Securely implementing a home network

As we speak I am currently in the process of designing my new home, lucky enough myself and my wife to be are in the position where we get to build from scratch. The beauty with building from scratch is of course you start with a blank canvas. We are at the stage where all the necessities have been figured out such as heating systems, insulation, build type, house size etc so its time to get to the really fun part... the home network.

Having past my CCNA over 3 years ago, my networking has gone a tad off the boil so this is  a great excuse to get myself back up to scratch. The beauty with building a network from scratch is you can do whatever you want and that is exactly what I plan on doing. As I do work in security I won't be detailing the underlying hardware components but I will give the high level view.

My first consideration is cable type and at a little more expense I have decided to run with CAT 6A throughout the house, remember if you chose CAT 6A make sure your wall jacks are also CAT 6A and any other network hardware component that delivers connectivity throughout your home.
For flexibility I will be running with un-shielded pair CAT 6A and I am also going to run in some external cable in case I ever decide to run CCTV.

I aim to install approximately 26 ports internally and a number externally so I have chosen a 48 port managed switch to connected everything to.
Choosing your switch is important from a network security and stability perspective you should try get a switch that supports, multiple VLANS, QoS, Access Controls Lists, IP Source Guard, Port-level controls, Dynamic ARP inspection. This will cost a few bob but will give you great control over how your network works. The above are just examples of a few security features and if you want to know more about each I'm sure google will be an obliging teacher.

From a general helpfulness note when you pull in your cables label each one on the wall and give it a corresponding number of the switch. This practice can be a pain in the ass but you will thank yourself later. Once you have your ports labelled and patched its time to decide the function of each port and make a list.

I suggest grouping the ports that will carry the same traffic together such as:

- Wireless Access Point traffic
- VOIP traffic
- IOT devices
- Media and Smart TVs
- Home Heating System / Solar
- CCTV
- Office

Once you have worked out what ports are mapping to what service group these ports into VLANs, this will help protect your traffic  by segregating your services and helping to aggregate your network.

For ports where the devices wont change I suggest binding the MAC address to add a small bit of integrity. Switches with QoS options are great as you can now easily configure what traffic you want to give priority to such as VOIP or media. This gives you a more granular control over how your networked devices will work.

I suggest you also buy a switch that has a number of gigabit up-link ports so you can connect into your router.
For my choice of router I want something that is capable of holding a solid baseline and is powerful, I also want it to be able to handle VOIP traffic and run a VPN. Installing a VPN at the router level can cause issues so unless your technical I might skip this part remember I have no problem spending my weekends fluting around with this stuff till its fine tuned.

There is also the option to add in additional security such as firewalls or I could fire up SNORT to give me some intrusion detection capabilities all of which I have ample time to prepare for. The main point of this post is that implementing a home network should cause you to think about how you want it to work, what you want to use it for and how secure you want to be. If your not technical leave it to the pros but make sure you get someone who knows what there doing or you could be exposing yourself to a whole world hurt. 

Protecting your child online

This is the second post I have done on this topic and the reason for this is the increasing amount of questioning that I have been getting from parents around this area. I think in the past year the message is starting to sink in that real threats do occur online and you need to be aware of how to mitigate against them. First of all can I say that educating your child on how to use a computer can be very beneficial but use this time wisely educate your child how to master IT skills through the likes of your local coder dojo or local computer classes for children, I would not however suggest letting your child have unlimited access to your ipad or family computer. In many cases, kids are more technologically advanced than adults, so some parents may feel intimidated and refrain from enforcing rules that are imperative to protect their children as they surf and socialize online. This is a very real fact there are however ways for parents to educate themselves so they can take a more interactive role in how they deal with there children's use of online forums. Security software is one way to restrict what kids see and do on the web, taking a lot of pressure off parents to stay current with every new risk. But it’s still important that parents get involved with their kids’ online lives, and make sure that their children know how to act and how to react to what they see on the web. Communicating the dangers of the web to your child and staying involved in what they can and cannot do online helps build up an understanding of what is safe and acceptable.

