Cover Your A$$ – Secure Your WiFi Now!

April 25, 2011 Leave a comment

I honestly hate saying ‘I told you so.’

For years I have been telling everyone who will listen (and a lot of people who didn’t want to) about the importance of securing wireless networks.  I’ve told stories about the possible consequences, and have scared some of them into doing the right thing.  Unfortunately far too often my pleas have fallen on deaf ears.

Don’t get me wrong… like anyone else who has ever hopped on an unsecured access point to check my e-mail, I appreciate that so many people have made it unnecessary to actually hack secured wireless networks – which of course might be considered illegal so I would never actually do it.  However my convenience should be trumped by the well-being of the masses.

As was reported by Carolyn Thompson in the Toronto Star (c/o Associated Press) there have been several cases recently where innocent albeit naive wifi users have gotten a very rude awakening.  At least one such user was awakened very rudely by heavily armed agents of the FBI and/or ICE (Immigration and Customs Enforcement) raiding their houses after having tracked child pornographers to their networks (See the full article at http://www.thestar.com/living/article/979849–no-password-on-your-wi-fi-this-nightmare-could-happen-to-you).

The Internet is so often equated to the Wild West… a potentially lawless society with hoodlums and gangsters and very little law enforcement to speak of… and it’s true.  A friend of mine who works in cyber-crime for a major American law enforcement agency confirmed that it likely only 1-3% of cyber-criminals are ever arrested.  With that being said, the Wild West had sheriffs, posses, and eventually the US Army.  SOME cyber-criminals are pursued, arrested, and convicted. 

I don’t know what percentage of cyber-criminals captured are child-pornographers, but I would not be surprised if it was a very high number, and for good reason.  I do know that of all criminals, most law enforcement officers view them as the lowest of the low – as the AP article demonstrates they are seldom arrested politely and calmly.  I have heard of several cases of mistaken identity because child pornographers are smart enough to try to cover their tracks, and the difference between them going through you or not is as simple as a couple of check-boxes and a password on your wireless access point… so what’s stopping you?

If you are uncomfortable trying to configure this encryption and password yourself, I implore you once again to ask for help, or if you must take your router to a Geek-Squad-type service who will do it for you.  Trust me, it is a small investment compared to what could happen.

Filed under Article, Blog, Community, Cyber Crime, Cyber Police, IT Pro, IT Security, NYPD, Password, Police, SWMI, SWMI Consulting Group, WiFi, WiFi Security, Wireless, Wireless Password

A Do-it-Yourself SWMI? No sweat!

February 3, 2011 Leave a comment

Ok, let’s be honest.  We all know that we need to secure our Active Directory infrastructures, but many of us are not entirely sure how.  You may even know that Group Policy is a great tool to do it centrally, but with literally thousands of Group Policy settings available in Windows Server 2008 R2, where should we start?  You may even be advanced enough to realize that you should probably secure different OUs differently… but what policies should we apply to our Domain Controllers? to our Virtualization Hosts? to our Clients? and so on…

If you have the time (and the money) I strongly suggest taking Jeremy Moskowitz’s course on Group Policy… a one week deep-dive into Group Policy, and you will likely be an expert.  For the rest of us, Microsoft has created the Security Compliance Manager tool which will actually create the appropriate Group Policy Objects (GPOs) for you, list the settings for you in an easy-to-manage Microsoft Office Excel spreadsheet, and then allow you to apply them to the appropriate Organizational Units.

Don’t get me wrong… you should probably dedicate a day or two to getting to know this tool, but once you do, you’ll be done Smile  Check it out at http://technet.microsoft.com/en-us/library/cc514539.aspx and take the first step toward a Secure, Well-Managed Infrastructure!

Filed under Article, Ask the Expert, Cyber Crime, Cyber Police, Deployment, Garvis.ca, GPO, Group Policy, IT Security, SWMI

Mitch Visits One Police Plaza

December 15, 2010 1 Comment

A couple of weeks ago one attendee was a detective with the NYPD, and he offered to take me behind the scenes at One Police Plaza so that I could take a look at a few of the units that use information technology (IT) for a lot more than just paperwork and filing.

