Login: GUEST @ JH4XSY.14.JNET1.JPN.AS [Tsuchiura]
home | newest check | boards | help index | log | ps | userlogin | send sysop | slog | status forward | bcm news | users | version | remove cookie
N3BYR > CYBER 18.02.25 00:22l 47 Lines 3748 Bytes #4 (0) @ WW
BID : 14300_N3BYR
Subj: Cyber Security Topics - Attack Surfaces
Path: JH4XSY<IW0QNL<IZ3LSV<DB0ERF<DK0WUE<DK0WUE<VK5RSV<K7EK<VE3CGR<GB7YEW<
W9GM<KE0GB<K0WAV<N9SEO<KE4QCM<N3BYR
Sent: 250217/1452Z 14300@N3BYR.#CGA.GA.USA.NOAM BPQ6.0.24
I wanted to start a new bulletin for an aspect of Ham Radio that I don't feel get's much focus. While I have been a
Ham Operator, I have always had computers from 8088's to 486's to the modern Intel, AMD, and Apple processors.
In that time I have worked within IT and more specifically focused on cybersecurity. While I have multiple
cerrtifications, a degree, and a lot of hands on, I am not an expert on all aspected. I will send out a bulletin with some
information to get the average ham operator thinking. I hope to do this frequently, please feel free to reach out to me
with a question, it might make for my next topic!
This week - Attack Surfaces:
An attack surface in cybersecurity is the term used to define the areas of concern where a vulnerability may grant an
individual access to a system you do not want them to access. Attach surfaces can be Network, Software, Hardware,
Social, or Physical. Each area of concern has a set of considerations - and hackers know how to expose
these to gain access. With each area of risk, you need to carefully analyze the potential threat and how to safely use
them. Take a moment and think about each area I cover as you read, consider what could be prevented and what could happen
if someone hacked your computer.
Network. Most modern modems include firewall settings that are set to a predetermined set of parameters. In cases
where we employ ham radio for things like AXIP, Telnet, remote transmitter access, and otehr items, we typically need
to change the settings from default to permit access to these items. All those changes in port opening, port forwarding,
NAT (Network Access Translations) change the potential attack surface. When you make these changes, have you considered
adding additional rules or settings to properly defend that open access and limit connections?
Software. Installing software that is niche, 'homebrewed', or written by an unknown software programmer in Ham
Radio is standard territory for us. We download software that serves a specific purpose or is brand specific to program
radios, handle audio or data streams, and interface with devices. How familiar are you with the last software application you
sownloaded and installed on your ham shack computer? Are there others that are also using the same applications, and is it
the most current version of the application? Does it do something weird when it's running or installed, and is that because
it's just roughly written, or because it's a bogus version of the real application. Having a reputable anti-virus software
program on windows is always a good idea. If you are on Linux, MacOS, or another operating system - you are not free from
getting hacked. Review and know your system settings and operating system.
Hardware. In most cases hardware attach surfaces are reasonably defended *IF* you keep firmware up-to-date.
There are obsolete hardware devices that we use sometimes, and research is always your friend. Check to see if you
have the current firmware installed on devices accessing computers, radios, and networks. Review the revision notes to
be sure that its not just a feature update you are missing! Many of us may have older obsolete gear and that is perfectly fine
to do. Just make sure you do a little reading to make sure those devices are protected or you make a couple small changes
to ensure that the network provides the correct protection.
I will continue this subject next week to dive into physical and social attack surfaces. Let me know if you find this
useful, useless, or interesting - and feel free to send me questions, I might use them to cover something cyber-related.
Have an excellent week and stay safe!
"Greg" Colburn - N3BYR
n3byr@n3byr.#cga.ga.usa.noam
前のメール | 次のメール