The SANS institute is warning of an increase in reports of malware scanning for vulnerabilities. Currently these samples of malware are undetected by current antivirus signatures. They’re requesting samples of the malware for analysis. The last such surge in scanning was about a week ago when they noted a spike in scans to port 1026. It turned out that was advance recognition of the dasher worm trying to circulate.
Category: Security
-
Network Security guide for the home or small business network – Part 7 – Wireless Networking
OK – the last couple of entries got into some heavy lifting and some real learning on your part. Learning about what software needs to run, what services are running, updating them to keep current on security patches. We even talked about securing services listening for outside connections and limiting them to what is absolutely necessary. Now we’ll take a deep breath and get into another area… Wireless network security.
-
Disinfecting a PC… part 6
Ok, it’s BHOdemon time… installed from cd and on starting:
BHOdemon bhotb-all.html not found, no web connection downloading on other machine.
Finally get it to work copying from another machine. But I had to change the Windows ME to show full filenames to help troubleshoot why it couldn’t find the file (naming problem.) (There seems to be a strange display problem on setting “don’t hide file extensions” menu, (I can’t see the check boxes or the checkmarks…. I managed to toggle them “blind” to show file extensions)…
-
Network Security guide for the home or small business network – Part 6 – Secure your services
This one is going to be tougher. Of what we’ve looked at so far this will probably take more work and learning than any of the others. The good news is, depending on your situation you may need to do less here. IF you have decided that your pc (or network) has ports open to the outside world, so that incoming connections can be listened for. You NEED to do this. For every service that is accessible from the outside world…
-
Disinfecting a PC… part 5
OK, we’re moving on to BHOdemon to take care of the browser helper objects. Unfortunately it looks like BHODemon is not being currently maintained, the developer has had a housefire.
I am very sorry, but BHODemon is currently on hiatus, as I no longer have the time to devote to it (due to a house fire). You will not be able to download updates or upload reports, and I will no longer be answering emails. At some point, BHODemon may return. I would like to thank everyone for their support over the years.
-
Network Security guide for the home or small business network – Part 5 – Update your software
Okay – so after the last article you’ve inventoried what software you use on a PC and you know what services (server’s) the pc runs that you’ve told it to. You even know what passes as “normal” startup programs. Now it’s time to put that to use. It’s time to keep up with updates for the operating system, any of the programs you use form time to time, and any programs that listen as a service (actively listen for incoming network connections.)
-
Disinfecting a PC… part 4
So, AVG has been scanning away finding things we’ve really got a foothold on the system and the malware has a fight on it’s hands. It’s good to see progress. Up to this point we’ve had multiple Spool32 errors (printer related). These errors are what prompted the system to be brought in initially. There’s a lexmark system tray item that loads on boot. No time to investigate that yet. Here’s the log of the AVG antivirus scan…
-
Network Security guide for the home or small business network – Part 4 – Know your software
Ok, so you’ve got a hardware firewall and you’ve got antivirus. You’re safe right? Well, not entirely. I’ve mentioned the flaws of antivirus. It’s always a step behind. A firewall doesn’t protect against unknown viruses, so what else is there to do? I’m going to tackle this in two steps. The first is to know what software is running on your system. Isn’t there a lot of that? How can I keep up?
-
Disinfecting a PC… part 3
Picking up from last time… AVG was failing to install with a peculiar registry error. (Which I didn’t see much reference to online.) OK, so here is another fruit of the online search (so many bugs to identify…)
jawa32.exe is listed as spyware.seekseek in sarc’s database.
OK – let’s see if we can kill of some of these suspects… it’s time for a couple cycles of ctrl-alt-del to remove running processes that look suspect, followed by msconfig – disabling of processes running at boot, reboot, repeat.
-
Artists revolting against DRM
This is under the security tab because DRM software protection has proven to be a computer security issue… Spyware Confidential is reporting on artists revolting against the Sony DRM. According to the story…
My Morning Jacket, the artists who recorded the copy protected CD “Z” I mentioned here, are doing more than protesting Sony BMG’s use of DRM spyware. They are revolting. Yesterday I read that My Morning Jacket was doing their own recall of the affected CDs. Now I see they are burning unrestricted copies of their CD and mailing them to users. Hmm… I wonder if they are breaking the law under the DMCA.