My blog is Nakitaramous. Exciting isn't it.
Welcome and I hope you enjoy what I have to give.
I decided to start this blog because like myself at sometime in the past I needed some help and people were kind enough to help me and now I want to give back to whoever wishes my help.
The topic of my blog is "Network Security" among other things that come into my mind but basically I will cover mostly Network Security and for others, computer security.
Believe it or not but in 1991 I have no idea what a computer is. I retired from the United States Army as an Infantryman, Platoon Sergeant that is. I had no interest in computers, much less computer security. My wife and I travel from the Island of Guam all the way to Colorado Springs, Colorado for a job on a small pickup. When we arrived, I found out the hard way that I was misinformed. I really did not have a job. I traveled with my wife, two kids,and my mom to find out the bad news.
Fortunately since I was awarded the Purple Heart from fighting and wounded in Vietnam someone suggested to me to travel to Denver and apply at the Post Office. So I said, why not and I did. For 18 months I drove from Colorado Springs to Denver, rain or shine, sleet or snow, but I find no choice. I had to get a job or my family will suffer. I had seen all the hardship I can take from my experience in Vietnam and I'll be d... if I will allow the same thing to happen to my family. To make it short I became a supervisor and I retired in 2009 with a pension.
Are you bored yet? How did I get involved with computers? Let me tell you. I opened my dojo, Kung Fu school in English. After all, I am a 7th Degree Blackbelt in WUSHU. My wife came to me one day and said, you know, manually doing accounting for your books takes a lot of work and time, why don't you do it on a computer? I said what! What is a computer? She said, it's a little box that can do this accounting three times faster than I can ever do it. I said, "Does it talk back?" my wife said no but it can add 10 times faster than you can say WOW!! I said I don't know. The only moving parts I know are from an M16. So my wife started me off with the chess game because I love to play chess.
Folks, don't feel that I am telling my life story. This is the start of my blog. I hope that I am getting to interest some of you. What comes after this will be concentrated Network Security. And at the end of each blog I will ask the question of the day, a question on Network Security. Open your minds and be generous, there are others in the world just like you and me.
Now please, I do not want to offend anyone. I would like my blog to be a learning platform for some people, a review for others, and for some, they may not like what I have but I am basically putting this blog together for those that want and need help.
If you like my blog and the content in it read on and continue coming back, if you are too smart and know everything about Network Security then just go away. But please don't troubleshoot me, I won't answer you. If you have constructive criticism, that;s fine, I like that because I am still learning too. All in all, I hope we can all be friends and share what we can to make the world a better place to live in.
Question of the day.
What is the goal of Network Security better known as CIA?
August 13, 2013
The answer for posting #1, what is the goal of Network Security better known as CIA is Confidentiality, Integrity, and Availability.
Did I mention that I received my Masters Degree in Information Technology in 2004? Not bad for not knowing what a computer is back in 1991. Guess what? I did it all online by attending American Intercontinental University (AIU) in Illinois. I can’t say it’s the best university in the country but I can say it’s the best for me, as the saying goes, to each its own.
Now, why do you suppose that every Network Security goal ever written say it is confidentiality, integrity, and availability that computer owners must be aware off and make fixes? That’s because if any one of the three goals is compromised, then you are in deep trouble. The vulnerability hits one of four primary causes. They are known as weaknesses such as;
Let’s discuss Technology for instance. What do I mean here? Well, why don’t I mention TCP/IP? TCP/IP stands for Transmission Control Protocol/Internet Protocol. What do I mean by saying protocol? Protocol is rules that we apply on our system as one of the security measures. I mentioned TCP/IP because this is how our connections come about on the Internet. In fact, it is Internet Protocol that makes connection available.
I want to mention that IP is a non-secure transmission here because it is known as a connectionless protocol. What this means is that every communication that is send over the network using IP is vulnerable because it is send out in clear text. Nothing is secured.
UDP is another communication protocol that is not secure. It stands for User Datagram Protocol and it is also connectionless and sends out in clear text. Everything that is send; i.e. password, name, social security number, address, etc., is send out in clear text and anyone can see it.
Question of the day
What is a crime called in which a person pretends they are somebody else?
August 14, 2013
The answer to the question on posting #2, “What is a crime in which a person pretends they are somebody else is Identify Theft.”
This brings something very important to my mind. Ask yourself, is there anything worse than a death in the family than for you to access your bank account at your bank and find out that some sorry s.. had made an unauthorized charge against your account? I will bet everyone that they will be furious. So what does it mean? Someone had gotten hold of your bank account, debit card number, or credit card number.
This is identify theft folks. Your credit card and debit card is the hardest item to protect because we use it all the time. When we go shopping or go out to eat somewhere we more than likely use our cards. Well guess what, chances are that someone may have mark your card number on a piece of paper and used it later on. Here is a good method or practice you can use. Whenever you pay for something make sure you are in front of the person accepting the payment at the cash register. In other words, don’t give your credit card to a waitress and wait for her to make the payment. Stop by the cash register and make the payment then the chances of compromise are eliminated.
