All About the SSL Protocol

What is SSL?

SSL stands for Secure Socket Layer (SSL). Originally developed by Netscape and now a de-facto standard for secure communication over the internet, SSL is implemented by all secure web servers and browsers like Internet Explorer, Firefox, Safari, Opera etc.

Where SSL is used

The widest use of the SSL protocol is done in browsers. It will secure the browser of any site on the internet, for example: for login pages, or online banking, or any other financial site. Accessing any site starting with https://  in the address bar of the browser initiates the SSL connection between the browser and the SSL server,  e.g. https://www.paypal.com in your address bar will establish a secure SSL connection between the browser and the web server of www.paypal.com. Apart from this SSL can be used in FTP or any other application layer protocols. SFTP implements SSL for FTP.

More SSL » » »

ClickJacking - Is This Link Safe?

Thursday, I attended a virtual security tradeshow, put on by InformationWeek and Dark Reading. Several hacker techniques were discussed by the various speakers. One that was new to me was called ClickJacking.

It seems that you can go to a website and click on a link and nothing seems to happen. That has happened to me before. You just sit there. You click the link again. Nothing. So you click it several times, real fast, like that’s going to make it work.

ClickJacking » » »

Check Your System For Rootkits

WHAT ARE ROOTKITS? They’re nasty little tree-like creatures that hide and grow their roots in your computer and wreak havoc on it, that’s what they are!

Actually, a rootkit was originally a Unix term, having to do with granting root access to a file or person. And even now a rootkit is not really a bad thing in itself, it’s just that they are being used to do bad things to your computer. Rootkits Continued » » »

Honeypots.net - Spam Fighter!

A WHILE BACK, we were getting an overwhelming 10-12,000 pieces of email spam per day. We finally realized that it was coming from the “catch-all” account.

We were getting, and supposedly sending, emails to/from things like asbkxke at cbo dot com (abbreviated of course).  The catch-all account was deleted, and that took care of most of the spam. 

More Honeypots » » »

A Very Simple Lesson on Piracy vs. Theft

OK, ACCORDING TO THIS picture, I didn’t steal this pic - I pirated it.

Nigerian Fax Scam

OMG! I JUST RECEIVED a Nigerian email scam on my fax machine! So now I guess it’s the Nigerian fax scam. Well, actually, it came from South Africa, so I guess it would be the South African Fax Scam. Should I send them some money?

Seriously, Nigerian scams can be deadly! Advanced Fee Frauds, says that people have been assaulted and even murdered, after getting involved with “Nigerian 419 Advance Fee Fraud offenders”. The number 419 is the number of the article in the Nigerian Criminal Code that deals specifically with these scams. More on the Scam » » »

Legal Bud?

YOU MAY HAVE BEEN getting emails or comments on your MySpace profile advertising “legal bud”, “legal herb”, etc. Don’t believe them! The ads are coming from servers in Hong Kong, and their IP addresses change every few minutes. It is believed that the sites are set up just to collect credit card numbers. It’s a Scam » » »

Possibly the Best-Ever Encryption Program

MY NEPHEW IS A PROGRAMMER. Sort of an old-school programmer, one who tries to make his programs small and efficient. He has developed a small but nifty encryption program, and a site to go with it.

It’s called InfoGuard. It’s not a fancy-looking program, but it works. You can download a trial version, which will encrypt a very small text file, just so you can see how it works. Infoguard » » »

Free Security Check for Your Computer

THINK YOUR COMPUTER IS SAFE from hackers, trojans, worms, and other dangers while you are online?

Might be. And then again it might not.

Here’s a great, easy, free way to find out. Go to Steve Gibson’s Gibson Research Center (that’s him in the pic) and use their probe called ShieldsUP! ShieldsUP! is a remote port scanner, that has arguably taken the lead to become the Net’s most authoritative and reliable Internet port vulnerability scanning facility. SheildsUps » » »