Brooksville Computer Network Solutions

In The 90's

Prior to being placed under contract to the NYS Department of Labor as a Consortium for Worker Education resource, I attempted to gain access to the NYS Library System's main computer to research some books I wanted from outside on the internet using a MODEM and using the library system phone number by by changing the last digit several times. I knew this would likely give me a MODEM line sooner or later. After finding the right number it only took me another day to access all library files including addresses, phone numbers, social security information, etc. belonging to every single person in the library system. Unbeknownst to me in my ignorance at that that time what I had actually accomplished was to successfully hack into the library system. What I was trying to do was make the connection work, which I thought was not working because I didn't have something configured right. I finally realized that through my tenacious trial and error trying get into the system to look up some books (so I wouldn't have to physically go the half mile to the Library itself) I had managed to bypass their firewall and security systems. It was at this point that I decided I would learn networking and went back to school for it full time. I graduated in 2000 and now provide security checks and services to businesses. Hackers and Phishers from China, North Korea, Africa, Hungary, Russia, Turkey, Italy and many more countries perform hack attempts in America daily. If and when your network is compromised you will not be informed. If and when more local common hackers steal your client list and their information you'll likely never know - until it's too late.

57 Point Network Security Check

White Hats, Grey Hats, Black Hats - are otherwise known as hackers: the Good, the Bad, and the Ugly. The greatest threat to any computer on the internet comes from the person at the keyboard sitting there installing something directly or indirectly with or without his or her full consent or knowledge.

Alternative Data Stream: http://www.howstuffworks.com can't tell you. The ADS is so complicated that most programmers do not understand how it works, therefore not many network engineers can tell you either. If you surprise one with the question and demand an immediate answer most won't even know that it exists and will make an excuse to "get back to you" (e.g. look it up and try to come up with some sort of an answer - absolutely no guarantee they will understand it or be able to defend your network against threats planted within it). BVCNS (Brooksville Computer Network Solutions) Curtis Technology will perform both a scan and removal of any and all rogue items within the ADS.
Root Kit Detection and Removal: Root kits install between your boot sequence and your operating system startup, placing your entire Windows operating system within the Root Kit's control. Normal detection isn't possible within windows, since Windows is now IN the Root Kit, not the other way around.
Router Port Configuration checkup: Every router class C network (the most common) provides for 254 IP addresses multiplied by 65,000 UDP and 65,000 TCP connections on each IP allowing for a total of 33,280,000 potential socket combinations for a network security breach.
System Services Check: Services are what run by default on your computer whether anyone is logged on or not, such as the ability the Print Queue giving you the ability to print, the themes which decorate Explorer (your toolbar, system tray, folders and start button etc.) and many others not so obvious to you unless they stop working. Major compromises to your system RELY on being able to run as services.

These points to the left are all things you can't even see and don't even know exist. Just like cancer, diabetes, high blood pressure, Alzheimer's, liver disease, brain tumors, pending strokes and heart attacks all happen under the surface without your awareness - your operating system and network have areas completely hidden to you. At this very moment your computer may be trafficking personal and business data from you to someone else over the internet. I have caught such unauthorized transfers in progress live three times in the past, shut them down, and prevented them from reoccurring.

You read about shady building contractors, shady roofing repair men, shady doctors, tree removal services, mechanics, government officials and just about every other available person supposedly there to give you service in the world. What makes you think your business information is secure from your trusty network installer / administrator? The likelihood is that at your level of knowledge, even if you are a "power user" you will never have a clue.

The most savvy attackers always include a means to remove evidence of their intrusion after the attack is completed and your data has been stolen.

Registry Hive Check: The CPU is at the heart of the computer hardware, the Registry (five hives) are at the core of your Windows operating system. They contain the controls to everything in every area of your computer operating system. Each of the five hives contain multiple thousands of entries. BVCNS is an expert in registry backup, restore, manipulation, adjustment and selected entry removal.

Hijack Check: Man in the Middle and Man in the Browser hijacks are most common. Even HTTPS sessions are able to be monitored through Man in the Middle attacks. You will still see the "https://" in Internet Explorer during the hijack - there goes your online banking security.

CLICK HERE TO READ THIS FULL REPORT: "While installing firewalls and antivirus software on your computer may keep it safe from conventional threats such as worms and viruses, these security tools do not inspect data downloaded through browsers - a loophole that attackers can exploit. 'The firewall is dead,' says Google security specialist Niels Provos.

...The sleazy side of the web has long been a place where people have been easily duped into downloading malicious programs for themselves. Lured to a site by spam and then promised pirated software or pornography, for example, visitors click on a link only to download a bot.

Now, though, even an ordinary website can be risky. At a meeting on botnets held last month in Cambridge, Massachusetts, Provos warned that many web users are becoming the victims of "drive-by" downloads of bots from innocent websites corrupted to exploit browser vulnerabilities. As firewalls allow free passage to code or programs downloaded through the browser, the bot is able to install itself on the PC. Anti-virus software kicks in at this point, but some bots avoid detection by immediately disabling it."

AND HERE TO READ A SECOND DESCRIPTION OF HOW THIS HAPPENS: Russians selling ''spyware for lamers'' kits for $15

Posted on March 25, 2006

Branded as WebAttacker, the script-kiddies' dream kit provides an overview and index to all the freeware and shareware spyware creation packages available on the Internet. The kit includes spam-sending techniques to lure victims to compromised Web sites and a number of applets and scripts that simplify the task of infecting computers.

Researchers at SophosLabs discovered the spyware kit on a Russian Web site run by self-professed spyware and adware developers. The kit is available for sale directly from the site, which even offers technical support to buyers.

AND HERE FOR SOME RESULTS AND FURTHER STUDY: This brings to question how secure is Internet? How secure are dedicated networks like e.g. Army, Navy or Air Force’s networks?

From a National Security point of view they are 100% insecure.

Automatic Updates do not protect your Microsoft Office software: If you have Microsoft Office products installed on your computer network you can go to the Microsoft Updates web site and have them scan your computer for missing security updates and determine that your computer is fully updated - and you will be sure that it is now safe. The truth is though that it is absolutely not updated. Special updates are required. BVCNS provides this Office Update security service as part of the 57 point security check.
Stealth software/viruses reside and hide in RAM: They are not found by spyware/adware/malware removal tools which only check for their existence on the hard drive. BVCNS checks RAM for stealth viruses, spyware and malware.
Key logger Check: One of the most important ways to steal your info is through logging of keystrokes: BVCNS checks the two separate areas where key loggers can be installed. Software designed to find key loggers is only able to detect their presence in one of those two areas.
Router Configuration: BVCNS will determine whether wired and wireless security is adequate, and whether or not an intruder may have compromised socket settings.
RAT's: Remote Access Trojans - commercial or otherwise: Your network may be overrun with RATs and you may not even be aware. Disguised as simple services in the background - most often running as replacements for HP, Dell, Compaq or other machine specific services, or disguised as printer services such as LEXMARK or HP. Some services are set as replacements for AOL services to run simultaneously with legitimate AOL software. These are extremely difficult to weed out or identify.
Password Security and Best Practices: Most people strongly resist the suggestion to use strong passwords consisting of random number and letters. Hackers employ software which loads any number of dictionary files including literary names, geographical names, and even foreign languages. These programs automatically attempt to log in to accounts at lightning speed again and again, using slight variations on each word (a number or two in front or in back of the word etc) and can crack an easy password in minutes. They do not require that the hacker be sitting at the computer becuase they run through the network.
Physical wiring is checked: compromised computers have been discovered on otherwise secure networks where an employee has installed his own MODEM at the office and hooked it up to a cellular card set to dial out to a second modem at a certain time. The phone dials out, connects to the computer at the other end and through this link a stronger direct link can be made from the office computer to the employee's home and files transferred. In cases where wiring exits the building and travels under crawl-spaces taps can be crimped allowing instant data capture of all network traffic which can be relayed to the recieving party using omnidirectional wireless transmission.

The bottom line is, your network needs to be audited by an independent party to verify security. Multiple levels of checks and ballances help insure that unidentified security gaps have not gone un-noticed and that no new gaps have appeared. Accidents do happen, weaknesses sometimes do go unnoticed - or suddenly appear.

Each computer has 65,000 ports (UDP and TCP) for each IP address it has - almost any of which can allow a hacker to gain access through your IP(s) and control over both your data and your operating systems. It's a fact of life though that for networks to function it is inevitable that at least some ports must be left open - thus there will always be new exploits. Ports which are secure today can become insecure tomorrow due to new hacker exploits of weaknesses in the trusted software you already use (which is why many times softwares offer automatic updates). Six months or a year after you have your network installed you cannot blame the company that installed it if it is no longer safe. Ongoing monitoring checkups using multiple tools such as protocol and process analyzers (among others) is therefore highly recommended.

Call Brooksville Computer Network Solutions at 352-232-1678.

Subscribe to HCCLANA

Powered by tech.groups.yahoo.com