DD-WRT : Linux based Alternative OpenSource Firmware

1.   After we have heard and seen over last few years the rise of Open Source and their imminent threat to Mac and Windows!!!!,now I read about  , a Linux based alternative Open Source firmware suitable for a great variety of WLAN routers and embedded systems.

2.    This open-source firmware was developed for specific router models and is used as a replacement for the factory default firmware. This modification lifts restrictions built-in to the default firmware, providing advanced capabilities to make Internet and Home Network more controllable and versatile.Manufacturers develop routers for non-technical users in mind, making them simple and easy to use, while limiting their effectiveness as a web-access gateway. DD-WRT transforms a personal-class router with limited functionality into a powerful, multi-use, business-class router. With DD-WRT, a router's enterprise potential can be unlocked at a home user's price.

3.    The advantages offered are bought out below :

    - Stability of running a linux-based, non-proprietary firmware.
    - VPN (Virtual Private Network) passthrough capabilities.
    - Software support for the SD-Card hardware modification.
    - Advanced QoS (Quality of Service) controls for bandwidth allocation.
    - NAT (Network Address Translation) support.
    - Cycle router from the Administration settings.
    - Built-in DNS caching
    - Configure the router as a Wi-Fi hotspot using the integrated Chillispot          
    - Radius Authentication for additional wireless security.
    - VLAN (Virtual Local Area Network) Support.
    - Create unique SSIDs (service set identifiers) when using multiple routers.

4.   But it is not a win win situation always,while flashing a router with DD-WRT is highly beneficial , the risks that are involved can sometimes outweigh the benefits . Flashing a router with DD-WRT can be risky and when done improperly, it may "brick" the router. For devices mainly used for private purposes, DD-WRT is freely available. Platforms used for commercial purposes require a paid license. Compared to the freely available version, the professional version also allows for configuration of the WLAN parameters, thus opening up the opportunity of creating e.g. reliable and powerful network infrastructures. Special demands can be fulfilled by specifically tailored versions of DD-WRT.

Keep Changing Your Antivirus : CRUDE but EFFECTIVE Solution to curb Virus menace

1.    We all understand the importance of anti virus today.From a naive user point of view, a user can go for the cheapest of the lot or may be if some one is worried enough he would go for the costliest one....but does that matter in an overall context? I mean w.r.t to the serious business model that this antivirus corporate sector has emerged like....lets see it here down below that brings out the country association of each leading antivirus company :

AVG                                                        :  Czech Republic

Kaspersky                                                :  Russia

Avast                                                        :  Czech Republic

Norton Symantec                                      :  U.S

Avira                                                         :  Germany

E-Set                                                        :  Slovakia

F-Secure                                                   : Finland

McAfee                                                     : U.S

MSE(Microsoft Software Essentials)          :  U.S

Panda                                                        :Spain

2.   Sadly we see,there are no Indian companies in this short list.Besides these,if we get specific to India we can quote two companies viz : Quick-heal and K7 Computing..well....that's not the point that I am here to share....the thing to note here is that all these leading companies have got a affiliation with some other country and none is Indian.So when we blindly load a antivirus or a internet security suite in our systems just on faith and word of mouth publicity from peers and friends...are we doing the right thing ? Do we know what is running in the background ? In the name of uploading our dumps what actually goes to their servers? What information does it contain?How does that company identify a virus or a malware?what's the logic that finds a virus?...all these questions are critical because this all is happening in our own machines.....but most of us hardly bother about all this...coz we have faith!!! :-)...and also because there are no standards existing for defining a QR for a antivirus....there is none to cross check what's being cooked?

3.  Besides having a question mark  on the privacy issues...lets think about the logic being applied or the signatures being released to thwart the known threats....but do we know that more then the known virus list it is the ZERO DAY threats that are getting serious by the day....off-course few bright companies are trying to check that by working on behavioral aspects of a virus or a suspected file...but that has it's set of constraints and is often limited in detecting....so whats the solution.....i recommend using all trial versions for a month each of all leading companies that will pass your one year and then format your windows PC and then start again.....a cheap...crude method of using the best without spending a penny!!!!!!!!!!!!