Let’s discuss our computer. I’ll bet some of you do not have a password configured on your computer. Your tower at home is not really a problem unless you invite company over but what about a laptop? Let’s discuss laptop. If you do not have password protection you are risking a whole lot because it doesn’t take anything to turn on your laptop and see everything. For your protection you should always activate a password on your laptop. If someone steals the laptop they cannot go in because it is protected by the password.
And do yourself a favor; make the password hard for anyone to crack it. Do you know that most hackers today are teenagers? Don’t forget that a weak password is just as bad as no password at all. So protect yourself.
Here’s good information, whenever you download something from the Internet a whole lot of garbage piggyback on that download and if you are not careful they will stick like glue on your system. Do your download slow and read everything that pops up. If you do not want to download anything except the original that you wish to download then make sure you skip it. Do not continuously click “next”, otherwise you will be infested with all other stuff, pc fixes, system scanners, update installers are good at this and once you click “yes”, then you just install the item. Some of these items will set you up for free for 15 days then you will receive a bill to continue.
Question of the day
Threats are considered as what type of access to networks?
The answer to posting #3, “Threats are considered as what type of access to networks is unauthorized.
I mentioned back on posting #2 that there are weaknesses in our system configuration the reason hackers can have access, storms of unwanted ads, downloads, viruses can enter and populate, or annoying emails flooding your mailbox. This is part of your configuration weaknesses that you need to pay attention to and configure on your system.
Here is a scenario that happens all the time. You go to your Internet Browser and you click it and the first thing that pops up is a site that you had never seen before. Each time you navigate to IE, the same thing happens. It is very annoying isn’t it and you asked yourself, how I can get rid of it.
Here’s how. Let’s say that you are running Windows 7 operating system. Most people nowadays still have Win7 so let’s start from that.
Step 1, Go to the tool bar on the bottom of the screen, which is your desktop. This is where you should see the Start button.
Step 2, place your cursor any place on the tool bar but not on top of any icon and do a right click. You will see on the page the item Start Task Manager.
Step 3, click on Start Task Manager and a page will pop up.
Step 4, click on the caption that says Process on the bar.
Step 5, scroll and find the item that keeps coming up when you enter IE.
Step 6, once you find it, place your cursor anywhere on the item and do a right click
Step 7, a page will pop up and you can disable the item by clicking End Process.
If this process doesn’t work for you then try the following method, which is what I always do.
Step1, click Start
Step2, go to All Programs and click Administrative Tools.
Step3, click Windows Firewall with Advanced Settings
Step4, click Inbound Rules on the left pane.
Step5, click Action on the Toolbar and click New Rule.
Step6, leave it on Program and click next.
Step7, Enter the path of what you wish to get rid of and click next.
Step8, click the Block the Connection radio button and click next.
Step9, In the Name box enter www port program and click Finish.
Question of the day
Programs that deliver destructive code to a host computer while appearing to be harmless are call
August 20, 2013
The answer to posting #4, Programs that deliver destructive code to a host computer while appearing to be harmless are call, "Trojan Horse”
Take notes everyone that read my blog. What I place on the blog can actually take you closer to passing the CompTIA Security+ exam, that is if you are into Certificates. Everything that I insert as information is actually on the exam. It’s up to you to learn and prepare for the exam but the more you see and learn issues that are actually on the exam is a plus to you.
Starting today I will present a couple or so that is included on the exam.
Let’s say that you are required to secure traffic between SMTP servers over the Internet. SMTP stands for Simple Mail Transfer Protocol. But why are we concern about SMTP? It is the protocol that transfers e-mail messages between mail servers. For security we are concern with port 25 because this is the port that SMTP uses. This is one of the vulnerabilities in our system.
TLS is another security feature and when you enable TLS, you can enable the supporting server to request a secure connection with any server that also uses it. TLS stands for Transport Layer Security and it offers authentication and encryption or maybe just encryption.
What is two-factor authentication? Two-factor authentication is described as that which is based on something you have, a smart card for instance and something you know, which is your pin number. This is one of the means to control computer access, but also to control physical access, as well.
Hey folks, do you have any idea what is an image file that contains a hidden message or date on it?
Would you believe, it is Steganography. This is the process of writing a message in such a way that no one but the sender and the intended recipient recognizes that the message exists. Wow! In that case, you are able to use Steganography with your friends, your spouse, or your boss provided that both sides are parties to it.
Let me touch up on e-mail and SMTP and clarify what it all means. Client computers on a network use POP3 over SSL to receive e-mail, SSL meaning Secure Socket Layer. E-mail services use standard port assignment, which is port 110 to receive our e-mails, but do you know that you should allow inbound packets on port 995? Port 995 is the port actually used by POP3 over SSL, and POP3 is used to receive incoming mail so, therefore, the Internet facing firewall must be configured to allow inbound packets on port 995.
Question of the day
Let’s say that I am contracted to set up a Web farm that includes an access portal at my job’s network and at the same time use the information I gained during the process to infiltrate the network at a later time. How is this type of attack categorized?