IT Security Ask the Experts: Top Queries for January, 2010

See what IT security issues badgered readers last month.

Michael Goodwin on February 2, 2010

This Website was designed to be a clearing house for technical IT security queries. However, readers continue to submit a broad range of fascinating questions exploring the interface between technology, morality, security, ethics and sexuality - let alone employment opportunities inside the IT security field, and requests for secret hacking tools. (Sorry, we do not give those out.)

Here are the pinnacle five queries for January, 2010:

MAC attack: Johnny has a small wireless network. At times friends drop over and want to get on the web. Johnny wants the network to be secure, but he doesn't want his friends to need to remember a password, so he uses a listing of MAC addresses. Anyone who's at the list can access the network with no password, but when you are not at the list you do not get access. Recently someone told Johnny that restricting access in keeping with an inventory of MAC addresses is absolutely not secure - so he asked the IT security Experts. Correctly, to this point our Experts are evenly divided. The 1st expert points out that a hacker can sit outside Johnny's house and spot his traffic, which include the MAC address. Then the hacker can set his NIC to take advantage of one in every of Johnny's friends' MAC addresses and gain access to offensive sites, while Johnny gets the warmth. However, another expert notes that the danger of somebody specifically targeting Johnny's wireless network during this way is terribly small. Cast your vote here.

Can the IT manager at work read personal email to your smartphone?: John recently purchased a smartphone and set it as much as receive his personal email. Since he doesn't have a mobile signal at work, he set the telephone to access his email via the company's WLAN. Now he's worried that his IT manager could possibly read his personal email by accessing his phone while it's connected to the WLAN at work. Expert Simon Heron points out that it'll be far easier for the sneaky IT manager (or anybody else) to read John's emails as they stream down from his email server if John is using POP3 to download his emails. Simon recommends switching to “https” that is considerably harder to hack. For more, including information on tcpdump and wireshark, see here.
   
Are two anti-virus programs better than one?: Readers have submitted this query before. Beatriz has McAfee's anti-virus program but she also uses Comodo Internet Security - which acts mostly as a firewall and is derived with an anti-virus program too. Recently, Comodo identified some malicious files and Beatriz put them inside the quarantine folder. Her question is, should she keep both anti-virus applications? She's heard that ideally one must have just one anti-virus program installed, but now that those malicious files are quarantined on her harddrive she's afraid to take away Comodo. Expert David Harley notes that the detection benefit of having two anti-virus solutions running while isn't definitely worth the additional system load and possible conflicts. He believes that it's unlikely that Comodo would catch much that McAfee wouldn't - plus it has something of a name for false positives. Here's such as what our Experts have recommended before, but be happy to feature your personal comment here.   

IT supervisor wants Jasmine's password: Recently Jasmine had a problem with one of the most network applications she uses at work. The IT supervisor emailed her requesting her username and password so he could diagnose the issue. Initially, Jasmine was hesitant about giving her username and password to the IT guy, but finally she did so. Now she's concerned - especially since it has been two days and he still has not resolved the matter. Is it normal, she wonders, for IT supervisors and network administrators in corporate America to invite in your username and password? One Expert notes that if Jasmine's boss wants her personal Facebook password, that will definitely not be normal. However, if an IT person wants Jasmine's password for logging onto business apps at the office server, that sounds like an inexpensive request, though it is a bit odd that IT shouldn't have that information in its records already. A second expert disagrees, observing that it's quite unusual for a reliable support analyst to wish a user's credentials to be able to resolve a difficulty within his or her own network - and he strongly recommends that Jasmine change her passwords once the issue is resolved. Read all about it here.   

How do I remove Sucurty Tool?: Robert desires to understand how he can remove a program called "Sucurty Tool." He complains that it won't let him do anything, and it keeps urging him to purchase this system, which he doesn't want. Expert David Harley suspects that Robert have been ambushed by a rogue security program. If Robert doesn't have already got anti-virus and/or anti-spyware installed, Harley suggests trying probably the most free Web scanners like ESET's or Trend Micro's as a primary step. In case you have a higher idea, add it here.