My wife received a phone call from 13473227341. The robot claims to be the car dealer, and asks her car's model. After my wife answered the question, the phone is hang.
Searching for 13473227341 yield a Chinese city as origin; after removing the country code 1, searching 3473227341 shows it is a New York phone number.
This kind of robotic phishing phone calls are trying to collect legitimate phone numbers or even personal informations.
The best action is not to give any response and look up for the phone number to tell if it is really belong to a business.
Tuesday, April 10, 2018
7183180198 is a phishing phone number
Received a phone call from 7183180198, the robot voice is the first sign of phishing call. It claims that she is trying to deliver an import package to me but failed. For more information, press 1.
This number is not a real number, but from phishing software. It is trying to collect phone numbers if you pressed 1.
This number is not a real number, but from phishing software. It is trying to collect phone numbers if you pressed 1.
Sunday, April 8, 2018
How to secure your online assets
Nowadays, almost anybody has some online assets, from an email account you used to apply a job to the computer you used to check you online bank account. Hackers are there looking for these assets. If they thought the assets are valuable, they will try to enter your cyber space stealthily or with brutal force.
You guard your real estate with doors, alarm system, home association, police and most importantly common sense. You need to do the same to you online assets. The following posts are a collection of how to make your home network more secure.
* Wireless LAN overview
* Wireless Standards
* Spread Spectrum
* Antena Types
* CA vs. CD
* SSID, MAC Address Authentication, WEP, WPA, and WPA2
You guard your real estate with doors, alarm system, home association, police and most importantly common sense. You need to do the same to you online assets. The following posts are a collection of how to make your home network more secure.
Part one -- end nodes security
- 7 good habits for securing your Mac OS X
- 7 good habits for securing your smartphone
- 7 good habits for securing your windows 7
- 7 steps to secure linux
for advanced users:
Part two -- know your wireless
for network administrators:
* Wireless LAN overview
* Wireless Standards
* Spread Spectrum
* Antena Types
* CA vs. CD
* SSID, MAC Address Authentication, WEP, WPA, and WPA2
Part three -- secure your online account
Part four -- phishing phone call
Part five -- Introduction to network security
for network administrators:
You will learn about network attackers and intruders, how they get in, and how to keep your network save by keeping them out.
* The need for network security
* Classes of Hacker Attacks
* Firewalls and Proxy Servers
* The Attacker’s Arsenal
* Intro to PIX, ASA, IDS, and IPS
* Viruses, Worms, and Trojan Horses
* Preventing Virus Attacks
* The need for network security
* Classes of Hacker Attacks
* Firewalls and Proxy Servers
* The Attacker’s Arsenal
* Intro to PIX, ASA, IDS, and IPS
* Viruses, Worms, and Trojan Horses
* Preventing Virus Attacks
Saturday, April 7, 2018
7 steps to secure linux
Linux/Unix have many species, here we talk about those species designed for efficiency and security instead of luxury and convenience.
Nowadays, the only safe computer system is the dead brick. The one has no network connections -- wifi, bluetooth, cable, etc. You can only interact with it by physically sitting in front of it and typing on the keyboard.
During the boot process for Redhat 9.0 and Fedora Core systems, for example, a sample /etc/inittab file defines the runlevel as follows:
# Default runlevel. The runlevels used by RHS are:
# 0 - halt (Do NOT set initdefault to this)
# 1 - Single user mode
# 2 - Multiuser, without NFS (The same as 3, if you do not have networking)
# 3 - Full multiuser mode
# 4 - unused
# 5 - X11
# 6 - reboot (Do NOT set initdefault to this)
#
id:2:initdefault:
This tells the init process that the default run level for the system is run level 2. This runlevel disables network access, solely use command line without the overhead of X11 based GUI.
Now you have a safe dead brick, you can take time to disable any services that you don't actually need which expose extra access ports into your linux server if you leave them running in the background.
On redhat, to list all service settings run the following command:
/sbin/chkconfig --list
This will display a long list of services showing whether or not they are started up at various runlevels. An example line looks like:
httpd 0:off 1:off 2:off 3:on 4:off 5:on 6:off
chkconfig can also be used to change the settings. If we wanted the HTTP service not to start up when we at runlevel 5 we would issue the following command:
/sbin/chkconfig --level 5 httpd off
on the other hand, you want to enable syslog
/sbin/chkconfig --level 235 syslog on
The following command list all the firewall rules defined by your iptable:
iptables -L -v
You can start by the most restrict rule, then open some connection for the ones you know for sure.
The following rules deny all connections except a one way connection to ip 10.10.10.10 on port 80. HTTP connections TO 10.10.10.10 are permitted, but HTTP connections FROM 10.10.10.10 are not. However, the system is permitted to send back information over HTTP as long as the session has already been established.
iptables --policy INPUT DROP
iptables --policy OUTPUT DROP
iptables --policy FORWARD DROP
iptables -A OUTPUT -p http --dport ssh -s 10.10.10.10 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -p tcp --sport 80 -d 10.10.10.10 -m state --state ESTABLISHED -j ACCEPT
Nowadays, the only safe computer system is the dead brick. The one has no network connections -- wifi, bluetooth, cable, etc. You can only interact with it by physically sitting in front of it and typing on the keyboard.
step 1. get the trusted linux/unix distribution.
Since most linux are open source, that means everybody have access to the source code and can modify it. You want to make sure you get the trusted distribution. So never download the Linux images from anywhere other than the official sources. Always be sure to verify the SHA256 checksums of the file you’ve downloaded against the official values. It would be easy for a malicious entity to modify a installation to contain exploits or malware and host it unofficially.step 2. set a complex password for root
Without guarding root access, any security hardening is a waste of time.
step 3. boot into dead brick.
