Categories
Business internet security

Internet Explorer Security Flaw

In the news today is a very high profile security flaw in Microsoft browser, Internet Explorer. Hackers have been hijacking websites and inserting code that enables them to steal username and password information of persons browsing using IE.

Microsoft made the situation public at the end of last week by which time they had calculated that 0.2% of internet users would have been exposed to a website that had been the subject of this hacking. 

Apparently other browers are not affected at this time so users of Safari, Firefox, Opera et al should be safe at this time. This isn’t to say that web users should never use IE. Microsoft is working on a fix and most software of this type is likely to be subject to different vulnerabilities at different times.

A browser is a very personal thing. Different people like different browsers. Because it what I have always used IE that is typically what I stick with. However the Microsoft browser is known amongst tecchies as being imperfect and serious geeks won’t touch it with a bargepole. That isn’t to say it is no good. You just have to understand how the minds of most engineers work.

There are in fact times when I have to resort to other browsers to make a certain web functions work. For example when I am writing posts for this blog if I need to upload photos then as often as not I can’t do it using IE and have to resort to an alternative.

 

Categories
End User scams security

Phishing

As I’m sure most of you know Phishing is a scam whereby unfriendly persons try to coax confidential account details out of individuals so that they can attempt to steal things. We are talking bank account information, network logons etc.

Well this morning Timico was subjected to a phishing attack and many users were sent an email purporting to be from the company asking for username and password logons for their network and email accounts. It was a very poor attempt using the typical poor grammar of the criminal mind. The notional email address of the perpetrator was also left in full view.

I am not aware of anyone from Timico daft enough to respond to this but I thought it worth a blog post to show others the type of attack to be wary of. Internet users beware.

I do seem to get a wealth of material to blog about at Timico.

Categories
Business internet security

Internet Watch Foundation

The IWF is a not for profit organisation dedicated to minimising the availability of UK internet content that is

  • racially abusive or
  • criminally obscene or
  • contains images of child sexual abuse anywhere in the world.

Their website is somewhere people can go to report such content found on the internet. Since the beginning of the year their hotline has dealt with an average of 866 reports a week!

The number of commercial sites being reported has dropped slightly from 70% to 68% of all sites but it is still a high number. It is physically sickening to think that people like to make money out of this material and that people are willing to pay.

Unfortunately it is a constant battle because what tends to happen is that once a site has been closed down it just moves to a server in another country such as Russia where there is less scrutiny.

Interestingly in the UK in 2008 there have been few sites reported as being dedicated to racial hatred. However there were 77 reports referring to criminally obscene content, 51 or which were sites hosted on one server which has since been dealt with. These 51 sites I understand have just moved overseas.

Until the whole world has a consistent approach to the handling of this problem it is always going to be a problem.

Categories
End User security

Virus Problems?

One of our big PWAN customers had a virus problem over the weekend. For those of you who don’t know a Private Wide Area Network is basically a secure corporate network run over public networks such as ADSL and leased lines.

It took the customer most of the weekend to identify the source of the problem which came from a rogue PC at one site. What Timico was able to do was to shut off access to that site from all the others. This allowed the other sites to contiunue functioning and prevented the virus from spreading.

The virus was eventually identified as one that had not been covered in the customer’s security software virus definition package.

It did take some time to fix but all’s well that ends well. There is a lesson to be learnt here though. This was quite a big customer with almost 100 sites in their network but they would almost certainly have benefitted from a network security audit. It could have saved them several man days worth of effort over the weekend and probably kept the IT manager’s hair from going grey.

Categories
End User internet spam

Another Spam Good News Story

The Washington Post has reported that USA colo provider McColo has had it’s internet connectivity cut off by its ISPs because it had been playing host for some time to Spammers. It’s very much worth reading the article.

Categories
Business internet security

Transposition of Directive 2006/24/EC

We do live in a marvellous world don’t we? If anyone was to ask you what the title of this post was all about you’d almost certainly give them a blank stare.