4.   By the way,just for info...virus detection by various companies have their own speeds...a company like kaspersky may be able to detect a virus soon and another company may detect it later or may not even at times detect one....and this time lag of detection is critical to all users!!!!!a second of compromise is enough on your PC with loads of bytes to upload in a matter of a seconds!!!

Comments invited!!!!

E-Governance and Security Challenges

Copy of the presentation that I gave at the Mini Seminar held under the aegis of IETE at AVCC,NOIDA on the subject : E-Governance and Security Challenges.

  E-Governance and Security

Central Monitoring System : Another step in the Wrong Direction ?

1.    The month of "May" has become started with a "Will" from Indian Government.Now after so many still unresolved issues on Facebook posts and similar things in respect of issues of privacy,it has come up now with Central Monitoring System(CMS).The concept was placed in parliament  some time in December 2012 by the then information technology minister Milind Deora on which the government plans to spend Rs 400 crore and this would "lawfully intercept internet and telephone services"

2.  Now this means that everything we say or text over the phone, write, post or browse over the Internet will be centrally monitored by Indian authorities.Every byte of what is being exchanged by you over the net would be monitored.....but is it actually required?I have doubts per-se owing to the amount of further investment it would require.At a time when Big Data analytics is still maturing,investing so much on monitoring and storing some portion of it pan India would be a herculean task.The key points that I found interesting are dotted below :

- With the lack of privacy laws to protect Indian citizens against potential abuse,this would set another example of wrong feather in the cap.

- CMS has been prepared by the Telecom Enforcement, Resource and Monitoring (TREM) and the Centre for Development of Telematics (C-DoT) and is being manned by the Intelligence Bureau. 

- Without any manual intervention from telecom service providers, CMS will equip government agencies with Direct Electronic Provisioning, filter and provide Call Data Records (CDR) analysis and data mining to identify the personal information and provide alerts of the target numbers.

- The estimated cost of CMS is Rs. 4 billion. It will be connected with the Telephone Call Interception System (TCIS) which will help monitor voice calls, SMS and MMS, fax communications on landlines, CDMA, video calls, GSM and 3G networks. Is their any thing on Mother India Earth left to monitor?

3. Now I fail to understand that how Government expects to monitor cyber criminals by this CMS? Does government actually intend to find out the actual potent and dangerous Cyber Criminals or are they only interested in finding love affairs of local boys and girls!!!coz if the intention is former,would the cyber gang do it without tricks?...without encryption?...without spoofing?...when things like stegnography,TOR,Anonymous etc are still to be deciphered....the cyber crime would go on as it is.The focus should have been on analyzing of what is floating around rather then monitoring open text and messages.

4.  For example if a person with malicious intent,uses Whonix or anonymous kind of OS from a local cyber cafe and then places his message vide a steganographed image that is encrypted,is their any way that this can be deciphered?....technology does not exist today to decipher all this quickly ..still time is there when we reach such a stage....few months back in Dec 2012 when torrent was apparently blocked on directives from Govt Of India,anonymous group had given a open letter shared at http://www.geektech.in/archives/9924.

5. Well it is very clear that the decision makers in such moves are unclear on technological reality but also provisions for a scenario like WAR within....each step in such a direction has to be taken carefully because these are really critical.Additionally,outsourcing such moves to unreliable or may be foreign firms may become a serious threat.....

6.  Well at the end of the day,it is just my view per-sewhich no body is bothered...but the repercussions are serious to be avoided and ignored

4G drives to Indore in Cars and Motors via BSNL

1.   Indore is keeping its surfing grounds ready to welcome the 4G speed @ courtesy BSNL.Likely to be launched in some time May 2013......this will also be the first time some thing known as WiFi based "Internet on wheels" will be launched...but that is scheduled slightly later.

2.   Key features about the same :

 - 8 Mbps speed

-  Wi-Fi-based internet facility to motorists on move

-  Rough payment plans :
   
-   "BSNL's internet-activated car kit would be available in three ranges of one time payment plans that include : 
      - Rs 6500, 
      - Rs 27,500 
      - Rs 29,500

-  This will come along with a standard dial-up plan of Rs 250 per month.

