What Is IP Spoofing And How Is A System Hijacked?

It should be no surprise to your that in the world of computer networking savvy computer technicians have the ability to mask their identity on the Internet with advanced techniques.  IP Spoofing, similar to caller ID blocking in telecommunications, refers to hackers disguising their IP address and network identification information to gain unauthorized access to other computers or networks.  When the targeted system is "spoofed" the system will display a message that a trusted source is trying to access their network.  Once the IP address is "spoofed" hackers can conduct criminal acts on your computer or network remotely. 

Internet Protocol spoofing initially became a problem in the 1980's.  While it was considered an accomplishment to crack an IP address and to conquer the protocol's weakness, it quickly became a problem and was a primary focus for security administrators thereafter.  In terms of spoofing, there are three different types of attacks:

Non-Blind Spoofing Attacks
When the attacker is actually on the same subnet as the system they are attacking this is considered a non-blind spoof.  This form of spoofing can cause session hijacking and can effectively allow the hijacker to bypass security to establish a connection using proxies and sequences. 

Blind Spoofing
Blind spoofing is a bit more advanced than non-blind methods.  Packets are sent to the machine the hijacker is targeting to get an idea of the sequence numbers in the network.  While sequencing is random, some hijackers can accurately predict sequences for access.  While some hijackers may not be able to gain a full connection, they can send data packets and viruses to the targeted machine.

Attackers are not concerned with completing full transactions on your network.  The primary focus of an IP spoofer is to consume bandwidth and resources.  By flooding the victim with packets of communication, traffic has effectively controlled your computer and a connection can be made. 

If you want to protect your computer or your network against IP spoofing it is important to take the proper precautions.  Proactive steps and security precautions are the only way to keep your IP address protected.  Ingress and egress filtering on your router is very important.  This will block private IPs and will not accept IP addresses with your sequence as the source.  Encryptions and authentication measures within your subnet are also important and can reduce attacks and vulnerability.  The truth of the matter is unless you are a spoofer yourself you are perhaps never fully protected.  Be aware of the security risks that exist and take proactive steps to protect your computer.
 

Read More

Protect Your Identity – Don’t Be Scammed

Internet Scams Are EverywhereThe internet provides a whole host of opportunities that were not available just a short time ago. One less desirable opportunity that has become a part of using the internet is coming into contact with unscrupulous people who are using the internet to rip people off.

And there is no shortage of opportunities to be ripped off if a person is not careful!

So to avoid being ripped off you have to make every effort fend off the many rip off artists that now prowl the net. There are some basic steps that you can be taken to protect yourself from internet rip off scams.

The first step to take is to make sure that you have a current version of a comprehension antivirus, anti spam, anti spyware program loaded on all computers that you use to access the internet. The cost of the program verses the risk and likelihood of attack is very good. The average software package can be purchased for fifty to sixty dollars.

The second step to take is to develop some routines that you follow when using the internet. Never go to a website that you are not certain is safe. Good  antivirus protection software such Trend Micro will flag sites that are potentially being used to scam and rip people off. If that warning comes up do not progress onto that page.

Trend Micro Internet Security 2010

Next if a website requests personal information without good reason, do not give out the information. The only site that you want to give personal information to is a site that you have contacted to do business with. If you haven’t contacted the site for the purpose of making a purchase or doing some kind of internet activity such as playing a game do not fill out anything that requests your personal information.

The next step to take is to avoid giving information in response to confirmation requests. Your bank or online payment website or online auction site will not request that you give personal information in response to an email. They will ask you to visit their site and update it. Scam artists are sending requests to confirm information for all kinds of different types of accounts including credit cards, online payment sites, bank accounts, college financial information, or anything else that might contain personal information.

Protect Yourself From ScamsAnother key step you can take to protect yourself is to avoid websites that are typically used for scamming.

Many different types of websites tend to be favorites for scammers.

Any website that offers you something for free in exchange for taking a survey that includes personal information should be avoided. Sites that offer adult content and sites that offer video games that you can play are also favorites of the scammer.

Both are addictive type sites that can catch you in a weak moment and steal your personal information. Another ploy that scammers use is dating and singles websites. The scammer will try to make a personal connection in order to build trust that leads to the theft of your personal information.

A little caution can go a long way in protecting oneself while on the internet. The reality is that you do not have to be ripped off. Many online scams these days are so well put together people don’t realise they were scammed even after the event!

