security software is the lock on your PC’s front door, but you can also make that door less attractive to crooks.

Let’s talk about security hacks, simple yet clever ways to protect yourself and your PC that cost little or nothing. Here are my fve favorites. It should go without saying that none of these can replace good, up-to-date antivirus and firewall protection, but they can make stealing your system or data difficult or unappealing.

It’s simple, yet surprisingly effective: Remove the keyboard and mouse. It’s highly unlikely that a snoop will carry an extra keyboard and mouse with him. This will slow someone down but is far from foolproof, and it should go without saying that every computer should be physically locked to a sturdy object and secured behind a strong password.

To protect from pod-slurping (the connecting of an unauthorized USB device and its use to steal data), disable your USB ports. Or and we borrowed this one directly from the U.S. military epoxy over the USB ports. Too permanent? A slightly more elegant solution is to open the PC case and disconnect (or cut) the wires running from the motherboard to the USB ports.

Traveling with a laptop? Try not to advertise that you’re carrying a valuable piece of equipment: Use a computer bag that doesn’t look like a computer bag, or use a neoprene sleeve inside a regular backpack. If you nap at the airport, wrap
the shoulder strap around your arm or leg so you’ll be alerted if someone tries to walk away with your bag.

Here’s an easy way to hide your Windows PC on a network while maintaining access to network resources. (This also works when you want stealth but still want to let others access your shared resources.) At the command prompt, type

Net confg server /hidden:yes

Now you’re still a member of your network neighbourhood, but your PC won’t show up when others browse for it. Make sure your software firewall is turned on, and block incoming ICMP traffic. This will prevent a network intruder from scanning for your PC using a ping sweep.

Once you are hidden on the network, you can spend some time trying to figure out who, if anyone, is connecting to your PC and to whom your PC is connecting. To accomplish this, you’ll use the command-line tool Netstat and the Task Manager. Get to the command prompt and type

netstat –ao

A bunch of info will by on your screen listing the type of connection, the IP addresses of remote hosts, the protocols,
and the process identifer, or PID. If there is something here you don’t recognize, write down the PID. Now, open the Task Manager and add the PID column by opening the View menu and clicking on Select Columns. Check the box next to PID. Now match the PID from Netstat and the PID from Task Manager to learn which applications are holding which ports open. A well-secured machine should have ports open only for authorized apps.

5. One last idea: Enabling secure logon in Windows XP and Vista will protect your system from malware that attempts to impersonate a log-on screen to steal system passwords. This forces anyone trying to log on to press Ctrl-Alt-Del frst. In
Windows Vista, open the Run command, type netplwiz, and click Continue when prompted by User Account Control. In the Advanced User Account window, click the Advanced tab, then select the box that says Require users to press Ctrl-Alt-Delete. In Windows XP, go to the Control Panel’s User Accounts applet. In the Advanced User Account window, click the Advanced tab, then select the box that says Require users to press Ctrl-Alt-Delete.

If you ever find yourself in need of a decently robust and full-featured firewall but your budget is approaching zero, I have just the solution for you.

SmoothWall Express 3.0 is an open-source, security-hardened GNU/Linux firewall. With minimal hardware requirements and a small footprint, it should work with nearly any Pentium-class PC that has at least 128MB of RAM and a hard disk of 2GB or
greater. You should have at least two network cards installed or basic use, three or more if you want to incorporate a wireless network or to have a DMZ (a demilitarized zone, or a host that serves as a buffer between your private network and the outside). Keep in mind, though, that your firewall’s reliability is limited by the hardware on which you install it.

Installing SmoothWall
Don’t worry if you don’t know much about Linux. Though the geeky can get down and dirty at the command line, Smooth
Wall is easy to install and configure. It’s meant to be managed via an integrated Web interface, as well. To install, first download the 81MB ISO file and burn it to a CD. If you need disk-burning software, try ImgBurn.

Boot to the CD and run the installer, which will wipe the hard disk before it installs. Accepting the installer’s defaults a good start. The first “hard” question involves the security policy for outgoing requests. The default is Half-Open, which permits outgoing traffic except for any hat is potentially harmful. You may also choose Open, which doesn’t limit outgoing traffic, or closed, which requires that configure what traffic is permitted.