This is all about what is better known as “The Data Retention Act” which was stipulated by the EC some time ago. This Act has been implemented to assist in the fight against terrorism. Every Communications Provider has to keep logs of phone calls made and received.

I don’t mind this. We do it anyway otherwise we wouldn’t be able to bill our customers and I certainly will help fight the good fight if I can do so (safely).

The first phase was rolled out in 2007 for fixed and mobile telephony. The Internet community was given a further 18 months to implement the same measures for VoIP and emails. The VoIP service provider community is also OK with this for the same reasons given above.

When it comes to emails it is a slightly different story. ISPs have had no reason to keep records of emails sent and received. The service is flat rate (or free) and does not therefore require the information for billing purposes. So implementing the directive is likely to cost money for an ISP.

This Act is now in its consultation phase which is causing some consternation and confusion in the ISP industry. The Regulations state that costs associated with this ‘may’ be recoverable. No guarantees. A recent briefing by the Home Office also stated that because of these costs they were currently looking at a scenario whereby only the ‘big 6’ ISPs would have to keep the data and that smaller ISPs would only be asked to do so based on “intelligence led approach”. Ie you have to keep the information if they suspect one of your customers of being a terrorist.

The suggestion here is that if you are a small ISP you are more likely to have a terrorist as a customer than a big ISP. The baddies will know that they are less likely to be monitored.

This approach also presents other problems. The ISP having to do the monitoring is at a competitive disadvantage to the one not having to do so because of the additional overhead involved.

What’s more the technical logic is somewhat flawed in respect of email data retention and a savvy terrorist is  easily going to bypass the system. Web based email networks normally allow you to save a draft of an email for sending later. It just takes two terrorists to know the log on details of a google mail account. One writes the email and saves it as  draft. The second then logs in to the gmail account and reads the draft.

The Act is scheduled to become law on 15th March 2009 and it seems that there is a lot of work to be done before it can be sensibly implemented. Timico is playing a leading role here with its involvement in the ISP Association and you can be sure that readersof this blog will be updated on progress.

Categories
End User internet security spam

Spammers Hammered – Hooray

One of our tech support team, Will Curtis, mentioned to me today that the amount of spam he has been receiving on his home email account dropped considerably around two weeks ago.

He also came across this article which tells that the Federal Trade Commission in the USA had raided an organisation that was supposedly one of the largest spam gangs in the world. The Chicago based gang had all its equipment confiscated.

I asked around to see if anyone else had similarly experienced the reduction in spam. Amazingly Ian Christian from the netops team had also seen a reduction and was able to provide a graph to show it in action. There is a clear drop in week 41.

Unfortunately spam will inevitably rise again. Our current monitors suggest that 37% of mail inbound through the Timico mailsafe system is spam. Very little of it makes it through to the end users though.

Categories
Business security

Nice Holiday Snaps!

One of our engineers just bought a 512MB SD memory card off someone on eBay. At £2 it was a good enough deal (don’t know how much he paid for postage). On it were the vendor’s holiday snaps!

In this case it didn’t matter but this is just another example of how lapses in security might have unfortunate consequences.

By the way I’m told there were no interesting photos – in case you were wondering 🙂 .

Categories
Business scams security

Top Ten Security Risks For Business

These are the risks as seen by Timico engineers in their travels around our customer base together with a few of my own real world observations.

This list is not authoritative but it should be insightful and if you are the owner or IT manager of a small or medium sized business then you could do worse than read it. Some of the points, such as updating your virus scanner, might appear to be obvious but believe me they represent real world scenarios.

 

1.       Poor wireless network setup

 

Do you really want someone sat outside your office using your wireless network and gaining access to your internal servers?

 

A business needs to set up WPA-PSK or WPA-RADIUS.  WEP is simply not good enough, and by attacking a connected WEP client the key can be broken within minutes by a novice.

 

When WEP keys are broken all traffic on the air can be decrypted, so plaintext authentication to web servers without HTTPS is visible.  Even  more alarming, is that an attacker can then create their own access point which looks exactly the same as the customers access point, and  then tell a client to reconnect.  Then any number of man-in-the-middle attacks can be done, including intercepting HTTPS traffic to an online banking site for instance.  Users tend to ignore invalid certificate warnings.

