General Discussion General discussion on...anything!

Reply
 
Thread Tools Display Modes
  (#21) Old
somms somms is offline
Super Moderator
 
somms's Avatar
 
Posts: 883
Join Date: Oct 2008
Location: FAA
Default Re: "Netbooks Offer Hackers Easy Access to Data" - 03-15-2009, 05:22 AM

Quote:
Originally Posted by holmes4
The witopia.net PersonalVPN service doesn't use that CloakBox - I had never seen that before.

If you're happy setting up VPN on your own hardware, that's great. It's worth $40/year for me to have them do it and to take advantage of their better connections and higher-powered servers.

Hey you got something that works for ya...I can't knock that!

I'm just more of the mindset that I prefer to administer my own OpenVPN server by simply flashing DD-WRT or similar
onto a wireless router...job complete! Now since my gateway router is also my OpenVPN server, when I connect remotely I'm assigned a local IP and treated as if I'm connected at home which allows me full access to my computers, printers and other toys present at home on my LAN. This is something a paid remote VPN service can't provide!


Reply With Quote
  (#22) Old
palawan palawan is offline
Senior Member
 
palawan's Avatar
 
Posts: 110
Join Date: Oct 2008
Default Re: "Netbooks Offer Hackers Easy Access to Data" - 03-15-2009, 09:15 AM

a long time ago, back in the time of windows 98, i actually connected my desktop pc to the dsl connection using a hub. not too smart, but from what i remember of that time, hardware firewalls (that we take for granted now, such as a linksys) were expensive. after some time, i discovered http://www.grc.com and made me realize i needed some kind of protection so i bought, zonealarm software firewall for windows. what happened next was pretty amazing. you see, zonealarm will give u warnings of "attacks" on your pc, much like any good firewall that logs it. so, i started investigating these "attacks" and since i have the ip address of the attacker, i'd ping them back, which if they were scanning me or they have zonealarm (or something similar), would give them a warning to back off. well, good ole windows has this thing called file sharing and the quickest way to browse a computer for any shares is to click on start, run, and then on the dialog box type \\ipaddress. this is a good trick that doesn't seem to be known to many people.

anyway, back to the story, when i did this to these "attackers" reported by zonealarm, i started seeing shares of their drives with the very obvious names of c, d, e i click on c, and bam, the whole c drive content is there for me to see/copy/wipeout. it seems the attackers weren't attackers after all, but victims of a virus/trojan/worm. i ended up having the task of trying to help these people. since windows 98 still boots dos first, i created/edited their autoexec.bat to echo off, then echo "something to the effect u have a virus and have it checked out", pause, then i created a txt file with a much longer message and in the win.ini file, in the run= section, i invoked the notepad program to load the warning.txt. also, i discovered the virus executables were being loaded in the run= section of the win.ini with obscure names (lkfjafjd.exe), which i cleared

in the warning.txt file, i put an email address that i created in hotmail, that they can contact me if they need more info. i did this to dozens of computers, and since i had the txt file already created, the task is not that hard. even the section on the autoexec.bat was copy and paste for me. i already have access to their c drive so i just copy the txt file and edit the win.ini. out of the many computers i did this on, i think i only got 1 or 2 emails. i wasn't asking to be thanked, but i was just wondering what happened to them. after reading the emails, i think i know why no one was emailing me. the email was asking "how i did that to his/her computer"?. i emailed back and said it wasn't me, it was a virus that opened up their computer... oh well...

anyway, back to this subject of netbook and security. windows xp is not so bad, as long as you update and install all the patches while you're behind a firewall. dell mini 9 windows xp from factory is configured with file sharing disabled which is a good thing. i don't understand all the negativity towards mcafee, but i can tell you that it has saved me once or twice when i visited a (compromised) website that uploaded a trojan to my laptop. mcafee caught it and deleted it. i plugged in a usb flash drive that was infected and mcafee was all over it. it had a few folders that were infected and opening them up got mcafee to clean them, as well. i'm running mcafee enterprise 8.5 which is updated automatically.

i uninstalled as many programs as possible from the way dell had it shipped. i try very, very hard not to install any programs unless i really need to. this way, it operates fast and helps me to avoid viruses/worms/trojans. my dell mini 9 boots up in about 1.5 minutes (i just timed it). this is with mcafee activated, all the icons on the taskbar are calm and drivegleam shows less than 10 cpu utilization and almost no disk activity. some of you might say that's too long, but i don't reboot often, preferring instead to put the dell mini 9 on standby (sometimes hibernate mode).

because i was a customer of zonealarm, they send me promotional emails, and one of them was a steganos promotion of drive encryption. i bought it and i've been a fan of steganos. this got me to discover the other good product of steganos, the internet anonym VPN. i'm on my 2nd year of subscription. i know there are free VPN solutions out there, but i have my reasons why i went with the steganos, and i've been quite satisfied with it.

