Key Based Authentication for SSH

What is key based authentication for ssh?

keyKey based authentication for SSH is a way to connect remotely to another computer/server using an encrypted file you HAVE and an optional password you KNOW to unlock the file. Key based authentication has the advantage of being more secure and/or more convenient.

Why?

Password based authentication:
Logging in via password over SSH encrypts your password so it ends up looking like this:
..t-:p.%.E.{..E..X7.@.@.~....s..............NXP...{W..!8..;.eh9..N......#....q..1f...:...D9R0 zy
Because the password is encrypted, it won’t be seen in plain text over the wire which is good. If the password is short or simple enough, a hacker will be able to crack your password. Assuming the password is good enough, password based authentication’s strength comes from keeping that knowledge from others.

Key based authentication allows you to connect remotely using an encrypted file as a key instead of a password. Key based authentication gives you the option to Continue reading Key Based Authentication for SSH

Insecure Wireless Network Could Get You Arrested or Sued

Synopsis:

shocked girlHaving an insecure wireless network makes you liable for arrest or lawsuit! If you have not done all these things listed below to protect your wireless network, take the few minutes it will take to do the basics and DO THEM NOW!!

Basics

There is no excuse for not doing all these things
– Change default user name & passwords for routing equipment
– Use strong passwords
– Turn on encryption (WPA2 or better. WEP is hackable in minutes)
– Change default SSID
– Enable firewalls
– Turn off when not in use
– Update router firmware to the latest version

Advanced

Increases security but may require more time or expertise
– Disable DHCP and assign static IP Addresses
– Filter by MAC address
– Monitor network for intrusions
– Use software to test for network vulnerabilities

handcuffsDid you know that you can be arrested or be sued if your wireless network is insecure? If you have an insecure wireless router at home, someone could use your internet connection to start downloading child pornography, attack the NSA, send spam, release viruses, or hack your own computer and steal your identity! So when the police or NSA come knocking at your door how are you going to prove that you didn’t do it? All that activity will be traced back to your IP address and you will need a really good argument to convince them otherwise. But why waste your time, money, and possibly your identity by not taking a few minutes to secure your network? What about businesses that have wireless networks set up? If a business has an insecure wireless network, hackers can use that to steal information by monitoring the network or compromising computers on that network. If that happens, patients, customers, and employees are all at risk of having their private information stolen. Not good!

Lets step through the basics of what everyone should do to secure their wireless network.

Continue reading Insecure Wireless Network Could Get You Arrested or Sued

What is SSL, TLS, https & why are they your friends?

securityDo you know what SSL, TLS, and https mean and do? You deal with SSL, TLS, and https whether you know it or not and it is very important!

TLS = Transport Layer Security
SSL = Secure Socket Layer
https = Hypertext Transfer Protocol Secure

Private and sensitive information gets sent over the internet all day so what is preventing someone from stealing that information? In order for information to be securely transferred over the internet 2 basics are needed.
1. Confirm server identity
2. Encrypt communication with serverIdentity

You don’t want to send information to someone who is impersonating the person you actually want to send it to, do you? SSL and TLS provide a way to verify the identity of the recipient. In it’s simplest form, there are many companies that will give people digitally signed certificates vouching for that person saying in essence, “we have checked to make sure this person is who they say they are and we think you can trust them.” When you browse the web, your browser has a list of companies that it will trust to tell you who you can trust. So, when you connect to a server your browser can check their certificate and if it is signed by one of the companies that you trust then your browser will trust it.

Private conversations are good when you are sharing sensitive or private data. You don’t go walking around on the street shouting out your birthday, credit card number, and social security number so why would you do it on the internet? shoutingTLS and SSL provide a way for you to have a private conversation with a server so that others can’t “listen in” on your conversation by encrypting the data. Most data on the web is transferred using http but when it is secured using TLS or SSL it is called https.

It’s important to know when you are or aren’t using https when browsing the web to protect your information. Most browsers have visual indicators to show that https is being used. Make it a habit to make sure that your information will be secure before sending or retrieving that data.

Resources to learn more of the nitty gritty of SSL, TLS, and https
TLS:
http://en.wikipedia.org/wiki/Transport_Layer_Security
http://www.ietf.org/dyn/wg/charter/tls-charter.html

SSL:
http://www.verisign.com/ssl/ssl-information-center/how-ssl-security-works/index.html
http://video.google.com/videoplay?docid=7130470471741831613&ei=JETxSrXaC5v-qAPLzKWxDQ&q=ssl&hl=en&view=2&client=firefox-a#

https:
http://en.wikipedia.org/wiki/HTTP_Secure
http://www.ourshop.org/resources/ssl.html

Images via CC BY 2.0
Lock and Chain: http://www.flickr.com/photos/bala_/
Silheuette: http://www.flickr.com/photos/narciss/
Yelling: http://www.flickr.com/photos/demibrooke/

Best Domain Registration Site / Service

NameGuard
NameGuard

I have used several different sites and services to register domains. NameGuard is hands down the best domain registration site and service I have ever used. After registering several domains with NameGuard I wonder why I ever used all the other sites out there. Continue reading Best Domain Registration Site / Service