The Final 'Final' Nail in WEP's Coffin?

If WEP means nothing to you and you are using or considering using a wireless AP (Access Point) in your home or business, please read on..

By default all wireless routers, AP's and other devices are configured as 'open'. This means that anybody within range can connect to them and become part of your local network, just as if they were sat in the desk next to yours at work. Clearly this has serious security implications, your data and your Internet connection is available to all and sundry and you will be responsible for any downloaded content possibly illegal or otherwise by these unknown persons.

To prevent this happening, a form of security enabled encryption was developed, which firstly requires a password and secondly encrypts all data traffic that is being transmitted through the air. The first of these encryption methods was known as WEP. Unfortunately WEP is no longer considered secure, as crackers quickly learnt how to break the encryption, so since then WPA and then later WPA2 have been developed to stay one step ahead of the crackers. So far WPA is already falling from grace but the more recent WPA2 is the way to go at the moment. Most modern wireless devices do support all of these methods.

If you are unsure how your wireless equipment is set up, please find out by asking an IT professional or a person that is knowledgeable about the various encryption techniques and the pros and cons of using them, or contact us and we will help.

If you have more of a technical mind and would like to learn more about the vulnerabilities in WEP then please take the time to read the excellent article below.

-----

Researchers have discovered a new way of attacking Wired Equivalent Privacy that requires an amount of data "more than an order of magnitude" less than the best known key-recovery attacks. In effect, the cracking can be done within a minute, as the title of the paper suggests: Breaking 104 bit WEP in less than 60 seconds. Specifically, only 40,000 data packets are needed for a 50 percent chance of success, while 85,000 packets give a 95 percent chance of success, according to the paper's authors: Erik Tews, Ralf-Philipp Weinmann and Andrei Pyshkin, all researchers in the computer science department at Darmstadt University of Technology in Darmstadt, Germany.

Complete article found at eWeek.com.

Back to top

Debian powers Australia's largest satellite network

Some 75 towns across New South Wales have started accessing the Internet through Linux-based satellite routers in what is said to be largest network of its type in Australia spanning upwards of 800,000 square kilometres. The Rural Link project by NSW.net was initiated four years ago when the State Library of NSW approached the federal government about connecting country libraries in NSW to the Internet via satellite due to the expense of ISDN. The project’s principal coordinator, Charles Jago, said the network is unique due to its size and varied nature of each access point. Jago, who said he was unaware of others doing satellite and wireless to this extent, added, “There are now connections to 180 buildings [across the 75 towns] all over NSW.”

Read the rest of this story at ComputerWorld.com

Back to top

How do I avoid getting Malware?

Firstly you might be wondering what malware is and whether or not you are vulnerable to it. Well, malware is the latest buzz word which covers the various forms of nasties that can be installed on your computer without your consent. Signs of an infection are: your home page has been hijacked; unwanted adverts are popping up; browsing and other computer activities have slowed down or even ground to a halt. The infections take on many varied forms but can be thought of as losing control of your own PC.

The name is derived from malicious software and is a catch-all term for viruses, trojan horses, spyware and adware. Once your computer is infected with malware it can be very time consuming and difficult to fully eradicate and effectively clean it. Hence, this article is aimed at preventative measures rather than going into any lengthy removal techniques.

So what are the best practices for avoiding these nasties?

1) Turn automatic updates on or frequently visit Microsoft's automatic update site

Microsoft releases critical updates on a monthly basis, so you should take advantage of these and keep your computer secure. The critical updates are basically patches which fix security vulnerabilities in the operating system or to put it in layman's terms, they make Windows less likely to pick up malware or be attacked remotely by a person with malicious intent.

2) Ensure you are running an up to date anti-virus program

If your paid subscription has run out then your anti-virus solution is out of date and useless.

For a top notch 'free for home use' AV solution click HERE.

3) Consider using a web browser that is less prone to these kinds of attacks

The built in Windows browser, Internet Explorer, supports ActiveX controls which allow web sites such as Windows Update to remotely install files on your computer. This is a great idea and works wonders for critical update installations and other wanted software but it has unfortunately been used by malicious software writers to remotely install malware as well.

So, for your casual browsing you might want to consider the free alternatives which by nature are not as prone to malware attacks. Firstly there is Mozilla Firefox, which can be downloaded HERE - or the writer's preferred choice, Opera, which can be downloaded HERE.

Both of these browsers have other features which I am sure you will also find useful. Tabbed browsing, popup blockers, RSS feeds and more... but the salient point is that they are safer to use!

4) Install spyware blocking software

The one I am going to recommend here is not a malware removal tool but rather a clever little application which blocks most of the things that malware tries to take control of. Javacool's SpywareBlaster can be downloaded for free HERE. Like other applications, it needs to be kept up to date but it's worth its weight in gold, as it doesn't even need to be loaded into memory to function.