In order to communicate these dangers parents firstly need to understand what the potential threats may be. The number one threat to children today be meeting a predator online, but there are many other online experiences that can result in inappropriate or illegal activity. Kids need to be told that not everything they read online is true, and that there is a lot of material on the web that is not meant for them. This material can include fascist sites, pornography sites, drug sites, and other explicit content that an unprotected child can easily view. To help mitigate these risks there are many new software options available such as filtering technologies, child-safe browsers and search engines that restrict where your child can surf.

Loss of privacy is a another big risk. Kids must be shown how important it is to protect their personal information and the information of their family and friends. Many child-oriented web sites solicit information from kids in surveys and forms in exchange for prizes, and get them to register online for fan clubs. In chat rooms, sharing their gender, age, and favorite hangout could seem harmless, but predators can easily use this information to track down the child. Parents need to be aware that digital predators often pose as children in order to gather information and ultimately meet their unsuspecting victims. But kids also flirt and pretend to be older than they actually are, not thinking about the potential results of such actions. It is also common for kids to get into online fights or become the target of bullying via email, chat, and instant messaging, this type of behavior can sometime consume the victim so much that they become withdrawn and with no physical marks to show from such behavior it can become hard for parents to figure out whats going on. With the introduction of such apps like snapchat where the messages disappear from the victims phone within seconds it can be very hard for a child to prove that the bullying exists. I would strongly recommend that parents are very aware of what messaging apps your child is using and carefully monitor there activity especially if the child's behavior starts to change.

Blogs such as this one and Social networking sites such as Facebook are places where kids can share too much information—not only names and addresses but also personal photos that sometimes show illegal acts, such as underage drinking or drug use. Ask your kids to share their blogs or online profiles with you so you can check the content. If you are spicious that your kids are hiding content from you then use Google, along with the search tools on social networking sites, to search for profiles your child may have posted. Use your child’s full name, phone number, and other identifying information. You can also use Google images to upload a picture they may use on social media sites and this will trawl the web for that pictures or ones that may be similar.

The next threat vector parents need to be aware of is Peer-to-peer (P2P) file sharing this alone creates new issues and privacy problems. These programs allow people to browse and download files from Internet-connected personal computers of anyone else who uses the same program. This makes it easy for cyber criminals to spread viruses, Trojan horses, and spyware. Kids can also accidentally download pornography that is labeled misleadingly. I would strongly suggest that you don't allow your children to use such services unless you are able to closely monitor the content. Setting up a virtual machine will help mitigate the threat of malware and virus's to your main machine if you run your p2p service off the virtual machine but it will not prevent your child accidentally downloading porn.

So how do parents go about becoming proactive about the above? I have complied a list of ten things that you should sit down with your children and go through. The below list will set out clear boundaries for your child and let them know that you care and are taking a proactive role about there online security. 

1) Monitor your child's online activity this is by far the most important step to take. Limit the chance that they are looking up inappropriate material by putting the computer in a high-traffic family area and limit there usage. There are loads of child monitoring software packages out there so do your own research to find a software that meets your needs and budget.

2) Fortify your computer with strong security software and make sure to keep it up to date I have wrote about the importance of this in past blogs so take a look through my posts if you need help with this. Using software such as The McAfee® Internet Security Suite guarantees protection from viruses, hackers, and spyware. It filters offensive content, pictures, and web sites. The anti-virus software will also protect your computer from viruses and spyware by automatically scanning email attachments and files downloaded from P2P file-sharing sites. For the most complete way to keep your children safe online, use McAfee Family Protection. It keeps children of all ages safe from exposure to inappropriate content, social networking risks, strangers, and other online threats. With McAfee, kids are free to safely explore, learn, and enjoy their online interests.

