Tips to use Email

I welcome all my readers in my second blog. I will start this blog with a small story. One of my friends is looking for a job and every week he has to attend interview sometimes in the city and sometimes outside the city and it’s really difficult for him to carry all the documents with him. It has become more difficult because each company has its own requirements, few wants education certificate, few wants personal documents too and few company has other requirements, so it is really difficult for him to carry all his documents with him everywhere so he decided to keep all his document's scan copy in his email inbox and he takes print out of whatever documents he required. This is a very easy and effective way to carry documents anywhere without any physical file.

But just think what will happen when some unauthorized person has access of your email. It may go worst than our expectation; an unauthorized person can see your data, your education qualification, your contact details, passport details and many more. How can we protect our email from such an unauthorized access, we are going to discuss it today. I will give you basic idea to protect your device or email from an unauthorized person. 

Create your email password strong:

A strong password protects your email from Brute-Force attack (I will write a separate blog for Brute-Force attack), We suppose to use upper case, lower case, numbers and special characters in our password together to avoid someone from guessing our password, never use your name, date of birth or mobile number as your password because it can be easily guessed by anyone.

(i) Use Multi factor Authentication:

It is an authentication method in which user has to pass more than one authentication to complete any task. Nowadays all banks transaction systems has adopted this method but when we talk about the general public I saw only few people who use this technology to protect his/ her email or personal device.

(ii) How Multi factor Authentication works:

Take an example when you enter your ATM card in the ATM machine you cannot withdraw the money just by entering your ATM card you need to enter your ATM PIN also to do any transaction this is an example of 2 factor Authentication because it has two layers of protection, one is ATM card and the other is ATM PIN  similarly, we have one more example and that is OTP ( one time Password ) when we do any online transaction by net banking we have to enter our password to login and then we have to enter OTP also to complete the transaction, similarly we can do 2 steps verification in our mail also. I will share a good example of Gmail here because it is used by many people and very common in general public. In Gmail we have option for Voice or Text Message so, whenever anyone will try to login in the Gmail account it will send a text or voice message on phone and we have to enter that to login in Gmail account.

(iii) Never share your password with anyone:

I was travelling in a taxi and the taxi driver requested me to reset his Paytm password because he was not much educated and he did not know how to use that application, nowadays people are using data much more and they had started using many money transfer application but they do not know how to use that. It's very common to share password with friends and relatives.

(iv) Do not use same password everywhere:

This is the common mistake I find with people they use same passwords for all application. They use same password for computer login, emails and for banks also and they share the password with friends without knowing that they are sharing passwords of all his application. All security applications, software and tools are useless if someone knows your password so we need to think about it. 

  

 Public Place email access (Use of public Wi-Fi or computer)

Today internet is available everywhere in the metro cities, railway stations, airports, etc. and it’s very common practice to use public internet to check ticket details when we are travelling, watching your favorite shows online, when we are waiting for someone or while waiting for flight, and to save our data we use free public Wi-Fi which is not a good practice, we do not know who manage it and since it’s for common purpose and many people use same network and subnet so it’s easy for an unauthorized person to access your phone from the same network.

(i) Look over your shoulder

Generally people don’t think much on small things which might come out like a disaster, when we use our PC or mobile at public place we don’t see what other people are doing around.  Suppose you are entering the password and someone saw that from your back side, in such case he can login in your email, so we have to be careful whenever we enter our password. Always check behind your shoulder is there anyone looking at your device (phone, PC)

Use VPN:

This is something that people use mostly in companies, but we can protect our computer or emails by using it, it provides a virtual private network so, other people need permission to enter in your network, apart from this we can avoid extra unwanted ads while browsing, we can access 

out home network from anywhere or public internet more effectively and securely with the help of VPN.

Use internet carefully:

We use internet but only few of us check the links that we open, we suppose to open only those links which are secured, and the best method to know about it is to see at the URL: if it is HTTPS then it is secured and if it is without “s” ( HTTP) then it is not secured so please try to use those websites which are secured and which starts with HTTPS.

 (i) Don’t click on any link in the email if you are not sure

Clicking on any link can put you in trouble, because you can allow someone to encrypt your data, or you can give permission to install any software in background which can be a spyware. Do not click on any link or attachment if it is not from an authorized person.

