All posts by root

Security adept. Lightly nerdy, slightly mad. Ecperienced, but not too old. Yet.

Email Auto-Complete

Be careful with email auto-complete. This is an email feature that automatically completes a name for you when you begin typing it in the TO field. However, your email client can easily complete the wrong name for you. If you are emailing anything sensitive, always be sure to check the TO field a second time before hitting the send button.
Source: SANS Security Awareness

Reporting an Incident

Eventually, we all get hacked. The bad guys are very persistent and we can all make a mistake. If a phone call from the “Help Desk” doesn’t sound quite right, if an email seems suspicious or if a program you installed starts acting funny, ask for help! Your security team is there to help you. The sooner you report an incident, the sooner we can help resolve the problem.
Source: SANS Security Awareness

Use Caution Opening Email Attachments

A common method cyber criminals use to hack into people’s computers is to send them emails with infected attachments. People are tricked into opening these attachments because they appear to come from someone or something they know and trust. Only open email attachments that you were expecting. Not sure about an email? Call the person to confirm they sent it.
Source: SANS Security Awareness

Cloud Security

One of the most effective steps you can take to protect your cloud account is to make sure you are using two-step verification. In addition, always be sure you know exactly whom you are sharing files with. It is very easy to accidently share your files with the entire Internet when you think you are only sharing them with specific individuals.
Source:

Protect your networked devices – use filtering DNS servers

It’s very easy to protect your household against some common attacks: easily block known unsafe, fraudulent, phishing and infected Web sites from entering your home network and causing harm to your devices. It adds a first layer of defense by blocking unsafe sites automatically.

How? Simply use the Norton ConnectSafe DNS Services. It’s free for home users and provides three levels of protection:

  1. Level one: block malware, phishing and scam sites (.
  2. Level two: as level one, but includes sites that contain sexually explicit material.
  3. Level three: as level two, including sites that feature: mature content, abortion, alcohol, crime, drugs, file sharing, gambling, hate, suicide, tobacco or violence.

Read how to change the settings on your home router  or on your local computer on the Norton ConnectSafe website for home users. As a plus, it also supports DNSSEC.

I’ve been using them for quite a while now, and here in The Netherlands their resolving speed is fine.

As there an alternative?
Offcourse there is. You could also use Comodo Secure DNS, for example. They do the same, but it’s not possible to choose from different levels of protection. Also, they didn’t support DNSSEC when i tested it.

If you don’t want an USA based company, you can also use Yandex DNS. Yandex is one of Russia’s biggest search engines and they have several levels of DNS service: Basic (unfiltered), Safe (virus/malware filtering) and Family (including adult content filtering). Servers at Yandex LLC in Russia.

Don’t Login on Untrusted Computers

A password is only as secure as the computer or network it is used on. As such, never log in to a sensitive account from a public computer, such as computers in a cyber cafe, hotel lobby or conference hall. Bad guys target public computers such as these and infect them on purpose. The moment you type your password on an infected computer, these cyber criminals can harvest your passwords. If you have no choice but to use a public computer, change your password at the next available opportunity you have access to a trusted computer.