Hide Your IP Address - IP Hiding and Protecting Your Identity Online

In internet technology, there is a numerical marker assigned to each device connected to an internet network. This numerical marker is called the IP address. It can be used to track any computer in a particular internet network. As this address act as a locator and route to wherever your computer is connected to in the network, you might want to make yourself invisible from anyone who cares to find out where you are.

The way out in maintaining your privacy on the internet is by installing "IP hiding" software on your computer. This software can help you change your location as it appears on the computers of those trying to locate you.

It can also mask your identity from those websites that have previously blocked you from accessing their sites due to different reasons. The software will make you appear as another user before the website therefore allowing entry into the site. Even the security of sites that are country-specific (i.e. allow access to only users of specific countries) can be bypassed by using the software to change your location.

This software is cheap and easy to use. It can be gotten online or at software sale centres. Unlike using proxy servers to hide your activities online, IP hiding software is not slow and does not contain lot of ads. Also, pages are faster to load using this software than proxy servers because the software is not dependent on the number of people using it.

Therefore, with the advent of this hide your IP address software, it has been made possible to move through the cyberspace with stealth and without the fear of been watched by an unseen eyes.

Want to surf anonymously and protect yourself online? CLICK HERE!

For more useful tips and reliable tools to surf anonymously, visit http://anonymousinternetbrowsing.com

How to Safeguard Your Online Businesses

With the increased popularity of web hosting services in enhancing and expanding one's online business, the number of web fraudsters has increased in parallel over the last few years. These web hosting spammers usually prey on those web hosting companies and websites which do not take the proper precautions to protect their sites against spam and frauds. This is because it is very much easier for them to intrigue websites which are vulnerable against fraud because of the lack of security measures and protection the websites have invested in.

One of the most common types of fraud is email fraud. This is where the scammer will send a mail to your web hosting address trying to convince you to enroll for their advanced services which also entitled you to participate in their lucky draw contests to win marvelous gifts. Some may even tell you that your hosting contract is about to expire and you may enjoy from up to 20% discount if you renew your membership now. Regardless of which reasons they used, there is a high likelihood that the website owners will act promptly and harshly because they are in great fear of losing out a great opportunity if they do not response within the limited period of time.

Once you given out your credit card information to them, they will spam and abuse your credit cards until you finally found out and cancel off your credit card. By then, the harm would have been seriously done. The only way to prevent you against this type of problem is to get yourself a highly reputable web hosting company that provides high protection against their email file transfer protocol accordingly.

Another way to identify potential email fraud is by checking and validating the origins of these email messages. If any of the email addresses are different than those that you normally received from your hosting company, then most likely it is a fraud attempt.

On top of everything else, you need to make sure that your web hosting company is well equipped with the necessary security notifications to keep you well alert should there are any incoming mails which are different than they normally look like.

Another security features which is highly important is the encryption service where all the important data such as the credit card information, bank account numbers, addresses, phone numbers, and other personal information which are transferred through your web server everyday should be encrypted to prevent any of these from being intercepted by hackers and criminals for illegal purposes.

It is very important to make sure your server is highly secured, it would be better to create one's own e-commerce server rather than getting them loaned from a third party hosting company. Servers should always be well protected by a strong firewall. One need to always validate that our security features offer by their web hosting companies are of the latest version. It is quite risky to you to continue using the older version as in a lot of situation, the hackers may have already found ways to exploit the security code of these older versions.

Having an e-commerce business for online selling is indeed a great way to gain profit for your business, and it is equally important for every one of us to avoid from being victimized by online fraud and charge back and spammers.

If you want a reliable web host, there is nobody else who can do a better job than Host Gator. Why? It is not only about their 99.9% uptime. They are much more than that. You should learn about it from Hostgator reviews.

Darren is a full time web developer for years. Due to the nature of his expertise he has accumulated great experience on web hosting. Do check out what he says about web host.

How to Monitor Children on the Internet

As a responsible parent, you need to learn how to monitor children on internet. Although you may not fully understand the importance of this, you will soon realize that it is very important. You always keep an eye on smaller children, but teens need a much more watchful eye.

This is because teens usually hang around in chat rooms and social networking sites. Sure, social networking sites are a good place to meet friends, but they also contain a lot of predators, just waiting to connect with your teen.