 

2.       Default passwords left on devices (switches and routers)

 

Even my kids know that “admin” and “password” are the logons to try first if you don’t know or have forgotten a username and password. So do the crooks.

 

3.       No security patches applied to external facing servers

 

These security patches are issued because businesses have had experience of servers being hacked by unfriendly agents.

 

4.       No web or e-mail filtering (content, anti-virus, phishing, and spam)

 

I was in a queue at the support desk at PC World. In front of me someone was complaining that their PC had ground to a halt. They had so many viruses on it a complete OS reload was required. They had not been using anti-virus software.

 

Also my wife has anti virus/spam on her PC. Her SPAM is filtered into a separate folder and when I looked recently there were 8,500 SPAM emails in this folder (8 weeks worth!). Her personal email doesn’t go through the Timico Mailsafe service so all mail is delivered and she relies on the PC based anti-SPAM solution to protect her. Many small businesses in particular complain about the amount of SPAM being delivered. If they don’t  have a local filter then this SPAM is going to appear in their inbox. SPAM filtering is therefore a massive productivity tool. It stops you having to delete the unwanted mails yourself.

 

5.       Anti-virus not updating.

 

You probably haven’t updated your subscription.

 

6.       Upset employees causing damage

 

Whilst there isn’t much you can do about this you can take steps to mitigate against potential problems – access lists for key network elements and password changes when someone leaves the business.

 

7.       Laptop being stolen with no disk encryption

 

Witness the high profile cases there have been in the UK this year: loss of social security data of millions of people, bank account personal details, national security/military  related information. Big potatoes compared to your own company data but do you really want lose a laptop with all your customer contact details on it.

 

8.       Poor firewall rules setup

 

If you don’t tie down your firewall to allow your very specific traffic i/o requirements then it can be easy for your network to be compromised without you knowing anything about it. Note it is a good idea to have firewalls on workstations configured to reduce risk of data theft in the event of a network breach.  Regular security auditing is also a good idea if the resources are available. Servers should have firewalls configured to prevent external access to non-public services such as remote desktop or ssh.  A secure VPN connection to the internal network should be established first by remote workers before using such services.

 

9.       Poor VPN security

 

Old clients using out of date protocols and short and easy to guess passwords are typical issues here. The use of security tokens is recommended for authenticating to privileged networks remotely.

 

10.       Poor or no password policy

 

For example, users never having to change their password. It is a pain in the neck to have to change a password regularly, especially when people today have many accounts that are password protected.  However changing important passwords on a regular basis is an essential security mechanism. Also who do you trust with your passwords?

 

Categories
Engineer internet security

Network Monitoring Network Monitoring

So good they named it twice. Actually I was trying to think of a sexy title for network monitoring but I couldn’t. Network monitoring is the unsung hero of a communications business. A network has to have monitoring in place to allow staff to keep an eye its health but it isn’t what might be called an exciting product.

You would of course expect an ISP to monitor its network. Perhaps less expected would be for a normal business to do this. However as a business grows, so does its network and the truth is that the network is increasingly likely to become mission critical.

Monitoring individual nodes on a public network has been standard practice for a long time. However when it comes to a private network then traditionally this has been done from a device (monitoring server) within the network. This is fine but if that network is purely private with no external access then it can be difficult for a network operator to provide support. 

A neat solution is via virtual server which is what Timico does for private networks requiring ongoing monitoring. A virtual server sits logically inside a customer’s private network but is accessible via secure command line from the Network Operation Centre.

This a hugely more cost effective solution than providing a standalone network monitoring server for each private network. It is also easier to provide resilience to the service by providing two separate virtual machines on two geographically separated bits of hardware.

And what gets monitored?  The list is endless but here are a few ideas

  • Bandwidth usage on a link – have you provided enough connectivity to a location
  • Router temperature – anticipate a failure
  • UPS battery voltage – does it need replacing?
  • Ping response times – is there a quality issue in the network?
  • server hard drive usage – forecast capacity requirements
  • remote router up or down? minimise downtime with speedy replacement.

