Installing and Using SNORT on Ubuntu
By Mike L Walton

I spoke about IDS (Intrusion Detection Systems) and IPS (Intrusion Prevention Systems) a few days ago in a question posted by a user. So I thought I would dive a little deeper into the subject with a specific application that I have personally used – Snort. Snort is a very powerful IDS that in later versions can act like an IPS. Snort is free to download and use in the personal environment as well as in the business environment. In fact Snort is used by many enterprises as a very effective option for their business because not only is it free, but it is one of the most powerful IDS’s out there if you know what you are doing when you configure it. Snort can be created as a program that you run when you want on a personal computer or it can be setup to run when your OS starts and protect all computers on your network from attacks.

If you want to use Snort to protect your entire network it will need to be placed in line with your Internet connection. So as an example lets say that you have a business Internet account with your local cable company and you want to protect it with a computer running Snort. The computer running Snort needs to be placed between the cable modem and the router, this way Snort is able to monitor every piece of traffic that comes into your network and is in the best place to discover possible attacks.

Installation:

We are going to be installing Snort on a computer running Ubuntu 9.04 which at the time of this article is the newest version of Ubuntu. Ubuntu is also a free OS that is available to download, making this IDS a totally free appliance for you, except the cost of the computer. There are two ways to install Snort onto a Ubuntu Distribution and the easiest is to do it through a command line. If your computer is up to date you can simply type:

sudo apt-get install snort

This will then download and install the newest version of snort on your computer through command line. As soon as it is done you will be ready to use snort. But if you run into an error or cannot install Snort through command line you can always go to the Snort website and download the newest version, but make sure that you are downloading the tar.gz file and follow their installation guide to completely setup Snort.

Once installed you can run snort as just a sniffer and have all packets captured and logged but that will create an enormous log file that you would then have to view. Snort works so well because of its use of rules to know which traffic to log and which traffic to ignore. Rules are going to be beyond the scope of this article but I plan on writing an article in the near future on creating rules for Snort.

How Snort runs depends on the flags that you specify when you launch Snort from command line.

Flag Function

-v View packet headers at the console.
-d View application data with IP headers.
-D Run Snort as a daemon.
-e Show data-link layer headers.
-l Run in packet logger mode.
-h Log information relative to the home network.
-b Log information to a single binary file in the logging directory.
-r Read packets contained in a log file.
N Disable packet logging.
-c Specifies which file will be used to provide a rule-set for intrusion detection.
-i Specifies which port you would like Snort to look at when running.

As you can see from above we have a few different options when it comes to flags used with Snort. Lets start with just viewing IP packet headers by using the command sudo snort -v. Be sure to use the sudo command before snort so that it runs in administrative mode, this is needed to open the appropriate port. Now since we did not specify a port for snort to look at it is going to use the eth0 port by default, well I am not using the eth0 port right now as I write this article I am using the wlan0 port which is my wireless card. We will need to us the -i flag to tell Snort to use my wireless card to check for traffic, sudo snort -v -i wlan0. Now Snort will run and display on the screen every packet header that comes across my wlan0 or wireless card, as you can see this is very useful if you want to monitor all traffic across your network but very impractical if you want to protect your network. To end the application once it has started you can simply hit CTRL+C to end the program and bring you back to a command prompt.

We have quickly discussed installing Snort and then running some basic Snort commands to get some output from the program onto our screen. Stay tuned for the next article on configuring Snort rules and running Snort as true IDS with alerting.

Mike Walton has been in the technology field for over 8 years and has 6+ years in hospitality technolgy. Mike has experience with Microsoft Windows Server 2000, 2003, Windows 98, XP, and Vista, Networking, Cisco Equipment, PCI DSS, and many more. Mike Walton is also the founder of MikeNet PC Free Articles and Videos. http://www.mikenetpc.com

Original Article: http://www.mikenetpc.com/2009/08/24/installing-and-using-snort-on-ubuntu/

Battle of the Hosting Platforms – Windows Vs Linux Vs Mac
By Justin Knights

Having a web hosting company to host your website is a common thing among webmasters nowadays. The question is which type of platform should you choose? Should you choose the Windows, Linux or Mac? Let’s compare them to see which stands out in the comparison.

The first thing that users compare is the price. Linux is known to be the most affordable among the three platforms. The other 2 are more expensive because of the licensing issues because they are owned by Microsoft and Apple. So, by being an open source system, Linux can be obtained without having to pay for anything. Many users turn to Linux because of this reason.

Another sought after feature is the stability of the platform. Again, Linux is known as the most stable platform and is the most suitable to be use as a hosting solution. The BSD system used by Mac is build base form the Unix system. One of the earliest platform types around. This also makes Max a very stable hosting option. As for the Windows, they are less stable and often have problems such as blue screens, freeze and crash. However, Microsoft has made a lot progress throughout the years. Nevertheless, Linux is still the one to turn to when it comes to stability.