A predator can pose as any person they feel your teen may be interested in. Once they befriend your teen, they can lure them to a location so they can assault them or worse, they may obtain personal information about your teen and arrive on your doorstep.

Knowing how to monitor children on internet can prevent this frightening scenario from happening to your teen. If you were aware of all of their activities, you would be "in the loop" and you could block certain websites or report suspicious conversations to the police if they are of a sexual nature.

Teens are not more intelligent because they are older than your small children. They still have a lot to learn. There is a lot of room to get into trouble on the internet. Not just from predators, but also from malicious spyware. Some websites contain a lot of these types of infections, which you can easily infect your computer with. What you need is a very good anti virus program and a monitoring program that work together.

Once you have a good idea about how to monitor children on internet, you won't have to worry and wonder about what your teens are doing online, because you will know and be able to review the logs from the monitoring program.

Confused about what sort of keylogger you should go for? There's a lot to choose from on the internet. Some are great but some, of course, should be avoided. 'Keylogger Downloads' is a website that helps with this, comparing keyloggers side bt side in an easy to read format. To See The website go to: http://www.keyloggerdownloads.com.

IP Hiding Software - Hide Your IP Address and Protect Yourself From Identity Thieves and Hackers

Identity theft can easily cripple a person's financial standing. A successful attack will cost anyone thousands of dollars as their personal financial records will be used without their permission. Attacks can even extent to services as hackers can gain services using the data of another person without their permission. Fixing the records caused by identity theft will require more money and the time frame to fix this problem could last for months.

The main factor why a person's personal information is hacked is the exposure of IP (Internet Protocol) address. This is a small piece of data assigned to every internet user. This data is used to trace the location of the internet user so that proper services will be provided. While this can be used for purely legitimate reasons, there are persons who might abuse accessibility of this data and use this privilege for stealing personal information.

That is why one of the best methods in protecting your personal information online is to hide your internet protocol address. There are two ways to cover this information: proxy servers and software.

The first method (proxy server) is a very simple service because it is a browser-based service. Users simply enter the URL of the website they want to visit and they will be taken to the site with their IP address hidden. This type of service usually does not ask for any payment but they are full of advertisements that the page is loading slower.

The second method (software) is the IP hiding software. These applications are often shareware (try before you buy) but their advantage is on the ability to load the website faster. The software doesn't require any websites or URL before your preferred website is loaded in the browser.

The first option is for those who do not use the internet for serious stuff. The second option is for those who do not want to fall victim to identity thieves and hackers.

Ever since my account was hacked because I used a free proxy to access it online, I have learnt to stay away from them. I now use IP changing software and I have not fallen victim to hackers since I started using them.

For a reliable tool to change your internet protocol address and protect your identity online, CLICK HERE!

For reliable and affordable tools to surf anonymously and protect yourself from identity theft, visit http://anonymousinternetbrowsing.com

Free Spyware Downloads - Are They Really Free?

Is your computer driving you mad by running ridiculously slow? What do you think is going to fix it? Let me answer for you - a free spyware download ("anti-spyware" actually) is the first step to fix this annoying problem.

Spyware removers are the only defense you can have in these times of hackers and viruses. Spyware comes in all sorts of forms and no computer - no matter how fancy - is able to defend against most of it.

The only thing needed for spyware to gain access to your computer is by your computer being online. When it's downloaded, you aren't notified.

Identity Theft

Spyware is responsible for doing lots of bad things to your computer. If you are lucky, you have only had your computer's files damaged or hacked by spyware before. Some unlucky computer users have been the victims of identity theft.

Just imagine what it feels like being blamed for something that you are not even aware of. Some unlucky folks have had their bank accounts drafted hundreds or thousands of dollars without their knowledge. Something like this may go unnoticed until your debit card purchase is denied.

There is legal and illegal spyware, but the "legal" spyware nevertheless collects informaton that any reasonable person would consider private. This info includes practically everything about you and your computer, except for financial information.

Keyloggers Record Your Every Keystroke

The more malicious spyware, however, does not stop there. It will collect and store your passwords, account numbers, and anything that could help a crook gain access to your money. One of the methods that the malicious spyware does this is by logging (recording) your keystrokes on your keyboard with programs called "keyloggers."