There isn’t one single ideal solution for network monitoring. Best practice involves amalgamating a number of tools and providing suitable alert mechanisms. 

What is done with the alert also needs to be considered in the light of the needs of an individual business. Some might get away with a next day fix and others might need a speedier solution particularly where health and safety is concerned or when downtime means loss of revenue.

If you need advice on network monitoring drop me a line at Timico.

Categories
End User security voip

Identity theft – Skype style

If your business uses Skype then you could do worse than check out all the cases of identity theft that have been occuring in the Skype user community. For those who don’t know Skype is a free PC based VoIP telephony service that also allows paid for calls in and out from the PSTN. It has always been tagged as an insecure service which potentially opens a corporate network to hacking.

Recently Skype users have been having their identities stolen, and their accounts being used to make illegal phone calls. What’s more if you periodically top up your Skype account using PayPal note that people have found their bank accounts being debited of funds to pay for someone else’s calls. This on it’s own is bad enough but the problem is compounded by the fact that you can’t ring up Skype to complain or get it sorted. Skype relies on email contact for support with apparently slow or non existent response.

What’s more your exposure as a business is exacerbated by the fact that in stealing your identity a Skype hijacker can also steal the business contacts you keep in your Skype account with who knows what consequences.

You can read more about the Skype problems on The Register and if you want to phone a VoIP service provider to discuss how to get a professional service call 08700 949600. 

Categories
Business security

Security Audits

Employees of large companies often whinge about the constraints placed upon them by their IT departments. These contraints normally centre around security best practice.

Small businesses do not typically have the same disciplines. Timico recently performed a security audit at the request of one of it’s customers. The results were very revealing.

  • Poor/outdated wireless security – use of WEP instead of WPA. It takes less than 5 minutes to crack a WEP key – a bit longer if the network uses MAC address security.
  • No hard disk encryption or password protection on BIOS of laptops –  the stolen laptop test.
  • Use of outdated VPN client allowed decryption of IPSEC tunnel passwords.
  • Multiple equipments with default username and passwords.

Timico identified over ten major security faults at the customer’s premises. In fact this business was wide open. A malicious person could have sat in a car outside the office building, hacked into the network, accessed their important server information and disabled their network before leaving. These people do exist.

The fixes were relatively quick to implement in most cases. It’s just a question of discipline, with a little help from Timico. . .

Categories
Engineer internet security

The buzz of the Network Operations Centre

It always gives me a great buzz to sit in our NOC. It’s because when we started Timico only 4 years ago there were only four of us sat in the room of Tim Radford’s parents’ stable block (it was cheap and there was no room at the inn anyway). Now on a normal working day there are more people sat in the NOC than there were in that original room. It is a world away.

Today sat in the NOC some of the engineers were setting up a MPLS PWAN for a customer. This particular PWAN had over 80 sites – a mixture of leased lines and ADSL. In itself it isn’t a big news item. It isn’t our biggest PWAN by a long chalk. However it is another new customer and an endorsment of what we set out to achieve four years ago sat in the stable block.

It is a good feeling to be at Timico.

Categories
Business scams

More phishing – lobster, crab, kipper, oysters, cod, haddock

 

Categories
End User ofcom security

Piracy

Oh oh here come the pirates!

What a rogue.

It’s a constant battle.

Everyone needs a little help.

Ofcom to the rescue.

 

Categories
End User scams

Phishing

Sorry – it’s not what you think. That should have read fishing. The quayside Whitby. I’ll talk about phishing another time.

Categories
Business security

Update to the open door policy

I recently wrote about access control and the different ways that we can open doors at Timico. Well this has gone one step further and certain individuals on the approved list can now send an Instant Message that will open the front door.