Fake call or email:

Few days back a person called my brother on behalf of Paytm, and told that he will help him in KYC process, since my brother is not from technical background he was not able to understand the process then that guy shared my brothers mobile screen by using team viewer ( A software used to share the screen of computer with other person) and he saw his user ID, password, bank details everything and my brother did not even noticed it and after that, that person tried to login in his email and bank account.

Like this you may get an email or call for technical support or for a lucky draw, always be careful and contact police cyber sell for such issue.

Use antivirus:

Always use antivirus in your phone and laptop, it will protect your device from unauthorized access and apart from this there is many other benefits of using antivirus and we suppose to use it every time.

Always update your operating system and other software in your device 

We suppose to update our operating systems as well as all the software that we use in our device, because whenever a company find any malware or any security related issue in its products they issue a new patch or issue a new updated version of that software which will help to protect our device, avoid to use free or unwanted software or websites that is not from an authorized source.

I hope the above information will help my readers to protect his/her computer from an unauthorized access, Please share it with your friends and put your questions related to this post, suggestions and advice are most welcome.  

Conficker and Rogue System Detection

This is my first blog and my aim is to share real time experience of cyber security experts, I will try to cover famous cyber-attacks and how a cyber expert protects its environment from different types of attacks, apart from these I will try to cover tutorial related to different technology and tools related to cyber security.

And today I will start my blog with a very famous attack that was first detected in November 2008, it affected government organization, private sector and also on home computers in over 190 countries, which is making it the largest known computer worm infection since 2003, if you are a cyber expert than you are guessing right, I am talking about Conficker, it targeted Microsoft Windows operating systems, it came in picture in 2008 at first time, in 2011 Ukrainian police arrested Mikael sallnert, and he got 48 months prison punishment.

How Conficker affect your machine ?

It uses dictionary attacks on administrator passwords propagate while forming a botnet, it execute arbitrary code via a crafted RPC request that triggers a buffer overflow during canonicalizati. Conficker will copy itself with a random name into the system directory %systemroot%\system32 and register itself as a service. It tries to get IP address of the machine

Then it set up a small http server in the machine after that it scan for other infected machine when a target is found, the infected machine URL will be sent to the target as the payload. The remote computer then downloads the word and start infecting other machine.

We need to understand why such attacks takes place, how it enters in any environment, and one of the main reason is unmanaged machines in your environment, the Rogues machines may help the attacker to target your environment.

                                   

What is Rogue machine?

An unprotected system, known as rogue system, if antivirus is not installed in the machine or it is not following the security policy it may come under Rogue machine.

How we can protect our environment?

We can protect our environment by using antivirus, but what if any machine do not have antivirus in such case it’s very difficult to find those machine which do not have antivirus.

Let’s take an example of a car manufacturing company: In this business it has different business units like manufacturing unit, designing unit, dealer unit and show rooms, A car company directly manage manufacturing unit and designing unit but it does not manage show rooms directly and its difficult to check its clients (Dealer) computer security status, due to business requirements dealer can also access company network and since company do not manage dealer computer so it’s a big risk that an attacker first target the dealer’s computer (which is not secure or in which antivirus is not installed)  and then it can attack manufacturing unit. To protect from such attack we need to govern all machines of our network no matter it is managed by us or not, and here the role of Rogue System Detection comes.

How Rogue System Detection works?

We need to install Rogues Systems detection sensor in our network we can use DHCP server for it.

It detects all the machine which belongs to that subnet, it detect all laptops, desktops, IP phone, Printer etc. and send that information to endpoint management tool ( from where cyber experts manage cyber security related products)

It uses Winpcap to detect system in network; it also uses ARP and DHCP protocol to listen other network traffic.

Rogue censor sends information of the entire machine to antivirus management tool, where the antivirus management tool filter what are rogues systems among them.   

We can put the device like printer or IP phone in exception list to avoid that, we can block few machine as per our requirement.  

So like this we can manage rogues machine of our environment, and we can protect our environment from unmanaged machine and we can protect our network environment from attacks like Conficker.