These are just some of the examples of what spyware can do to your computer and to you. To avoid being a victim of computer crime, get a spyware removal software for your computer ASAP.

What Do The Free Spyware Downloads Do For Free?

In order to save money, look for one of the free spyware downloads online. Many of these free spyware detectors are pretty advanced. Are the free spyware downloads actually free?

The free downloads will only alert you to the presence of malicious spyware on your computer - they won't actually delete the spyware from your hard drive. In order to have any "malware" (short for "malicious software") removed, you'll have to purchase their software.

You shouldn't be surprised at this, though, because the manufacturers of spyware detectors and removal software are businesses that are not staffed by volunteers: Highly-trained programmers have to continuously update the anti-spyware software in order to keep up with the tireless hackers who continuously put out malicious spyware.

Continuous Updates

As a paying customer, you get the benefit of these constant updates to your software. But this benefit goes way beyond being merely convenient - it's a requirement for your personal information to be adequately protected from prying eyes.

It is awesome to have the peace of mind that your private information is safe. But it is also great that you get the anti-spyware software for a very low price, despite the extremely high cost of producing and updating it. This is because you get the benefit of volume pricing - with thousands of folks like you and me buying the service and thus lowering the cost for everyone.

My recommendation is to get your computer and personal info protected ASAP. Yes, you could save a few bucks now by not buying anti-spyware protection, but end up suffering a financial disaster of biblical proportions later!

Charles has been publishing helpful articles online for years. To discover which free spyware download is the best deal for you, go to http://freespywaredownload.org

Online Shopping - Security That You Need to Practice

Online shopping now is a huge industry. We buy, we sell, we pay bills... the list is almost endless of what we can do online. Hundreds of billions of dollars are spent worldwide shopping online every year. Unfortunately, with all the pluses of ease and speed of online shopping and transactions, come a few negatives. Here are a few tips to making online shopping more secure.

When using sites, always try to use well known and secure sites, so that your chance of being taken advantage of is greatly lessened, or eliminated. You can check with the department of consumer affairs to see if a particular site is not recommended.

There are a number of ways to identify whether an online site is secure or not (see notes below)

Some of the common types of online fraud

• Chain letters
• Illegal trading and investment activities
• Scams
• Pyramid Schemes
• Identity theft
• Dummy Auctions / Dummy Bidding
• Credit card theft
• False sale prices

Usually, an online company that states everything on their web page has nothing to hide. This includes;

• Privacy statements

• All information relating to what they sell, the conditions of purchases, and lines of communication should you need to talk with them.
• Testimonials

• Reviews

When using a secure site, many steps have been taken to ensure your security.

1. Advanced encryption and validation processes, are used to protect your credit card number. This stops others from identity theft and fraud. If your browser shows a locked icon near the web address, then this will show that you are on a secure site.

2. Secure sites can also have https:// instead of http://, the 's' means 'secure server'.
Other items that you can look for may include pop up windows that confirm your security. If none of these are in place, then it is probable that the site is not as secure as you need it to be.

3. Paying by credit card is actually quite safe compared to traditional beliefs. Encryption and credit card technologies have made most transactions very secure. In most countries, the credit card is limited to a certain amount (for example $50) to minimise the possibility of unauthorised use. Credit cards can be safer to use than money orders and checks.

4. You can also use an alternative - the single use credit card, one that is just used for online purchases. You can find this service from some credit card companies. These cards will expire immediately after their use so a potential hacker cannot retrieve any funds from you. Ask your bank about this service.

5. Keep all transaction records. These are proof and a trail that can be used as evidence that you made only certain purchasers. They will show order dates, delivery dates, and any other details that may be required in an investigation.

Need some help? Foresight Security planning was created for you. An easy to understand and use security advice and consultancy service, which also has online security advice via our email or phone.
Small - Large Business, Families, Over 55's, Women, Children and Travel Security Advice.

Contact Foresight Security Planning now
info@foresight-security.com
http://www.foresight-security.com

Coast to Coast - An Incident Response Article

Disclaimer:
The following is an account of an intrusion event that I handled many years ago. I am no long involved with any of the parties mentioned in this article.