Then there is the need to be user friendly. For this, operating platforms need to be simply and easy to use. To be able to use a Linux operating platform, you will need to be equipped with some technical skills because it uses commands similar to DOS systems. Therefore, Linux is more difficult to operate if compared to Windows or Mac. This is because the other 2 systems are using graphical interfaces and this is usually more user friendly. This interface will mostly require users to click and choose according to the administration process displayed on the screen.

So, based on the history of the industry, Linux has been the longest platform around but the other 2 systems also has a deep background. The Mac hosting is becoming more popular due to its solid application depending on the scenario. No matter what, all 3 choices could serve you well as long as you are using it for your website. If you are in need of your own server, you will have to choose wisely. In conclusion, with a small price, you can have a good quality platform to operate your website on.

A last piece of advice

Web hosting is a topic that every business owner and web developer has to deal with. I am sure that most of us have been pretty frustrated with shady web hosts and biased hosting reviews. There are sites however, who are dedicated to reviewing and providing information about different web hosts.

TopWebHostReview.net for example, is one of those quality websites that provide nothing but honest web hosting reviews. If you are one of those who needs guidance in term of website hosting, make sure you don’t miss the website. I am sure their unbiased hosting reviews, (for example this one: FatCow Review) will be very helpful.

Article by Justin Knights, freelance writer.

Comparisons of Linux and Windows Web Hosting
By Shellaine Enfesta

There are a lot of people trying to compare windows web hosting to Linux based webhosting. There are many similarities as well as the benefits and the advantages of both. While there are so many similarities and advantage, it is those little specifics that count the most. It needs to be broken down in order to know the many similarities and advantages.

Current versions of Windows Server also support PHP. Most Windows hosting packages today are based on either Microsoft Windows Server 2003 or 2008 operating systems. Although Linux is dominant in the hosting arena, Windows is becoming more common and now stands firm as a solid number-two option. For the rest of us, however, most of whom can barely spell HTML, never mind use it, building a website is something either best left to the aforementioned techno-geeks, or to Windows and Microsoft. If you’re looking for an inexpensive way to host your personal site, blog or small business web site, than look no further.

For example, all components from IIS (Internet Information Services) to the SQL Server database system are designed to support one another. Two of the most essential components you definitely need to consider are storage and bandwidth. Our guaranteed web hosting providers offer many years of experience in managing your website or shopping cart or will build and support an entire on-line store.

NET, both of which are web application frameworks that can help you creates a dynamic, feature-rich website. Plesk is a web based interface to your Windows web hosting account that allows you to create e-mail addresses and mailboxes, view your web site traffic statistics, set permissions on your HTML, ASP, and ASP. Outsourcing enables a company to reduce its TCO by freeing assets, such as cash that is allocated to capital expenditures and the expense of specially-trained staff, which can account for anywhere from 22 percent to 47 percent of the total budget for the Web site.

Linux web hosting in the beginning, the system was primarily but sparingly used by diehard fans and experienced users due to its complexity. Here are the other advantages of choosing Linux web hosting: The internet itself is based on interconnected networking computers, something that comes naturally for Linux.

Both operating systems have pros and cons to consider when deciding which to use for hosting. Commercial support is offered via a number of vendors. Linux web hosting is not a complicated job like the way it is portrayed by pundits who compare it with the user-friendly interface of Windows.

The bottom line when you compare these two main web hosting systems, it all depends on your business or personal preference. All you need to do is to compare the advantages and disadvantages and then make the informed decision on which web hosting systems is more of your preferences and easier to undertake.

Get More Tips and Info On Windows Web Site Hosting and Windows Hosting Reseller From A Cheap Web Hosting Before Buying Your Hosting Package compare the Hosting Plans and Decide.

How To Sniff A Switched Network And Protect Against It
By Brian Carpio

Introduction

Up until now all the main stream information about sniffing a switched network has told you that if you are host c trying to watch traffic between host a and b it’s impossible because they are inside of different collision domains.

This document will teach you that it is possible due to flaws and security problems within TCP/IP.

We will be utilizing two programs one is called arpspoof and the other fragrouter.

TCP/IP Overview

As most of you know TCP/IP utilizes ARP (Address Resolution Protocol) to convert IP addresses into hardware addresses. This hardware address is referred to as a MAC (Media Access Control) address. Once the destination’s MAC address is determined, the encapsulated IP packed can be transmitted to the host. Every host on the network must have a unique MAC address for them to communicate on an Ethernet LAN.

Within Ethernet ARP there are four types of messages:

ARP request – A request for a destination hosts MAC address this is usually sent to all hosts in a broadcast domain.

ARP reply – This is a response to the ARP request and tells the hardware address of the destination host.

RARP request – This is a Reverse ARP request. This requests the IP address of a known MAC address.

RARP reply – This is a response to the RARP request and tells the IP address of the requested MAC address

All Ethernet hosts and switches keep a list of known MAC addresses and their corresponding IP address. The only time a ARP request is sent to the network is when a request for an IP address NOT in the hosts table is requested which occurs when a new host is requested or when the MAC entry on the table times out.

Sniffing traffic on network utilizing a hub is easy because all traffic is transmitted to each host on the network. Sniffing a switched network presents a problem because the switch knows which MACs are plugged into which ports, the only time a broadcast is sent to the entire network is when an ARP or RARP request is sent out.

