What are iptables?

iptables are used by system administrators in creating rules for packet filtering, as well as NAT modules. It might seem a little too weird for those who have not much experience on the command line but this is essential so that people would be able to make sure that they are secure, especially if they are connected. Sometimes you never know what’s going on in the background, right? But with tools like this, you’d manage.

There are different states of connection and the nice thing about iptables is that it monitors the state of the connection. It could do redirects and modify or stop data packets. Because of its ability to detect the state of the connection, it is considered as better compared to ipchains.

Making rules

The system administrator makes the rules for the iptables. These rules determine how to deal with network packets. They are grouped into chains.

a. filter table – For filtering packets, obviously.
b. nat table – This sets up how rewriting ports and packets.
c. mangle table – Does it sound terrible? Mangle? But as the name implies, there is some mangling involved because it adjusts packet options.

The thing about these chains, these rules is that the packets that go through these chains would be evaluated according to the rules.

As one of the people I know have told me, you must make sure that you check out the settings of your computer first. Before you even think about downloading anything, make sure you are not vulnerable to some attacks that could happen. Make sure that the important ports are closed and that you’re in stealth. Stay tuned for more IT security tips and news to help you in your everyday life.

In every office, you have to have some policies when it comes to sharing of files and downloading of files. Why? For one thing, those computers are the company’s resources. And it should be that during work hours, people ought to limit their downloads except for materials that are necessary for their work to get done.

How do you formulate your policies when it comes to these matters?

If you are working in a creative environment, anything could be used as your inspiration. That is why there are companies who allow surfing within office hours and it does not really matter what sites you visit. Although some of them do block some sites that are mainly of the personal nature like Friendster, My Space and other similar sites. There are also some that ban blogging services like Blogger. They would even issue memos regarding the matter.

If you work in a strictly confidential project, it would be difficult to try to make sure that nothing leaks out. If you are connected via the Internet, chances are your works could be intercepted in one way or another by hackers. So you have to be careful that you have firewall activated. As others would say, just block off everything except interoffice email.

Employees must be briefed carefully so that they will not be surprised in case they were surfing the ‘net one time and they find out that there are blocked sites. Also, you have to make sure you observe how the employees work. Those in the financial business would have to guard a lot of information. They would have to ensure that the employees understand the policies and that they would follow them in order to ensure that everything will be secure. After all, it is better to be safe than sorry. You would not want to lose your valuable clients.

Secode AB is a company that specializes in managed security services, or MSS. As a matter of fact, they have been at the forefront of this industry in Europe for many years. They’re known for providing high quality managed data center service, and earlier this month, another big player entered the playing field.

NTT Communications, which is definitely one of the most recognizable names in the world of technology, communication, management solutions, etc., has acquired Secode AB. The acquisition was announced earlier this month, although the exact terms have not been released to the public.

What is important is that northern European customers who have a great need for security services for data centers will be enjoying the benefits that both companies can offer. With all the resources of NTT backing Secode AB up, businesses operating in northern Europe can be more assured of 24/7 services to deal with the ever present security threats. Some areas that are covered include intrusion detection and prevention, log management, vulnerability analysis, data-loss prevention, anti-virus and anti-spam, managed VPN/firewall, and mobile security.

This development is sure to be welcomed with open arms by concerned parties all over Europe.  Current Secode SEO Trygve Reinertsen will continue to head the new subsidiary.

There are different ways of creating passwords for your computer and online accounts. It seems like these days, the usual six characters as length of passwords is not enough. There are sites that when you sign up and you give your desired password, they will let you know whether or not your password is strong. Most of the sites that have it even point out that it is better to have characters that are more than six characters long. For another, they usually recommend that you have numbers and letters in your password. Mixing up uppercase characters along with it is also recommended. Sounds tough, right? Because the the passwords would seem random or something like it.

Here are some tips from different people so that you could have more secure passwords that you could easily remember:
1. Use two words with six characters each.
If you have two words, you have a twelve character long password. But here’s the clincher. You have to make some funky code that you would be replacing some of the letters with numbers. So it could be that every two letter you could replace the letters with numbers that have some signifance or maybe some random numbers.
There are people would use the names of their pets and something else that is totally random and those are combined by mixing the letters, alternating each letter.
2. Use some other language and make a phrase. Then turn it into leet speak.
It is similar to the first suggestion. However this takes it a step further because it will involve other countries’ languages. It is as if you are writing code indeed.
3. Have around three sets of passwords.
Rotate among these three passwords that you have. And change your passwords every so often. At least this makes it more difficult for others to find you your passwords.