The client targeted was a financial institution and, here, will be called "the Bank." Some techniques and details of this incident will be omitted, for obvious reasons. The names and specific locations have also been changed. There are different ways people conduct incident response and handling. That's why there are 31 flavors of ice cream.

Tuesday morning started off like any other day. I was sitting in my office with my morning cup of coffee when my phone rang. My boss stated that he had received a call from a client, the Bank, stating that they were being attacked by hackers. Until that day, I had no working knowledge of the Bank's infrastructure nor did I know if the staff had the experience or expertise to correctly identify an actual attack versus a port scan, probe, virus, etc. Through my experiences working in security, I have come to realize that a lot people use buzz words like "hackers" to identify events that they do not thoroughly understand.

The initial information I had was sketchy at best. I learned that the Bank had firewall on the front end along with a NIDS and were in the process of implementing the ASA solution into the infrastructure. I contacted the Chief Information Officer of the Bank as I grabbed my laptop bag and headed to their corporate office. I wanted to get a first-hand assessment of their current situation. The information he provided told me they were experiencing something more than just a simple port scan or viral annoyance.

The CIO stated that they were having trouble with an attacker continually modifying the Bank's customer login portal. They believed this modified page was allowing the attackers to collect the Bank's customers ATM information in order to create duplicate ATM cards. Branch transactions reports showed that the attackers were successfully withdrawing customers' funds. The Bank was initially alerted to the attacks when customers started reporting unauthorized ATM withdrawals from their accounts. The CIO said he had a "band aid" solution in place, but they really needed to identify the method of entry and stop the attack. The temporary solution had decreased the frequency at which the page was being modified but had not stopped the attack completely. As I pulled into the corporate office, I knew the next several hours were going to be interesting.

During a quick meet and greet with the staff and management in the conference room, I needed to start the flow of information quickly and begin delegating collection tasks. Since the staff had not identified the point(s) of entry, I requested a network diagram of the infrastructure including all branches and especially all network entry points into the network. Additionally, I requested a copy of the firewall logs and configuration, router configuration, access logs, IDS log, IIS log, event logs from the web server, and SQL logs. On the positive side, most of the logs appeared to intact and the history of some spanned back several months. I asked for two copies of each log, the first copy containing the last 12 hours of activity and the second copy, the complete log.

While the reports were being generated, I questioned the staff about the information they knew for fact. Speculation during the information gathering phase can cause more trouble than good, leading to a wild goose chase and a loss of focus on the facts. The M.O. described by management and the staff suggested this was a fairly complex operation that consisted of a group or multiple persons being involved.

The staff stated that they had experienced an identical attack the previous year that resulted in a reported loss of around $30,000 in unauthorized ATM withdrawals. This resulted in the staff making various changes to the firewall configurations, the introduction of IDS monitoring, and changes to other system and network devices. The attacks ceased after these changes were made so the problem was thought to have been corrected. The current attack cycle had resulted in the loss of approximately $25,000 and growing so time was a luxury that could not be afforded. The initial attack profile developed by the staff from the previous and current attacks showed that within 10-20 minutes of the customer's financial information being collected, the attackers were making an ATM withdrawal from their account. The withdrawals were in the amount of the maximum withdrawal limit set by the Bank of $400 per day. In the event there were insufficient funds in that account, the attackers repeated the process on the next forged ATM card. This method was verified via the ATM surveillance cameras. In order to slow the attackers, the Bank suspended all ATM transactions city-wide in Anyplace, Florida, where the unauthorized transactions were occurring. The unauthorized transaction began again shortly afterward in Anywhere, California. ATM surveillance cameras and transaction reports confirmed the attacker at that location was using the same M.O. that was used in Florida.

The staff installed an automated webpage publishing program that would monitor the content of the customer login portal periodically and republish the original when the modified page was found. The stop-gap measure worked for a couple of hours until the attack frequency changed. At this is point, the Bank decided to seek outside help, and I was called.