3.  Here you go Indore'ites....all the best....but at the same time what props up is how will the gadgets handle this 4G speed....will the already held 3G mobiles and Tabs be able to take on the new G or are we awaiting new advertisements to lure us buying 4G devices!!!!

HP LaserJet Pro printers : Telnet Vulnerable

1.    A critical vulnerability discovered in few LaserJet Pro printers that could give remote attackers access to sensitive data. The latest breach expose by Germany security expert, Christoph von Wittich.In brief points below :

-   HP LaserJet Professional printers contain a telnet debug shell which could allow a remote attacker to gain unauthorized access to data.

-   Christoph von Wittich,the guy detected the vulnerability during a routine network scan of his company's corporate network.

-   Vulnerability could also be used for a denial-of-service attack.

-   As long as the printer is not connected to the Internet, this vulnerability should not cause much trouble for the end user,".

-  Effected printers include

      HP LaserJet Pro P1102w
      HP LaserJet Pro P1102
      HP LaserJet Pro P1606dn
      HP LaserJet Pro M1212nf MFP
      HP LaserJet Pro M1213nf MFP
      HP LaserJet Pro M1214nfh MFP
      HP LaserJet ProM1216nfh Multifunction Printer,
      HP LaserJet Pro M1217nfw Multifunction Printer,
      HP LaserJet Pro M1218nfs MFP
      HP LaserJet Pro M1219nf MFP
      HP LaserJet Pro CP1025nw
      HP LaserJet Pro CP1025nw

2.    Now for HP something like this is not new....even in past about 2 years back in dec 2011,a vulnerabilty was discovered wherein "Print of one malicious document can expose your whole LAN".

3.    In-fact I discussed a past case at Feb 2012 last year here....3 months after that happened.HP seems to be busy with printing only....high time they start focusing serious work on security aspects too!!!!

4.    Thanks THN....The Hacker News

Power of PING

In our respective interactions with various networks accessible to us.....as administrators we keep pinging so many IPs for testing the connectivity at various times like ping 192.121.23.1 etc....and we get a response...but ping it self has so many switches that most of us hardly use......i came across a chart today that in a summarized form tells the switches of ping command with examples and a brief explanation.....sharing here with you...thanks http://www.activexperts.com

ping -c count	ping -c 10	Specify the number of echo requests to send.
Ping -d	ping -d	Set the SO_DEBUG option.
Ping -f	ping -f	Flood ping. Sends another echo request immediately after receiving a reply to the last one. Only the super-user can use this option.
Ping host	ping 121.4.3.2	Specify the host name (or IP address) of computer to ping
ping -i wait	ping -i 2	Wait time. The number of seconds to wait between each ping
ping -l preload	ping -l 4	Sends "preload" packets one after another.
Ping -n	ping -n	Numeric output, without host to symbolic name lookup.
Ping -p pattern	ping -p ff00	Ping Pattern. The example sends two bytes, one filled with ones, and one with zeros.
Ping -q	ping -q	Quiet output. Only summary lines at startup and completion
ping -r	ping -r	Direct Ping. Send to a host directly, without using routing tables. Returns an error if the host is not on a directly attached network.
Ping -R	Ping -R	Record Route. Turns on route recording for the Echo Request packets, and display the route buffer on returned packets (ignored by many routers).
ping -s PacketSize	ping -s 10	Sets the packet size in number of bytes, which will result in a total  packet size of PacketSize plus 8 extra bytes for the ICMP header
ping -v	ping -v	Verbose Output. Lists individual ICMP packets, as well     as Echo Responses

Malicious Shortened URLs : Rising Threat

1.     Internet today is all but a minefield of boogies,traps and malware.....every day so many threats are born....though most of them die but still a huge percent of them survive the security walls and become stronger by time as they are able to remain live and acvtive.In recent times shortened URLs have become popular amongst users (including me...:-) to conserve the typing space like in microblogging sites viz twitter etc.So typically a naive(???),prone user who submits his long URL to a site to get a shortened URL receives a second,specially coded shortened URL that redirects to the original URL.So here lies the weak hole that is most of the times exploitable by the attacker...because the actual destination URL is hidden in it....so going by the looks...there is nothing to worry...but it is the redirection that is a cause of worry...it may be right or may be redirecting to a malicious link....!!!!so when some one uses a free URL shortener ,he does not have control over that shortened link. And, should something happen to the provider of that URL shortener, then he risks redirecting ALL of shortened links elsewhere!!!

