• 0

Internet, Network, and Security How-To's and FAQs


Question

Barney T.

This topic is for the placement of links to how-to articles, tips, FAQs, or helpful information related to internet, network, and security. Please post links to the actual articles.

 

Internet Basics

 

 

 

Networking Basics

 

 

 

Security Basics

 

 

       Security Tools

 

         Security Tools for basic users:

 

 

 

FAQ's

  • Thanks 1
Link to post
Share on other sites

17 answers to this question

Recommended Posts

  • 0
+BudMan

While this in theory might be a good idea - in practice your 2 links so far are not very informative or worthy of links too.

 

How is a thread with a link to a speed test site, where everyone posts theirs -- its a how many stairs/windows thread.  Sure an the hell is not "internet basics". Or even good at explaining what a speed test is for that matter.

 

As to that good network configuration thread -- what?  That is a guy asking such a loaded question, and then getting hammered for more information..

 

A better link for speedtest would be just the wiki article http://en.wikipedia.org/wiki/Speedtest.net

 

As to network -- this would be a better first link than that nonsense thread http://en.wikipedia.org/wiki/Computer_network

Link to post
Share on other sites
  • 0
Barney T.

^ Done. Thanks, Budman. Please feel free to suggest as needed. You have lots of helpful posts and info, so I am hoping that you will give us the good stuff. :) Also, I will add links as the members recommend them. Thanks so much.

Link to post
Share on other sites
  • 0
+BudMan

Your welcome I guess - but really not sure speed testing should go there, but since "internet basics" is such a broad topic I guess you could fit most anything in there ;)

 

You will want to redo your link title for the network configuration - that is not a good anything, its just a link to information of what makes up a network.

 

I will try and come up with some links for your topics.  Under Security, which I would not really call basics.. I would prob remove the basics from all the topics except for internet and network and security would be just that.. And FAQ kind of redundant since most all of these are FAQ ;)

 

Under security for a start

http://www.us-cert.gov/

http://osvdb.org/

http://www.sans.org/

http://nvd.nist.gov/

http://cve.mitre.org/

 

You might want some sub topics under Security and Networking and even Internet, etc.

 

Under security sub sections you might have links to tools - some starters

http://nmap.org/

http://www.tenable.com/products/nessus

http://ettercap.github.io/ettercap/

http://www.wireshark.org/

 

Basic users and window users might want to take a look at for tools

http://technet.microsoft.com/en-US/security/cc184924.aspx

http://www.microsoft.com/en-us/download/details.aspx?id=39273

 

This could end up being really a lot of links, sine the topic is wide open ;)  And we could have whole sections on 1 specific protocol such as dns ;)

Link to post
Share on other sites
  • 0
Eric

This can always be spun off into separate FAQ threads with this one as an index if needed.

Link to post
Share on other sites
  • 0
Barney T.

^ Added. Thanks all! This is just a start, so please just suggest whatever subtopics I should post above (Y).

Link to post
Share on other sites
  • 0
goretsky

Hello,

 

Some anti-malware companies' blogs:

 

AVG - http://blogs.avg.com/

Avast! - http://blog.avast.com/

Avira - http://techblog.avira.com/en

BitDefender - http://www.bitdefender.com/blog/

CommTouch - https://blog.commtouch.com/cafe/ (formerly F-PROT)

Comodo - http://blogs.comodo.com/

ESET - http://www.welivesecurity.com/

F-Secure - http://www.f-secure.com/weblog/

G Data - http://blog.gdatasoftware.com/blog.html

Kaspersky Lab - http://blog.kaspersky.com/

Malwarebytes - http://blog.malwarebytes.org/

McAfee - http://blogs.mcafee.com/

Panda Security - http://pandalabs.pandasecurity.com/

Sophos - http://nakedsecurity.sophos.com/

Symantec - http://www.symantec.com/connect/security/blogs

Trend Micro - http://blog.trendmicro.com/

Webroot - http://www.webroot.com/blog/

 

There are, of course, dozens of anti-malware companies, so this is just a very incomplete list to help get the ball rolling.

 

Regards,

 

Aryeh Goretsky

  • Like 1
Link to post
Share on other sites
  • 0
nabz0r

Hello,

 

Some monitoring, log, etc stuff:

 

MRTG (Free, I am going to try it and let you guys know)

PRTG (This one has both free and paid version, never tried it before but I've heard a lot of good things about it)

Splunk

  • Like 1
Link to post
Share on other sites
  • 0
nabz0r

Here is another great guide for those which are interested in backing up their network devices automatically with Rancid.

How to install Rancid on a Linux machine

Link to post
Share on other sites
  • 0
sc302

Hello,

 

Some monitoring, log, etc stuff:

 

MRTG (Free, I am going to try it and let you guys know)

PRTG (This one has both free and paid version, never tried it before but I've heard a lot of good things about it)

Splunk

Lets not forget cacti

  • Like 1
Link to post
Share on other sites
  • 0
nabz0r

Lets not forget cacti

Yeah, another great tool. I started using at home on Ubuntu server and I am loving it so far.