3) Make sure kids understand basic rules for using social networking sites such as Facebook and blogs. They should guard their passwords, and never post personally identifying information or inappropriate photos. Blogs and social networking sites offer privacy tools that can be turned on to restrict potentially dangerous users. The sites automatically provide these protective tools to kids under 15. Kids should share information only with people they know from the real world. Make sure that your kids understand that there are bad people online to and they may not be who they claims its very easy make up a fake social media account.

4) Never ever let your child arrange in-person meetings with people they meet online. If however for some reason you think that this is acceptable you should confirm the person’s identity, and you should accompany your child to the meeting in a public place.

5) When using P2P file-sharing programs, kids should not download files from users whom they don’t know. They could be downloading infected files, pictures, games, and music that are inappropriate, or media files protected by copyright law. As I said above using a virtual machine for this activity will save your computer if they do download a virus. Also its important to note that kids should not allow users to upload their music files unless they’re certain that they have permission to share them. You can disable the upload feature so that your kids don't inadvertently share files without permission.

6) Don’t allow kids to fill out online forms or surveys. If there is a legitimate site where they want to register, such as Nickelodeon or Disney, have them come to you first so you can check the site’s privacy policy and rules of conduct. You should take the time to read there privacy statement but I suggest use a throw away email address for such sign ups and limit the amount of factual information you need to share.

7) Only allow your children to use monitored chat rooms, and have them use a screen name that doesn’t hint at their true identity. As with blogs and MySpace, kids should never reveal personal information or share photos. Make sure they understand that people can lie about who they are and that online friends are still strangers.

8) Teach your kids to ignore emails and instant messages from people they don’t know. They should never open attachments they are not expecting nor click on links in messages. As with blogs and Facebook, they should not send out personal information.

9) Use browsers for kids and kid-oriented search engines. Children’s browsers such as Google safe search for kids do not display inappropriate words or images. It comes pre-loaded with kid-safe web sites and pre-set word filters.

10) Set you kids goals to research online safety be themselves as them to write you a little report on what they think the dangers online might be. Fact Monster is an excellent reference site, packed with information and homework help. For Ireland you should check out the office for internet safety.

Recovering "Deleted" snapchat messages

You have just arrived at this post and read the heading "recovering deleted snapchat messages" and now your thinking snapchat deletes my messages after 10 seconds doesn't it? Well the simple answer to that question is no. This isn't any kind of a new revelation the research has been around since 2013 it just doesn't seem to be well known so I have decided to do my part to try and highlight it. The main reason for writing this post is to try and get the message through to teenagers and young adults that the content you are sending may not be secure and could come back to bite you. There is also a massive legal issue with the sending of explicit images if both parties are seen as minors and you could land yourself in a whole lot of trouble with the law. It is important to presume that anything you send or do online can be traced and made public so the safest approach to take is think twice before sending anything out there that may prove harmful to yourself or others.

If you would like to read through the report on how to recover snapchat messages and I suggest that you do the link can be accessed here. After reading this report maybe you might consider sending a snap to your friends just to let them know you have a code red situation and you need to meet up. For anyone who is to lazy to click on the link I have copied in the body of the report below.
-------------------------------------------------------------------------------------------------------------------------

Methodology

We used two android devices to examine artifacts left behind by Snapchat. An account (rhickman1989) was created on a Samsung Galaxy Note 2, and pictures and videos were sent to another account (DeciphForensics). The receiving account was logged into on a Samsung Galaxy S3, when some of the images and videos were viewed, while others were not. We then acquired the phone using AccessData’s Mobile Phone Examiner+ version 5.2.1.499. After the acquisition was complete, the image was exported as an .AD1 image file, and then imported to AccessData’s Forensic Toolkit version 4.0.2.33.

After a brief examination of the contents, a different account (decipforensics2) was created on the Samsung Galaxy Note 2, and more pictures and videos were sent to the account on the Samsung Galaxy S3 (rhickman1989). This was to determine if there are identifiers for the sender account of a “snap.” The same acquisition process was followed again after the second batch of “snaps” were sent.