Since there is no way built into TCP/IP to verify which MACs are associated with which IP addresses but to ask or look it it’s ARP table this opens TCP/IP up for exploitation.

So the goal of a malicious hacker would be to trick your system into updating it’s ARP table so that data goes to the attacker instead.

There are many ways to do this, but for the purpose of this document we will cover arpspoof from dsniff.

Network Setup

We have a pretty basic network setup here 3 hosts connect by a switch.

HostA: 192.168.0.2 MAC: 00:08:74:95:65:11

HostB: 192.168.0.3 MAC: 00:08:74:46:EB:08

HostC: 192.168.0.4 MAC: 00:02:B3:A4:7F:8B

For the purpose of this document we are HostC a linux box. Host B and Host C or something else, doesn’t really matter HostA could be a Sun box and HostB could be it’s default router, HostA could be a PC and HostB a Sun box, etc…

On HostC will will download and install dsniff

Src: http://monkey.org/~dugsong/dsniff/

Pkg: http://www.rpmfind.net

On HostC we will also download and install fragrouter

http://www.securityfocus.com/tools/176

>> tar zxvf fragrouter-1.6.tar.gz

>> ./configure

>> make

>> make install

Running Fragrouter

This app is very simple. We just want to do normal IP forwarding, we want the traffic to make it to the destination we just want to see it first.

>> fragrouter -B1

Running ARPSPOOF

The man page gives a completed explanation of how to use arpspoof. Of this document we will run arp spoof like this (again we want to watch traffic from host a to host b)

>> arpspoof -t HostA HostB

The man page for arpspoof says that -t . Target is the box that you want to spoof the arp tables on, meaning we want to update HostA’s ARP tables telling it that the MAC address of HostB is 00:02:B3:A4:7F:8B (which is you look above is the MAC address of HostC.

Frgrouter will just route the packets on to HostB.

Preventing Against This Type of Attack

Well there are a few ways to go about this.

1) You can gather all the MAC information for every host on your network and feed that into a startup script using arp -p. The problem with this is that every host will need to be updated if/when a network card gets replaced. — BAD IDEA

2) Solaris – Change the default arp_cleanup_interval. The default is 5 min. which means Solaris keeps arp values in it’s arp cache for 5 minutes.

ndd -set /dev/arp arp_cleanup_interval 6000

3) Arpwatch – This is one of the greatest tools for protecting your self against this type of attack.

You can download for linux from rpmfind.net and Solaris from sunfreware.com.

Example of logs:

Jun 23 10:22:02 hostA arpwatch: new station 192.168.0.5 00:02:B3:A4:7F:8B

Jun 23 10:22:02 hostA arpwatch: changed ethernet address 192.168.0.3 00:02:B3:A4:7F:8B

(00:08:74:46:EB:08)

The log on hostA which is running arpwatch show that hostB’s (192.168.0.3) MAC address has changed to what we know is hostC. You can easily setup scripts which monitor for this type of activity.

In Summary

As you can tell this document provides a basis for arp spoofing, however this basic idea lays the way for SSH and SSL man-in-the-middle attacks. Once a box is compromised and used as a gateway in a network the entire network’s security becomes open for exploitation.

About The Author

Brian Carpio is a senior Solaris/Linux system architect and has worked for some of the largest companies in the world. Currently he is a freelance Linux/Solaris consultant for his own company, The Tek, LLC. http://thetek.net and can be reached at info@thetek.net

Understanding Linux Filesystems & Linux Filesystem Types – Linux System Admin Training – Run Ubuntu
By Clyde E. Boom

The Default Linux File Systems (Filesystems)

The default filesystems that are recognized by Linux are specified in the text file named filesystems in the /proc directory.

Four of the filesystems that are commonly found on a Linux system are: ext2 (old and less common), ext3 (very common), iso9660 and swap.

Some Linux distributions also use other filesystems.

For example, instead of the ext3 filesystem, the SUSE and openSUSE distributions use the reiserfs filesystem by default.

In addition to the above filesystems, by default Linux can also recognize a partition that is a “swap” partition.

Depending on the documentation that you are reading and the command or utility that you are using, “swap” is not typically considered to be a filesystem type. It is a type of partition that is treated by the OS as virtual memory (where hard disk storage space works as though it is RAM memory).

The following is a description of some of the commonly used Linux filesystems.

ext2 (second extended filesystem) supports UNIX/Linux files and directories and allows for long file names (up to 255 characters).

ext3 (third extended filesystem) is the current default filesystem for Red Hat, Fedora and many other Linux distributions. The ext3 filesystem is on the way to becoming the de facto standard for Linux.

ext3 is based on the previous ext2 filesystem. It is basically the same as ext2, with the main difference being that ext3 supports a feature called “journalling”. The greatest benefit of this feature is that it provides a quicker recovery when a filesystem “crash” occurs and a system goes “down” (and stops working).

If files are corrupted on a partition using ext2, then the Linux fsck (filesystem check) utility is run to check the filesystem and repair it and this can take a very long time.

