technology
Hardware
Chips
Graphics
Notebooks
Peripherals
Servers
Software
Science
Internet
Defence
Research
Unbelievable
telecoms
Applications
Broadband
Digital Content
Infrastructure
Mobile
business
Financials
Legal
Logistics
Resellers
Retail
Security
Rumour
Letters
outsourcing
BPO
Outsourcing
CRM
NewsNow
NewsNow
NewsNow
RSS Feed


Thursday, 2 September 2010 18:54 UK Login |  Bengaluru, India


 

Avoid being arrested for sending terror mail

Feature Easy steps to keep safe

By Subhankar Kundu @ Wednesday, September 24, 2008 2:05 PM

 
 

One fine morning when you are busy playing with words in the social online platforms; someone could knock your door to arrest you on  charges of sending terror mails. The moment you come out of the shock and question what's happened, the cops may present you with strong enough evidence to disrupt your social status and to prove that the terror mail was actually sent from your Internet Protocol (IP) address.

The Internet revolution has made our lives unimaginably exciting and flexible,  broadening the horizon of information, entertainment and communication (ICE).  The civilized world has reached a stage from where it cannot just get rid of the internet addiction. Also, recent surveys show the subscriber base rising high in India.

But recent terror mail stories -  on the other side of the coin -  must scare all those internet subscribers who enjoy the presence of high-speed internet connectivity sitting back at their homes.  

Sunny Vaghela, the cyber-cop in Ahmedabad,  has supplied the detailed information to IT Examiner throwing some light on the recent terror mails sent to media houses just before the blasts happened.

Terror Mails IDs
The first terror mail sent before the Ahmedabad Blasts on 26th July 2008 was from the email Id alarbi_gujarat@yahoo.com from IP Address -  210.211.133.200 -  which was traced to Kenneth Hawood's House in Navi Bombay,  though he was completely innocent. Haywood’s unsecured wi-fi router was misused by terrorists to send terror mail from his router. As the log system was disabled, the investigating team was unable to find out the details of the Media Access Control (MAC) address of the culprit.

The second mail was sent on 31st July, 2008 from alarbi_gujarat@yahoo.com from IP Address - 202.160.162.179 - which was traced to the Medical College at Vaghodiya in the state of Gujarat. The cops faced difficulties tracing the second mail as it was sent using a proxy server and a fake mail script. Finally, Vaghela managed to trace the original IP address.

The third mail was sent on 23rd August, 2008 from alarbi.alhindi@gmail.com from IP address - 121.243.206.151 - which was traced to the Khalsa College at Bombay. So, yet another case of an unsecured wi-fi router which was misused to send the mail.

And the fourth Mail was sent on 13th September, 2008 from al_arbi_delhi@yahoo.com, traced to Kamran Power Limited at Bombay. Similarly, the wi-fi router was misused to send the same mail.

Sunny Vaghela has helped Crime Branch, Ahmedabad to trace the exact locations of the terror mails sent during the Ahmedabad serial bomb blasts.

What to do
According to Vaghela, the major problems faced by the team was that all these mails were traced to exact IP addresses and then to subscribers within minutes. But, the ISPs (Internet Service Providers) never responded in time.

Hence, this proves that you have to be alert and follow certain practices to avoid such misuses of unsecured wi-fi routers. 

A wi-fi router should  never be configured as an unsecured connection as it opens the possibility for miscreants to misuse the connection. Usually, ISPs configure the phone numbers or mobile numbers as default Network Key in Router. In such cases, such default network keys should be changed as soon as possible.

On configuring unsecured connection, enabling the logging system is must as it helps one to get MAC  address of the machines which uses the wi-fi router.

A couple of more practices should also be used if the router is configured as an unsecured connection. One is installation of the packet capturing software or wireless local area network (WLAN) analyzing software which will ensure tracking the machines using the wi-fi router. The other one is to bind the MAC address with the router. This will only allow authenticated laptops to connect with the router. One should also maintain all types of logs at least for a period of six months.

On the ISP front, Vaghela pointed out certain points which should be addressed by the service providers.

Keep Records
Vaghela believes that ISPs should maintain records pertaining to event log, security Log & surfing activity logs for atleast six months to track and monitor the activities of any registered subscriber in order to trace out the activities within seconds.  Further,  Vaghela also advised ISPs to thoroughly  verifiy customer information before providing the connection. Vaghela says that in many cyber crime cases, he found out that the applications carried fake identities.

Some ISPs have even installed wi-fi hotspots in public places like restaurants, coffee shops, shopping Malls and hotels. One can easily buy prepaid internet card to use the service without submitting any proof or documents. ISPs should also ask for some photo identity proof before issuing these prepaid cards.

Throwing further light on security, Vaghela said the ISPs should give access to government authorities and investigation agencies to their real time dynamic IP address database to easily trace the culprits.

ISP and E-mail Service Providers should also put filtering mechanisms in their event logs for words being used like 'al arbi','jihad','indian mujahideen’.  They must also send alerts to government agencies if someone is found signing up with email ids with combination of any of such key words.
 
So, tighten your belts before the cops knock your door and the very next day, you find your yourself on television news with your face covered with a scarf through no fault of yours.   X
 

 
  Add Comment 
  
Copyright 2009 - ITExaminer.com  Terms Of Use  Privacy Statement  Contact Us