After another brief examination of the contents, pictures and videos were sent from the Samsung Galaxy S3 with the rhickman1989 account to both the DeciphForensics and DecipForensics2 accounts. The same acquisition process was followed again after sending these “snaps.”

All examination took place using AccessData’s Forensic Toolkit version 4.0.2.33.

Snapchat Structure

The majority of Snapchat data is stored within the data/data/com.snapchat.android folder. There are four folders within this directory, with two folders within the cache folder.

Examination of the Samsung Galaxy S3 revealed that within the shared_prefs folder are several XML files: CameraPreviewActivity.xml, com.google.android.gcm.xml, com.snapchat.android_preferences.xml, and SnapPreviewActivity.xml.

The com.snapchat.android_preferences.xml File

This file is where the majority of information stored by Snapchat is located. Within this file is a listing of all the contacts stored on the device. This is done with the permission allowed by the user for the application to read the contacts on the device.

Below the list of contacts is a listing of Snapchat messages. It appears that there is a set of fields stored for each message in Snapchat. The following are the fields stored in this section of the XML file: type, mSender, mWasViewed, mCaptionPosition, mCaptionOrientation, mIsLoading, mIsTimerRunning, mIsBeingViewed, MWasOpened, mWasScreenshotted, mDisplayTime, mId, mTimestamp, mStatus, mIcon, and mMediaType.

We sent only two pictures from the DecipForensics2 account, and one was viewed and expired. Within this XML file are two records that show the mSender field set to “decipforensics2.” Of those two records, one has the mWasOpened set to “true.” The author kept documentation as to which images were opened and allowed to expire and which are not, so it is known which image is tied to this record.

The mTimestamp field is stored in Epoch format. Upon conversion of this value, it showed the time that the image was either taken or viewed. Further research will need to be done to determine which it is, however, the time is within the timeframe of both being sent and viewed. Unfortunately, the author did this within a few minutes of each other and did not record the exact time sent.

The mId field for the picture shown to the left is “270518365528484358r.” The mTimestamp field in the same record is “1365528484358.” After converting the Epoch time format to readable format, the time stamp is for April 9, 2013 11:28:04 MDT. The similarities here will be address further in a later section of this paper

The received_image_snaps Folder

Within this folder were located every image sent to the DeciphForensics account on the Samsung Galaxy S3, including the images that had been viewed and were expired. There were some duplicate images with different names as well, the reason for this is unknown.

Android developers created a way for media files such as graphics to be stored on the phone for application use and function without being put into the Gallery application as an image to be viewed. The way that they did this was with .nomedia files. “If a directory has a file named .nomedia, then the media store will not scan and record the metadata of files in that directory” (Hoog, 2011).

Each of the images within the received_image_snaps folder had a .nomedia extension appended to the end of the file name. For example, the name of the file figure 3 is “h1a81hurcs00h1365528700423.jpg.nomedia”. This was likely done to prevent the images stored within this directory from being placed in the gallery or from being scanned by the media store. AccessData’s Forensic Toolkit recognized the .nomedia extension that was appended to the end of the file name and ignored it, displaying the images.

Correlations between the XML Records and the Image Names

There is a small correlation between records within the com.snapchat.android_preferences.xml file and the name of the image file stored in the received_image_snaps folder.

As shown above, there are three correlations between the name of the image, the mTimestamp value, and the mId value. While this is consistent with this image, it is not always consistent with all images. The section in blue is present in several of the other images, only with different numbers following to separate the image.

Conclusion

The author began this research in an attempt to answer several vital questions about the Snapchat application as it is stored and used on Android devices. The author has concluded that metadata is stored for Snapchat images, as shown by the com.snapchat.android_preferences.xml file, and that it contains metadata about expired “snaps” as well as unexpired “snaps,” and that images that are sent via Snapchat are indeed recoverable, and do not “disappear forever.”

