Emmet...I mean EMET

EMET is Easy

Whether you are an expert or a novice, a Microsoft fanboy or not, EMET is a great tool to install and enhance the security of your environment.

The most recent version can be downloaded directly from Microsoft for FREE here.

There is a prerequisite of .NET 4.  The full download is here.  There are two types of .NET, client side and full.  The full which the link goes to here is slightly larger and contains server side components.  Immediately after installing .NET 4 you will need to check for updates…there will be at least 4 (unless they update the download to slip stream them).

So now you have this tool installed…what does it do?  Why exactly did I install this thing again?  Oh yeah…security.

The way that EMET works is that it protects your system against common programming errors and attack vectors.  It is configured out of the box to protect Windows components, but requires some tweaking to monitor programs that you have installed.  You may want to exercise caution on implementing EMET on everything.  As Krebs mentions, implementing a program at a time and evaluating stability is a good idea.  The User Guide (aka Help) inside of the application explains how to configure via the GUI or the command line.  On most systems you can quickly deploy the most common settings using the following command lines:

“C:\Program Files (x86)\EMET 5.2\EMET_Conf” –import “C:\Program Files (x86)\EMET 5.2\Deployment\Protection Profiles\CertTrust.xml”

“C:\Program Files (x86)\EMET 5.2\EMET_Conf” –import “C:\Program Files (x86)\EMET 5.2\Deployment\Protection Profiles\Popular Software.xml”

“C:\Program Files (x86)\EMET 5.2\EMET_Conf” –import “C:\Program Files (x86)\EMET 5.2\Deployment\Protection Profiles\Recommended Software.xml”

As a former full time *NIX guy I have to say that Microsoft has really come around on the security front.  It’s just too bad that EMET is not included in the OS.  Some would argue that if they didn’t make a buggy OS, then this would be unnecessary…but we are where we are, and mitigation is better than nothing.  The features will still be standalone in Windows 10 (which was recently released).  Depending on how comfortable you are with tweaking things there is a lot of options and you can get deep in to it.  But the good news is that you don’t have to touch a thing and you will make yourself a more difficult target.  That is not to say that you will ever be totally protected, but as long as there is an easier target out there you are less likely to experience a compromise.

-Tony

Old Modem onion_layers

An Easy Layer of Security

Lets face it.  Not everything can be %100 secure.  That is one of the realizations we have to come to when it comes to computers.  There is nothing that will stop a determined intruder %100 of the time.  And if you haven’t heard this before, I’ll tell you here…it’s all about layers of security.  Adding a layer need not be complex.

I had an opening that I didn’t realize until a few months ago.  I got a shiny new cable modem from Bright House.  It has all kinds of cool features that are plug and play.  The thing that I found after a little digging is that there is a default password that is on the admin user.  That means that anybody who is on the Internet and has my public IP could potentially log in and “p0wn” it.

So I just wanted to mention this to everybody from my friends to the security professionals out there…you might want to look up the model number and the default password for your connection.

As soon as you lock that password down to something hopefully stronger than your dog’s name and a birthday you will become a less likely target for hackers as they will potentially move on to easier targets.

-Tony

We are experiencing technical difficulties...please stand by!