As Good As It Gets

Scores of articles are written about Network Security about setting a strong password to installing the latest anti spy ware software. There is no dearth of tips for the Networked user. Yet, one fact that remains unchanged is that no matter how good or how new the anti spy software is, there is always a more devious person out there who will find a way of hacking in.

Besides the password, if there is a time-tested method of ensuring a high level of security, it is by setting up multiple lines of defense. Traditionally on a battlefield, there were foot soldiers, followed by horseback riders followed by heavy artillery at back. If this approach towards waging war has not changed much over the years why should we not to adopt from it? The variety in the lines of defense is what makes it difficult for the attacker to make inroads.

With network security too, we need to rely on different products from variety of reputed vendors. A hacker with a knack for breaking through certain types of defense techniques of a particular vendor will render that type of defense useless. Ideally a firewall, an IDS (intrusion detection system) and anti-virus software in that very order should be in place with the firewall being the outermost layer. Working in concert, these three devices or applications can help to keep out unwanted traffic, notify you when unauthorized access does occur and protect your computer from known Trojans, worms and viruses.

Firewalls may reside on the same computer or on another computer. The IDS on the other hand should monitor traffic on the network and once it recognizes an intrusion, it can either stop data transmission or counter the attack or inform the administrator. The last layer would be the antivirus software that should be able to pick up any malicious code that gets past the first two layers.

Prevent is all that we can do and that is as good as it gets. After all, if the attacking army is stronger, it’s a matter of time before you lose but at least you can put up a fight.

Is my Net banking login really secure?

Every time I log into my net banking account, I am not only asked for my login name and password but I also get to see the small lock Icon appear on the right hand corner of my screen indicating that the transfer is secure. Get the mouse near the Lock Icon and it would probably display the type of encryption too - say 128 bit or 64 bit etc. All these are measures to make the online banking experience safe and secure. But how many net banking experiences really are?

According to Johannes Ullrich, chief research officer at the SANS Institute, American banks like Chase.com and American express ask customers for login particulars over encrypted forms but he points out that there is no authentication technology at the other end to prove that the users are genuine. One method of ensuring a higher degree of security is for the banks to use the HTTPS web pages for logins. On these web pages, use of the Secure Socket Layer (SSL) is a default in addition to encrypting the information on the page.

Capital One Bank, Citigroup Inc., and Wells Fargo & Co, Chase.com and American Express all require use of such encryption without which your data and details are very vulnerable to anyone wanting to hack in. While this is not a foolproof method, this additional step with a 128-bit encryption makes it a whole lot more difficult to hack in then it otherwise is. But the psyche behind this for most banks is that directing their customers from their main banking site to a secure HTTPS web page is likely to put off a lot of them.

Bank of America Corp. does not use SSL sign-in on its front page. Instead the bank allows customers to enter their login ID on the homepage and thereafter directs them to a HTTPS site to enter the password. If you resort to net banking, I suggest you look for the LOCK Icon on the right hand bottom corner before you proceed further next time.

The Beginning of the Network Security Blog

This is the first Blog on network security related matters.