This one is going to be tougher. Of what we’ve looked at so far this will probably take more work and learning than any of the others. The good news is, depending on your situation you may need to do less here. IF you have decided that your pc (or network) has ports open to the outside world, so that incoming connections can be listened for. You NEED to do this. For every service that is accessible from the outside world…
Tag: updates
-
Network Security guide for the home or small business network – Part 5 – Update your software
Okay – so after the last article you’ve inventoried what software you use on a PC and you know what services (server’s) the pc runs that you’ve told it to. You even know what passes as “normal” startup programs. Now it’s time to put that to use. It’s time to keep up with updates for the operating system, any of the programs you use form time to time, and any programs that listen as a service (actively listen for incoming network connections.)
-
The 2nd journey begins… Mandriva 2006 upgrade 2 – Part 3
Mirrors are added, now it’s time to start the process. OK, everything up until now has been preparatory and hasn’t REALLY upgraded anything. I’ve skimmed over the errata and release notes (again) at http://qa.mandriva.com to make sure there isn’t anything hardware specific or urpmi –auto-select from Mandrake 10.1 specific that I need to be aware of.
-
The 2nd journey begins… Mandriva 2006 upgrade 2 – Part 2
OK – copying of the most crucial files are done. It’s time to start the process. First I’ve gathered a list of URPMI sources that I can use from online. No local mirror this time, so it may take a while to pull all the files I need. Second, it’s time to say #urpmi.removemedia -a to clean out our list of software install sources.
-
How festive – the dasher worm…
The securityfix is reporting on a new worm that exploits an older Windows vulnerability. The worm is called dasher and is in at least it’s second iteration. Sans noticed an odd increase in port 1025 scans on the tenth of the month which was early activity of this worm. It looks like the first version of the worm didn’t work fully, but this second one does. It installs a keylogger.
-
Network Security guide for the home or small business network – Part 3 – Antivirus
Ok, the first two entries thus far, hardware firewalls and software firewalls have been fairly operating system independant. A hardware firewall is best, but if that’s not possible a software firewall will do until you get a hardware firewall setup. This next item is (currently) a must have for Windows users. However, Mac and Linux users may see the day soon when it is an essential part of security for those systems as well. These days I am stunned to see PC’s that don’t have an antivirus program installed.
-
Microsoft Security Bulletin Email
There is a trojan making the rounds that is acquired by clicking on links in an email. That’s not necessarily new, however…. this email represents itself as an authentic-looking Microsoft security bulletin and the links are supposedly to updates (sorted by Windows version.) It’s important to point out that Microsoft does not send registered users security notices in this manner and if you are concerned about security updates you should either enable automatic updates or visit http://windowsupdate.microsoft.com
-
F-secure list of sober virus urls
When the news was first out that an antivirus firm (f-secure) had cracked the psuedo-random algorithm that the sober worm uses to determine where to download “updates” from, they said that they had previously notified German authorities where the free hosting sites were located so that they could deal with the sites. I did find that they have announced a list of the addresses for the January 5th update (and the January 6th as well.)
-
More details on Sober worm
There’s a bit more detail in this betanews article on the sober worm. They basically say that the next expected “release” is January 8th, that f-secure has cracked the “code” of the worm. You see it appears that the URL’s that new versions of the worm are downloaded from are not hardcoded, but “psuedorandom” and they’ve cracked the algorithm the worm uses.
-
Two critical fixes from Microsoft on December patch Tuesday
December’s rendition of Microsoft’s monthly Patch Tuesday will feature two critical security fixes. The malicious software removal tool will also be updated…
Additionally, Microsoft will issue two non-security high-priority updates through Windows Update and Software Update Services, and three non-security high-priority updates through Microsoft Update and Windows Server Update Services. It is standard Microsoft procedure to not disclose the nature of the updates beforehand for security reasons.