A runlevel is one of the modes that a Unix -based operating system will run in. Each runlevel has a certain number of services stopped or started, giving the user control over the behavior of the machine.During the boot process for Redhat 9.0 and Fedora Core systems, for example, a sample /etc/inittab file defines the runlevel as follows:
# Default runlevel. The runlevels used by RHS are:
# 0 - halt (Do NOT set initdefault to this)
# 1 - Single user mode
# 2 - Multiuser, without NFS (The same as 3, if you do not have networking)
# 3 - Full multiuser mode
# 4 - unused
# 5 - X11
# 6 - reboot (Do NOT set initdefault to this)
#
id:2:initdefault:
This tells the init process that the default run level for the system is run level 2. This runlevel disables network access, solely use command line without the overhead of X11 based GUI.
step 4. disabling linux services
Now you have a safe dead brick, you can take time to disable any services that you don't actually need which expose extra access ports into your linux server if you leave them running in the background.
On redhat, to list all service settings run the following command:
/sbin/chkconfig --list
This will display a long list of services showing whether or not they are started up at various runlevels. An example line looks like:
httpd 0:off 1:off 2:off 3:on 4:off 5:on 6:off
chkconfig can also be used to change the settings. If we wanted the HTTP service not to start up when we at runlevel 5 we would issue the following command:
/sbin/chkconfig --level 5 httpd off
on the other hand, you want to enable syslog
/sbin/chkconfig --level 235 syslog on
step 5. set up firewall
Software firewall on your linux box is the second line of defense for your linux system, the main defense is the hardware firewall on your network gateway. So if you are in a dangerous environment, such as in shared public network, your software firewall is the only defense for your linux system.The following command list all the firewall rules defined by your iptable:
iptables -L -v
You can start by the most restrict rule, then open some connection for the ones you know for sure.
The following rules deny all connections except a one way connection to ip 10.10.10.10 on port 80. HTTP connections TO 10.10.10.10 are permitted, but HTTP connections FROM 10.10.10.10 are not. However, the system is permitted to send back information over HTTP as long as the session has already been established.
iptables --policy INPUT DROP
iptables --policy OUTPUT DROP
iptables --policy FORWARD DROP
iptables -A OUTPUT -p http --dport ssh -s 10.10.10.10 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -p tcp --sport 80 -d 10.10.10.10 -m state --state ESTABLISHED -j ACCEPT
step 6. Update the OS
Keep the OS updated so that you get the latest security patches.step 7. resist the temptation of installing unofficial applications
The single most common causes of a broken Linux installation are following unofficial advice, and particularly arbitrarily installing softwares from unofficial repositories.Monday, April 2, 2018
3 kinds of materials that kill your wireless signal
Home wireless routers use radio frequency microwave to carry information. Microwaves are electromagnetic waves measured by wavelength or frequency. For example, the FM radio operate in the 88 - 108 MHz range, older microwave ovens operate in the 2.4 GHz range (yes, same as your CPU's frequency), wireless router 802.11a products operate in the 5 GHz range.
When you choose the location of your home router, you need to consider the radio frequency environment, which is strongly effected by the building materials in your house. Each structure or building material will provide a different degree of penetration to the radio signal. Depending on your purpose, sometimes you want to maximize the penetration, so that the signal can reach a bathroom on the other side of the house; sometimes you want to block the radio signal, so that war-driving hackers won't be able to catch leaking wireless signals on the street near home.
Structures that qualify as severe radio hazards are generally floor to ceiling structures that have a significant effect on the receive signal strength, either by completely blocking the signal or by reducing the signal strength by greater than 60%. Usually these structures are made of dense material and have varying degrees of metal associated with them.
When you choose the location of your home router, you need to consider the radio frequency environment, which is strongly effected by the building materials in your house. Each structure or building material will provide a different degree of penetration to the radio signal. Depending on your purpose, sometimes you want to maximize the penetration, so that the signal can reach a bathroom on the other side of the house; sometimes you want to block the radio signal, so that war-driving hackers won't be able to catch leaking wireless signals on the street near home.
Structures that qualify as severe radio hazards are generally floor to ceiling structures that have a significant effect on the receive signal strength, either by completely blocking the signal or by reducing the signal strength by greater than 60%. Usually these structures are made of dense material and have varying degrees of metal associated with them.
- metal is a very good radio blocking material -- as good as a mirror that reflects the magnetic waves (light to radio wave) at the surface, leaving no signal to penetrate through. Computer rooms are sometimes wrapped in a skin of metal shield which don't allow any signal to penetrate through. Your home constructions with metals are falling into this category, examples are mirrors, metal desks, metal room partitions, reenforced concrete floor, exterior walls, bathrooms, chicken wire mesh etc.
- Dense materials like marble, bricks, water, paper allows radio signal to penetrate through while reflecting as well as absorbing some of the signal. Structures made of these materials can reduce the receive signal strength by 5 to 40%. You can find them by looking around: bookcases, filing cabinets, inner walls, kitchen table, fireplace, aquarium, bushes.
- Materials that allow most of the radio signal to penetrate through are generally those materials which don't conduct electricity -- air, wood, plaster, synthetic material, asbestos and glass. Your celling, inner wall, window and door might be able to keep you warm and secure, but the signal from your wireless router pass through them as if they don't exist. This explains why when your pc looks for wireless in range, it finds all your neighbors' wireless routers a few inner walls away.
Subscribe to:
Posts (Atom)