the main problem with open wifi at the coffee shop or airports is that because they are "open", the packets are unencrypted as they go from your computer to the local router. anyone on that same wifi network can sniff your packets and see what you're accessing. if you're accessing your bank, that's encrypted, but if you're accessing a webpage such as youtube or mydellmini, they can see quite a bit of info. they can also "attack" you. on the "wired" network, this is equivalent to the time when we had hubs instead of switches. anyone on the network can run these sniffing tools. if i'm going to access an open wifi (one with no security such as wep or wpa), i usually connect to the steganos vpn. if the wifi is too slow to begin with and the vpn will slow it down even more, i usually will just use my verizon broadband as i'm safer on that.

anyway, sorry for the long post, but i just find this subject fascinating. imo, netbooks are no more dangerous than a regular laptop, but because they are more portable they are used more and more with open wifi networks and they may be more prone to attacks.


my notebook: dell inspiron 11z - 11.6" display | intel core i3 330um | 6gb ddr3 ram | 80gb Intel ssd | Linux Mint 12 OS - Cinnamon 1.4 [Virtual Machine - WinXP SP3]
Reply With Quote
  (#23) Old
somms somms is offline
Super Moderator
 
somms's Avatar
 
Posts: 883
Join Date: Oct 2008
Location: FAA
Default Re: "Netbooks Offer Hackers Easy Access to Data" - 03-15-2009, 10:31 AM

Nowadays, I don't think you can be too careful with your personal data. Short of refusing to use the internet altogether due to the paranoia, a paid VPN service should give most people some piece of mind. If you want to save some dough, there also is a completely free ad-based VPN service: http://www.anchorfree.com/

Still can't help but think just how simple it could be for an unscrupulous provider or disgruntled employee of one of these paid VPN services to just up and decide he wants to data mine your sensitive files/drive shares! Although this tunnel may be secured with 256bit encryption, that safety net disappears once it is decrypted at the providers remote server which is by no means under your control! As easy as it is for me to access my home LAN remotely once I've connected using OpenVPN client on my Mini, someone on the server end(my home in this case) could just as easily be reading/writing files to the shared drive of the Mini after this tunnel connection is made...

I think I'll just stick w/keeping my OpenVPN server in-house where I can maintain positive control of the hardware and all authentication keys!


Reply With Quote
  (#24) Old
palawan palawan is offline
Senior Member
 
palawan's Avatar
 
Posts: 110
Join Date: Oct 2008
Default Re: "Netbooks Offer Hackers Easy Access to Data" - 03-15-2009, 11:15 PM

i just did my tests and i have to disagree with the reuters article. if you bought the dell mini 9 with the windows xp option and updated it to service pack 3 and kept up with the windows updates, the dell mini 9 is actually very secured. it passed the shieldsup!! port scanner tests for the first 1056 ip ports. the only non-stealth port that showed up was icmp (ping) which you can disable in windows firewall if you wish to see 100% stealth result. i also performed the test with the windows firewall turned-off (i don't recommend for anyone to do this unless they are absolutely sure they are updated with all the windows patches, because that short period of time is enough for one of the windows worms out on the internet to infect you). i wanted to see what windows services dell has configured to be opened from factory, once again, it passed the shieldsup!! first 1056 ip ports test. well, pass is my interpretation, although, the grc website says failed. 1049 out of the 1056 were closed (no services running/listening) and the other 7 were blocked by my isp (ie 135,139,445, ssh 22, bgp, etc.). windows fie sharing is not installed when it shipped from dell. also, i have disabled remote assistance, so that one was not part of the test.

if you re-installed windows or have modified the way dell had it configured from factory, then of course your results will vary. also, if you wish to perform the shieldsup!! test from the http://www.grc.com, you will need to be outside of a firewall/router (or configured in the dmz) as most of us are behind and protected by these firewalls 90+% of the time (which is a good thing). i used my verizon broadband to perfom the tests. i commend verizon for providing basic protection if i had some windows file shares open. i can imagine a lot of people have shares with personal photos connecting to the internet using the verizon broadband not knowing what they were exposing out there. verizon took the initiative to protect them.

one last thing on the steganos vpn... there are times when you wish to not only secure yourself inside the vpn tunnel, but also to protect yourself and publish a "fake" ip address on your connection. an example would be if you were in the beginning stages of a potential business deal and you don't have complete trust of the person/people involved that you are communicating with over the internet. i take the 5th and will not discuss why i use it :mrgreen:

on a final note, i never thought that i would advocate windows xp as a secured platform, but my test results say that it is as dell had it configured from factory. i guess windows xp gets a bad rap because of the way people use it (installing all kinds of apps with questionable origins, such as cool screen savers, cool utilities, etc.). i guess im guilty to some extent as i use this drivegleam utility that i heard from here, but i keep an eye on my cpu and network activity to make sure nothing out of the ordinary is going on and i have a lot of trust on the mcafee antivirus sw.


