It would appear that more and more companies and home users are becoming victim to bad actors intruding on their network. Weather it be a targeted attack or drive by malware, network security is a hot topic in today’s IT landscape. In this article I will describe how you can build a low cost Honey Pot that can help alert you to an intrusion before its too late.
What is a Honey Pot?
In simple terms a Honey Pot is a device on your network that looks appetizing to a hacker. Like drawing a bear to a pot of honey. This device will advertise services that appear vulnerable and maybe draw an attacker in for further investigation. At a minimum it can simply be used as an internal “trip wire” to alert you someone poking around.
Why does a honey pot work?
I’m Joe hacker and I have just installed malware on one of your employees workstations. I have quickly gained access and I am now able to execute code and commands. What is the first thing I’m going to do? If you said start poking around you would be correct. After I look for anything of value on my host computer I will quickly begin scanning the subnet looking for hosts that are alive. I will also begin mapping the network for services that are possibly vulnerable to attack. This is where the Honey Pot fits in. It has been patiently siting on your network waiting for someone to direct a packet of data in its direction and alert you to possible trouble.
I am the proud owner of a new Dell 5290 2-in-1 laptop and its actually pretty cool. Touch screen, detachable keyboard and pen put together in a nice package for me to take my work on the go. Shortly after configuring the laptop and applying the latest Windows updates I notice the WiFi performance to be really poor. The laptop was almost unusable. My first thought was maybe the laptop chip-set was having an issue with my Ubiquity Access points, but this was NOT the case.
Why do I have poor WiFi performance?
I ran a speed test to see how bad the throughput was.
There have been numerous studies that sitting behind a desk all day is bad for your health. This must be true because my Apple Watch reminds me to stand up and walk around every hour like clock work. Therefore the Varidesk Pro Plus must be a good thing.
Seriously, I’m not sure if we need a study to tell us that sitting around all day like a couch potato is not good for you, just like we don’t need a study to tell us vaping and smoking is bad for your health too. With that said lately the trend in the office is to convert our conventional office space into standing office space as cost effective as possible. At first we were deploying these to staff that had back issues and doctors notes, but now we are pretty much giving them to anyone that asks.
Meet The Varidesk Pro Plus 30
We did a bit of research before purchasing our first stand up desk and found some cheap junk all the way up to very expensive electric desks with electric drive motors.
The desk we chose was the Varidesk Pro Plus 30. Its not the cheapest running about $325.00 on Amazon but I can say you do get a really nice sturdy desk for your money.
The desk arrives in an oversized box. You really should have a helper on hand to assist with the unboxing and setup.
I feel as if I have been a technology geek for as long as I can remember. I often wonder why as a child of the 80’s I gravitated toward electronics and not sports. I guess I would lay some of the blame on my father who seemed to push me toward electronics and would bring me all sorts of fun gadgets from Radio Shack.
Early Kits – Radio Shack Science Fair 160 in ONE
I have very fond memories of the Radio Shack Science Fair 160 in ONE Electronic Project Kit. As a kid I didn’t appreciate the components, but simply followed the instruction “cook” book and wired the circuits with the included jumpers. I can remember making a crystal radio, touch sensors, sound generators (or color organs as they were called) It wasn’t long before I started making my own creations.
As I got older, I noticed the kits had started to vanish from Radio Shack. In my late teens and early twenties I even worked at Radio Shack for a while and the kits were all but gone!
The latest hacker / email scam has been roaming the internet for a few months now. This one is pretty ingenious because it is more of a social email hack playing on your fears rather than an actual attack on your computer.
How does it play out?
An email arrives from you, yes your own email address. The subject of the email will be related to “Account Issue” , “Security Warning” or some variation. The email will further explain that you were hacked by an International Hacker Group and demand you pay $800 USD in bit coin in 48 hours or they will release video of you in a compromising position while watching porn! The hacker further tries to prove his legitimacy by providing you with your password.
The first time I saw this attack I was taken back for a moment because the password in the email was REAL. It was actually one of my “throwaway” passwords and kind of freaked me out.
Lets break the email down and see exactly what they did
I am one of the few on the planet that still hosts my own servers in house. Sorry, but I don’t really see the benefit of moving everything to the cloud when keeping it in house allows me the control and flexibility I want. I especially like having an Exchange OWA server in house.
With that said, hosting your own systems can be troublesome as well. Maintaining the hardware, infrastructure and security are items that would get farmed out in a cloud environment. This post focuses on the security end, or rather attempting to track hack attempts.
In January, I sent up a trigger to alert me every time a user is locked out. -> Know instantly when a user is locked out<- Its a good read if you’re interested. This trigger reads the event logs, looks for the lockout event and sends the info to me via email. A great help in being proactive with my users. It also alerts me to hack attempts. Too many incorrect login attempts on OWA would trigger a lockout event. During a recent weekend, I was receiving lockout emails every 30 minutes. So who was doing this? What did they want?
Every year I try to pick out that unique Fathers Day gift that your Dad can use and probably will find interesting and fun. Lord knows Dad has plenty of aftershave, cologne, and wine. This year I am recommending the Serafim Keybo.
I have not seen this error before and there were no other users in the environment experiencing this issue. My first troubleshooting step was to see if there were any unique applications that were specific to this user.
This particular user is the CFO of the company and logs into a number of banking websites. To enhance security many banks force customers to download additional software to supplement logins in order to prevent intrusion and hack attempts. This user was using a product from IBM
I don’t hate shopping, but I really don’t have the time to browse the brick and mortar stores. Just the other day I was in Target and it took me longer to walk the store then to grab what I needed and check out. I’m all about saving time and using my time as efficiently as possible, I guess this is why I’m such a proponent of Amazon Prime and Fakespot.com.
The one problem with Amazon is you can’t touch and feel the product, there are so many sellers sometimes its hard to distinguish which items are worth my time while which are just plan junk.
Early on Amazon made a review system to help customers identify which items and sellers are worth their time. However, as soon as the review system was launched so were the fake reviews, paid reviewers and just plain deceptive tactics sellers take to make their products seem better.
Through the magic of the Internet Fakespot.com analyzes all the reviews for a particular product through their proprietary technology and determines which reviews are real and which are suspect. Finally at the end a letter grade is given to the product reviews. Remember Fakespot.com is NOT reviewing the product, but making an attempt to verify the validity of the reviews for that given product. Continue reading “Fakespot.com finds the fakes! Makes Amazon so much better!”
It’s been a while since I have written a blog posting. I guess you can say life sometimes gets in the way and things we enjoy doing get pushed aside. I have a few spare moments today to sit down and write so here goes nothing.
First and foremost Webcommand blog has just turned ONE! I started writing exactly one year ago today. When I built this server I was setting a goal to write 5 blog posts a week about 260 in a year. Well I realized its harder to come up with content then I thought. I also realized it is even harder to monetize the site as well (your donations are welcome) However I did manage to write 100 blog posts in the first year and I deem that a success!
Today on the anniversary of Webcommands birth and 100th post I would like to pay tribute to my favorite blogs and give each of them a brief shout out.