Tag: Security

Is your hardware secure #think_twice

Every time we do projects , we do everything to make the IT solution’s secure and try our best shot to make it less vulnerable ( no one can guarantee full security ). But we generally pay 100% attention to the software part but what about hardware ? THINK TWICE.Your views may change immediately after this :

1. http://news.bbc.co.uk/2/hi/americas/4997288.stm
2. http://www.smh.com.au/news/breaking/uncle-sam-fears-chinese-pcs-may-be-bugged/2006/05/20/1147545558131.html
3. http://politics.slashdot.org/article.pl?sid=06/05/19/1238255
4. http://it.slashdot.org/story/06/03/30/1344211/Lenovo-Under-US-Probe-for-Spying
5. http://yro.slashdot.org/story/06/05/22/0436250/US-Government-Fears-China-Bugs-Lenovo-PCs

Although those are old news , and their is no guarantee that things like those had actually happened in the past. But may be this is the reason that why thing like following happens :

1. http://www.telegraphindia.com/1100407/jsp/frontpage/story_12311784.jsp

2. http://cyberarms.wordpress.com/2010/04/10/chinese-hackers-attack-india/

But the big question “Is their any precaution we can take regarding this ?”. I have reported this to few Government Organization’s where we submitted our tender bids during the eWebSolution’s starting days, but outcomes were sometime good and majority of time bad. :) If you know any solution to problems like this, please comment , on the other hand I would love to see any Indian company coming up with reliable own manufactured Hardware’s :) :) :D :D

Security, Bandwidth Management and Intranet

Security, bandwidth management, UTM ,encrypted network and everything that is implemented to make other feel that intranet network is secure but the question that arises is that do these things are really needed to make the intranets secure what probably I think is that no network in this world can actually block any specific application this does not means that any application cannot do that but the reason is doing that will definitely compromise the security of the network traffic.

Take an example if the xyz college has blocked a website that provide a default application at the port number n and  also provide the same service at the the default web port in encrypted mode then no UTM can actually block it because blocking that encrypted mode means compromising with the security all the websites that are  opened from inside the network on the other hand if you block the domain name then proxy from outside the network will break that blockage giving them a way to open that website from outside.

Solution :

1.Go for open source application because at least they give you opportunity to do some modification and customize the application.
2.Never try to block a website because practically a Google search will give intranet user more then one method to go to that website instead if you actually want to save the bandwidth go for the DOWNLOAD limit.
3.For authentication use credentials as well as the MAC address.
4.Use a centralized authentication system it means even if a student want to use the internet from the college computer then also force the student to enter the credentials so that these internet consumption is also calculated.
5.Provide the student with the essential software from the LAN itself so that students don’t have to use internet bandwidth to download these softwares.

This is the best I actually can think……..