August 2016 Newsletter – Page 2

Previous Page

Can You Really Block DDoS Attack?

A Denial of Service (DOS) attack is one where a flood of messages overwhelms the ability to process them.  There are 2 other variants – Distributed and Reflected (DDOoS and RDDoS). Most non-technical or newbie will assume that DDoS attack is similar to getting infected by a virus or being hacked. For the purpose of removing virus infection we use anti-virus and to secure yourself from being hacked we use Firewalls, but what can be used to prevent DDoS attack? This question comes in their mind. First of all DDoS attack is NOT similar to getting infected by a virus or being hacked, rather DDoS attack is basically a technical way of “overwhelming” your internet traffic to an extent that you get knock out. So basically antivirus and firewall cannot block a DDoS attack on their own.
Block_DDOS_Attack

 

We use techniques (or services) rather than a single software package like antivirus or firewall in order to prevent DDoS attack. A firewall will only block incoming or outgoing connections but it will still bear the burden of “network traffic” which can be overwhelming enough to knock out a firewall as well at times.

 

What strategies can be adopted to escape a DDos Attack once you are attacked?

 

Plan A) Change your IP Address or reboot your modem:
Keep_Calm_Reboot_Modem

Don’t panic if this is the first time you are being DDoS attacked and you are using an internet service that provides dynamic IP addressing to you. You can simply restart your Modem (or other CPE device provided such as WiFi USB Dongle, etc.) Changing the IP Address will make you get away with the attack, since an attacker usually targets an IP Address only.

 

Plan B) Consult your Service providers:

 

Consult
In case your IP Address is static, call your service providers immediately. If your website is under-attack then contact the web hosting service providers immediately and they will be able to assist you promptly.

 

Plan C) Use professional services that are specifically designed to protect against these attacks:

 

Could_Flare
Once followed Plan (a) or (b) for future prevention of these attacks you should try using a professional service in order to safeguard your PC or website from future attacks. Cloudflare.com is one of the most used services in this regard.

 

NOTE: Layer 3 (Network) and Layer 4 (Transport) of the OSI 7 layer model present special DoS challenges because to learn if they are DoS packets or legitimate packets they need to be inspected. You don’t get the chance to do the inspection because you are already overwhelmed. When you are attacked this way, usually the only solution is to have a specialist company like CloudFlare handle your server because they have the resources to handle attacks that would are too big for smaller players to handle. These solutions mean your server never see the attack – attack packets are removed before they reach you.

 

Slow Computer? Try These Methods

Slow_Computer
Sometimes viruses aren’t the only culprit which can slow down your computer. A slow computer is one of the most complained issues world-wide. Here’s what you can do to troubleshoot and fix the sluggish performance of your computer.

 

Disable unwanted startup Programs

 

Sometimes when you install a software package, make sure you don’t check the option for “start when windows start” or “start when computer starts”, unless you REALLY need to run that program at the windows startup. If you already have loads of unwanted programs ran on startup you can disable them using ‘System Configuration’ by pressing Windows key and R key at the same time then type msconfig and hit enter.

 

Disable_Run

 

Click and “startup” tab and analyze for unwanted programs and disable them and Click Ok.

 

Disable_config

 

Terminate resource consuming programs

 

There may be unwanted list of programs running in background that you might want to close. Also sometimes a running program such as your web browser malfunctions and slows down rest of the computer but you are not sure which program is the culprit, in this case you can run “Task Manager” and terminate/close these programs. You can analyze the resource consuming programs by sorting the programs ‘CPU’ wise.

 

Start task manager

 

Start_Task_Manager

 

Sort program and End culprit

 

Sort_program_End_culprit

 

You may also notice that there are a lot of ‘chrome.exe’ processes, which is because if you open multiple tabs in Google chrome it will create as many chrome.exe processes. If you want to close down entire Google chrome browser by terminating just one chrome.exe process then it should be the one with high memory using thread (as seen in the figure above).

 

processes

 

Note: You may also wish to sort programs/processes ‘memory’ wise just in case if CPU usage doesn’t seem to help.

 

Task Manager does not tell you everything! Use Process Explorer

 

An application called Process Explorer is useful in this regard.

 

This program gives extreme in-depth (for a beginner) analysis of each process running on your Windows Operating system. Let’s say if your serial port is busy and applications like hyperterminal or skype is not  running then you can search for the program using serial port by selecting “Find Handle or DLL” and search for the word “serial”.

 

This should show anything that is using your serial ports.

 

process-explorer-search

 

Even if the process doesn’t have a name, it will have a Process ID number (PID). You can go into the Windows Task Manager (via Ctrl-Alt-Del) and select View -> Select Columns to enable viewing the Process ID numbers, which can lead you to the image name of the program that’s using your serial port.

