Information Security, privacy and ensuring that a company’s confidential data remains top secret and its protection are of pivotal importance in any business. The present day corporation employs multiple layers of security, deploying firewalls, IDS, IPS, HIPS etc. However, we all have chinks in our armor and corporations are no different. Leakages tend to occur at the seams of an organization. These days, we do not hear about cases of a lonely hacker toiling away to gain access to a company’s crown jewels whether it is a coca cola recipie or sensitive code or data, there are much more easier ways to gain access to a company’s data and assets. Read on for a detailed look at the information security hazards often found at a typical office workspace.

A lot of us who use Linux at work/school or have always grown up using unix commands for years and more often than not, there might have been instances where a ls command comes more naturally than the dir command at the command prompt in Windows. For the most part, a lot of us work around this drawback using the excellent tool: Cygwin. Cygwin is available for windows users here.The Cygwin tools are ports of the popular GNU development tools for Microsoft Windows. They run thanks to the Cygwin library which provides the UNIX system calls and environment these programs expect.

With these tools installed, it is possible to write Win32 console or GUI applications that make use of the standard Microsoft Win32 API and/or the Cygwin API. As a result, it is possible to easily port many significant Unix programs without the need for extensive changes to the source code. This includes configuring and building most of the available GNU software . Even if the development tools are of little to no use to you, you may have interest in the many standard Unix utilities provided with the package. They can be used both from the bash shell (provided) or from the standard Windows command shell.

While Cygwin would be an obvious choice for many Unix/Linux power users, there is an excellent and a much simpler alternative to using Cygwin. In this article, we will show you how to run your Unix commands right in the windows command prompt.

When system and network admins talk about plugging all the holes and securing their network of denial -of -service attacks, one of the least talked about but one of the most effective network security technique is sinkholing. So what exactly is this ‘sinkholing’? This article is part 1 of a two series each expanding an implementing a different kind of sinkhole.

A sinkhole is┬ádefined as a method in which we redirect specific IP network traffic for different security reasons including analysis, diversion of attacks and detection of anomalous activities. It has long been deployed by Tier-1 ISP’s globally usually to protect their downstream customers. However, for the network administrators, sinkholes are generally deployed to provide valuable intelligence regarding the security threats their networks are facing. Read on below for more information on sinkholes and the two kinds of sinkhole implementation — darknets and honeynets and how you can use them to obtain valuable information regarding threats and misconfigurations in your network.

Wi-Fi hotspots have become ubiquitous at cafes, airports, restaurants, and other public location. In fact, more and more cities are creating hotspots that blanket entire metropolitan areas. Many municipalities have joined with local community groups to help grow the free wireless network by contributing volunteer time, knowledge, and donations..

.Wi-Fi hotspots present a unique challenge with respect to security especially because of the unknown computers sharing the same local network with you. Unlike your network at home or dorms or office networks, public hotspots whether at cafe centers or hotels usually broadcast their SSID’s, more often than not lack WEP or WPA encryption and definitely do not implement any kind of MAC filtering. After all, turning on any of these functions would negate the “public” aspect of hotspots.That said, even if these public hotspots used closed networks and enabled encryption on their networks, making their customers go through hoops to get connected, there would still be no way to tell a “legitimate” client from a “malicious” one out to hack other customers’ data. Anyone with a credit card can sign up for hotspot service. So what can you do to protect yourself at a public hotspot? Plenty…

Virtual Networking Computing (VNC) is remote control software which allows you to view and interact with one computer using a simple program (viewer) on another computer (server) over a local area network or anywhere on the Internet. VNC is a cross-platform application that does not require the two computers to be the running the same operating system. For example you can use VNC to view your office Linux machine on your Windows PC at home. VNC is freely and publicly available and is distributed under the GNU General Public License (GPL). There are various distributions of VNC but the one we will be covering is RealVNC. VNC has two parts, a client and a server. The server is the program on the machine that shares its screen, and the client (or viewer) is the program that watches and interacts with the server. VNC software requires a TCP/IP connection between the server and the viewer. This is the standard networking protocol on LANs, WANs, broadband and dialup connections. Each computer has a unique IP address and may also have a name in the DNS. You will need to know the IP address or name of the server when you connect a viewer to it. If you are assigned a dynamic IP address, you might benefit from using a third party DNS management service.

Installing an SSH Server on Windows

Local port forwarding requires an SSH server running on the Windows machine. OpenSSH is provided as part of Cygwin which is an environment similar to Linux for Windows. Cygwin provides an install and update utility (setup.exe) to retrieve packages from the Internet. When you install Cygwin, select the OpenSSH package (available in the Net category). Once installed, complete the Cygwin configuration as shown below…