Presented with these facts, I began to sift through the growing pile of logs, documents, and diagrams. As it stood, the source of the attack could be coming from the Internet but could also be internally based or backdoor method. Several infrastructural changes had been recently added, that had not been documented on the master diagram and was being updated on the fly. A modem bank resided on the network but was ruled out because it was disabled and used for vendor remote access. The diagram showed that VPN tunnels connected each branch back to corporate. There were only two connections to the Internet, a primary and alternate for DR purposes. The backup connection was verified as being inaccessible externally. The web server was segregated on a network apart from the corporate network and fed by a SQL server located within the corporate network. Once all the requested logs were collected, I started a Nessus scan on the internal network to help locate any possible servers, services, or undocumented communication devices that could be the source. Multitasking and efficiency is the name of the game.

The firewall logs did not show any signs of malicious traffic coming through. Review of the IDS logs did not provide any finger pointing either. The reason for this will be covered later. Additionally, the firewall configuration did not contain any "ANY" source/services rules or configuration error. The router logs did not provide any useful information. Doing any type of event correlation was beginning to look bleak. The IIS logs were the largest and took the longest to acquire because they had to be burned to disc. I started searching through the web server logs looking for any instance where the customer login portal page was requested. Due to its function the search returned several thousand entries. Buried deep within the thousands of entries was a HTTP request containing "xp_cmdshell." Utilizing this SQL Extended stored procedure function, a FTP GET request was made to a remote server which published the modified page on the web server. This had to be addressed but it did not explain why the firewall or IDS did not log or alert on it. The source IP address of that HTTP request came from the external interface of the firewall. A follow-up status meeting was called to realign the response focus.

I disclosed my findings to the staff and was informed that one of the undocumented infrastructure changes made was that IIS and SQL resided on the same server. The SQL server was moved to the web server based on a recommendation made by their own "security" person, whom I later found out was fired for hosting a porn server on the Bank's network. (Go figure.) Now that the method had been identified, the next step was to see how bad the configuration was and fix it.

Reviewing the permissions on the IIS/SQL server revealed a host of default permissions both with system security, IIS, and SQL. Oddly enough, the permissions on the IIS log directory were set appropriately. I can only guess that either the attackers could not access the logs, did not know how, or did not care. I was able to separate the web server and SQL server fairly quickly using a secure build document and security checklist. There were also some required coding changes made by their developers. Once everything looked good and tested out with both servers, I began investigating the mystery questions.

Why did the web server show the source address as the firewall when it was on a separate segment? Apparently the IIS server originally resided within the corporate network, and when it was moved, the table of the router was never updated. Traffic destined for the web server was forwarded to the firewall, which in turn forwarded it to the web server. It was one of those weird routing situations that you'd think wouldn't work, but it does. Long story short, was that the routing table was updated.

Why the IDS system did not alert on any of these attacks? The IDS system was implemented upstream between the firewall and the router, a choice location. However it was connected to a switch which did not support spanning. The staff incorrectly "proved" the IDS functionality by attacking the device directly. As a temporary solution to having a network tap, the switch was replaced with a hub until an upgraded solution could be implemented. It's not the cleanest of solutions, but it worked in the interim.

Why the firewall did not show any signs of this traffic? The firewall was not configured to log successful inbound connections. It did log successful outbound traffic and I was able to rule out the source of the attack originating from within the corporate network. Connection logging can fill log space on a device very quickly, and this was the case here. I mitigated this by configuring a remote syslog server for the firewall and router logs.

In summary, I located the source of the attacks later that day. It turned out be a compromised server in Sweden owned by an excavation company. I notified them of the intrusion and asked if they would look into it. I tracked down the source of the modified customer login portal page, which was located on one of those "free hosting" sites based in of Tennessee. I sent them a similar request. The Bank stated that they were not going to pursue the attackers even though they had video from the ATM machines and lost over $50,000. They felt that the negative PR was not worth it. Management also said they had been told by the local FBI office in so many words that unless it was over $100,000, the FBI really would not get involved. That statement was never verified.

This insecurity could have been identified more quickly if I had received the web server logs in the beginning, but that was the hand I was dealt at the time. Hindsight is always 20/20. On the days to follow, the attackers attempted the same exploit and many other variants, scans, and probes but were never successful. It would have been nice if, given the opportunity, to identify and catch this group. However, it did make for an interesting day, fighting the bad guys.

Have questions or would like to find out more information, visit: http://www.idgsecurity.com
Intrusion Defense Group, LLC. Copyright 2010

Shawn Guins
CISSP, EnCE