NSA Security Configuration Guides
Posted by clamasters in blog on October 12, 2008
While I was in the Marine Corps doing one of my tour’s in the middle east (Iraq), I was often reminded that we needed to take great measures to secure our network systems. We took several approaches to this task. During my second tour I was in a way mentored by a contractor, Andy Garcia. He worked, If I remember correctly, for Northrop Grumman and was part of the Information Security team for the Marines. He sort of took me under his wing and showed me the ropes on basic information security. I sort of became obsessed with it. Just knowing how easy it was to exploit little things like unpatched Microsoft OS’ and buggy IOS or even wireless network with so called wired equivalent protection (WEP). It just flabbergasted me watching him gain administrative access on systems that I once thought were “secure”.
I then found a blessing from the National Security Agency (NSA). They had published baseline security lockdown guides for the majority of technologies that we were deploying. I started using them to secure our systems along with a large number of recomendations from Andy and the information security team. It was and still is my favorite part about the job.
Just as an overview, the guides go through getting rid of some bad default settings, teach you to run services with a less priviliged user, and best of all…common sense. Securing systems is a lot of the latter. Don’t use default passwords, don’t run as root, etc. They go into great depth on certain subjects, an just glaze over a few others but the documents are well written and if uses appropriately WILL help you protect your systems.
This have been around for a while now so you may have already know about them but even if you have seen them before, please take a look again just as a refresh.
New Theme Testing
Posted by clamasters in blog on October 3, 2008
I read a number of blogs; You an see them to my right in the Blogroll and one thing I’ve noticed over and over again, is the lack of dark colors. I’m not 100% sure why that is but I do know that it’s a trend of sorts and I’m behind the curve. I’m going to be trying a number of themes out on my blog, tweaking them here and there to find out which one I like the best. Please bare with me during the transition.
Thanks.
Twitter :) Not so bad after all
Posted by clamasters in blog, Twitter on September 16, 2008
So If you haven’t noticed on my Twitter account and on the right column of my blog here I have some twitter stuff. I’m warming up to it quite a bit. It’s neat to see what people are doing or even that they care to post little tidbits like working on fiber link, fixing MySQL issues, hating 1&1 hosting, etc. Fun stuff. I have also grown fond of the TwitterFox Firefox plugin.  So please enjoy my tweets and follow me if you so wish. I might have something good to tweet about. 
Update – Nothing new here…
Posted by clamasters in blog on September 3, 2008
Well, I don’t have an excuse for not blogging anything lately other than I simply don’t have anything new to blog about. This last month my wife an I took a week of vacation to see our friends in Michigan, then that was followed by a week of super laziness and then my brother in law moved in. I didn’t want him to at first but it’s nice to have someone else around every now and then, plus he mowed the yard without me having to ask him.  Puts a smile on my face. Though we do have to cook for 3 now, it’s really not that bad.
On the tech side, I did find a newish product ebox-platform which is a set of packages and a management GUI on top of Ubuntu. I’m going to give it a whirl for my home server and will be using the file and print sharing functionality as well as the web server. On their website, they list what products they use to deliver this functionality. It’s what you would expect if you were to do it yourself but I’m interested in the management interface. I’ll update you on this later.
Well, that’s all I have for the moment. Stay tuned and thanks for reading.
My take on AntiVirus / AntiSpyware applications
Posted by clamasters in blog, Microsoft on August 20, 2008
Virii suck, I just though I’d throw that out there. They cost the world billions of dollars a year and keep people like you and me up at night. I wish I had the final solution for you but I don’t, however, I do have a list of applications/tools/services that I use to keep my computers running virus and spyware free.
Desktop Antivirus / AntiSpyware
At work my company has standardized on NOD32 from ESET. I had never herd of the company until I started at my current position about a year and a half ago and now, I rarely use anything but NOD32. They have a couple of editions but I’m only familiar with ESET NOD32 AV v2.6 and v3.0. So far I have not had a single problem with virii or spyware (except for a few hacking/cracking tools that I use on occasion).
If I’m not using or recommending NOD32 for home / client computers I go with AVG. AVG AntiVirus 8.0, the newest version from AVG covers pretty much everything you would need from an AntiVirus / AntiSpyware software suite. They even have a free edition that can be found here for home computers that only need basic protection. If your on a budget, AVG Free Edition is for you. Again, so far, with my use of AVG Antivirus, I have not had a single problem.
Safe Internet Browsing
This is a huge deal when it comes to keeping your computer safe. Sometimes it doesn’t involve any software at all. Just some intelligence and PG13 level surfing (no porn or online gambling allowed!!). However, because of my ADHD and endless appetite for information, even I run across some potentially bad websites.
To combat this I use OpenDNS. I’ve done a blog post on them a while back. Search at the right if you are interested but I’ll cover a few points to OpenDNS here. First of all, OpenDNS is cool. Second, OpenDNS is free. Now that I got those two things out of the way, I’ll explain it a bit. OpenDNS is a free DNS service that you point your network DNS servers, clients, etc towards and you instantly get a bit better service. If you go to the website and create an account and then register your IP address there, you can have settings specified that would prevent people from surfing websites that fall within a specific category. Below is what I have mine set to.
The moderate setting includes blocking of Adaware, Alochol, Dating, Drugs, Gambling, Hate/Discrimination, Weapons, Tasteless, Lingerie/Bikini, Proxy/Anonymizer, Sexuality, Nudity, Pornography, and Phishing. The last one is especially cool because it uses the phishing database PhishTank, which is THE defacto standard in phishing databases…well at least I believe so.
Desktop and Network Firewalls
As much as I should use a desktop firewall, I don’t. It hinders my ability to do network scans, attach to different networks, open up shares on my computer remotely, test software, etc. But, do what I say and not what I do. If you have no reason not to use one…then do so. The built in Windows Firewall is fine but if you need to feel a little safer at night, I recommend ZoneAlarm. It has both high reviewes in the major computer magazines and is recommended by the security research group Gibson Research Corp.
My home network firewall is pfSense, a free open source, fully featured firewall that I have installed on an old workstation with two network interfaces. Visit the website for a full list of features. Other firewall’s that I would recommend would be the Cisco PIX or ASA, m0n0wall, and any Linux distribution running iptables. It’s not that these are the only secure options out there but rather I only have extensive experience in this small list.
SPAM Protection
This cannot be stressed enough… Never use an email address without a **GREAT** SPAM filter. For personal use, grab a free GMail account. For corporate use get a Barracuda SPAM firewall, use Postini or build your own SPAM filter based on SpamAssassin. For the DIY I recommend Maia Mailguard. The reason for this is quite simple, spyware and virii can be transmitted quite easily through email. If you are not protected, you are asking for trouble.
Defense in Depth
Although all of my recomendations, in my option, are good ones..not a single one of them guarantees that you will not get infected. Things like zero day attacks, trojans, virii, spyware, adaware, malware, etc are not always easily detected and therefore may hit a large number of computers over a short period of time without the security companies knowledge. However, with the use of all of them together, you now have the tools for a fighting chance and with any luck, you’ll be virus free.
Hopefully you’ll take my advice on one or more of the above topics and have a safer more enjoyable time on the internet.
Extras!!
Here are a few extra tools that I did not fit in.
ESET Online Scanner | TrendMicro House Call | TrendMicro HijackThis | Symantec Removal Tools