Category Archives: Computer Security

Computer Security related articles.

My Wireless Network Doesn’t Work When the Baby is Sleeping

Having a baby could affect your wireless communication?

Yes. Well, indirectly yes. Who has a baby and a wireless network will most likely have a baby monitor. We all like to spend our time blogging, or browsing the Internet while the baby is asleep, but we couldn’t blog a word if we didn’t keep an eye on the baby.

Many baby monitors will interfere with wireless networks. The wireless connection will work for most of the time and then suddenly it will stop working; after a wile will resume functioning properly. It could work without interruption but slow down transfer rates as network error corrections will be needed more than regularly.

How TO Eliminate Interference Between Baby Monitors and Wireless Networks?

Make sure you verify the band used by the baby monitor is not overlapping with the wireless band. If it does, you can change the channel on your Baby Monitor. How do you know if it overlaps? Read the instructions manual, and if you don’t have it, just try different channels on your baby monitor until you get a stable connection on your Network.
Another option would be to change the channel used by your wireless access point. If you have an old baby monitor consider buying a newer model, the newer models have less interference with your WiFi Network. I know that this sounds so un-green and consumerist, but I tested this and newer and more expensive models are better protected to interferences.
[ad#Adsense Text 468 wide]

Is your Toddler Curious about the Little Box on the Wall?

If your child is a toddler he’ll be very curious about the different devices hanging around in your office and he will find your wireless AP. They will try, whenever they have the chance, to press any buttons and pull all the cables. Make sure, when your connection goes off, to check all the connections to the access point and to the modem. Consider to move your devices where your child cannot reach them.

Email address Spoofing – Someone is Using My address to Send Spam

Someone is Using Your Address to Send SPAM

You just got a bounce-back email saying that your email didn’t reach the destination because the recipient doesn’t exist. Nothing unusual, this is something that happens to anybody who is using email regularly; except you didn’t send that email. How could this happen? If you are an email server administrator and many of your users get this kind of bounce-back they all start to complain at once, thinking that your server has been hijacked. What can you do to stop this, and how to reassure your users that you haven’t been hijacked?

Sender Address Forgery known as email address spoofing is not a new technique. It is used for many things from spamming organizations to sending viruses and supporting scamming schemes where the sender fakes his identity.

Effective ways to stop Spammers to Use Your Domain Name

Publish SPF Data
SPF (Sender Policy Framework) is a method that allows you to publish which mail servers are authorized to send email for your domain. SPF uses a DNS record that tells email servers which servers are the servers that are trusted sources of email for the specific domain and how much to trust other sources of email originating from that domain. Destination servers might have the SPF checking implemented or not. Many of the today’s servers are SPF checking enabled.
Destination servers check this record and act in consequence. Anti-spam software on servers receiving emails, score an email based on SPF record and other criteria and accept or reject the email based on the total score. For instance if the SPF record tells that any emails originating from non authorized servers should not be trusted the email gets the necessary points to be treated as SPAM and it gets rejected. If the SPF record treats the non authorized servers neutral the message could pass or could be rejected if other it contains other SPAM characteristics.
Do not publish any email addresses on Web pages. This is the most common place for spammers to get valid email addresses and use them to forge email messages

If your company runs its own mail server configure it to ignore email sent to non-existent addresses in your domain. If your server sends a non-delivery report you reveal to a spammer valid addresses in your domain (the ones that don’t send NDRs). This attracts spam to those addresses. You waste bandwidth. The most common reason to send NDR’s for non-existent addresses is to let people know that they misspelled the address. Miss-addressed email can get lost easier.

If your domain gets blacklisted because of spoofing you have to contact the list which blacklisted you and show the Administrator what you did to correct the problem. This is very unlikely since the sender usually spoofs only the email sender and not the server’s address. A blacklist Admin should be able to figure out this.

Preventing Domain Name Spam

What is domain name spam?
Domain Name Spam is a spamming technique where the sender only knows the domain name and he doesn’t have any valid email address in the domain. The technique involves sending emails to all the possible combinations or to a nicely crafted dictionary. The most common addresses in such a dictionary are:
• info@
• mail@
• sales@
• contact@
• contacts@
• root@
• help@
• home@
• contactus@
• enquiries@
• webmaster@
• hr
• shipping
The generic list is actually very long but I won’t include here all of the addresses.
Other possible entries in the dictionary are common names and different combination of these names. Let’s take for instance the name John Doe. A few possible combinations and the most used are: john.doe@company.com, j.doe@company.com, john.d@company.com, johndoe@company.com, etc…
What can you do to discourage and stop this kind of spam?
Set up your email server so it will not accept too many emails from the same server within a specified time frame.
Do not send NDR for unknown recipients, this will inform the attacker about the invalidity of those addresses, this is good information for a spammer. The disadvantage with this is that misspells of an address from a legitimate sender will not inform them about the error.

Use less commonly used prefixes for your email addresses.
Instead of “info@yoursite.com” use “askaquestion@yoursite.com”.
Instead of “webmaster@yoursite.com” use “yourname@yoursite.com”.
Instead of “help@yoursite.com” use “problem@yoursite.com”.
You do want to still keep your email addresses professional and to make sense to your customers. An email address like Egfa13wge2@yoursite.com will fool domain name spammers, but customers will be tempted to delete the email when they see such an email address in the “To” field of their email.
Also, don’t forget that many domain name spammers hope you have your catch-all turned on. This means that even sending an email to “any-address@yoursite.com” will end up in the admin’s mailbox even if that email address doesn’t exist. Unless you have a need for your catch-all to be turned on, you should have it turned off by default.