Blogs are popularly being read on RSS aggregators these days. That or via Atom feeds and recently, it has been said that attackers could use Javascript to take advantage of this. According to an article on USA Today, this could be any kind of information as long as it is in this format. In the said article, you could also find out the list of vulnerable readers: Bloglines, RSS Reader, RSS Owl, Feed Demon, and Sharp Reader.

This kind of news is actually not so new. Mark Pilgrim was one of the bloggers who has written about this before. He even set up an experiment of sorts, wherein subscribers to his blog feed saw a screen full of platypi. He has mentioned in his blog entry that the difficulty with RSS is that there is a lot of arbitrary HTML and it could include Javascript — it could be malicious Javascript as designed by some attackers. Mark Pilgrim even listen down the elements that should be stripped off by RSS readers, just to be safe:
script tags, embed tags, object tags, frameset tags, iframe tags, meta tags, link tags, style tags, style attributes from every tag.

If you are always subscribing to different blogs, forums and mailing lists through RSS, you should be careful about it. If there are comments RSS, you could also take precautionary measures by not subscribing to it. It is possible to get attacked through the RSS of comments. Aside from that, if you have set up your own personal aggregator, make sure that you have a ’smart’ aggregator which strips off the said tags. If you have an aggregator on your computer, check if it is vulnerable. Maybe you could install something else that isn’t prone to attacks via RSS. It is better to be secure after all.

While developers and security administrators have religiously searched for ways to find such solutions, the ever changing development of new threats coming from the Internet has been far from over. To date, even the well-protected workstations can still be penetrated by objects that are not immediately visible.

Internet fences in the form of firewalls and software protection templates have tried to stop such intrusions but need to be updated frequently to answer the related threats. Without such temporary fences that are up, workstations are sitting ducks waiting to be shot, and if web administrators are not up to date with the new threats, the fences used are good as gone once they occur.

The people who send you these emails are merely after your personal information. They would get information such as credit card numbers, bank accounts, and other useful information to which they can use over the web, an open space of being able to transact with a lot of security breaches that most people know today.

Some would even provide links to certain pages which are professionally done, all the more deceiving a person that the offer is for real. But the next time you get such e-mails from an unknown source, all you have to do is just think about it for a second. How can you get such mails from someone or something that you don’t even remember joining? The rest is history.

Worms such as Cabir, have become the onslaught of rampant mobile phone intrusions, something that uses the Bluetooth connectivity as a means of infecting mobile phones of today. Once they get through, malfunctions and error messages are sure to ensue, making it a need for the software systems of mobile phones of today to be either formatted or disinfected with available anti-virus and worm removers such as Panda Software.

Inconvenient as it may seem, it is advisable for mobile phone owners to refrain from activating their Bluetooth connections to avoid such infections and untoward intrusions at any time.

The best way to avoid such links is to refrain from clicking on links without prior notice from the actual user. While most people would rely heavily on the level of relationship that they would have with their online buddy, it is still best to double check and verify before proceeding on the site link.

Being infected is quite painful that it leads to even formatting the entire system. This holds true for people who are not aware or have the time to clean it manually and methodically. Hence, the best way is to be more cautious, especially when peculiar links are met.

Greg Schulz of Computerworld shared some guidelines of tape virtualization. Tape virtualization is one of the popular topics when it come to storage. Some of the said advantages of making virtual tape libraries would include improvement of the performance of the back up, archiving and other related processes and smooth transition (from tape-based to disk-based).

Here are the ten points he raised in his article:

1. Integration of VTL in your business continuity, conditions of your site/location.
2. Storage devices to be attached to the VTL.
3. Projected storage capacity needed in the future.
4. Backup, archiving, etc. software supported.
5. Support of differencing or single-instance repository capabilities.
6. Determine if you are looking for a turnkey solution.
7. Resiliency and redundancy needed.
8. Security level needed.
9. Tape device and library emulation for your environment.
10. Necessary changes to your current setup.

The questions he raised in his article really make you consider your needs and the conditions of your system. All these questions will help you evaluate if you would use virtualization. You cannot just decide right away if you will use VTL because it could affect your system in a major way.

It is always good to look at the possibilities before arriving at some decisions like this one. It is best to do a full study before you spend on it. One of the important things you also have to consider would be the people who would be in charge of this project in your company. Who will be the ones in charge of the study and the follow up in case you do push through with it. Your data will be at stake so it is better to be safe than sorry.