When the files on an ext3 filesystem become corrupted, then the fsck utility is still run to check and repair the filesystem, but this takes much less time due to the journalling feature of ext3.

vfat is the Linux filesystem that is compatible with DOS file names and Windows long file names. In some Linux utilities, “vfat” appears as “fat” or “fat32″.

iso9660 is the filesystem used on a CD-ROM.

swap (a.k.a. Linux swap partition, swap drive, swap space) is a disk partition that is used by the Linux OS as “virtual memory”. Linux uses the disk space that you have specified for the swap drive as though it were RAM (memory chips in your system).

The Linux filesystem type concepts and definitions covered here apply to: Ubuntu, Debian, Red Hat, Fedora, SUSE, Slackware, openSUSE – and ALL other Linux distributions.

By the way…do you want to learn exactly how to use Linux and run Linux commands for Linux System Administration and get real, practical Linux training experience by running hundreds of examples of Linux commands?

Just click to download my free new Linux commands training course book and Linux audio podcast (.mp3) files here: Linux Commands Training Mini-Course

Clyde Boom says “Learn how to use Linux commands with easy, self-paced Linux training materials that show you how to run hundreds of examples of the essential Linux System Administration commands – and get that new and better job, promotion, raise – or keep your current job!”

You can get your instant access to my free Linux commands training course at:
http://www.LinuxCommandsTrainingCourse.com

Ubuntu Business Model – A Misunderstood Concept
By Luqman Saeed

Canonical, the business arm of Ubuntu, has one of the most promising business models in the Linux world, and also the most misunderstood. First of all, Ubuntu is in a market termed by economists as a perfectly competitive market. This means that it cannot charge any price beyond that which is determined by the market. The only way to make profit, as has rightly been identified by Canonical is to create an ecosystem of products and services around Ubuntu, which would complement the functions of the OS.

This is model of making profit is not new. There are other companies that make money from this method. Give the primary product for free but then create other value added products and services that complements this primary product. To make profit from this kind of business model takes time and a lot of investment. Mark Shuttleworth, the financial backbone of the Ubuntu project rightly knows so and is doing exactly that. Most critics of the Ubuntu distro, are convinced that it’s only a matter of time before Ubuntu also capitulates like its predecessors for lack of funds. They couldn’t be further from reality.

The fact that Canonical after six years of existence is not making any profit does not spell any doom, neither does it mean there is no light at the end of the tunnel. Most of the distros that are always used as yardsticks to tell how Ubuntu is bound to wither away did not have any other strategic business model in place. They only offered a Linux distro and expected to make money from it. Some also did not have a thorough understanding of the market in which they operated. Ubuntu so far has not fallen in any of those traps.

The recent partnerships between Canonical and big shot OEMs like Dell and IBM only goes to underscore the fact that the Ubuntu business model has a lot of potential. Companies like Dell and IBM will not partner a distro that they do not believe to have a future. Their partnering with Canonical to offer Ubuntu only underscores one fact- there is light at the end of the tunnel for Ubuntu’s profitability.

Also, there are those that claim Ubuntu is an ugly, over-hyped distro by mostly fanboys like myself. Well they have the right to their opinions, but a thorough analysis of Ubuntu tells you that it is in the news virtually every other day. Not a day or two passes without Ubuntu being in the news. Count how many times this week that you’ve heard of the name Ubuntu in the news and you will understand why it is popular. As for the ugliness, I believe it takes time to get used to. I also initially disliked the brown, but when I got used to it, I could hardly like any other color or theme.

The fact remains, that Ubuntu, despite all the short comings of its commercial backer like not contributing enough upstream or not giving enough back to the community, is an OS that has the potential to be a market leader in the desktop Linux OS market and whether critics agree or not, Ubuntu will for the foreseeable remain a popular, first choice OS for a lot of people.

The author is the owner of the blog Ghabuntu and CEO of Ghabuntu Consult located in Accra, Ghana, which specializes in helping small and medium scale enterprises adopt Open Source software to improve profitability. Ghabuntu Consult can also be a representative for Open Source companies that are seeking partners in Africa. The author can be reached on ghabuntu@gamil.com and
http://sinaisix.blogspot.com.

10 Ways to Keep Your Computer Safe
By Kevin Park

It surprises me how many users don’t take computer security seriously.

With hackers, spammers, and viruses lurking around every corner, you can’t afford not to follow some basic steps in protecting your PC and your personal information.

Here are the 10 ways to keep your computer safe.

1. Update your OS
2. Install anti-virus and update
3. Use anti-spyware/adware
4. Secure your home network
5. Use a firewall
6. Don’t use IE
7. Watch out for email attachments
8. OpenDNS
9. Be careful with dangerous websites
10. Keep your personal information safe

1. Update Your Operating System (Windows Update)

The first thing you should do, after getting a new PC or reformatting, is to run Windows Update.

In my household, I have 4 computers running Windows XP, Windows Vista, Windows 7, Ubuntu 9.04, Xubuntu 9.04. Some dual-boot while one triple-boots etc.

