Nik's Technology Blog

Travels through programming, networks, and computers

Use Browser Toolbar instead of Address Bar to Avoid Phishing Sites

I've just read a post over at Search Engine Journal about statistics from Hitwise UK suggesting British users are increasingly using browser toolbars to search for domains they know already like tesco.com rather than typing them directly into their browser address bar.

I use this technique a lot because I frequently misspell a domain name or get the wrong domain extension for a website. When this happens more-often-than-not you get a holding page, cyber-squatter site, or worst still a site that attempts to mimic the intended destination in order to "phish" log-in details.
When you use a search toolbar to navigate to a domain the top search result is most likely going to to be the real domain.

Adsense Allowed Sites Flags Up Google Cache Views As Unauthorised

When I read about the new Google Adsense feature "Allowed Sites" a couple of weeks ago, I thought I'd set it up on my account just to make sure no sites were displaying my Adsense code on their own sites, which could end up getting my account banned or flagged as suspicious due to factors outside my control.
Let's face it, if they're displaying my Adsense code, they've probably scraped or copied my site content without my consent, so who knows what else they may be up to!

Anyway I logged into Adsense recently and decided to check out the Allowed Sites page, and this is what I read...

There are unauthorized sites that have displayed ads using your AdSense publisher ID within the last week. Please click here to view them.

So I did click here, but all I got were some IP addresses:

 

Site URL
72.14.253.104
64.233.183.104
72.14.235.104
209.85.129.104
66.102.9.104
216.239.59.104
209.85.135.104
64.233.169.104
64.233.167.104

 

A little intrigued to what these IP addresses were, I decided to investigate further by issuing a trace route command to glean some more information.

C:\Documents and Settings\Nik>tracert 64.233.183.104

The trace route results resolved the IP addresses all to Google. I'm guessing that these are in my list because of people viewing my sites in Google's cached pages; So panic over!
Would be good if Google could filter out it's own IP addresses from the list though, so I don't have to check out each IP individually.

Protect Your Identity on Social Networking Sites

Social networking sites are being used by criminals to steal peoples' identity. Once enough information has been gathered, credit cards and other services are set-up in the name of the person being targeted.
There are various sources on the Internet where thieves can collate information about a potential victim, such as the Land Registry information and the electoral register. However adding too much personal information to social networking sites like Facebook can facilitate thieves and make you an easy target.

So what can you do to minimise the possibility of online identity theft?

  • Make your Facebook profile only viewable by your friends.
  • Don't disclose your full date of birth, address and current employer, job title and other personal data.
  • Don't let Facebook allow search engines access to your page.
  • Use different passwords for each site and don't use easy to guess names like your pets name or 'password' 'abc' etc.
  • Don't add friend requests of people you don't know.
  • Install anti-spyware and anti-virus software on your computer, keep it up-to-date and scan your machine regularly.
  • Install an anti-phishing toolbar on your web browser, such as NetCraft and don't click on links in emails that purport to come from legitimate sources such as banks or other merchants like eBay. Instead type the URL into your web browser.

Wi-Fi hacking - 2 Cautioned by UK Police

For the first time in the UK two people have been cautioned by police for accessing wireless broadband connections without permission. Both cases were detected by suspicious behaviour in cars parked in the vicinity and not through electronic means.
Both people were warned for dishonestly obtaining electronic telecoms with intent to avoid payment.

Most wireless routers come without Wi-Fi encryption turned on by default, leaving unsavvy users open to this kind of abuse.
Most broadband ISP terms and conditions state that you cannot share your broadband connection with your neighbours etc, therefore all related activity on your connection is connected with you.
Due to recent laws, ISPs have to keep records of your Internet activity for a number of years. If authorised people are accessing your connection and using it for illegal practices then how would you prove your innocence?

Recently news has come out that anti-piracy companies are monitoring P2P traffic, using a modified version of Shareaza they are automatically sending your IP to your ISP demanding your details if it detects that pirated material is being downloaded. Some people have questioned whether an IP is enough evidence to connect a person with a crime, especially considering these cases of drive-by Wi-Fi hacking.

Is My Google Desktop Search Secure?

After a recent security flaw surrounding Google's Desktop Search Beta discovered by Scientists at Rice University, how do you make sure Googles fix has been applied to your machine?

After reading Google's Blog it seems all you need to do is check for the Beta release version on the 'About' page since the fix should have been applied automatically. You can find a link to this page from the main Desktop Search home page (You can reach this via right-clicking the icon in your taskbar or via the shortcut on your desktop). The version with the applied fix should be 'Beta 121004'.