We will take a look at some popular scams over the next few weeks.

Getting ripped off is not mandatory.
Read More

Anonymous Browsing

Every time you use the Internet you are leaving a trail of breadcrumbs which anybody can follow. Sometimes this trail can have a use, for instance Google use it to target local searches to you, or weather sites can automatically give you the weather in your area.

Equally every other activity you are doing online can be tracked, what sites you visited how long you spent there, what you did while there. If you want to enjoy anonymous browsing on the internet and protect your identity you need to find a way to use the internet without leaving this trail all the way back to your computer. You may think that this data is not important, after all so many people are on the Internet and most of them are running without protection.

Why run the risk of Identity theft, and financial problems of having your bank accounts attacked, or even having your Boss knowing what you looked at during the lunch hour!

Let us consider though the world outside of your friends and family you will find even greater reasons to use anonymous browsing, as there are thousands of people monitoring what others are doing. Looking for any information they can use, or weaknesses in security systems. Whether it is the ‘IT Geek’ showing off his skills or organised gangs and criminals looking for their next victim it is going on all around us all the time. In many cases we don’t even see it happening, there are thousands of compromised computers around the world whose owners have no idea.

In most cases basic virus software is not designed to detect such hacks, your best protection is to employ anonymous browsing, to effectively not exist on the Internet. At the very worst level it would be possible to find your physical location through your IP address, while not the easiest task in the world it has happened in the past, and will happen again in the future. Imagine a situation where criminals know who you are, what you have and where you live.

On a higher level governments around the world are slowly eroding peoples freedoms by forcing Internet Service Providers (ISPs) to store and provide logs of all activities that take place.

Recent events in Australia have brought the issue up again, with plans to run a nationwide proxy service to keep track and effectively restrict people’s online freedom. In Europe ISPs are obliged to keep their data on you for 2 years, that’s two years of your life on store ready to be accessed as and when needed. The idea is of course to keep track of terrorists and extremists, however as usual it is the ordinary person who is inconvenienced, as no doubt any ‘bad people’ are already hiding their activities.

OK, enough fear how can you enjoy anonymous browsing and protect yourself and your family on the web?   The first thing most people consider is an anonymous proxy server, which is a server you connect through which hides your IP address and replaces it with its own. So while it is possible to find out the IP address of the proxy server if everything is configured properly that is all that can be found out. The information on what you did still exists, but there is no way to link it directly to you.

One of the WORST things you can do is rely on a free anonymous proxy server, have you considered the fact that many of these servers are setup just to collect your data?

If you are using a server run by dishonest people then they are directly collecting everything you do and, for instance, could be storing all your Internet Banking log on details, your Bank Card details, all your usernames and passwords, details of every site you visit and E-Mail you send or receive. In other words EVERYTHING you send and receive over the Internet!

I worked in IT in Russia for several years and know for a fact many of these proxies are setup with the single intent of capturing useful data. Is that what you want when using an anonymous proxy? I would presume not, however that could very well be exactly what you are doing when running an anonymous proxy you found through Google. There truly is no such thing as a free lunch, sure many people are running their proxies with honesty but how can you know for sure which ones?

There is a much better option; you don’t have to just guess which are the safe proxies to use.

A much better option is to subscribe to one of the most respected and unique proxy services available on the Internet today.

A service which not only allows you to change your IP but encrypts your data with the same encryption system used by the US military. Where server logs are deleted almost instantly, so there is no record kept of who you are or what you were doing.

Providing you with the most robust and complete anonymous browsing experiences available. No other anonymous proxy software offers anywhere close to the level of security offered by Identity Cloaker. Software so powerful and unique you can carry it with you on a USB stick and run it wherever you are:

  • Visiting a friends house? No problem just plug the USB stick in and run the program

  • At the office? No problem, as long as you can access a USB port you can activate the software and enjoy anonymous browsing

  • School blocking certain sites? No problem, bypass the restrictions by creating a secure tunnel straight through their security

The uses of anonymous browsing are almost endless.

I highly recommend you try it out, there is a free version with very limited functionality BUT also a trial 10 day version for under 5 Euros which will allow you to fully test the software. After that subscriptions start at less than 7 Euros a month, with NO automatic billing and a 14 day money back guarantee. It is truly the most effective and unique way to enjoy anonymous browsing.

Read More