It is somewhat mind boggling where this is all going. It is quite possible to envisage a scenario where say the cleaner appears at your home front door whilst you are at work and needs to be let in. You have an application running on your PC that rings when the doorbell rings. Upon hearing this you look on your home website to verify that it is indeed he or she and open the door with a click, or sms or IM – whatever is easiest from where you are sitting.

Categories
End User internet security

Alphabet attacks

Following my last post which was on security I was sat in the Timico NOC today and interestingly watched a SPAM attack in progress.

It was an alphabet attack. This is one where someone’s email server is compromised and used to send out SPAM by rotating through the alphabet for email addresses (eg [email protected] – the SPAM algorithm works its way through every combination of alphabetical variants. In this case it was targetting Italian .it addresses.

Our network monitoring picked it up and we immediately blacklisted/shut down access to that Exchange mail server. We also contacted the customer to let him know and so that he could take remedial action and remove the offending SPAM.

Apart from being interesting to watch it in action, a bit like standing on the edge of a battlefield watching the fighting, it again highlighted the need to have secure passwords. In this case we tried accessing the offending server and were able to log on using a simple admin/password combination of credentials.

When I started this blog I didn’t think that security would become such a mainstream subject but I was wrong

Categories
Business datacentre security

It’s all about Security, Security, Security

I enjoy this business so much because of the wonderful diversity it provides me in terms of issues, problems and successes. The latest is the fact that the firewall at our corporate headquarters has been the subject of a number of attacks by some unfriendly person.

These attempts to break into corporate networks happen millions of times daily around the world, which is why businesses need to be on top of their security strategy. What interested me here was the fact that this was the same attack coming from a number of different places around the world.

The sources were in China, the USA, Poland, Australia and a couple of other countries whose names escape me. The same common username and password combinations were used each time from each different source (lesson here – never use “admin” and “password”) .

Of course the same individual or organisation is almost certainly involved in all of them. That person will have systematically hacked into a certain type of server whose operating system and security patches has not been kept up to date. It is likely a company server hosted at a datacentre somewhere.

Our course of action, if the attack persists, is to look up the owner of the IP address from which the attack is coming and ring the business up to let them know they have a problem. In the case of the Chinese source we send them an email – only because they will almost certainly be in bed. 🙂 Usually this sorts the problem out and indeed the recent spate of attempted break ins has abated. No doubt there will be more.

We know what to do in these cases but it is a lot to ask of a business that is not and ISP or doesn’t have a highly skilled IT department, which is why it very often makes sense to outsource your security management.

Categories
Business internet security

“Stealing” domain names is just not cricket

Businesses need to be mindful of the need to manage their domain name strategy sensibly. There are any number of individuals and organisations out there ready to take advantage of the careless.

For example take a look at http://www.cricinfo.com/. Not a bad time to be visiting the site during an exciting match between England and South Africa (yes I did say exciting).

If you now visit http://www.crickinfo.com/ you will see a difference. The spelling mistake is an easy one to make for someone looking for the main cricket website in the world (wide web). A good domain name strategy would have seen cricinfo snaffle both domains.

Now visit http://www.cricinfo.co.uk/. This one you might think would certainly take you to cricinfo but it doesn’t. It is owned by someone else and until recently took people to a cricket shop completely unassociated with cricinfo.com.

This is quite a high profile example of someone not doing something right when the business was small and it didn’t matter but paying for it downstream.

There are other different examples – the famous myspace court case where the .co.uk domain name was owned by an ISP long before myspace.com existed.

It is quick and easy to check your own business’ domain name – click here if you need a domain name checker.

Good luck England.

Categories
Business security voip

Disaster recovery in action – Timico style

It’s not very often I get excited about an ISDN line going down. This is what happened today at Timico Headquarters in Newark. Apparently becausewe are currently going through normal summer weather (that’s normal hot not normal British wet) the BT telephone exchange in Newark began to overheat. The BT response to this was to switch off some kit includiong our ISDN lines. Uhuh.

However fear not dear customer. When you called in you probably didn’t notice because our Disaster Recovery plan kicked in and the ISDN numbers were diverted to VoIP ensuring continuity of service. Hooray!