my notebook: dell inspiron 11z - 11.6" display | intel core i3 330um | 6gb ddr3 ram | 80gb Intel ssd | Linux Mint 12 OS - Cinnamon 1.4 [Virtual Machine - WinXP SP3]
Reply With Quote
  (#25) Old
somms somms is offline
Super Moderator
 
somms's Avatar
 
Posts: 883
Join Date: Oct 2008
Location: FAA
Default Re: "Netbooks Offer Hackers Easy Access to Data" - 03-16-2009, 03:06 AM

Quote:
Originally Posted by palawan
one last thing on the steganos vpn... there are times when you wish to not only secure yourself inside the vpn tunnel, but also to protect yourself and publish a "fake" ip address on your connection. an example would be if you were in the beginning stages of a potential business deal and you don't have complete trust of the person/people involved that you are communicating with over the internet. i take the 5th and will not discuss why i use it :mrgreen:
http://www.steganos.com/support/faq/ind ... artlang=en

Code:
As promised, we are providing you with an update on our data storage policy. As of 1 January, 2009, we are obligated by law to store certain information about our users. This obligation applies to all customers here in Germany and abroad. Legal agencies outside the Federal Republic of Germany who wish to contact legal agencies within Germany to pursue criminal investigations must do so via ‘‘mutual legal assistance.’’
Not sure if I'd really want any of my personal VPN info being stored by a third party. Giving the above VPN provider the benefit of the doubt, I'm sure it is perfectly safe to use this paid service but it still leaves you open to potential abuse...


Reply With Quote
  (#26) Old
palawan palawan is offline
Senior Member
 
palawan's Avatar
 
Posts: 110
Join Date: Oct 2008
Default Re: "Netbooks Offer Hackers Easy Access to Data" - 03-16-2009, 07:34 AM

i don't want to beat this to death, and i'm sure you're very happy with your vpn and i cannot change your mind to switch to steganos, but your post might be misleading because it shows that steganos has to log connection information but you didn't compare it to not having steganos. steganos has been very forthcoming of this change on the german law, and i see the message as it's permanently posted on the client application. i'm not happy about the change, but they have to comply with the new german law.

What information do we store?
* The original IP address* provided by your internet provider
* The Steganos server IP address that your are connected to
* Date and time of connection

When we disclose your information
If compelled by a judicial court, we are required by law to disclose your information if it is determined that:
* an immediate threat to civil liberties or public wellbeing exists
* an immediate threat to national security exists
* information disclosure is necessary to prevent harm to the general public

In these cases, stored information will only be disclosed to local (i.e. Federal Republic of Germany) and/or international law enforcement agencies under mutual legal assistance policy.

We are not obligated to disclose information for the purposes of prosecuting other criminal offences. And it is not our policy to cooperate (i.e. disclose our customer information) with these kinds of proceedings.

so, here's the comparison on having steganos or not: if you post on the internet spreading false rumor about a stock, the message board already has your ip info and sec can get a court judgement ordering your isp to disclose who the person that owned that ip at that specific time. your isp may have even logged the websites you visited. if i did the same exact thing while connected on steganos vpn, the sec might get a US court order to get the german isp of steganos company to disclose who owned the ip. if the sec succeded in getting that info (which will point to steganos), they will now need to get the court order to have steganos disclose the info they have logged. whether or not steganos deems the court order pertains to the list above, they may or may not release the info.

by the way, in that scenario above, the sec would probably not have pursued the above case as soon as it was discovered the ip address belongs to a german isp as their jurisdiction doesn't reach there (i think).

also, when i connect to the steganos vpn, it doesn't mean that all my security are dropped. my windows xp firewall is still active, and my windows xp settings of no windows shares/services are still in effect. no one will be going through my personal files.

i actually tried to use the steganos as my "personal" link between 2 laptops and it failed. apparently, steganos users are not able to connect to each other. i had my laptop (with remote desktop service active) connect on steganos (non routable address of 10.0.x.x subnet mask of 255.255.255.252 two-host subnet = laptop and the router). i had my dell mini 9 connect also, and i get a similar ip and subnet mask, but i cannot remote desktop to my other laptop.


my notebook: dell inspiron 11z - 11.6" display | intel core i3 330um | 6gb ddr3 ram | 80gb Intel ssd | Linux Mint 12 OS - Cinnamon 1.4 [Virtual Machine - WinXP SP3]
Reply With Quote
Reply

« Women and Mini 9s | VIA Creates Reference Design for 1080p Netbooks »
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Copyright © 2008-2016 MyDellMini.com.