2.  We all know that clicking links is pretty tempting....so it is just a matter of one redirected malicious link click that makes the difference....so whats the solution????...actually companies like Facebook,Gmail, SBI, Paypal ,twitter etc are offering users the option of persistent SSL encryption and authentication across all the pages of their services including the login and all accessible pages.....but this does not stand good for all...for these sites also..it is optional to vide the settings for accessing....

FACEBOOK : The New Playground @ Dangerous

1.    It does not date back long in the past time corridors when I as a kid used to go to play grounds in the evening to play with my friends...meet them....fight with them...abuse them...get abused and then get back home for studies and prepare for next days school work and the cycle repeated every day...week and months.But what happens today with a typical metro kid....a school child in the bracket age of 10+ goes to Facebook to play with friends...he meets them.....abuses them at times...gets abused on the wall or vide posts.So more or less....things stand at the same place ,only the grounds have changed.First it was the actual play grounds and now it is all getting virtual.....blame it on lack of infrastructure with concrete eating much of space in metro's or lack of parental monitoring owing to their ultra busy lives.....for the new era generation...social networking sites like Facebook is the new PLAYGROUND.....the virtual one for a change!!!!

2.    So the rules remain the same....ie we have our social circle like we used to have in past...we meet vide post and comments...we like each other for something and dislike each other for some thing...here we cannot shake hands and hug each other but yess we can take grudges out of each other via so many means like hacking....cyber bullying...post hatred... cyber stalk...mobbing...sexting,internet trolling etc...the list is actually endless and the related terminology is on a phenomenal increase.So a typical new gen kid for whom Facebook kind social networking sites are the new playground to play....the proneness to the bad elements in the society remains actually higher then in past....for here it is just a matter of few compromised screenshots...hacked passwords and the kid is on way to become a victim...

3.   The recent case of Amanda Todd is indeed beginning of such sad but many in line expected incidents waiting to happen....today we may allow our kids to have a Facebook account or some social networking website account but without effectively monitoring the kid remains as prone as Amanda Todd.For this to happen the parent have to have basic IT IQ quotient to monitor to avoid any such incident.Like past when a child could be left at home assuming safe..it does not remain the same today....he has access to smartphones....he has access to tablets...internet via so many means.Even basic forensic knowledge possessed by the parents is bound to fail if the same is happening in Cloud rather then on the machine at home...

4.   Its time for the parents to equip themselves with the tools and knowledge required to monitor and watch the kids...also realizing that today's kids are more smarter in terms of grabbing the technology then ever....if you have reached reading till here...u must read the complete story here

Hacking a HEART : Lover's Dream vs Hacker's BEAT IT!!!

1.    I think this is yet to come even on screen...but has unfortunately happened in real life.So we have all heard of Pacemakers that keep connected to internet to provision live feed of diagnostic parameters to their doctors mobile phone!!!smart....veri smart.....so those of you who read this for the first time....the cardiac pacemaker's based on internet call essential parameters to assist in diagnosis and fine-tuning.The patient's data is sent automatically on a daily basis to their cardiologist. This greatly simplifies patient care and can improve quality of life significantly..but now read on whats the worry about.One top google search led me to this vendor St. Jude Medical.Details of such selling pacemakers at this site.

(Photo Courtesy : http://www.popsci.com/scitech/article/2009-08/first-patient-implanted-pacemaker-communicates-wirelessly-her-doctor)

2.     So hacking a heart has been a lover's dream for ages....but in this age it can be hacked and controlled in all means.I read this article by Nick Barron at http://www.scmagazineuk.com and another one by GREGORY FERENSTEIN at http://techcrunch.com.

At a recent developer conference, a pacemaker was wirelessly hacked to send deadly 830 volt shocks. Even worse, it would be “100 percent possible” that virus could spread to other devices in a wave of “mass murder”.The demonstration showed how to rewrite the devices onboard software (firmware). 