You then need to configure your network interfaces, which will be labelled Green, Red, Orange, or Purple. The Green interface is your trusted LAN. Red is the evil and dangerous Internet. Orange is your DMZ, and Purple is your wireless LAN.

Next you select which network card to ssign to each role. SmoothWall will probe for and detect most cards. You’ll need to specify IP configuration, and optionally the DNS and gateway settings. You may also configure Web proxy, ISDN, ADSL, and
DHCP. Lastly, you need to set a Web-interface password and a root password for command-line access.

You’re done with setup. From here you an leave your “Smoothie” as is, and it behaves as a fully functional firewall. However, you can configure the most inepth features only through the Web interface. Point your browser to https://SmoothWallGreenAddress:441 and enter the admin password you made earlier.

For a free product, SmoothWall is remarkably full featured, including proxy servers, IDS, logging, traffic graphs, DHCP, VPN, dynamic DNS, port forwarding, server health, and access control. It also provides an interface for backing up and restoring your configuration, so when your Pentium II PC kicks the bucket, you can get SmoothWall up and running again.

SmoothWall Express is limited to a single CPU and 1GB of RAM, but that’s not likely to be an issue for even a network with a couple hundred users. The real imitation is the lack of support: While you can consult the robust user community, you’re mostly on your own. Of course, The commercial arm of SmoothWall sells paid and supported products, too.

Once thought safe, the WPA standard used by countless wireless routers has been revealed to be vulnerable- but only in theory, for now.

Security researchers say they’ve developed a way to partially crack the Wi-Fi Protected Access (WPA) encryption standard that is used to safeguard data on many wireless networks.

Researcher Erik Tews was to demonstrate the attack at the PacSec conference in Tokyo in mid-November. Cracking WPA encryption could be exploited to read data being sent from a router to a laptop, or to send bogus information to a client connected to the router.

Tews and coresearcher Martin Beck found a way to break the Temporal Key Integrity Protocol (TKIP) key, which WPA uses, in a relatively short 12 to 15 minutes, says Dragos Ruiu, the PacSec conference’s organizer.

In this particular attack, however, they have not managed to crack the encryption keys used to secure data sent from the PC to the router.

WPA, widely used on today’s Wi-Fi networks, is considered superior to the original WEP (Wired Equivalent Privacy) standard, which most security professionals now deem insecure. Retail store chain T.J. Maxx was in the process of upgrading from WEP to WPA encryption when it experienced one of the most widely publicized data breaches in United States history, in which hundreds of millions of credit card numbers were stolen over a two-year period. The new WPA2 standard is considered safe from the recently developed attack.

“Everybody has been saying, ‘Go to WPA because WEP is broken,’” Ruiu says. “This is a break in WPA.”

If WPA is significantly compromised, it would be a blow for business customers who have been increasingly adopting it, says Sri Sundaralingam, vice president of product management with wireless network security vendor AirTight Networks. Although customers can use other Wi-Fi technology such as WP A2 or virtual private network software that will protect them from this attack, many devices will still connect to the network via WPA, or even by way of the thoroughly cracked WEP standard, he says.

Click for more details:

EULAlyzer
Wonder what you’re agreeing to when you click I Accept? Don’t worry; just drag EULAlyzer’s target icon onto the EULA for a quick report on any troublesome language.

Hotspot Shield
Create an instant virtual private network (VPN) tunnel between your laptop and the router at any Wi-Fi hot spot to protect your data from snoops on the public airwaves, even if you are using extra encryption. If you’re on a network that limits the use of certain applications, such as Skype, the VPN could give you unfettered access. It even works with your wired connection for an extra layer of security.
Web Site: www.anchorfree.com

Kruptos 2
Kruptos makes a file accessible only to someone who knows the password; it includes a file shredder.
Web Site: www.kruptos2.co.uk

PC Flank
While ShieldsUP! tests your firewall’s ability to stealth all ports, PC Flank performs surgical strikes that emulate specific malware attacks to verify that your firewall blocks them.
WebSite: www.pcflank.com

SendShield
This Outlook add-on strips out extra info and tracked changes in Word documents attached to messages.
Website: www.sendshield.com

When you connect to the Internet through a wireless access point, you are using radio transmitters to send data between the access point and your computer. Anybody else with a Wi-Fi–enabled computer or a specialized radio receiver can also receive those signals. Unless you protect your Wi-Fi network, anybody with a Wi-Fi network interface can use it to connect to the Internet and possibly open files on your own computers.

