WEI-Tek Consulting, LLC

Internet Security

Let WEI-Tek Consulting help you pick the proper solution to protect your computers, data and internet connected devices from the dangers that abound on the internet such as (Viruses, Trojans, Malware, Ransomware, Botnets, Porn, Predators, Cypberbullying, Gaming, Cybercrime and Hackers). Protect your privacy with a quality advanced firewall and internet security suite. "Don't let the criminals use your computer to further their crime spree and potentially make you a criminal!!"

Firewalls & Unified Threat Management (UTM)

I consider the firewall the first layer of protection between your internal network and the internet, that is a very important part of your overall security.

A firewall is a network security system that controls the incoming and outgoing network traffic based on an applied rule set. A firewall establishes a barrier between a trusted, secure internal network and another network (e.g., the Internet) that is assumed not to be secure and trusted. Firewalls exist both as software to run on general purpose hardware and as a hardware appliance. Many hardware-based firewalls also offer other functionality to the internal network they protect, such as acting as a DHCP server for that network. While advanced firewalls that combine several security systems such as IPS, SMTP Proxy, FTP Proxy Anti-Virus, and Anti-Spam, these systems are called Unified Threat Managment systems of UTMs.

The most basic is the home internet router with a very basic firewall and NAT addressing, at a minimum it should have Stateful Packet Ispection (SPI). While the UTM such a Sopho's formerly Astaro is available as a software or a applicance edition that provides a complete security system.

Personal Computer Security

The next layer of security is your computer, this is accomplished with a Security Suite. These suites contain Firewall, Anti-virus, Anti-malware, Browser and email protection. Keep the operating systems and all software updated with curret serices packs and patches. Backup your data frequentley, cloud backup services are available that can automate your backups.

Proper Passwords

What is a proper password? A lot of info will tell you that a proper password is a complex ppassword, example would be something like this $DN6aMkH^PB or this &?S8@wu8+RrCeZ_Jvr+4, while they would be hard to crack how many people will be able to remember them?
To make a stong password it is better to us a pass phrase which can be a sentance that you can easily remember such as the samples that I list below. Then use padding between the words such as () [] {} % * - = + 1 2 3 4 5 to make it harder to crack.

• Jack-and-Jill-ran-up-the-hill-to-fetch-a-pail-of-water.
  This is a sentence padded with a dash in place of the space.
• ?Horse(1)Airplane{6}Pineapple*
  This is three unrelated words padded with numbers and symbols.
• Crystal(70)Courtney(88)Trevor(90)Rich(71)Grace(38)Raymond(35)
  This is the names of people that I know with year that they were born.
• C0ltM@rlinRem!ntonWinch3ster
  This is the names of four arms makers with substitutions of number and symbols for letters o-0, a-@, i-!, e-3.

All of these sample pass phrases are considered to be very strong, yet they can easily be remembered.

Another option is to use a pasword vault that will store your passwords online such as Lasspass, Dashlane, Roboform, KeePass and 1Password. Setup an account and create a master password that is a stong passphrase. Then for all your online accounts generate random passwords and store them in your vault. This way if your facebook account was comprmised, all of your other accounts are safe with their own password.

Phishing and Social Engeenering Defense

Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication.

Social engineering, in the context of information security, refers to psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional "con" in that it is often one of many steps in a more complex fraud scheme.

• Protect yourself from Phishing attacks and social engeneering, never give personal information to someone that you do not know. Shred personal information
• Email's - always check the address, do you recognize the address? Is your address a BC (blind copy) it is generally a scam sent to hundreds of prople. Don't click on links in emails that you can not verify where they are from.
• Don't give personal information over the phone.
• Microsoft IS NOT going to call you and tell you you been hacked.The guy on the phone is not a Microsoft Employee! He is trying to get you to him control of your computer.

• Password Strength Meter
• US-CERT Cyber Security Tips
• 25 Security Tips

"I started on an Apple II, which I had bought at the very end of 1978 for half of my annual income. I made $4,500 a year, and I spent half of it on the computer."

- Bill Budge