The security problems associated with unsecured WiFi networks when you sit on the beach, cafe, etc., the applications that “show” your geographical location, the information exchanged through social networks etc are hiding serious security threats for your PC and for your personal information as well.

The use of secure wireless networks, encryption or hiding of data on disk to prevent “theft”, and serious precautions during online shopping or banking transactions, are among the practical security measures that users need to follow for protecting their personal information.

With the proliferation of social networks and the numerous applications used to share information via the Internet, PandaLabs, the anti-malware labs of Panda Security, advise users to take additional steps to avoid falling victims to malicious actions during the holidays.

These types of “geo-location” applications are used widely in recent years. Facebook applications such as Doorpl or Trip Advisor (which describes the current location of someone or the desired destination of someone), the Twitter geolocation utility (which shows from which location your tweets are sent), or the location services via GPS mobile devices (iPhone and Android users) are just some examples.

PandaLabs constantly analyze the latest trends in Internet and are able to advise users for their protection throughout the year and more specifically during a massive holiday period like the summer.

If you take your own computer with you on vacation:
- Before you do anything, keep a back up of all your data.
- Make sure you have a reliable and updated antivirus/antimalware protection software and that all necessary security patches are installed.
- In order to mitigate the consequences of theft of your computer, use the encryption technology for information stored on your hard disk, even if such work is tedious and complicated. This will prohibit any access to your files without correct password.
- Clear the temporary files, logs, cookies and password reminders or auto-complete features you use on the browser. This would eliminate the automatic access to webmail, social networks, bank accounts or your favorite online stores.
- Do not connect on unprotected WiFi networks, as you can “get hooked” by hackers who can intercept information shared with your community. Even if you have to pay for network access, it is better and safer to use a secure network you can trust.
- Pay attention to email. The phishing attacks and spam are becoming smarter for stealing sensitive personal data.

If you use another computer on your vacation:
- It’s better not to use someone else computer. You do not know what is installed on this computer. It is possible that PCs in cyber-cafes, hotels or airports, from where you might log into your bank account, etc. are infected by a dangerous Trojan Horse.
- If you do not really have a choice and must go into websites that require your personal credentials, make sure you change them immediately after use in order to minimize the risk.
- Avoid doing online transactions if possible. Remember that any information you enter can be used by another user.
- Do not accept any inducement for storage of personal data offered by many web browsers.
- When you are finished using the computer, delete all temporary files, browser history, the cookies, the log files and any other information stored on computer.
- If you download something on the computer, remember to delete it before turning the computer off.

Using social networks
- Never use the travel planning applications offered by these networks in order to be sure that it is impossible to identify who you are. Do not accept the geolocation detection (geolocation function) in Twitter and do not use this technology in mobile phones.
- Do not reveal your plans for your holidays in chat rooms, IRCs, social communities, etc.
- If you spend time in chat rooms while you’re on vacation, do not disclose any personal or confidential information to someone you don’t know.
- Share the above tips with your children, which are often more open to good faith to share information via the Internet.
- If you notice any suspicious behavior while you are connected to a social network (people with great interest for other people’s destinations, dates, etc.) contact the police. Prevention is always better than cure.

The ASA 5500 series firewall can work as DHCP relay agent which means that it receives DHCP requests from clients on one interface and forwards the requests to a DHCP server on another interface. Usually the DHCP server is located in the same layer 3 subnet with its clients. There are situations however where we have only one DHCP server but several layer 3 networks exist (on different security zones on a Cisco ASA) and dynamic IP allocation is required for those networks as well. With the DHCP relay feature, we can connect the DHCP server on one network zone and have the firewall forward all DHCP requests from the other network zones to the DHCP server.

Configuration

!First identify the DHCP server and the interface it Is connected to
ciscoasa# conf t
ciscoasa(config)# dhcprelay server 10.1.1.100 DMZ
ciscoasa(config)# dhcprelay timeout 90

!Now enable the DHCP relay on the inside interface
ciscoasa(config)# dhcprelay enable inside

!Assign the ASA inside interface IP as default gateway for the clients
ciscoasa(config)# dhcprelay setroute inside

Usage Guidelines

You can add up to four DHCP relay servers per interface. You must add at least one dhcprelay server command to the ASA Firewall configuration before you can enter the dhcprelay enable command. You cannot configure a DHCP client on an interface that has a DHCP relay server configured.

You cannot enable DHCP relay under the following conditions:
• You cannot enable DHCP relay and the DHCP relay server on the same interface.
• You cannot enable DCHP relay and a DHCP server (dhcpd enable) on the same interface.

This article describes the user interface and access modes and commands associated with the operation of Cisco ASA 5500 firewall appliances. We assume that you know how to connect to the appliance using a console cable (the blue flat cable with RJ-45 on one end, and DB-9 Serial on the other end) and a Terminal Emulation software (e.g HyperTerminal), and how to use basic Command Line Interface.

SECURITY APPLIANCE ACCESS MODES
A Cisco ASA security appliance has four main administrative access modes:

• Monitor Mode: Displays the monitor> prompt. A special mode that enables you to update the image over the network or to perform password recovery. While in the monitor mode, you can enter commands to specify the location of a TFTP server and the location of the software image or password recovery binary image file to download. You access this mode by pressing the “Break” or “ESC” keys immediately after powering up the appliance.
• Unprivileged Mode: Displays the > prompt. Available when you first access the appliance. If the appliance is a Cisco PIX 500 series, the prompt for unprivileged mode is pixfirewall> and if the appliance is the new Cisco ASA 5500 Series, the prompt is ciscoasa>

This mode provides restricted view of the security appliance. You cannot configure anything from this mode. To get started with configuration, the first command you need to know is the enable command. Type enable and hit Enter. The initial password is empty, so hit Enter again to move on the next access mode (Privileged Mode).

• Configuration Mode: This mode displays the (config)# prompt. Enables you to change all system configuration settings. Use exit from each mode to return to the previous mode.

The (config)# mode is sometimes called Global Configuration Mode. Some configuration commands from this mode enter a command-specific mode and the prompt changes accordingly. For example the interface command enters interface configuration mode as shown below:

ciscoasa(config)# interface GigabitEthernet0/1
ciscoasa(config-if)# <– Configure Interface specific parameters