In many neighborhoods and business districts, as many as a dozen or more different Wi-Fi signals are floating around. Most of my neighbors have turned on their access points’ security features, so it’s a lot more difficult to grab an unauthorized connection from any of them than to break into a network through an unsecured access point.

There are methods out there for cracking Wi-Fi encryption, but most intruders look for an unsecured network rather than taking the time to break through encryption. However, no wireless network is totally secure without additional tools, so your best defense is to make your wireless network more secure and more difficult to crack than the one across the street.

Most Wi-Fi access points support two types of security: encryption and access control. The exact procedure for turning on these features is different for each make and model of access point, so you have to consult the manual supplied with your access point to learn how to set them for your network.

When you install a Wi-Fi access point, remember to use a network SSID name that doesn’t tell a snooper who you are, and to turn off SSID broadcast. And don’t forget to change the access point’s default password, which is widely known, and often the same on hundreds of thousands of units. The manual supplied with your access point or base station contains the specific instructions for making these changes.

Read more on Internet Safety Book

Wi-Fi encryption uses the same key code on the access point and on each client computer to provide access to encrypted data. To add a key code to a Wi-Fi connection profile in Windows, follow these steps:

1. From the Control Panel or the system tray, open the Wireless Network Connection Properties window and choose the Wireless Networks tab.

2. Find the name of the network in the list of Preferred networks and click the Properties button.

3. Open the drop-down Data encryption menu and choose WEP or WPA. If the program offers you a choice of key lengths, choose the longest possible number of digits.

4. Type the same network key that you used to set up encryption on your access point in both network key fields.

5. Click the OK buttons in both open Properties windows to save your settings and close the windows.

You configure security on a wireless network by managing the properties for that wireless network connection. The pros, cons, and details of these various security methods are beyond the scope of this book; what is important is that you know how to configure Windows Vista to match the corresponding settings in use on your network. Managing wireless connection is done via the Manage Wireless Networks applet, which is available, like all other network applets in Windows Vista, via the Network and Sharing Center. To open the Manage Wireless Networks applet, first launch the Network and Sharing Center and then select Manage Wireless Networks from the task list on the left side of the screen.

Right-clicking on an available wireless network connection and selecting Properties opens the Wireless Network properties dialog box. To configure wireless security, select the Security tab. Depending on the type of security and encryption in use, you will see different options on this tab.

Wired Equivalent Privacy
WEP is part of the 802.11 standard and is a means of securing a wireless network. The purpose of WEP is to make the communication between the computer’s NIC and the access point more secure than that of a standard radio broadcast. If the access point you are connecting to is using WEP, you need to configure Windows Vista for WEP and provide the correct security key and key index. To do so, open the Manage Wireless Networks applet from the Network and Sharing Center, right-click the network you want to set up, select Properties, and then select the Security tab. To configure WEP, set Security Type to Shared and select WEP as the Encryption Type. Doing so displays the WEP options.

WEP encryption uses a shared key encryption; that is, you have to enter the same key in the access point and on the wireless client. On an access point, you can enter up to four different keys, only one of which is used to secure the wireless connection. That is the purpose of the Key Index setting; it tells Windows Vista which key you have entered. If you correctly match both pieces of information in Windows Vista to that of the access point, you will be able to connect to the wireless network.

The problem with WEP is that it’s weak. There are numerous, free programs available on the Internet that can crack your WEP encryption in less than 60 seconds, allowing unauthorized users access to your network. Does that mean WEP is useless? It’s like the old saying, locks only stop honest criminals. If you use WEP, a casual user who stumbles across your wireless network probably won’t take the time to hack you. On the other hand, if a malicious user wants into your network, WEP will not stop them from achieving this goal.

