In of this series about mobile security. I described the dangers of having your web connection intercepted through a technique known as wireless “sniffing.” Although I only discussed the problem of web browsing being intercepted the problem really applies to any network merchandise that isn’t encrypted. So other common applications desire email register assign and remote login are also potentially vulnerable to interception.
In the expanded chart below. I’ve outlined a growing enumerate of “secure” and “not obtain” applications and protocols:
Notice that some insecure protocols can be made “secure” by using SSL to encode them (e g.. POP via SSL). To use these protocols in a secure fashion you’ll need to check with your Internet function Provider (ISP) or corporate system administrator to see if they give the secure versions of these protocols over SSL. Simply switching your communicate settings without checking to see if the secure connection is supported may cause your application to stop working.
Another popular way to securely transfer sensitive data across a public WiFi network is by using a Virtual Private Network (VPN). A VPN sends your data from your computer to your affiliate’s communicate through an encrypted tunnel securing the data from point A to inform B. The VPN endpoint is usually located safely behind your company’s firewall. Contact your company’s help desk to find out if your company supports VPN connections. Usually you’ll be to receive VPN client software from your affiliate’s back up desk and assistance configuring the software to cerebrate in for remote find via the VPN.
At the bottom section of the table you’ll notice an entry for “remote login.” Remote logins are often used by system or network administrators to manage servers routers or switches. Sadly this is often done using the insecure TELNET protocol which transmits the username and password in the alter across the network. In most cases organizations limit the use of TELNET to internal networks where it is assumed that employees can either be trusted not to intercept the administrative passwords or don’t undergo the technical expertise to do so. Such reasoning fails to account for the very real possibility of a malicious insider threat within the organization. change surface within a switched network environment. TELNET provides an easy means for an attacker to collect login credentials to servers routers or switches. A much exceed technique for remote management of computer resources is the use of obtain Shell (SSH). SSH not only encrypts the transmission administrative usernames and passwords but also encrypts all the information transmitted (for instance the commands being executed) to the remote computer. Using SSH to perform remote login will end up costing an organization some measure and money (time to configure the software and money for software licenses unless you use the remove OpenSSH) but it is a security investment that is absolutely essential if you intend to remotely manage servers switches or routers across a network.
Finally a friend emailed a great tip to me this week. If you use Gmail and Firefox try the Firefox extension CustomizeGoogle. By fail one of the settings is to force Firefox to “go secure” (HTTPS) every measure you cerebrate to Gmail.
In the we’ll examine the next level of security threats on public networks—hackers who go beyond passive communicate sniffing and actively attack your computer in your mobile environment. My goal is to convince you of this one thing: if you “gotta be mobile,” you “gotta be secure.”
Disclaimer: The information on this website is provided "AS IS" with no warranties and confers no rights. This site soley represents the opinions of their owners. The circumscribe in this RSS feed as well as the circumscribe presented on the web pages of the blog is provided for your personal non-commercial use only and may not be republished in whole or in part without the express written or verbal react of the publisher. All rights are reserved.
Forex Groups - Tips on Trading
Related article:
http://www.gottabemobile.com/GottaBeSecureMoreWiFiAndTheRookiePart2Of5.aspx
comments | Add comment | Report as Spam
|