 

Here is how to install it on

RHEL/CentOS

Link to post
Share on other sites
  • 0
nabz0r

Hi,

 

Here is one of the best monitoring opensource system that I have came across. I installed at home and I am in love with it. Just configure SNMP and you're good to go. It pulls everything.

 

Observium

 

I am going to mention this as well, probably most of you will use it, it's IPAM IP managemnet free.. I have been using it for almost 2 years and it's absolutely great.

 

PHPIPam

 

Enjoy my finds. :P

  • Like 1
Link to post
Share on other sites
  • 0
nabz0r

Good Thread, I have found some useful guides on here....

 

http://www.firewall.cx/

+1. That website is one plus for Cisco stuff.

Link to post
Share on other sites
  • 0
hollowhan
On 12/10/2013 at 8:11 PM, nabz0r said:

Here is another great guide for those which are interested in backing up their network devices automatically with Rancid.

How to install Rancid on a Linux machine

Thx a lot Nab! Great info.

Link to post
Share on other sites
  • 0
Jason S.

Please dont resurrect old threads. Thank you.

 

Sorry folks! didnt realize this was a pinned thread. i reopened it.

Edited by Jason S.
  • Like 1
Link to post
Share on other sites
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By Abhay V
      Google announces a bunch of new Android features
      by Abhay Venkatesh



      Google today announced a few new features coming to Android, both via updates to select apps and the OS itself. The features related to security, accessibility, and more, and the rollout is similar to how the company introduced added capabilities to older Android versions late last year.

      The first on the list today is the addition of the Password Checkup tool natively to Android, something that first debuted as an extension and then made it to the Chrome browser itself. As the name suggests, the feature helps users keep a tab on the integrity of their saved passwords by notifying them if their credentials have been exposed. This allows users to act on compromised credentials and avoid using passwords that might have been exposed on the web.



      Now, the feature integrates with Autofill on Android 9 and newer, notifying users of any potential password exposures and a guide to reset them. Additionally, Autofill can also generate unique passwords and secure that information via biometric authentication, making it a great overall tool for password management.

      Next up is a nifty new update to the Messages app that brings the ability to schedule messages to be sent later. Long pressing the send button will now provide an option to set the date and time to deliver the text message. The option to schedule messages has been present for users on Samsung devices via the default Messages app that ships with those devices. Alternatively, users have had to rely on third-party offerings such as Pulse SMS for the feature. The updated Messages app is now rolling out to users on Android 7 and newer.

      As for accessibility improvements, the search giant announced a new update to TalkBack, its screen reader for those with impaired vision. The updates include new multi-finger gestures on Pixel and Samsung phones that can be used to perform preset commands like selecting and editing text. There are also new swipe commands for reading through just the headlines or through entire paragraphs. The firm is also adding 25 voice commands to help with actions such as finding particular text on the screen and more. Lastly, there are two new languages for the Braille keyboard.



      Google assistant is also receiving some updates that let users interact with it better on the lock screen. The company is adding a new card layout to review Assistant commands right from the lock screen, including alarm and timer options, sending messaging using voice, and more. The firm adds that users can “get things done on [their] phone without needing to be right next to it”.

      Another highly awaited feature announced today is the rollout of a dark theme for Maps. While Maps automatically switches to a darker theme when navigating, a proper dark mode has been teased for a while. Users will finally be able to switch to the darker side permanently from the settings, a welcome addition for those that prefer the theming option to conserve battery on AMOLED displays, or just as a matter of preference.

      Lastly, the Mountain View company announced new Android Auto features such as “car-inspired backgrounds” and Assistant actions – features that began rolling out earlier this month. For long journeys, the in-car system is also adding voice-activated trivia games. Other new features include a split-screen view of Maps and audio controls – like on Apple CarPlay – on wide screens and a new privacy screen to “control when Android Auto appears on your car display”. These Android Auto features are rolling out to users running Android 6 or newer.

    • By indospot
      Samsung now promises four years of security updates for Galaxy devices
      by João Carrasqueira

      Longer-lasting software support has long been one of the factors pointed out when talking about the advantages of iOS compared to Android. In recent years, we've seen an increasing amount of effort from some companies to keep devices updated, with Google itself offering three years of feature and security updates for its Pixel devices.

      Now, Samsung is trying to take things a step further by offering a minimum of four years of security updates for its Galaxy devices. Depending on the device you have and how old it is, security updates may be rolled out on a monthly or quarterly basis, but either way, getting security updates for four years is a welcome boon if you want your devices to last longer.

      This isn't just a benefit for the latest devices coming out this year, either, nor does it target just flagships. Samsung provides a decently long list of devices that will be eligible for the extended security update period, going back to the Galaxy S10 and Note10 families, the Galaxy A series, and a wide range of tablets. Here's the full list provided by Samsung:

      It's worth noting that this support period is even longer than what Google promises for its own Pixel phones - though it should be remembered that these are minimum support periods, and Google has supported some of its phones for longer than the minimum. Either way, if you happen to own or you're considering getting one of these devices, you may rest assured your phone or tablet will be kept safe for a while longer. This doesn't, however, include new Android feature updates, so you won't necessarily getting Android 12 or 13 when those versions are released.