Wi-Fi Protected Access
To address the weakness of WEP security, the Wi-Fi Alliance introduced a new wireless security standard called Wi-Fi Protected Access (WPA). If you use WPA, your wireless networks are much less susceptible to hacking. Two types of WPA are available: WPA-Personal and WPA-Enterprise. With WPA-Personal you need to specify a password, on both the access point and the NIC to secure the communication. This password should be long, at least 20 characters, and contain a mix of upper and lowercase letters, numbers, and special characters. Again, as long as the settings on the access point and Windows Vista match, you will be able to communicate wirelessly.

WPA-Enterprise is a bit more complicated. In order to implement the enterprise flavor of WPA, you need a Remote Authentication Dial-In User Service (RADIUS) server to authenticate your users. Using a RADIUS server also enables you to use smart cards for user authentication. Smart cards add an extra layer of security since that requires you have a physical card and know a password to access the wireless network. This is a solution appropriate only for larger businesses because of its expense and complexity.

There are several bootable Linux distributions that come prepackaged with the correct drivers and software necessary for wireless and wired network sniffing. All of these include Kismet and Ethereal or Wireshark. Below are some that are available and free:

Backtrack
Backtrack is the result of two highly respected bootable penetration toolsets combining their efforts toward one unified bootable CDROM. For additional information, go to www.remoteexploit.org

Professional Hacker’s Linux Assault Kit (Phlack)
Includes many security tools and wireless auditing and scanning software. For additional information, go to www.phlak.org.

Knoppix Security Tools Distribution (Knoppix-STD)
A general-purpose collection of security tools on a bootable Linux image. For additional information, go to www.s-t-d.org.

The proper combination of hardware, software, and drivers will enable you to effectively sniff wireless networking traffic.The following tools may be helpful:

Netstumbler
Netstumbler is more of a network scanner than a network sniffing tool, but is useful for listing networks detectable from your location. Netstumbler is an active network scanner that sends out probes that are detectable by others. It can be downloaded for free from www.netstumbler.org.

Kismet
Kismet is an open-source, free, wireless network scanner and vulnerability detector, that keeps track of wireless clients and their network associations. Unlike other scanners, it is a completely passive network scanner, and can be downloaded from www.kismetwireless.net.

Wireshark
Wireshark has a number of dissectors for wireless management traffic; however, it does not track by Service Set Identifier (SSID), nor does it show signal

CommView for WiFi
CommView for WiFi is a commercial wireless network monitor and scanner that can export in tcpdump format, which Wireshark imports and reads easily. CommView for WiFi can be downloaded from www.tamos.com/products/commwifi/

From the airport, to the coffee shop, to the library, to your next door neighbor, wireless networks are all around us; therefore, wireless security is a serious concern.There are historical weaknesses in security protocols, because intruders no longer need to be inside a building to attack an internal network.

A wireless network is still a network, however, and with a few exceptions maps well to the Ethernet and OSI models.

Hardware Requirements
While most Ethernet cards are capable of packet sniffing in promiscuous mode, many wireless chipsets cannot use monitor mode, which is the wireless equivalent of promiscuous mode. Complicating the situation is that wireless card manufacturers do not generally list the chipset that they use in a readily available form.Also, chipsets can vary within model families. It is best to select the software you want to use, and then identify which chipsets and specific manufacturer’s model numbers work best with the specific drivers necessary for the software to function.

Here are some general guidelines on chipset compatibility:
Atheros
This chipset is compatible with most software and widely available in a number of adapters.

Prism2
This chipset is one of the most capable used with the Host AP drivers. Not only is it supported by most software, it can also run in an AP mode.

Orinoco
One of the first chipsets that supported monitor mode. Supported by most software. Cannot receive 802.11g traffic.

Broadcom
There is no native support in Linux for this chipset. With included drivers, tools such as Kismet do not function with it.You may be able to use Windows drivers through a Network Driver Interface Specification (NDIS) compatibility wrapper such as the commercial DriverLoader, which can be downloaded from www.linuxant.com/driverloader.