Preparing an Internet PC

The title of this article speaks for itself, however preparing a Windows based computer for a life connected to the internet is not as plain sailing as it used to be.

With the amount of viruses, worms and trojan horses on the web increasing almost exponentially it's vital to make sure your computer is protected the minute you connect it to the internet.

Reports earlier this year suggest that an unpatched unprotected PC can be infected in less than 30 minutes!

Security Recommendations

The first thing I do when I've finished installing a fresh installation of Windows is to install a personal firewall. I recommend Zonealarm, it's very good and a free version is available from the link below.

Do this before connecting to the internet, if at all possible try to gather a collection of useful tools on a CD-ROM. The CD-ROM should contain a personal firewall, anti-virus software and the most recent Windows Service Pack for your version of Windows.

If you don't have the Windows Service Pack on CD then you'll need to download it. Make sure your personal firewall is up and running, then go to WindowsUpdate.com. Follow the instructions and download all the 'Critical updates'.

Once your updates have downloaded and installed restart your machine and install your anti-virus solution. I recommend the excellent AVG from www.grisoft.com, which also has a free edition.

You may also find that using an alternative web browser to Internet Explorer such as FireFox (www.getfirefox.com) or Opera (opera.com) will significantly reduce your risk of web borne viruses and spyware.

Zonealarm personal firewall

Wireless LAN Security Vulnerabilities

Since I last wrote about WLAN Security shortly after buying a Netgear Wireless router, I thought I'd write about improving your wireless network over-and-above that of what WEP (Wireless Equivalent Privacy) offers.

In 2001 two universities in the US, Maryland and UC Berkeley published separate studies into the inherent flaws with WEP encryption.

This had, until recently put many corporations off the idea of WLANs. After all there are tools freely available that can decipher the WEP encryption keys used on a network.

So what technology can we use to improve WLAN security?

Ever since the flaws in WEP were discovered the IEEE and the Wi-Fi Alliance have been busy trying to ratify a new standard in WLAN encryption. Known as 802.11i or WPA (Wi-Fi Protected Access) it is meant to be a software upgrade that is designed to address all known WEP vulnerabilities.

WPA uses an IEEE standard called 802.1X with Temporal Key Integrity Protocol (TKIP). Basically TKIP uses a dynamic key rather than the static one used in WEP, with TKIP a new key is generated every 10000 packets. TKIP also checks packets to make sure they haven't been altered by an intermediary.

Even though the upgrade to WPA was supposed to be a software (Firmware) upgrade it's still down to the hardware manufacturer to continue supporting it's hardware. Looking on the Netgear site it looks like my hardware (Netgear DG824M) won't be getting new firmware to upgrade the security from WEP to WPA.

Securing a home wireless router

WLAN (Wireless LAN) Security

Since I bought my Netgear DG824M Wireless ADSL Modem Gateway I've been interested in securing it sufficiently enough to prevent it getting hacked.

Out of the box the router will work with default values, however it is VERY risky to keep your wireless access point running like this.

Here are a few tips which should keep out casual hackers and bandwidth thieves.

SSID (Service Set Identifier) Broadcasting

Your Service Set Identifier is basically the name of your wireless service, wireless access points all come with a default value for this, in the case of Netgear this can either be "Netgear" or "Wireless", you should change this to something else that does not describe your business or location (Note: SSID is case-sensitive).

The default setting on most Access Points is for the SSID to be broadcast out to anyone in range of the router, this is convenient for users to join your network, but handy for hackers to easily identify your network as a potential target. You should disable SSID broadcasting.

WEP (Wired Equivalent Privacy)

This is the wireless security standard, which has been proven to be quite easy to crack, however it does provide some protection, so it is highly recommended you enable WEP preferably 128 bit encryption and change the WEP key from the default value.

MAC address access control

Each wireless (and conventional) network card has a unique MAC address. Most Access Points allow you to configure access to the network via a set of MAC addresses instead of all users, which is usually the default setting. You should use this functionality since it will make it harder for casual hackers to join your network. On Windows machines open a DOS command prompt and type ipconfig/all in order to find the MAC address of your wireless card/USB dongle, simply add the MAC addresses of all the computers you need to access the router.

Wireless coverage

You should try and locate your Access Point in such a way as to reduce the coverage outside your building. Try to position your Access Point in the middle of your building equidistant from your computers and wireless devices, but away from windows and perimeter walls since this will provide good wireless coverage for people outside your building.