It is not true to say that this was seamless. It did take us a few minutes to realise that the lines were down and then switch over but the time lost was minimal.

The outage happened at around 14.20 and normal service was resumed at just before 17.00 hours, presumably because the sun had gone over the yardarm and the BT engineers wanted to get away for a cooling thirst-quencher.

Categories
Apps Business security

Access control meets www – and it's not what you think

When I began this blog I intended to cover subjects that I felt would be of general interest to users of business communications services in the UK – Timico customers generally. I didn’t think that this would for one moment include the topic of door entry systems. It does.

Some time ago we began a relationship with a company called Paxton Access. This was because we needed a security system for our new purpose built Headquarters building in Newark (Notts – not New Joisey for the benefit of international readers). Since then we have started installing it as part of an integrated package for customers.

Door locks have moved on a long way. This system comes with a Software Development Kit. I’m not suggesting that this is something particularly useful for general business customers who won’t know one end of a SDK from the other. However the rich engineering talent we have at Timico has been able to put it to good use.

We now have an intranet page that provides access to the door entry system. One click on the web interface and the door can be opened. Is this a security risk? We don’t think so. Access to the web page is controlled via Active Directory authentication and is tied down to specific individuals. This can apply to any door at any of the Timico UK locations and can be tied in with camera visuals so that the person allowing entry can see who they are letting in.

The same door can be opened by anyone holding a registered keyfob or, using the intercom, via any telephone handset on the Newark Nortel PBX. This functionality could be extended to opening by sms pin number from registered mobile handsets, or via command line interface from non Windows PCs as is the case in our Ipswich NOC where the engineers have the traditional geek’s abhorrence of all things Microsoft.  

There is more. This system can be used to set the alarm and turn off all the lights when the last person leaves the building. This is serious use of web technology for mundane but important business needs. 

Categories
Apps Business security

Access control meets www – and it’s not what you think

When I began this blog I intended to cover subjects that I felt would be of general interest to users of business communications services in the UK – Timico customers generally. I didn’t think that this would for one moment include the topic of door entry systems. It does.

Some time ago we began a relationship with a company called Paxton Access. This was because we needed a security system for our new purpose built Headquarters building in Newark (Notts – not New Joisey for the benefit of international readers). Since then we have started installing it as part of an integrated package for customers.

Door locks have moved on a long way. This system comes with a Software Development Kit. I’m not suggesting that this is something particularly useful for general business customers who won’t know one end of a SDK from the other. However the rich engineering talent we have at Timico has been able to put it to good use.

We now have an intranet page that provides access to the door entry system. One click on the web interface and the door can be opened. Is this a security risk? We don’t think so. Access to the web page is controlled via Active Directory authentication and is tied down to specific individuals. This can apply to any door at any of the Timico UK locations and can be tied in with camera visuals so that the person allowing entry can see who they are letting in.

The same door can be opened by anyone holding a registered keyfob or, using the intercom, via any telephone handset on the Newark Nortel PBX. This functionality could be extended to opening by sms pin number from registered mobile handsets, or via command line interface from non Windows PCs as is the case in our Ipswich NOC where the engineers have the traditional geek’s abhorrence of all things Microsoft.  

There is more. This system can be used to set the alarm and turn off all the lights when the last person leaves the building. This is serious use of web technology for mundane but important business needs. 

Categories
Engineer security

Junk email

Junk email filters are great. I don’t get much if any SPAM because of the Timico anti SPAM/virus service but I do get a lot of emails from genuine businesses trying to sell me tickets to conferences (usually not in the same country as I live) and from headhunters trying to place candidates.

Whilst everyone has to make a living these unsolicited sales approaches can really clog up my intray .  Amazingly enough I only recently discovered how to filter out by domain so that they all go into the junk email folder.

Also if someone calls me without a caller ID then they only stand a 50% chance of me picking up the phone. The philosophy here is that if you don’t want me to know your phone number then I quite possibly don’t mind not knowing you.