 

The Case of the Unexplained, 2010: Troubleshooting with Mark Russinovich

 

In this video Mark Russinovich, the master of Windows troubleshooting, walk you through step-by-step how he has solved seemingly unsolvable system and application problems on Windows. With all new real case studies, Mark shows how to apply the Microsoft Debugging Tools and his own Sysinternals tools, including Process Explorer and Process Monitor, to solve system crashes, process hangs, security vulnerabilities, DLL conflicts, permissions problems, registry misconfiguration, network hangs, and file system issues. These tools are used on a daily basis by Microsoft Product Support and have been used effectively to solve a wide variety of desktop and server issues, so being familiar with their operation and application will assist you in dealing with different problems on Windows.

 

Remove malware or adware

Sometimes when we install a software package it installs a malware or adware alongside (without user acknowledge). We can use antimalware/adware software to remove such unwanted programs, one of the commonly used antimalware software is Malwarebytes which is free to use handy tool to eliminate unwanted malware and adware programs.

 

remove-malware-adware

 

Note: Malwarebytes and other major anti-malware products are supposed to run alongside a primary antivirus software, as they are not a replacement of an antivirus but they comes and additional software just to remove those malware which antivirus fails to detect and remove. If you’re malwarebytes is not working with your antivirus (in rare cases) then you should use any major antivirus product such as Kaspersky, AVG, avast, Microsoft Windows Essentials, etc. Although Malwarebytes and antivirus software are supposed to work parallel but sometimes real-time scanning from both malwarebytes and antivirus may reduce your CPU performance by a noticeable margin. Although it will rarely be bothersome factor, however if you are concerned about this you can turn off real-time scan of malwarebyte and perform periodic manual scans for malware manually as you please.

 

How Vulnerable Is Your Smartphone’s BlueTooth?

bluetooth
Bluetooth either used for files transfer or wireless headsets device, is an extremely handy wireless technology. Just like many other network technologies this wireless connectivity also have some vulnerabilities than needs attention of many people who never realized what they might be risking their files of vocal data while not safely utilizing this useful technology. Thankfully because Bluetooth doesn’t have bigger ranges compared to WiFi, chances of it being misused are very less however possible enough to cause:

 

Eavesdropping

 

Eavesdropping

 

Most of the modern Bluetooth devices comes with updated thus secure protocol versions but there may be still older devices using older blue tooth protocol or newer devices using older Bluetooth protocol (specially in under development countries) which leads a potential door for hackers to eavesdrop on your conversation made from Bluetooth headsets device.

 

Easiest way to avoid this: Turn off your Bluetooth when not needed

 

Denial of Service Attack

 

Denial_Service_Attack

 

Yes it’s true, even a Bluetooth device can be DoS attacked or DDoS attacked. Since Bluetooth is also a network connectivity device. In result of a DoS attack you can lose connectivity between your Bluetooth device and the destination point and it may also crash down your Bluetooth service and possibly malfunction until you reboot your cell phone.

 

Easiest way to avoid this: Turn off your Bluetooth when not needed

 

Bluetooth tethering concerns

 

Although Bluetooth tethering is reasonably more secure than WiFi connection but there’s still exist a small risk specially if you don’t change or set a unique Pincode for your Bluetooth tethering connection. We suggest you to use a strong pincode for tethering and for further encryption of the data in order to tackle ‘man-in-the-middle’ interceptors you might face in a small places like café (where your Bluetooth range can be intercepted) you might want to use a Virtual Private Network (VPN) connection. A VPN connection gives you ability to encrypt everything that passes through your mobile device and the other device connected to it for tethering.

 

spotflux
Spotflux is a free VPN software that you can use on your mobile phone and computer system to safeguard data interception in this regard.

 

Hardware Firewall for Your Company Building. Why Is It Better Than Software?

Hardware_firewall
Hardware firewall is ideal for a company or huge organizations that may have their network spread over more than one room or even buildings across the blocks, here’s why:

 

Hardware Firewall Software Firewall
Protects all the devices/computers connected it its ETHERNET port. Protects only the computer on which it is installed
Routing and Packet filtering options are built-in. Not all software firewall performs packet filtering, routing needs to be configured separately.
Runs separately, doesn’t consume your computer’s memory. Runs directly from your computer and consumes memory resources

Note: There are enterprise level software firewalls but point three above prevails anyway

 

Linux – Virus and Malware Risks

Linux
After Microsoft Windows, Linux is one of the most used operating system world-wide, and in regards to server machines Linux is the most used operating system in the world. Linux is majorly used by technicians and software developers who already have at least intermediate knowledge of system security.

 

Linux_virus_detected

 

The fact that Linux is an open-source operating system and most of the applications running on this system are also open-source, also that Windows is by far most used compared to Linux, hackers usually do not develop viruses for Linux. And those virus which infects Microsoft Windows, does not and cannot infect Linux because both uses different filesystem and files that executes on Windows cannot be executed in same way on Linux.

 

However, there still exists some number of viruses even for Linux, thus requiring to install Antivirus even on Linux box becomes somewhat a necessity at times.

 

ClamAV

 

ClamAV is commonly used antivirus software for Linux (also available for windows). It’s a basic antivirus solution that can tackle virus infections on a Linux machine IF found (rarely).

 

 

Previous Page

 

If you liked this post;
  • Please consider subscribing to our RSS feed