3.   So now what?.....this means that all those light hearted guys who are surviving on such internet based pace makers for actually facilitating live feed to their respective doctors now also need to worry about eating Antivirus Tablets and wearing Firewall Clothes!!!!uuh!!!!Although the recipe bought out here 

makes a perfect movie story but is actually a pretty worrisome worry!!!

4.    The image shown above is for reference only for the readers to see how actually a internet based pacemaker looks like.Case in point hacking of the device has got no link to the company and any of its product.

NATIONAL CYBER SECURITY POLICY : DRAFT

1.    Finally we are working on a national cyber policy....infact late but ...IT'S NEVER TOO LATE....the thing that we have started on this is a good sign.The draft of the subject policy is available at www.mit.gov.in/sites/upload_files/dit/files/ncsp_060411.pdf and is in fact inviting comments in case u have any!!!

2.   The draft is a 21 page report.After going through the same I have given the following points at the desired email address available in the draft report.

PARA 3.3 (I) C
GOVERNMENT SECURED INTRANET :
Addition point :

“ In addition to the emphasis on creation of such kind of intranet, efforts at the design stage should be made to exclude all possible options of internet connectivity with this intranet to avoid any kind of imminent threats. This intranet may need internet for various updates etc ,but this should be a privilege access point and no node should be allowed a free access. Any attempts to connect the same may invite action as a threat to nation. The limited internet connectivity to this is required for the following purpose :

- It is the most common action by any user to browse the net. Once given a opportunity he/she is always eager to access emails and download malware or infected software or any third party application. This is the point where command and control centre of a Botnet can be established by a cyber criminal. To avoid such practices it would always be the endeavor of the designer and the super administrator to ensure physical separation of Intranet and Internet. This Intranet should also be subject to regular cyber /IT audits by govt recognized penetration testers and forensic experts to maintain a cyber secure working environment.

PARA 3.3(D) @ Page 12
OPEN STANDARDS

The strength and power of open standards and applications remains unexploited in our country. Other developed nations who have realized the potential of this standard are already contributing significantly to their positive growth in cyber space. This has largely been possible owing to the lack of exposure of such standards by the new generation who is only exposed to the windows environment. Policy should be in place to ensure growth of open standards at school level curriculum.

PARA 3.5.2
COMBATING HIGH TECH CRIME/CYBER CRIME

Though the cat and mouse race between the good and the bad cyber guy would remain on always,it is worth noting that cyber crime if not controlled at such a nascent stage of induction and growth, has the full potential to become a cyber threat.No single policy would be able to achieve a CYBER CRIME FREE CYBER SPACE.It remains the onus of the common man how he tackles the cime himself.It is here that the National Cyber Policy can contribute in the following manner :

- Cyber Huntsville is a collaborative cyber community with the aim of attracting and developing the brightest minds, attacking the most complex problems, and providing the best solutions of national and international significance. Cyber Huntsville is an integral part of the National Cyber Initiative. Similar establishments should be encouraged at India level. More info at http://www.hsvcity.com/cyber/

4.2.3
Thrust areas of R&D  : 

-  Thrust areas of R&D should majorly focus on inducing maximum SRS and QRs at the DESIGN STAGE. Because, if not done at this stage, whatever work follows is patch work that remains a cover up action.
- Analysis of data flow in a network
- Pentration testing
- Storage solutions with backup, archiving, recovery provisioning of entire data.

5.1.1
ENABLING PEOPLE

Promoting a comprehensive national awareness program to include organizing seminars, events, webinars, guest lecture’s in tie up with established societies like IETE,Institution of  Engineers, Computer Society of India etc

Besides,these points I would suggest to include ensuring information security by managing the flow of information to the citizens as well as on securing its physical information infrastructure.The policy should call for the following :

- Popularize e- government
- Optimize the cyber industry structure.
- Provide a rugged 24x7 nationwide cyber infrastructure.
- Promote innovation of cyber technologies.
- Build a cyber oriented national economy.
- Design way to advanced internet culture.