Steps to take after the Vtech Hack

In the last week the figures released from toymaker VTech surrounding the massive hack they have suffered is startling. The worst part about this hack is it shows that children are not immune to cyber crime. It is important to first realise the scale of this attack and just how many children have been affected worldwide. Below are statistics detailing how many individuals data has been leaked and in what countries along with if the data was that of an adult or a child. As you can see from the statistics below I have highlighted Ireland, the only reason for this is that I am Irish.

Country                         Parent Accounts                             Child Profiles

United States                  2,212,863                                             2,894,091

France                             868,650                                                1,173,497

United Kingdom             560,487                                                727,155

Germany                         390,985                                                508,806

Canada                            237,949                                                316,482

Others                             168,394                                                223,943

Spain                               115,155                                                138,847

Belgium                          102,119                                                133,179

Netherlands                    100,828                                                124,730

Republic of Ireland      40,244                                                  55,102

Latin America                28,105                                                  36,716

Australia                        18,151                                                   23,096

Denmark                        4,504                                                     5,547

Luxembourg                  4,190                                                     5,014

New Zealand                 1,585                                                     2,304

What I find the most frighting about all of this is that a particular VTech service known as Kid Connect was hacked and the information stolen. You may ask why is this frighting and I am going to explain why. Kid Connect is set-up to allow parents and their kids to communicate. That information includes kids head-shots and chat logs between parents and children. Most, if not all, of these cases, the logs, pictures, and recordings can be traced back to specific usernames, allowing anyone in possession of the hacked data to identify the people chatting as well as those in the pictures.

This may lead to a lot more unforeseen problems down the road but as it stands is just a very uncomfortable situation for parents to be in, and yet again starkly highlights the dangers for children in the digital age.

If you have been affected by this attack you might want to know what steps do you need to take now.

Luckily for you its coming up to Christmas so the VTech spin doctors are in full flight trying to somehow roll out reassuring and efficient damage control to save what's left of the companies reputation. In response to the attacks they have posted a very detailed breakdown of all of the events and the VTech response that can be found here. If you just want the main points I have pulled them out and you can find the below. 

What kind of information are stored in the database?

Parent account information including name, email address, secret question and answer for password retrieval, IP address, mailing address, download history and encrypted password.
Kids profiles include name, genders and birthdates.
Encrypted Learning Lodge’s contents including, Kid Connect’s profile photos, undelivered Kid Connect messages, bulletin board postings and Learning Lodge content (ebooks, apps, games etc).
Download sales report logs.
Progress logs to track kids games, for parents’ reference.
It does not contain any credit card information. VTech does not process nor store any customer credit card data on the Learning Lodge website. To complete the payment or check-out process of any downloads made on the Learning Lodge website, our customers are directed to a secure, third party payment gateway.
It does not contain any personal identification data (such as ID card numbers, Social Security numbers or driving license numbers).

Was any credit card information stolen?

No, our Learning Lodge website database does not contain any credit card information and VTech does not process or store any customer credit card data on the Learning Lodge website. To complete the payment or check-out process of any downloads made on the Learning Lodge website, our customers are directed to a secure, third party payment gateway.

Why do you need this customer information?

Learning Lodge allows our customers to download apps, learning games, e-books and other educational content to their VTech products. Customers need to set up an account for such transactions. The information is used to identify the customer and track their downloads. As customer safety and privacy are of utmost importance to us, we are making all necessary adjustments to our system security, which will include only storing such information as is required for our customers to download and enjoy our services. All other information will be deleted from our servers.

Is there anything I can do to better protect myself?

Whilst all personal customer passwords are encrypted, even encrypted data can be susceptible to skilled hackers, so we are advising you to immediately change your passwords on any other sites that may use the same email, secret question and answer, and password combination.

What is VTech doing to protect data stored on Kid Connect?

The Kid Connect service has been temporarily suspended. We are reviewing our security protocols and will delete all unsent messages before we restart the service.