Whichever operating system you are using, make sure to update them frequently. Especially if you’re running Windows, I recommend that you turn on the auto-update in ‘Windows Update’ if not already done so. Microsoft releases frequent vulnerability and security fixes.

Keeping your operating system up to date is the first step in keeping your computer safe. To check if you’re covered (in Windows), open up your control panel and click on Windows Update. If you see the automatic update option selected, you’re all set. If not, either choose the full auto update or the option that gives you the chance to choose which updates to install yourself. Just don’t turn it off. If you must turn it off for whatever reason, manually check the Windows Update website at least once a week.

Recommended: Try out Ubuntu, the most popular Linux Distro. Using a Linux OS may sound too nerdy for some, but the level of user-friendliness has gotten a lot better over the years. It has all the pretty GUI, too. And, if you’re having problems, a huge online community is waiting to help you. It’s FREE and SAFE.

2. Install Anti-Virus and Keep the Virus Definitions Up-to-Date

An anti-virus software is a MUST. If you don’t have one, you are almost guaranteed to get infected; it’s only a matter of time.

It is amazing how many people don’t have an updated anti-virus running on their computers. Especially if you bought a pre-assembled PC from Dell or HP or Acer etc., your computer may come with a free trial period of 30 days to 1 year. Be mindful of this when you purchase a new PC.

When your subscription period runs out, you will need to either pay to continue using the anti-virus you currently have or get a different anti-virus software. Shop around.

Recommended: There are tons of options out there. But Avast and AVG are two of the best. Why? Because they’re free and very effective. Now, if you want more features and protection, you can move up to a paid anti-virus software. I know Symantec and Mcafee are two of the dominant players, but I don’t recommend them as they take more resources to run and there are others with better detection rates. Full list of recommended is below.

3. Anti-Spyware / Adware

Many times when a PC user complains about a sluggish computer or a slow startup, it is due to a presence of ad/spyware. Most common ones are mostly cookies from your browser as you surf the web and are not very dangerous, while some spywares are very malicious in nature. One example is a key-logger that can log your key strokes to steal your credit card numbers and passwords.

There are also adwares that hijack your browser’s homepage to display their content every time you load up your browser and toolbars that won’t go away.

These days, a lot of anti-virus softwares are able to protect your PC from spy/ad-wares, too. But if you want to be extra safe, install a couple of anti-spyware programs that will more aggressively block various malwares.

Recommended: Free: Spyware Blaster, Windows Defender, SuperAntiSpyware

You can get started with just a couple of those. If you have Windows Vista or 7, you will have Windows Defender by default. So, you might as well use it. I recommend Spyware Blaster in all cases. You simply run it, update, and protect. It doesn’t need to run in the background. It adds black lists to your browsers, and provides an effective prevention. SuperAntiSpyware is a complete suite with real-time protection.

4. Secure Your Home Network

In today’s typical household, multiple computers share a single internet connection. Usually, a router is used to share that connection.

What many people forget is that router is not only an internet sharing device, but a firewall to protect your whole network as well.

Setting up your router’s firewall is the first thing you need to do when setting up a network. Make sure that the firewall feature is turned on in the router settings.

What’s more concerning is that, with the gaining popularity of wireless (WiFi) networks, people are leaving the door wide open to potential hackers and your neighbors (who’s accessing your wireless network right now). You need to protect your computers not just from threats on the internet but also from threats close to your house.

If you have a wireless network enabled in your router, please look at your security settings. If you’ve never touched it, it is very likely that your neighbors had a peek inside your network a few times.

Set it up so that you are using WPA or (preferably WPA2 if supported) with AES encryption (or TKIP if your device doesn’t support AES). WEP is no good. It can be cracked within a couple of minutes. Even WPA is not all that safe these days, but you might not have the option to use WPA2.Create a shared key (password) that’s impossible to guess.

My key is 60+ characters long with numbers and lower/upper case letters randomly generated by the router.

5. Use a Firewall

A firewall prevents intruders from getting in. If you have a router, you already have a firewall. Just confirm that it is up and running. A software firewall can increase the level of security, and especially if you don’t have a router, you need a software firewall. Windows has a built-in firewall, and should be enabled by default. There are other popular firewalls like Zone Alarm.

What I’d recommend, if you want to keep things simple, is to use a security suite that has both anti-virus and firewall included.

6. Try Something Other than Internet Explorer

If you are still using Internet Explorer as your main browser, you really need to switch. IE is the most vulnerable and is also the least efficient browser on the market.

Browsers such as Firefox, Opera, and Chrome are much faster and safer. At the moment, Firefox is the most popular alternative. But I encourage you to try out all the browsers and see which one you like the best.

I highly recommend Opera. Opera is faster than Firefox. It has built-in email client, bittorrent client, widgets, mouse gestures and more. Opera has all these features built-in, yet, it is smaller than Firefox. With the new release of Opera 10 with Turbo (speeds up browsing for slower connections), I predict it will gain more market share. I personally use Firefox, Opera, and IE. Firefox is my main browser; Opera is number two. IE is only used when testing website changes and visiting Korean websites. Lots of Korean websites are only compatible with IE, which I really hate.