CONTROL COOKIES TAKING CONTROL FROM UR BROWSERS

1.  In my earlier post here about cookies and types,I had mentioned about types and some relevant details.Now this one mentions about the steers and control available in prominent browsers to disable cookies digging into ur privacy !!!

Google Chrome

Go to 'Tools Menu'

Click on 'Options'

Click on 'Under the Hood'

'Cookie Setting' should be selected. Once done select 'Block all Cookies'

Now all cookies should be blocked on your Google Chrome

To clear existing cookies:

Go to 'Tools Menu'

Click on 'Options'

Click on 'Under the Hood'

Under 'Privacy' section select "Show Cookies'

A new window should open called 'Cookies' In here you can see all the cookies within your Google Chrome Browser.

Click on "Remove All" to remove all traces of cookies

If you wish to only remove a certain cookie, simply highlight and click "Remove"

Firefox

Go to 'Tools' in the menu bar

Click on 'Options'

Click on 'Privacy Tab'

Disable the box that says 'Accept Cookies From sites'

To clear existing cookies:

Go to 'Tools' in the menu bar

Click on 'Options'

Click on 'Privacy Tab'

Click on "Clear Now"

Select "Cookies"

Click on "Clear Private Data Now"

Internet Explorer (IE) 9.0+

Go to 'Tools' in the menu bar which should drop down then click on 'Internet Options'

Click on 'Privacy' Tab on top

Move the slider up to the 'Block all Cookies' button

Important Notice: Blocking all cookies may prevent you from entering alot of sites.

The next two Internet Explorer privacy levels, High and Medium High, may be more suitable.

To delete existing cookies:

Go to 'Tools' in the menu bar which should drop down then click on 'Internet Options'

Click on 'General' tab which should be under 'Browsing History' and click 'Delete'

2.  Thanks http://www.allaboutcookies.org

INTERNET KILL SWITCH????

1.   Recent events in Egypt and the debate over the “Cyber Security and American Competitiveness Act of 2011”, has introduced the cyber world with a yet another jargon term “INTERNET KILL SWITCH”.Whats this all about and what does this mean.....crux in brief as i understood after going through few good informative sites....read onnnnn!!!!!

2.   The term would give US the best tools available to swiftly respond to a significant CYBER threat.Thus if the U.S. detected a serious cyberthreat at some point of time, this switch would enable the US President to instantly shut down any infrastructure connected to subject infrastructure.It is not a mandate to be able to shut down the entire Internet but rather authorizes the president to order turning off access to “critical infrastructure” .

3.   Our interest here is to look at just one dimension of the issue – the technical feasibility; the political and policy aspects, we’ll leave to others.

4.   Thanks http://www.switched.com

ZERO DAY EXPLOIT : ???

1. While reading an article on Browser Forensics,came across this term "0-day" exploit....whats it all about?

2. A zero day exploit is a malevolent computer attack that takes capitalizes on a security hole before the vulnerability is known. This means the security issue is made known the same day as the computer attack is made. In other words, the software developer has zero days to prepare for the security breach and must work as quickly as possible to develop a patch or update that fixes the problem.This occurs on or before the first or "zeroth" day of developer awareness, meaning the developer has not had any opportunity to distribute a security fix to users of the software.

3. Zero day exploits may involve viruses, trojan horses, worms or other malicious code that can be run within a software program. While most programs do not allow unauthorized code to be executed, hackers can sometimes create files that will cause a program to perform functions unintended by the developer. Programs like Web browsers and media players are often targeted by hackers because they can receive files from the Internet and have access to system functions.While most zero day exploits may not cause serious damage to your system, some may be able to corrupt or delete files. Because the security hole is made known the same day the attack is released, zero day exploits are difficult to prevent, even if you have antivirus software installed on your computer. Therefore, it is always good to keep a backup of your data in a safe place so that no hacker attack can cause you to lose your data.

4. Thanks http://www.techterms.com/

Where does your Website Rank in the web?

1. An interesting free info site for to see what you have done with your website and what you need to do to increase performance of traffic and readers to your website is listed below. The site uses a combination of tools to solve issues or tweak your best techniques used in your web design and content.

2. The name of the site is http://truxtertech.com/siteworth.