure enough but still don’t know why, and what would be the alternatives in case we didn’t use it!
The WEP has been designed to protect a wireless network from eavesdropping. however, it has significant vulnerabilities, and it’s dead couple years ago, but there are still some manufacturers supporting it in their products, last year I’ve published a paper about the security risks of 802.11 that illustrates the weakness of the WEP in details, you can download it from the following link:
Security Risks of 802.11 – July 2006
Weak Encryption Protocol: WEP major flaw is its use of static encryption key, the encryption standard isn’t the problem, it uses RC4 to protect the confidentiality, however, every device uses “one key” to encrypt every transmitted packet, this means an average hacker using simple wireless hacking tools like aircrack or Linux BackTrack WEP cracking tools, eventually can figure out the key.
Switching to WPA: there are several versions of Wi-Fi Protected Access (WPA) available today, the easiest and the most widely supported version is the WPA Pre-Shared Key (WPA-PSK), you have to configure your router with a plain-text pass phrase between 8 and 63 characters long, using an encryption protocol called Temporal Key Integrity Protocol (TKIP), WPA uses that pass phrase along with the network service set identifier (SSID) to generate unique encryption keys for each wireless client. Those encryption keys continuously change at the beginning of each transmitted frame. It’s not the most secure protocol but it’s much better than WEP and harder to break although I didn’t see any researcher has broken it yet. If you can use WPA2 (which uses AES) then use it. when it comes to security and encryption standards, using the latest standard is always a good thing.
