Security awareness

Intro to Cyber Security Awareness

Section 1 – Welcome to Cyber Self-Defense

The internet is a wild world, and the only defense for anybody is awareness. Everybody who has a device with access to the internet, which is just about everybody, needs to be following some best practices with their devices. My 6 year old has a laptop, a desktop, 2 iPads, and an old cell phone. Think of all the damage that can be done with those devices. Seriously? Yes! And I’m not talking about seriously potential damage, but seriously she has all that stuff – ridiculous. I keep her devices segregated from mine, because I don’t want anything she’s got going on to affect me. So, no I’m not telling you to lecture your 6 year olds about cyber security, they don’t care.

What you do need to understand, is the impact you can have on yourself, and others, when accessing the internet. There are many unknown threats out there, and this post is going to educate you on what threats there are, the following posts will be about how to protect yourself from those threats.

What are they looking for?

Who are “they”? The attackers of course. They want all kinds of data about your business, data about your customers, personal data, bank info, medical records, personal ID info, any intellectual property they can get their hands on! It needs to stop, and who better than you to stop it. You’re not a super hero, or a super hacker, I don’t think anyways – but you are super caring if you found yourself reading this. You are the number one defense, and those around you.

What needs to be protected?

We talked about who, now it’s time for what. What are we even protecting? Well let’s make a list:

  • Confidentiality
  • Integrity
  • Availability

That’s “CIA”. Confidentiality, integrity, and availability. Let’s define all of those in short form:

Confidentiality

Protecting data about workers, and about the business

Integrity

Protecting data from being corrupted, and staying accurate

Availability

Protecting the ability to access data at all times

Who is helping protect you?

Do you think anybody is out there protecting you? If you say no, you’re wrong. There are many things in place that protect your data, and they work well, but nothing is perfect. Let me reiterate that you are the best defense for personal, and business, data. What’s best for your personal data, is also best for the business – Why? Because if your personal devices are infected, there’s potential for that to spread to your business as well.

IT Support may also be protecting you, if your company has a IT department, or an outsourced IT support company. A constantly evolving security structure protects you from unknown attacks, even if you don’t notice it. There are people employed whose only purpose is protecting our companies from attacks!

Microsoft! Shazam! They’re protecting you? Little old you? F yes they are! They deploy massive updates, monitor constantly changing threats, filter emails for malware and phishing, encrypt data on your local hard drive, and provide a “security onion” that constantly monitors network activity in your business. And no, I don’t mean security onion by lingo so boring that it burns your eyes, there are literally layers of security defending networks that you don’t know about. A frickin onion with laser beams on it’s frickin head.

Security layers

Weaknesses

Humans are the weakest link, but are also the best defense! You can spot when something is wrong, and report it. If you’re not sure who to report it to, we’ll go over that in another post. It’s easy to tell when somethings wrong, is there an error that keeps popping up, an unusually slow program, you machine is unusually slow, or your antivirus keeps bugging you? It’s probably an issue that should be resolved.

New weaknesses are constantly discovered, literally daily, and old weaknesses are not being prevented if you’re not updating your computer regularly. So quit turning off windows update! Update that thing! A lot of people don’t care about these types of things, until they are attacked, then it’s too late. That’s some people’s starting point, but you should be proactive and start before it’s too late.

 

Who are the attackers?

Script Kiddies

Inexperienced hacker, who uses prebuilt tools to hack for fun

Black Hat Hackers

An attacker with malicious intent

Hacktivists

A person who uses hacking as a form of activism, like an anti-pipeline protestor, an anti-democratic party, or someone who just wants to leave their mark

Disgruntled Employees or Friends

Just there to cause some trouble because they’re crabby

Attack types

Vulnerabilities

Leaving your computer unlocked, your phone laying around, sharing passwords

Exploits

A weakness in software you use, that allows attackers to write a hack to break in or trick your computer to do something

Malware

A tool that allows hackers to achieve what they’re trying to do, normally bundled with a “safe” file

Social Engineering

Phishing targeting you, or phishing via mass emails/text/phone calls, or verbal communication that tricks you into giving up information, or talks you in to visiting a malicious site

Conclusion

There are literally millions of ways you can be compromised, and that’s terrifying! For me it is anyways, maybe you don’t even care. If you don’t care, you probably wouldn’t have made it to the conclusion though. Feel free to ask questions, if you need clarity, or let me know if there’s an attack type that I haven’t covered here, or just things that people should be aware of.

Budget Internet Security Gateway for Home and Small Business

Internet security is becoming increasingly important, in our quickly growing world of technology. You definitely want to keep your data safe from people on the internet with malicious intent. This is especially important for outward facing networks, and networks allowing users to freely browse any sites. The intent of this write-up is to provide guidance for those curious about network security, and how you can lock down your network from attackers outside, and inside, your network.

The following build is going to provide the security necessary to allow you to monitor usage, watch for incoming malicious attacks, monitor data flowing through for potentially malicious softwares being downloaded, bandwidth usage, mitigate DDoS attacks, and use one workstation/desktop as a router. All of these things will happen on one computer, and I’ll walk you through the things necessary to implement each of these features. This post will provide information about the build, upcoming posts, over the next week(ish), will provide additional information about how exactly you can implement each of these services. Additionally, I’ll teach you how to set up a web interface for each of these services, so you can manage everything in one place without having to remote in to the machine.

The build

Recommended ComputerAdamant Desktop

This computer will provide the necessary performance needed to perform all of these tasks, without running into any bottlenecks in performance. A substitute for this machine is this computer, it’s the same setup without the GTX 1070(not required).

Adamant Mini Desktop

Recommended Operating System – CentOs

This is the operating system I will be using during this whole walkthrough. I’ve always preferred CentOs, as RedHat Enterprise Linux is based off of community contributions to this OS. You will be able to use other operating systems, but the commands will be different when using others.

Intrusion Detection – Snort and ntopng

Snort will monitor the network for potential threats, this includes viruses that are in files being downloaded. It can be a replacement for antivirus software, but it’s not recommended. I would use this as a replacement for antivirus, when you don’t have control over what users are installing on their machines.

ntopng will analyze and log traffic, and has a web interface for viewing what is going on in your network.

DDoS Prevention – Following This Tutorial

This is a tutorial on a different blog, but I’ll write up a new one later on. We’ll be using IPTables, which is built in to Linux, for DDoS prevention. These will be guidelines to provide hardened security to our Linux system, and our network.

Linux Hardening – Following This Tutorial

This is another tutorial on a different blog. I’ll write my own version of this one as well. What we’re doing here is hardening CentOs, and removing any possible holes in our security.

CentOS Router – Following This Tutorial

You guessed it, another external blog link. I’m going to rewrite this one, and go a little more in depth with it. This tutorial kind of does a very brief overview of what we’ll actually be doing.

Optional

WebUI for Snort – Snorby

Snorby is a web interface for Snort, and we’ll be using this to access snort without having to remote into the Linux machine.

Uptime Monitoring – Monit

Monit provides a solution for monitoring of services, and reporting via email or sms when a service has been interrupted.

Next

This is just the plan for the build, I have parts coming in today – and I’ll be adding more info regarding the usage and build for everything. Please subscribe below to watch it all unfold!