5) Try to avoid the type of sites which are known to frequently host malicious content

Adult only sites, Warez (pronounced Wares) sites, sites which have free downloads of copyrighted material and/or sites which host keygens or product serial numbers and other activities such as P2P file sharing.

In a nutshell, the more dubious the browsing activity is, the more likely it is that you will encounter nefarious content and get your fingers burnt.

6) For safer surfing make sure you are behind a firewall

The firewall can be a stand alone device or built into your ADSL router, or you can use the built in one which comes with Windows XP SP2. For a belt and braces approach, you can use both.

If you stick to these guidelines you are being pro-active in the ongoing fight against malware. If you are not taking any precautions at all, it is only a matter of time before the annoyance that is malware comes knocking on your door.

By Peter Umlandt MCSE

Feel free to contact us if you would like more information or if you suspect your computer is already infected.

Back to top

Microsoft tags IE 7 'high priority' update

Microsoft plans to automatically push Internet Explorer 7 to Windows XP users when the browser update is ready later this year.

IE 7 will be delivered in the fourth quarter as a "high priority" update via Automatic Updates in Windows XP, Gary Schare, Microsoft's director of IE product management, said in an interview Tuesday. Automatic Updates is a Windows feature typically used for security updates, but Microsoft has also used it to push its antipiracy tool WGA Notifications....

To read the rest of the article, click HERE

Back to top

Bugs to delay Office launch

Microsoft has delayed releasing its Office word-processing, email and spreadsheet program so it can improve its performance and design.

Office 2007 for businesses, which was to be released in October, will now be unveiled a few weeks later, but before the end of the year, vice-president Antoine Leblond says. It will be available in stores in January as planned, he says. The delay is a setback for Microsoft, which has struggled to release its Office and Windows products on time.....

To read the rest of this article, click HERE

Back to top

Stained Windows! Microsoft to mark illegal copies

Pirated software users be warned. Microsoft Corp is going to start 'nagging' Windows users who do not have a legitimate copy of its operating system (OS). Starting tomorrow, the software giant will permanently flag personal computers that are not running a genuine copy of Windows. This move affects the six million Windows users in this country, as well as those in the United States, Britain, New Zealand and Australia. Industry sources informed In.Tech that the software giant is giving Windows the ability to tell if a user's PC is running a genuine or pirated version of the OS, via an update patch that becomes available from tomorrow.

Find the rest of the article HERE

Back to top

60% Of Windows Vista Code To Be Rewritten

David Richards - Friday, 24 March 2006 - Smarthouse.com

Up to 60% of the code in the new consumer version of Microsoft new Vista operating system is set to be rewritten as the Company "scrambles" to fix internal problems a Microsoft insider has confirmed to SHN. In an effort to meet a deadline of the 2007 CES show in Las Vegas Microsoft has pulled programmers from the highly successful Xbox team to help resolve many problems associated with entertainment and media centre functionality inside the OS. The team are also working closely with engineers from the Intel Viiv team. and it is now expected that the next version of Viiv could be delayed to line up with the launch of the consumer version of Vista at the 2007 CES Show in Las Vegas. One of the key components of the consumer version of Vista is the Media Centre code. This will be an optional package in the same way that Microsoft currently sell a Professional and Home version of XP. With Vista tHERE will not be a separate Media Centre SKU.

Read the entire story HERE

Back to top

Help, Advice & Resources to Pass your IT Certification

CertForums.co.uk host free active certification forums with links to the best free resources for Microsoft's MCSA MCSE MCDBA Cisco's CCNA CCDA and CCNP, and CompTIA's A+ Network+ i-NET+ and Security+ certifications.

Check it out HERE

Back to top

OK then, what are Widgets?

• Mini-programs that bring important, live information right to your desktop.
• Beautifully designed to brighten up your desktop.
• All about you! Customise your Widgets to grab just the information that you want.

The Yahoo! Widget Engine (formerly known as Konfabulator) is a JavaScript runtime engine for Windows and Mac OS X that lets you run little files called Widgets that can do pretty much whatever you want them to. Widgets can be alarm clocks, calculators, can tell you your WiFi signal strength, will fetch the latest stock quotes, and even give your current local weather.

What sets Yahoo! Widget Engine apart from other scripting applications is that it takes full advantage of today's advanced graphics. This allows Widgets to blend fluidly into your desktop without the constraints of traditional window borders. Toss in some sliding and fading, and these little guys are right at home in Windows XP and Mac OS X.

Read the full article HERE

Download the Widget Engine and your favourite Widgets HERE

Back to top