This isn’t to say I am unapproachable but you need to have an elevator pitch ready. We have recently met with some impressive technology vendors who got through on a good elevator pitch.

Categories
broadband Business security voip

Supernode Discovery

I am quite excited because I think I might have discovered a Supernode. A Skype Supernode that is.

 

Skype doesn’t have it’s own network infrastructure. Instead as a peer to peer technology it takes data from Skype clients around the world and identifies which users have plenty of bandwidth and processing power available. This user then becomes a Supernode which handles some of the Skype network signalling functions.

 

Being a broadband Supernode is not at all super as what you are effectively doing is  letting other Skype users use the broadband bandwidth that you are paying for yourself.

 

This customer was complaining that his quad bonded ADSL was underperforming. He was right. He was getting 1Mbps instead of his normal 9Mbps. We sent an engineer onsite and found that the customer had taken it upon himself to do some internal rewiring and had laid the ADSL cables on top of his ring main power cable. The interference from the main was causing the poor performance.

 

We moved the cables away from the main and hey presto the original high speed returned.

 

As part of the debug process we did some traffic sniffing on his network and found serious levels of peer to peer packets which turned out to be Skype.

 

I’m not saying that Skype in this case caused his broadband connectivity to slow down but business users should be aware of the problem. It should also be noted that Skype traffic is encrypted, at least the IM part. This means that virus scanners can’t pick up potential problem packets coming into the corporate network. Look out sensitive competitive information! Don’t keep your bank details on the network!

Categories
Business security voip

SPIT and SPAM

One of the problems facing the VoIP industry is of course SPIT. SPIT is the SPAM of the Internet Telephony industry. Robot diallers are a huge problem in North America and I have a friend who always listens to who is leaving an answer phone message before picking up the call. A high proportion of calls are from computers.

 

In the IP world it is even easier to make huge volumes of VoIP calls from a computer, particularly because there is potentially no cost involved. The model here is the same as for SPAM which is of course essentially free of charge.

 

The interesting dilemma is that whilst a SPAM filter can monitor and email for particular types of content this is not possible in Internet Telephony where a call has to be set up and answered before the callee knows who is speaking to them.

 

We therefore have to employ more sophisticated techniques in spotting this type of traffic and in general an ITSP will monitor the call traffic on its network to identify unusual patterns. For example if a specific caller is making multiple calls inside an unreasonable short space of time then it cannot be a human making the call. Alternatively if calls to many different end users are going unanswered then this too is unusual behaviour and is likely to be a computer.

 

The level of SPIT facing an ITSP has not yet reached the proportions of SPAM which can be over 90 percent of all incoming emails (if you are receiving a high level of SPAM you need to change to a professional anti SPAM service). It is however certainly something that a serious ITSP takes seriously.

Categories
Engineer security

Network Security

One subject that is dear to the heart of a major corporation is network security. One often hears anecdotal evidence of the huge steps companies take to protect their intellectual property. I even knew a company whose boardroom was “secure” and had regular scans for listening devices. Also there have been a number of high profile news items where CDs with bank account information have gone astray in the post or where laptops have been stolen resulting in embarrassing security breaches.

 

For a smaller organisation it doesn’t necessarily make economic sense to employ dedicated IT staff to look after the security of their network. This doesn’t make their important information any less valuable in relative terms than that of a major international corporation.

 

Security is a huge subject so where do you start. To begin with businesses can make sure that the way they connect to the outside world is secure.

  • Sign up for a good quality anti-virus and anti spam service that is updated regularly – don’t rely on the one that often comes as a free trial with your PC.
  • Make sure that you have a company firewall and that this is properly managed
  • Ensure that you have adequate resilience in place for critical business components/resources. Eg use a server with dual power supplies, back up critical data daily (at least)
  • If you are using a Wireless LAN is this properly protected/encrypted?
  • Are your passwords secure (eg “password” is not a secure password) and how often do you change them?

This is all basic stuff but a small business needs to make sure that it has it all covered. A little time spent on prevention is better that the days of effort it might take you to recover from a virus attack or someone maliciously hacking into your network.