The fast evolution of computer networks brought fantastic developments for communication and connection capacities.
We can easily see this evolution while observing the Internet, first a restricted network and now a complex and global network, where we can do a simple mail exchange or complex and elaborated financial transactions.
But, we also have the dark side of this fantastic environment: threats like virus, worms and Trojan horses, scanning, spoofing, sniffing or snooping, and so many others became the nightmare of all organizations.
Indeed, the technology can play for and against us.
A good way to make the technology works for us is using Packet Inspection. This is a tool frequently used to sniffing networks, looking for password and breaches, but information security professionals can use it to do exactly the opposite: protect the network.
With a good Packet Analyzer you can generate information about your integrated information systems, supporting the system administrator to find and solve the problems in a quick and efficient manner. It’s possible to identify attacks, non-authorized access to systems and malicious behaviors. In other words, with a good inspection solution your organization will be able to see and analyze everything that hits your network.
You can prevent problems and also reconstruct network sessions, providing the needed information for Network Forensics. It’s when the hunter became the hunted: you will be using the same method malicious threats use to put your business under risks to defend your organization.
Do you want to know what a Packet Inspection is? Watch this video for more information: Deep Packet Inspection explained or read here at Wikipedia.
Data Recovery
Every computer has storage files devices. These devices can be: Hard drives, notebook’s hard drive, CDs, DVDs, diskettes, Zip drive, memory card, pen drives, etc.
In these devices you can find the operational system e all information used and archived in your computer.
But, the truth is, these devices are subjects to failures and accident that can cause the lost of your valuable files: mechanical failures, electric failures, virus action, bad system functioning, information deletion, format, problems with water, fire, smoke, and others.
Data Recovery is the effort to rescue info lost in those or similar situations.
Insecure Data
Our data is not always secure and sometimes is too late to do something to protect them. That’s why Data Recovery business is growing so fast around the world with some many companies offering solutions.
The truth is we never imagine it can happen with us. “I ended up with nothing” – One day, while starting her computer, a friend heard a strange sound. With a burning smell, her computer turned off. She couldn’t turn her computer on again, a Pentium III with 2 years.
Even after installing new mother board, sound card and power supply, her computer didn’t turn on. Hard drive was removed and installed in another commuter, but, as you can imagine, she couldn’t access her data.
In that hard drive, she was keeping her PhD papers, and all her classes. No hard copies, no backups. Since now she can’t access her data, she is now looking for a company that can help her, to at least try to salve some of those files.
But the question is: are these files more valuable than the price for an eventual data recovery? And if yes, which values and services she should look in a data recovery company?
Information on Risk
I’m pretty sure that my friend’s history is totally familiar to you. The good thing is nowadays internet can provide valuable resources to help you with your data recovery. An example is this data recovery blog from DTIData, a great site with a lot of resources, where you can find information about how to recover your hard drive, your exchange server, your NTFS, your iPod, or even raid data recovery.
But how it happens? Why suddenly your hard drive doesn’t work anymore? How can we prevent this situation? Is it possible recovering any data? Is my data impossible to be recovered?
A future article will explain.
With a range of clients that can go from The Pentagon to the home user, they have everything for security surveillance, since External and Internal security cameras, CCTV cameras to PC security systems.
Pangea Day aims to ‘tap into the power of film to strengthen tolerance and compassion while uniting millions of people to build a better future’.
Twenty films will be selected to be shown on 10th May 2008 all around the world. Each film selected will receive $3,000 and the opportunity to pitch to Participant Productions (Jeff Skoll’s company). The winner will receive $20,000 to develop their treatment. This would be great for Camfed! (Yes, where I work ! )
If you haven’t already joined up to www.youtube.com, then please do so and view and vote for our film - ‘Two Friends: The Promise of Africa’s Future’ - which can be found here: ‘Two Friends‘
The more votes and the more hits, the greater possibility our film will be noticed! And please get your friends to vote too!
gs presents IronKey posted at The Tech-Investigator, saying, “Outlining the critical elements of information security for the mobile Professional Investigator.”
Host comment: “Social Engineering and how to avoid it.”
That concludes this edition. Submit your blog article to the next edition of information security carnival using our carnival submission form.
Past posts and future hosts can be found on our blog carnival index page.
Welcome to the October 28, 2007 edition of information security carnival. We have frauds, ID thiefs, virus, spywares, privacy invasion and more.
articles
Marc and Angel presents 6 Digitally Traceable Tracks We Unconsciously Leave Behind | Marc and Angel posted at Marc and Angel, saying, “I have compiled a list of 6 digitally traceable tracks we unconsciously leave behind as we trek through our daily routines. I have also included a hypothetical example of how easy it can be to track someone down online by tracing their online affiliations and dabbling with the information that is found.”
Crackers like to use phishing to spread their malicious code. And actually, if you take care with just some file extensions you can avoid these dangerous codes.
If you receive an e-mail with the extensions .cmd, .bat, .exe or .scr, don’t open it, even if it comes from a secure source. And, as email servers are blocking these attached files, crackers are using telephone promotions, your bank account and other current subjects to direct you to a malicious link where a virus is downloaded. They develop sites almost identical to the original sites, “clones”, where the cracker has total control over your acts. It’s really common send scraps to Orkut users with these links.
Most files available to download in these websites are those kind mentioned in the beginning: .cmd, .bat, .scr or .exe.
The .cmd and .bat files are used to execute scripts known as batch files, to automate tasks. Crackers use these kind of files to steal user data. The .scr are screen saver files, and most users trust this kind of files, but the virus will be activated when the screen saver is executed.The most known, and still most used as phishing is .exe. Users know how dangerous these files are, but, most of time, they don’t pay attention to the extension they are downloading.
The files mentioned are Trojans and keyloggers. Trojans open your machine to the cracker and Keyloggers record everything you type. So, can you imagine the damage to your personal data?
Now that you know these dangerous files, what to do to protect your data? it’s always a good idea to have a firewall and other prevention methods that can identify these links and extensions. And don’t think you will notice that your computer was infected. The cracker don’t want to be noticed, he will be hidden, and quiet, to get all information he wants.
Take care with those files and links, check the extension, don’t open files from unknown sources and don’t execute anything in your computer that you are not sure what is. It’s not that hard to be safe on line.
“Use Linux and improve your spam-filter capabilities”
SmallTownBS presents Yet Another Identity Theft Article posted at Small-town Big-shot, saying, “A highlight of social engineering and other hacking methods that hackers use to steal money and identity; in addition, ways to protect you from these things.”
“Hack your brain is still something for the future… but, right now, some people can stole you identity”.
Last week was time for “SourceForge.net 2007 Community Choice Awards”, championing the best open source projects.
It’s a good place to start your Open Source life, and try some of the best free softwares.
SourceForge.net host 150.000 open source projects, and here you will find the Top 10 in 11 categories. All of them chosen by the SourceForge.net community.
The Awards is a great way to show off these 150.000 projects beyond the SourceForge.net community, with 1,6 million registered users.
First, the community nominated 10 projects for each one of those 11 categories, and them they voted for the best in each one.
The biggest winner was 7-Zip, Best Project and also Best technical Design.
Firebird also won two prizes: Best Project for the Enterprise and Best User Support.
Surprisingly as a Best New Project, SourceForge.net community chose eMule, a peer-to-peer (P2P) program published at SourceForge in 2002. Not so new. probably for that reason, SourceForge.net chose Launchy as a Honourable Mention in this category.
The award was a certainly geek statuette: Thingamagoop’s, by BleepLabs.
Data Recovery
Our long time sponsor 