How can I change my password or delete my Learning Lodge account and personal data stored on your servers?

As an precautionary measure, we have temporarily suspended Learning Lodge and Kid Connect service along with a number of other websites to conduct a thorough security assessment and whilst we implement additional security protocols. We will advise our customers of further action when the websites are ready to be reactivated.

When can we expect that Learning Lodge will be online again? Should I then register again?

We are working as fast as possible to resume our service. We will advise our customers of further action when the websites are ready to be reactivated.

Is it safe for my kids to play with the toys with Learning Lodge app? Could the hacker reach my kids through the devices, trace their activity or location?

Our investigation to date suggests the breach is on the server, not on the device itself. There is no evidence to suggest the toys are not safe at this time. We will continue to investigate and share more information as it becomes available.

Has there been any customer data found leaked on the internet?

We have no evidence that any of the data has been used or distributed criminally. Whilst all personal customer passwords are encrypted, even encrypted data can be susceptible to skilled hackers, so we are advising you to immediately change your passwords on any other sites that may use the same email, secret question and answer, and password combination.

Protecting your children online

For parents the risks of the internet to your child can be over looked. Coming up to Christmas you may be tempted to buy the next great gadget for your child however with the Vtech cyber attack this week as one example, how safe is the data your children are inputting into these devices? I would always advise parents if they are giving their children access to tablets and smart phones at a young age they should always consider a number of factors.

1) Don't put your child's personal data into any device when setting it up! Use your own details if you have to otherwise create throw away credentials to enter in any applications that don't require factual information.

2) Set boundaries! balance is key, create times of use around their devices avoid your children becoming addicted to their devices.

3) Educate your children to the dangers of the internet and the fact that everything they do online is there for life! Snapchat is a popular example to use and I suggest you give this article a quick read.

4) Put safe guards in place to monitor your child's online activity, this will give your child the device they want and you can have the piece of mind that they are not putting themselves at danger online.

5) Keep you kids off social media until they are an appropriate age, most sites don't allow children until they are 13 years of age but this can be easily overcome by entering a fake date of birth.

6) Make sure you need to enter a password to download apps and games don't leave your credit card information signed in on the device they use. This will allow you greater control over what applications they are using, it may also stop a nasty credit card bill from unseen app charges.

The internet is a great place but the dangers it poses are very real, take a few minutes to watch the video below before disregarding this post.

Below are some tools for monitoring or limiting the amount of time your child's device is in use.

For Window's users: 

When you create an account designated as a child’s account, you get the option to enable Family Safety settings. Family Safety allows you to monitor and /or time the usage from your child’s account, block certain applications or sites, and get weekly reports reviewing the activity on the account.

For Mac users:
Log on as Administrator on your child’s Mac, go to the Sharing preferences and choose Screen Sharing. Continue to “Allow Access For” and choose Administrators. When you are on your Mac, go to the Finder and choose Go: Network to see your child’s Mac. Click on Share Screen to see the activity.

For Smartphones:
Backing up your child's phone’s content to your own PC or Mac is a good way of keeping tabs on things. This will allow you to see which apps are being used on the phone, and you’ll be able to see what calls and text messages your child is making. Be sure to activate the basic security features, as well as any further limitations on usage you want, I have already done a blog on securing iPhone's.

There are also many products on the market that will allow you to use GPS tracking and more in-depth monitoring of all your kids devices. One free option that allows some of this functionality is Norton Family Online. The free version lets you monitor every site your kids visit, examine a list of everything they search for, and track their activity across social media via any Internet connection. You can tell Norton to always allow (whitelist) or block (blacklist) certain sites, customize the settings for each child, and set time limits so you can boot them offline when it’s time for bed. A premier version lets you monitor their instant messages, video consumption and mobile devices. This is just one product that I am aware of but their are many similar software type packages out there.

I hope that you have found this post of some help and if you need advice on anything just pop a comment below and I will do my best to give you a constructive answer,