I had read about Detective Travis Rapp and his involvement with the Real Time Crime Center, which was our first stop.  Respectful to the television portrayals of this and similar units, it really is something to see.  From here police from anywhere in the city can call in and get information and support tracking suspects.  Imagine a thirty foot monitor controlled by a pit of computers manned by detectives who are expert in tracking suspects, licenses, cell-phones, weapons… and more importantly how these all fit together – where a suspect’s car and cell-phone are the suspect is surely not far, and if he (or she) has a history of weapons and/or violence may be the difference between officers being injured or coming away from an arrest safe.  I couldn’t help but think that if I was a ‘perp’ I wouldn’t want these systems (and the people who make it work!) on my trail…

Next we stopped in Computer Crimes, and I got to meet some of the skilled detectives who handle computers confiscated during arrests or seizure.  For obvious reasons I won’t disclose any of the tools of the trade that they use (many of which are discussed in some of my classes but some are not!) but as a veteran of the forensic side of IT I am suitably impressed by the professionalism of the team.  It is easy to imagine a room filled with geeks with thick glasses and pocket protectors.  The first thing I noticed when entering the back room was that they were first and foremost cops… badges, side-arms, and all.  Later I asked Detective Rapp as we discussed some of the stars of the team (of which he is a veteran) if the NYPD trained most of them from scratch, or did they look for officers with a background in IT.  I couldn’t imagine having a high success rate trying to train beat-cops to do what these people do.  At the same time I want to reiterate that these are all professionals, and there are no ‘former criminal hackers’ in the group.  Sorry Kevin, you’ll have to look elsewhere for your next job J

The last stop we made (I’m skipping a few floors) was the garage where we took cruiser Unit 1956 out for a spin – not a ‘ride-along’ that some people would crave, but a spin of the Panasonic Toughbook laptop that each cruiser has, and the software and communications tools they use to give every mobile unit another advantage on the job, whether chasing down suspects or issuing traffic citations.

The new DataMaxx software package that each unit has revolutionized the mobile unit, and seeing it in action was interesting; however the part that most appealed to me was that Detective Rapp would be making a video, user manual, and PowerPoint deck to train officers in the tool.

I should mention that Mo, who is responsible for deploying these ToughBooks, has done a brilliant job of locking them down.  He uses Microsoft Deployment Toolkit to create, manage, and deploy the images, customizing them and locking them down – both in the CMOS (blocking USB and such) and in the image itself.  He knows that a locked-down user environment not only prevents users from installing software – by definition in a secure, well-managed infrastructure unsanctioned – but also prevents tampering; both of these result in a more stable environment over the long term. 

In order to create the training materials that were required we used one of my favorite must-have tools – TechSmith’s SnagIt.  Even though you can screen-shot individual app windows with Windows 7, the SnagIt tool adds incredible functionality – editing, resizing, adding effects, and much more – before sending the image directly to either Microsoft Word, PowerPoint, or an e-mail (either as an attachment or an embedded image).

For the document Detective Rapp was creating he needed the screen shots sent to Word, but would eventually be creating the PowerPoint deck as well.  SnagIt maintains the screenshots in memory so that you can reuse them over and over – after exporting them to Word we could then export several captures shots to different slides or, even better, to a build-slide with animation.  The images will be properly sized and positioned automatically, all thanks to SnagIt and without having to resize and adjust any of the images in PowerPoint (which is not difficult, only more work).

The next step of building the training material will likely be to record training videos of the system, for which Detective Rapp will likely rely on another TechSmith tool, Camtasia Studio.  Unfortunately that will happen after I have left, but I know that he will have no problems with it because I have used the tool before and you have heard me rave about how easy and powerful it is.

As I walked back to my hotel from 1PP I couldn’t help but think that when they talk about ‘New York’s Finest’ they are not only talking about the bravest… they have some of the finest IT forensics and cyber-crimes people, some fine Windows Deployment guys, and use some fine tools all around.  For security reasons I only mention two of them in this piece (Microsoft Deployment Toolkit and TechSmith SnagIt).  I felt safer knowing that if they had taken the time to make sure they used the right tools for their IT, they were probably using the right tools for feet-on-the-ground law enforcement as well. 

Stay safe out there guys… New York’s Finest indeed!

Filed under Article, Cyber Crime, Cyber Police, Deployment, Laptop, MDT, Microsoft Deployment Toolkit, Microsoft Office, New York, New York Police Department, NYPD, Police, Real Time Crime Center, RTCC, SnagIt, TechSmith, Windows XP

%d bloggers like this: