Security Tutorial

How to be safe on Social Networking sites


During enjoying the social networking sites (Facebook, Twitter, Myspace) users should have to keep in mind about the security also. Based on careful uses and behavior pattern users can protecting their computer, money as well as their family and friends.

Beware of phishing messages:  Email phishing is becoming very common incident now-a-days.  Those types of e-mail pretending to be from someone you know and addressing you by your first name. It does not look like a spam message and it can trick you into revealing even more sensitive information. You have to correctly address such kinds of phishing attempt. Please do not click on any link in such types of email. We all need to use our email (both official and personal) account carefully.

Educate & Monitor:  Children and teenagers are very much fond of social networking sites (Facebook, Twitter, Myspace) and chat rooms (Messenger, Viber, skype). Those sites are especially attractive for them. Parents have to educate their children about safe online behavior and they need to take strong control and proactive measures to monitor their children’s online activity as always.

Never disclose too much Information: Every website provides different levels of privacy settings to control access to the users profile page and interaction among users. Banks, schools, doctor’s offices and retail companies all collect and store sensitive and/or financial information about their customers and employees. In some instances, this information is simply mishandled, either in an errant email or using sophisticated social engineering techniques or a misplaced storage device like a laptop or hard drive. Other times the data is stolen by hackers who penetrate servers with the specific purpose of obtaining private data. Using an identity theft protection service is the best way to protect personal information from being misused. Moreover, users should have to more careful to provide their personal information to any site or any organization or anybody else and they have to check the sites validation and certificates authority (CA) at first in this regard before disclosing their information.


How to Access Secure Websites


At first Re-register the Internet Explorer Files → Start → Run → Type  “%ProgramFiles%”\Internet Explorer\iexplorer.exe /rereg.

OR

Start → Run → Type “regsvr32 softpub.dll” and wait for the ok message;  then try again.

After that, click manage add-ons button,   Start →   Control panel → Internet options → Programs → Manage Add-ons →
111Remember to delete all cookies, all damaged & unknown plug-ins, clear SSL state, put defaults in advanced tab and disable all “manage add-ons” in programs tab.


How to bypass an Internet filter with Tor


Tor (original software project name is The Onion Router) is free software for enabling anonymous communication. Through Tor browser bundle it is possible to bypass any internet filter or internet firewall. Below steps shows how to install and configure Tor browser in the local machine and surf internet bypassing the internet filter.

  1. At first install any browser (Mozilla Firefox, Internet Explorer, Opera, Chrome browser) in the local machine.
  2. Go to the Tor Project Website and download and extract the Tor Browser Bundle into the local computer. Download the different OS version as per the user requirement; either Windows or Linux.
  3. After that, Download and install the Tor Browser in the local machine. If the version works successfully in the machine, then launch the Tor Bundle and check whether browser shows it is connected via the Tor network. If yes, then job done successfully otherwise need to check whether internal firewall rules stop Tor browser to works. If Tor works successfully then after user may re-check this by going to about:tor or torproject.org.
  4. Now insert an USB drive into the local computer. Then, copy the Tor Browser folder (which either be installed in the desktop or elsewhere user saved it in step 2) and paste it into the USB drive.
  5. Now take the USB drive in the desired location; like public internet space, library, internet cafe etc. Plug in the USB drive and open it up. Double-click the “Start Tor Browser“-icon and wait for the Tor Browser to start.
  6. If the browser starts as normal and displays the same text as it did in step 3, then it can concluded that, user’s now connected through Tor and ready to browse any website as necessity by bypassing internet filter.

Before proceeding this, user’s should have to know whether they are breaking any rules by bypassing the internet filter. Bypassing an internet filter may be against the policy of organization owns the computer/router/internet connection they are using.


User Access Control by ports (through Firewall)


Ports are virtual access points for software to convey over a system and network and are a standard component of every operating system. Few ports must be open to support normal business functions; however, unnecessary open ports provide ways for attackers to get access to an organization’s system, especially those that been left open to the Internet unintentionally.

  • Check and keep only those ports which usually need to remain open and active; elsewhere close other unused ports with firewall software and hardware.
  • Check whether the data is in protected mode while in transit, such as using SSL and TLS encryption.
  • Configure firewall rules to limit access to those users only, which only needs accessed of any particular services.
  • Configure firewall to keep ports open to the Internet that need to be used by the organization’s global audience and must have close rest of ports.
  • If the port of the service is not known, find the port numbers for the mission-critical services by referencing the application’s configuration and support material or searching for those software and service names at IANA’s Service Name Registry.

Security tips and tricks for Consumers


There are many steps that consumers and end users can take to protect themselves. Few recommendations about security tips and tricks for the consumers are given below:

Secure yourself at first: Security and awareness should come from the end users at first. During the using of internet end user should have to check that antivirus have installed and updated properly in their local machine. They also make sure that their Local PC’s firewall settings, browser cookies settings are in active state.

Think before you click: Before clicking any email attachment at first make sure that this email and attachment has come from the right sources. Opening the wrong attachment can introduce malware into the system as well as infected the system. In that case, unless trusting the sender, never view or open any email attachments.

Provide shield in your own data:  It is need to be careful during provide the personal data (login information, birth date, pet names etc.) in online especially any social network site or professional networking sites or any e-commerce site. The information that share online puts the end users at risk for social engineering attacks.

Always use strong passwords:  Always use strong and unique passwords for any accounts.  Password shall be combination of at least three of stated criteria like uppercase, lowercase, special characters and numbers.  It is necessary to change passwords in a frequent manner like every three months and obviously never reuse the passwords.

Never install free ware version software: Versions of software that claim to be free, cracked or pirated can expose the end users to malware. So, need to be careful in that case.