7. Careful Opening Email Attachments

Even if you receive an email from one of your friends, don’t assume it’s safe to open file attachments. Some viruses take control of a person’s email account and sends viruses to all his contacts.

If an email is from a stranger, most likely the attachment is a virus. Having an anti-virus should protect you from email threats, but still be careful.

Now, if you experience harm because you had replied to a Nigerian email saying you won a $10 million lottery, there’s nothing that can help for you other than your common sense.

8. Try Open DNS

OpenDNS is a free DNS service that can help your browsing experience to be faster and safer. DNS (Domain Name System) “translates domain names meaningful to humans into the numerical (binary) identifiers associated with networking equipment for the purpose of locating and addressing these devices worldwide.

An often used analogy to explain the Domain Name System is that it serves as the “phone book” for the Internet by translating human-friendly computer hostnames into IP addresses. For example, www.example.com translates to 208.77.188.166.” – Wikipedia

OpenDNS keeps track of and blocks harmful websites and also has a parental control feature and more.

All you have to do is put these two numbers “208.67.222.222″, “208.67.220.220″ into your router settings or your computer’s network settings.

Instructions for various routers and computers are available on the website.

9. Be Careful about Which Sites You Visit

If you got OpenDNS all set up, you can worry about this a little less. But OpenDNS cannot protect you 100% as news malicious sites keep on popping up.

Warez, crack, and adult sites are the most dangerous categories of websites. Don’t visit them unless you know it’s safe.

Again, an anti-virus will protect you from this kind of threats as well. See how important an anti-virus is?

10. Keep Your Personal Information Safe

Many of these threats are aimed at getting your personal information. So, keep them safe!

Don’t easily give away your name, email, phone, and address to any website.

Don’t store credit card and other sensitive information on your computer. Sometimes, you have to store them on your computer. If so, don’t save an Excel file with your credit card numbers as “credit card numbers.xls” and put it in a shared folder.

Your neighbor who was sharing your internet connection might be tempted. Playing with files will be of little help. You should encrypt your files with a password, too, if it stores sensitive information.

Overall, be mindful of protecting your personal data.

I hope you learned some ways to protect your computer and your personal data. Web is a dangerous place. You must always be on the lookout and have protection.

For a full list of recommended softwares, visit: http://www.scamfreeinternet.com/?p=691

Enjoy a Scam Free Internet: http://www.scamfreeinternet.com

Read internet scam news, software guides, and scam analysis reports.

Debian Chinese How-To
By Yien Bin

This is my personal experience with chinese environment setup on my Debian Box, with KDE desktop.

Here is my specs.

• Debian Unstable, kernel 2.6.18-1-686
• xserver-xorg 7.1.0-4
• kde 3.5.5

Setting your system with english locales, so that your desktop, menus and programs’ file menus won’t show english characters in blurry chinese ttf fonts. You will still have the ability to input chinese in almost everything(browsers, konquerer, instant messengers, konsole, xchat and more).
Here is a step by step instruction.

1. Setting UTF-8 Locale system wide
   

   dpkg-reconfigure locales

   This command will prompt you a screen to select your desired locales. For my case, I have selected

   1. en_US ISO-8859-1
   2. en_US.UTF-8 UTF-8
   3. zh_CN GB2312
   4. zh_CN.GB18030 GB18030
   5. zh_CN.GB18030 GB18030
   6. zh_CN.GB18030 GB18030
   7. zh_TW BIG5
   8. zh_TW.UTF-8 UTF-8

   Set en_US.UTF-8 UTF-8 as default locales. By now, when you output your locales settings with locale command, all the variables with “LC_XXX” shoud be already in “en_US.UTF-8“.

   

2. Displaying Chinese

   There are a few packages you need to get in order to get chinese text displayed correctly in your KDE desktop.
   These are for KDE Internationalization.

   • kde-i18n-zhcn (for Simplified Chinese)
   • kde-i18n-zhtw (for Big5 Chinese)

   You can always add your desired encoding for other languages. I have also kde-i18n-ko for korean, and kde-i18n-ja for Japan.
   After installing the internationalized packages, you will have to install TTF(true type fonts). Here’s the list.

   • ttf-arphic-bkai00mp (“AR PL KaitiM Big5″ Chinese TrueType font)
   • ttf-arphic-bsmi00lp (“AR PL Mingti2L Big5″ Chinese TrueType font)
   • ttf-arphic-gbsn00lp (“AR PL SungtiL GB” Chinese TrueType font)
   • ttf-arphic-gkai00mp (“AR PL KaitiM GB” Chinese TrueType font)
   • ttf-arphic-uming (“AR PL ShanHeiSun Uni” Chinese Unicode TrueType font)
   • ttf-fireflysung (“AR PL New Sung” Chinese TrueType font)
   • ttf-kochi-gothic-naga10 (Kochi Subst Gothic Japanese TrueType font)

   My default chinese font is ttf-fireflysung which I’ve forgot where to get. I remember getting it from a Taiwan site, if any of you have the address, please kindly let me know. If you are unable to get firefly, uming is probably your best choice for chinese text.

