Tuesday, April 8, 2008

Forged Email

Email is probably the most popular application used on the Internet. All people can have an email account, whether or not they have a computer at home. You can sign up for email accounts at several sites, such as Microsoft's Hotmail or Yahoo's email service, and use a computer at your school, at a library, or even at work to access the account.

Email messages, like Trojan horse programs, aren't always what they seem to be. Just because the FROM line contains the name of someone you know doesn't mean that the email actually came from that person. It's a simple matter when configuring an email account to use any name you want. And with the online email services that don't require you to use an email client (these services typically use an HTML interface—a Web browser), it can be difficult to determine where an email actually originated.

Internet 2010

There are even programs freely available on the Net that allow you to create bogus email messages that appear perfectly normal in all respects. Although any intelligent person would probably not, in this day and age, open an email attachment from someone they do not know, they most likely would open an attachment from a friend. After all, if you can't trust your friends...

The problem is that email is easily forged and can be used to get a program into your network. As a rule, delete spam and other email from sources you don't recognize.

One of the more insidious things that can be done through email has occurred with alarming frequency in recent years. Worm viruses spread through email can read your address book, replicate themselves by mailing a copy of the virus code to everyone in your address book, and then start wreaking havoc on your system! About the only thing you can do in this situation is to disconnect the computer (or computers) from the network and clean out the mail store with a good virus program. If you have a mail server in your network, disconnect it and do the same. Until you've assured yourself that every computer in your network is free of such worm viruses, don't reconnect to the Internet, or any other part of your corporate network.

Password Protection and SecurlD and Smart Cards

Passwords and usernames have been the traditional method for authenticating a user to a computer operating system. There are much better methods you can use for environments that demand a high degree of security, such as smart cards and SecurlD cards.

Smart card devices are synchronized with software that runs on the host computer. To log on, the user simply consults the password code, which changes at regular intervals, generated by the smart card. Because the application on the host computer is operating to change the account password using the same algorithm as the smart card, a user's account password can be different every time she logs in. As long as the smart card and the application on the computer are kept in sync, it becomes very improbable for someone to "steal" your password. And most smart cards have passwords that can be used only one time. This means that even if someone happens to glance at the current password on your smart card, after you've used the password to log in, it can't be reused and abused.

SecurlD cards are based on digital certificates and require the user to enter a PIN for their use.

No comments:

Internet Blogosphere