    • By Usama Jawad96
      Clubhouse confirms security breach, deploys new safeguards
      by Usama Jawad

      Private social app Clubhouse allows users to engage in informal conversations. The invite-only iOS application is used by Elon Musk with Facebook also looking to clone the chat service. However, concerns were raised around Clubhouse a couple of weeks ago with the Stanford Internet Observatory (SIO) citing numerous potential security weaknesses in the service. Today, Clubhouse has confirmed a security breach and placed new safeguards to prevent similar incidents in the future.

      In a statement to Bloomberg, a Clubhouse spokesperson mentioned that a user was able to siphon live audio from multiple private rooms and stream them on their website. This incident, which took place over the weekend, was possible due to the attacker through a system utilizing the same JavaScript toolkit that is used to compile the Clubhouse application. While the identity of the involved party has not been disclosed, the spokesperson clarified that the user has been banned permanently from the app.

      This situation feeds into the security concerns raised by the SIO a few days ago. One of these was Clubhouse user and chatroom IDs were being transmitted over the internet in plaintext instead of being encrypted.

      Furthermore, SIO also revealed that the backend of the platform is handled by a Shanghai-based startup called Agora Inc. The Chinese company states that it "temporarily" stores raw audio data for processing in its servers but it is currently unknown how long this time period is and where the servers are situated. In a statement to The Verge, the firm confirmed that it does not route traffic produced by non-Chinese users through China. However, Agora declined to go into details about the security mechanisms and protocols in place to prevent security breaches, such as the one that took place over the weekend.

      Source: Bloomberg | Image via Walk the Chat

    • By Usama Jawad96
      Apple starts taking countermeasures against new macOS malware strain
      by Usama Jawad

      A recently discovered macOS malware has caught the attention of the security community due to its highly sophisticated nature and the mystery surrounding its missing payload. Dubbed "Silver Sparrow", the malware was discovered a few days ago and is known to have infected 30,000 Intel and M1 Mac devices spread across 153 countries. Now, it appears that Apple is taking steps to mitigate potential threats posed by Silver Sparrow.

      Apple has reached out to Apple Insider to confirm that it has revoked the certificates of the developer accounts that were used to sign the malicious package. While this restricts the spread of this particular Silver Sparrow variant, it still leaves the door open for similar packages signed with a different certificate.

      Furthermore, Apple has noted that it has many security measures in place at both hardware and software level. Furthermore, the company also releases software updates regularly which contain patches against potential threats such as Silver Sparrow.

      That said, Apple as well as the cybersecurity community will likely be keeping an eye on this particular strain and its potential offshoots, given that it is seemingly in development by an advanced malicious actor. On infected machines, Silver Sparrow communicates with control servers once every 24 hours, awaiting binaries to receive and execute. It also has ephemeral self-destruct mechanisms in place that remove any trace of your machine being infected, even if your machine has already been attacked.

      Source: Apple Insider

    • By Usama Jawad96
      30,000 Macs are at threat from mysterious malware
      by Usama Jawad

      News of Macs getting infected with malware is relatively uncommon. However, a new threat that has currently infected almost 30,000 Mac devices has security researchers worried due to its sophisticated nature and lack of available information.



      Researchers at Red Canary have discovered a new strain of macOS malware which they have dubbed "Silver Sparrow". The malware is strange in numerous ways, with the major one being that it has remained mostly dormant so far. Despite the fact that it communicates with control servers once an hour awaiting potentially malicious binaries to execute, it has deployed no malicious payload as of yet.

      Furthermore, apart from the Intel x86_64 variant, it also has an Apple M1 counterpart. Both variants also contain "bystander binaries", which when executed print "Hello World!" on the former's screen and "You did it!" on the Apple M1.

      While have these messages printed on the display isn't a major concern on its own, it clearly points to a bigger issue where these placeholder binaries eventually start executing malicious payload they receive from the control servers. Red Canary highlighted that the complex infrastructure efficiently makes use of AWS and Akamai CDNs, making it very difficult to track and take down.

      Another concerning fact about Silver Sparrow is that it contains self-destruct mechanisms which remove all traces of the malware from infected devices. What's even more mysterious is that this mechanism hasn't been observed by default on infected machines, which means that it was downloaded ad hoc based on meeting currently unknown conditions.

      Furthermore, the distribution techniques of Silver Sparrow are unknown as well. Red Canary researchers stated that:

      The findings of the report are reasonable cause for alarm. Much about Silver Sparrow is not known yet, and its sophisticated and stealthy nature points to a very advanced malicious actor. Red Canary has indicated that 29,139 macOS endpoints were infected as of February 17, 2021 with users spread across 153 countries. The figures of infected machines also seem to be concentrated in the US, UK, Canada, France, and Germany. The security researchers have included a list of indicators that you can use to determine whether your Mac is infected or not under the "Detection opportunities" heading near the bottom of this page.

      Source: Red Canary via Ars Technica | Image via biz-tec.mx