3. Changing font for chinese text display

   Sometimes in your KDE desktop, if you have downloaded files with chinese/japanese file names, it will be displayed in square unreadable characters. This means KDE is unable to find appropriate font substitution for unknown characters. You can get qt3-qtconfig to deal with this problem. Inside the program you will get to set font substitution for your default KDE font(mine is Bitstream Vera). Apply several substitution TTFs like AR PL New Sung and AR PL ShanHeiSun Uni, so your text will be displayed correctly.

   For other programs like Firefox, Xchat, amarok and more. You will get to choose their own default font. For my case, once qt3-qtconfig is set properly, these programs have no problem using the settings.

   If above methods still do not work out for you. You can try also install gtk2-engines-gtk-qt. This program will use your Qt settings to draw your GTK applications’ user interface, including the fonts of course. You should also check with

   update-alternatives –config qtconfig

   to see whether which qt config is currently in use. If you have used qt3-qtconfig, you definitely should choose “/usr/bin/qtconfig-qt3″ as your default.

4. Chinese Input Method

   IMO, scim is always the best choice because it has pinyin support, the only chinese input method I’m familiar with. You will have to get these packages.

   • scim
   • scim-chinese
   • scim-gtk2-immodule
   • scim-modules-socket
   • scim-pinyin
   • libscim8c2a

   In order to get scim to work in almost everywhere in KDE, some settings need to be done.
   First, in your ~/.bashrc file, add in this line.

   export LC_CTYPE=”zh_CN.UTF-8″

   This will export your LC_TYPE as zh_CN.UTF-8 since we have already set all these to en_US.UTF-8. This is per user’s local setting, for my case I’ve set my LC_TYPE to zh_CN.UTF-8 system wide, with this command.

   dpkg-reconfigure localesconf

   Use this command to set scim as your default input method for X.

   update-alternatives –config xinput-all_ALL

   Again this is my system wide setting. For user’s local setting, add these lines in your ~/.bashrc

   export XIM=SCIM
   export XIM_PROGRAM=/usr/bin/scim
   export XIM_ARGS=”-d”
   export GTK_IM_MODULE=xim
   export QT_IM_MODULE=xim

   Restart your X-server, and login to KDE. In any text input field(Gaim, Firefox, Xchat, Open Office, Thunderbird and more), when you hit CTRL+Space, the scim toolbar will pop up and you are able to input chinese text. CTRL+Space again to switch back to English.

   Remember not to install the Skim(KDE frontend for scim), as it will somehow freeze your keyboard frequently.

A very useful page at http://www.unifont.org/fontguide/, you might want to check it out.

Yien Bin is a part-time tech blogger. Debian is his favorite operating system. His blog can be found at http://www.nixser.com

Tired of Breaking Your Windows? Maybe It’s Time For Ubuntu – “Linux For Human Beings”!
By Frank Okos

Windows is by far the most widely-used operating system (OS) in the world, but for many it isn’t an easy choice – it’s the only option. If Apple sold Mac OS for installation on machines other than their own, then perhaps that would be another matter. But for most of us, who buy cheaper PCs from small local businesses, or build our own, we just have to keep putting up with whatever Microsoft dishes out.

If you remember the debacle of Vista, with swarms of users scrambling for old copies of XP, you must be dreading the release of Windows 7. But there is another option, one which has already attracted millions of devotees: Ubuntu – “Linux for Human Beings“. Besides the fact it is free, with around 28,000 pieces of free software, it is much more secure than Windows, and one dreaded word doesn’t exist there: VIRUS!

You may have already used it at an internet cafe and didn’t even know it. You might have seen a YouTube clip of the crazy desktop effects you can enable. Chances are, one of your portable devices has a mini version of Ubuntu running it. If you’ve thought about getting a cheap netbook like the Asus Eee PC, don’t be surprised if the OS is Ubuntu. Every where you look, Ubuntu is now starting to play a part, yet most people haven’t even heard of it, let alone know how to pronounce it.

“Ubuntu”, pronounced “oo-boon-too“, is African for “humanity to others“, and this is the underlying principle behind this distro (Linux distribution) that has started becoming a serious player in the computing world. It promises to always be free, with free updates, and the option to upgrade to a new version every six months (for free, of course). All the open source software costs nothing, and the best part is that any programs you’ve installed get updated/upgraded for free along with your system updates.

The wondrous concept of package management makes system updates and software installation a quick and simple matter. Just fire up the default package manager, Synaptic, and you can pick software from categories, or search for terms like “DVD burner” or “RPG game“. Click on any packages that interest you, and from the menu that appears, just mark them for installation. Once you’ve added a bunch of new apps and games, simply click the Apply button, and everything is downloaded and installed for you! I ask you – does it get much simpler than that?

