Brian Krebs at the securityfix has a good article for those that are getting a new pc for Christmas (or those that know someone who is.) He has a nice outline of setting up limited privilege user accounts, installing windows updates, using a firewall and using antivirus. This is a nice concise guide to get a Windows machine tweaked to a fairly secure state.
Category: Computers
-
More on the Santa IM worm
There are a couple of stories out about the Santa IM worm, otherwise known as IM.GiftCom.All. First up Sans has some interesting analysis of it. It appears that it’s being hosted at 69.56.129.67, when run it resolves smtp.girlsontheblock.com to 38.118.133.241 and attempts to open tcp port 53. It renames itself as c:\windows\winrpc.exe and sets up shop as “Windows RPC Services”. They’re saying instead of a worm it should be more accurately termed a bot with replicating capabilities, it is reliant on controls from an outside site. (From their analysis I presume the 69. ip address above?)
-
Quicktime and iTunes vulnerabilities
Details of a vulnerability in Apple’s Quicktime and iTunes reported at betanews.com. Secunia also has an advisory. It is listed as moderately critical and affects the current version of both quicktime and itunes on Mac or Windows.
-
Network Security guide for the home or small business network – Part 10 – use good passwords
In a small, trusted network you might be able to get away with weak passwords for file sharing for instance. What’s a weak password? Anything you might find in a dictionary. Most people don’t realize this, but there are programs designed to crack passwords. They’re designed to take a dictionary file and run through it trying every combination possible. It might take a while, but this kind of brute force attack can be VERY effective against a weak password.
-
Disinfecting a PC… part 9
Ok – about 22 or 23 critical updates for Windows ME. I’m suspecting it’s never visited the Windows update site. While it’s going I make sure that the adware scanners and antivirus scanner get to pull updates from the web as well. It’s also time to scan for running network services that shouldn’t be running. It may be a dialup machine, but we don’t want UPNP listening over the connection.
-
Book Publishing in small quantities or on demand lulu.com
This may be the first in a series of several profiles looking at different ways to get published online. The internet has been a disruptive technology for so many industries. Book publishing is one of those. Used to you would submit a manuscript to publishers shopping around for someone to take your work. These days it can be as simple as going online and shopping between several publishers, uploading your book (or calendar, pictures or other content) and then letting them take care of the publishing details, selling, printing on demand and you haven’t had to deal with a rejection letter yet….
-
Exporting an active linux desktop with vnc, or vnc remote desktop under linux
There are lots of ways to get a remote desktop under linux, remote X, nxserver, vnc. One of the problems though is the most common configuration doesn’t let you connect to a running desktop session. There is a vnc component that let’s you do this and I’m using it right now. On the home network, sometimes I don’t want to be sitting at the desktop machine and would rather use the laptop while checking in on programs running on the desktop itself. But, being too lazy to go to the desktop it would be nice if there was a way I could run something remotely that would let me view that desktop… ahhh there is a way.
-
Antivirus update response times
We know that for Windows systems especially antivirus is a must. Up to date antivirus is the MOST important though. So how do the different vendors do in responsiveness and quick antivirus definition updates…? The SecurityFix has an article on just that today. The comparison is courtesy of av-test.org.
-
Spyaxe Spytrooper spysherriff et al removal
There are so many “wolves in sheeps clothing” or maybe I should say wolves in sheepdogs clothing… Anyway, so many nasty malware’s that pose as protective utilities. Spyaxe, spytrooper, spy sherriff, etc. There is a tool that is specialized towards removing these. Smitrem which is short for smitfraud removal. (After the viral name of one of the first of this class of rogue.)