Wednesday, March 16, 2016

OpenWRT WIFI Detect

If you run Openwrt on a X86 system the best way to get WIFI working after you install the drivers and to get it work in luci.

Just run

rm /etc/config/wireles

This will erase the wireless file.

 wifi detect > /etc/config/wireless

This will detect the correct wifi information for your hardware and send it to the wireless file. 

Sunday, March 13, 2016

Free Iphone 6 SCAM Congratulations Bell Canada User! Your Desktop has Won (1) Google Gift!).

Congratulations Bell Canada User! Your Desktop has Won (1) Google Gift!). 

Canada Cyber has a detected a scam promising you a free iPhone 6, as long as you answer the 4 questions next. (Congratulations Bell Canada User! Your Desktop has Won (1) Google Gift!). 

NO one is going to give you’re a Free things. So never be fooled.

So we decided to play and follow on with the questions. After attending to the easy 4 questions reference google correctly. A form pop comes up congratulating you again and informing you that you have reserved yourself an iPhone 6. But to do so you must pay $1.0CDN for the DHL of the phone.
When you click OK, you are then redirected to another website that is asking you for your credit card and address.
This is a typical scam that uses your Geo location/and provider only to make it look like it is real. It also uses some clever social engineering. To make you think you earned it by asking you 4 easy questions.  
It then uses the idea of a small amount of only $1.0 to make you think it’s so cheap why not just but in my CC info.

Wednesday, March 2, 2016

Enterprise Firewall request for Change management

Lots of people ask us how do we insure we have up to date firewall policy. we say insure you have a review policy in place so every 6 months you do this: 

Firewall Rule Policy Request change Procedure for Organization X and Remote location.
IT management and staff at Organization X are authorized to manage the wired and wireless networks at the X Location’s and COLO.
IT and IS systems utilize firewalls based on layer 7 firewalls; in many locations to protect these networks from disruption, intrusion, and other cyber threats posed by a lasting connection to the Internet and its inter LAN connection within ORGX and its remote offices.
The purpose of this procedure is to:
  • Manage the deployment and configuration of firewalls at the Organization X and remote locations, located in 25+ sites.
  • Enforce the security of ORGX’s information and electronic communications resources.
  • Prevent the possible intrusion of ORGX networks from unauthorized users.
This process applies to all firewalls at Organization X and its remote offices. This standard does not apply to firewalls deployed by independent agents or any personal agent’s machines.
Firewall rule changes are usually requested by computer support team (HELPDESK) or IT managers for their network subnet and approved by their supervisor or authorized experience contractor. 

All firewall rule change requests must follow the above figure layout:
  1. Require a predefined lead time to be applied.
  2. Must include the following information:
    1. Source and destination addresses, including IP's and domain names (where applicable).
    2. Source and destination ports requested to be open.
    3. Date when the change is required.
    4. An explanation or reason why the change is needed.( example .. ICloud is not working for Agent X, and he needs this service.).
  3. Will be evaluated to ensure that they conform to current IT security standards and best practices and will be denied if they do not meet current these standards.
  4. Will be subjected to weakness testing by IT Information Security and an outside contractor.
  5. If approved, will be scheduled to be implemented according to IT Management procedures.
  6. Approval must have 2 IT personals. 1 from ORGX Helpdesk main staff and one from the outside contracted it staff or a senior IT staff. This to insure full integrity of policy implementation.
  7. Documentation and Backup. After the changes are made, the changes must be documented and e-mailed to all IT staff, and the current firewall configuration must be backed-up before and after the changes. The backup will also be saved to the local IT staff shared drive.
Exceptional Circumstances
Deployed firewall rules will be re-evaluated over time and may be canceled if security requirements change in the future.  
Emergency firewall rule change requests must be approved by IT management. But can bypass the above process to fix a major limitation in the network. Or for example to stop a DDOS attack or a virus threat.