And while we are on the subject of programs, it’s worth mentioning that a standard Ubuntu install comes with a trove of great apps, including OpenOffice.org – a full office suite. Instead of basic(ally useless) Paint, you get Gimp, which is more like an open source version of Adobe PhotoShop. And of course there are programs for multimedia and the internet, as well as a few games. Basically, for most of us, Ubuntu ships with enough varied software to get us started, and you can quickly and easily install more via Synaptic.

What’s more, if you really can’t live without some of your Windows programs, chances are you can run them under Wine, which is like an invisible emulator (the developers prefer the term “compatibility layer“). And don’t worry about all those files you’ve got on your Windows partition, as you can access them in Ubuntu no problems. In fact, you can do anything you now do in Windows, but without all the issues that drive you to distraction.

In Ubuntu, you won’t need an antivirus or anti-spyware software, and the very structure of Linux makes security much less of a worry. All those video clips you downloaded that only seem to have sound will play fine in Ubuntu (once you install the ubuntu-restricted-extras package, which takes care of all proprietary codecs). Instead of limited customisablility, you can tailor your Ubuntu system to just how you want it. And you won’t be constantly plagued by Microsoft and other software companies continually trying to wring money out of you.

So Linux in general is no longer a domain for geeks, and is well and truly “desktop ready“, possibly more than Windows. For those wanting to explore the alternatives to their commercial OS, Ubuntu is a great place to start, with its out-of-box simplicity, massive software library, and huge online community. If you think you might be ready to take the plunge, you can read more on their web site, and Googling for “Ubuntu” will certainly give you some reading material to peruse. Just remember that with an Ubuntu “Live CD“, you can actually boot into a “live” desktop running off the disc, so you can try it out (even surf the web) without touching your hard drive whatsoever! I ask you again: does it get any simpler?

Frank Okos

I hope you enjoyed this article. If you’d like to see some more of my writing, you can check out my blog. It has a casual approach, is often a bit whacky, but more often than not, quite informative as well:

http://ozzyfrank.wordpress.com/

My Ubuntu (“Linux for Human Beings”) technical blog:

http://ubuntugenius.wordpress.com

WEP Wireless Security Stinks – Find Out Why
By Paul McGillivary

Part of securing your network must include looking at your wireless access points. Wireless access can be dangerous to your network. Most people don’t even know how easy it is to exploit wireless access points. Let me illustrate my point. I went out one afternoon and took my trusty laptop with me. The task this afternoon was to scan for “open” wireless access points. An “open” wireless access point is one that has absolutely no encryption, or security, on the signal. This allows anyone to listen in on your data stream. If you still don’t get it, it’s a very bad thing! So, I drove for about 2 miles through a small business district and apartment complex. What was the result? Oh, about 45 open wireless networks. That means that I could log onto those networks, scan it, and exploit machines connected to that network. I didn’t do that, but you get my drift. The lesson here is to encrypt your wireless data stream.

Some people think that choosing WEP encryption offers great wireless security. They would be wrong. Your wireless router may have an option for WPA and WEP. You should always choose WPA security over WEP. Let me illustrate why. I set up a wireless network in my home. I enabled WEP security at 128 bit encryption. That’s “strong” security for WEP. I wrote down the security key and then I started my test. My goal was to hack my own WEP wireless network. I thought it was going to be a really hard task. I was wrong.

I fired up my linux laptop. Linux is just an alternative operating system to Windows. This particular Linux distribution, or flavor of Linux, was a security edition. This gave me all kinds of tools to scan for wireless networks and exploit them. A typical hacker will have all of these free tools at their disposal. I then fired up Kismet. Kismet is a great wireless scanning program. I found my wireless network in the list. I found the connected client and the access point, or router. Then I proceeded to do a typical type of attack on the network. Hackers need to grab what’s called a “packet” from a computer that already has the key for the secured wireless network. The hacker can then use this packet to issue responses from the router. Why is this important? This allows the hacker to gather a tremendous amount of data from the access point. And this finally allows the hacker to crack the WEP security key.

So, I went about hacking my own WEP wireless router. I “deauthenticated” my computer that was already connected to the router. This gave me the packet I needed for the router. Then I started sending this packet to the router a lot. Once I had enough data from the router, I then passed it to a cracking program. Viola, it cracked the key in about 1 second. After the dust had settled, I had cracked my WEP security in less than 30 minutes! But would the typical user see that I was hacking? Probably not. The only thing they would see is that they lost their wireless connection for a moment. This is when I “deauthenticated” them from the network to grab the “packet” I needed.

Remember, I had my WEP encryption set to 128 bits. This is a high level of encryption. But it really doesn’t matter. All a hacker needs is a signal a little time to crack that. Remember, hackers are like house thieves. They will go along the path of least resistance. The harder your wireless signal is to crack, the less likely you will be hacked. They will simply move along to the next “open” network or one with bad encryption. Do yourself a favor, and always choose WPA wireless security over WEP.

Copyright 2006 Jack Knows Inc.

Paul McGillivary has been a technologist for 15 years. In that time, Paul has experienced thousands of technology problems, challenges, and products. He brings this experience to bear in the articles that he presents.

Love learning about computer security? Visit Paul’s tech blog on
Computer Security.