Nov 30
I recently read a PC World article about a Google page that has a form where you can report a malicious website (a site with bad content like viruses and the like). It’s a new feature that Google unveiled (announcement). I found that Google will validate a url passed to it and insert it into the form. I thought this would be much better if you could click a bookmark in your browser and automatically pass the url of the current website to the Google form. So I created a bookmarklet (bookmark with javascript) and here it is.
Drag the bookmarklet link to the bookmark area of your browser. And when you click it a new window will be opened showing the Google form with the URL of the bad site filled in for you.
Bookmarklet: Report Malicious Site
Spread the word so everyone can help get rid of bad sites. Enjoy, from Jason of JasonBlogs.com.
Nov 15
PayPal has a little quiz where you can test your phishing knowledge and how well you can spot fake emails pretending to be from your bank or PayPal. They are just looking to steal your information, and you have to be careful. You can hover over links in email and it may look legit but long urls can hide the actual website toward the end of the link.
Take the challenge. I took it and I’m a champion, as you can see.
Jan 03
“Microsoft Corp. said today it does not plan to release a fix for the Windows Metafile (WMF) flaw until Jan. 10, when a patch will be included as part of the company’s scheduled monthly updates for January.
Microsoft has completed development of a patch for the flaw and is now testing it for quality and application compatibility, the company said in an advisory updating an earlier advisory released last week.”
Via Computerworld
The SANS Institute’s Internet Storm Center has an unofficial patch for the Windows .WMF flaw. And from their WMF FAQ: “The WMF vulnerability uses images (WMF images) to execute arbitrary code. It will execute just by viewing the image. In most cases, you don’t have click anything. Even images stored on your system may cause the exploit to be triggered if it is indexed by some indexing software.”
Mar 29
Many people do not know what a firewall is or why they should be using one. A firewall is typically a program or piece of hardware that stands between your computer and the internet, or your local area network (ie. your company’s network). A good firewall sifts through all requests made by your computer or to your computer. If you visit a website, a firewall would check to make sure that the website does not attempt to gain access to your computer.
There are two ways that a firewall can secure your computer. One way is to make sure that no one is able to get into your computer from the outside world. Hackers or computer users with malicious intent routinely perform scans across the internet to see what computers have open ports. Whenever a program on your computer needs to access the internet it opens up a port to send and/or receive data through. It’s like opening a window to let air in and out of a room; a burglar can easily get into your house through that open window.
The other way a firewall secures your computer is to make sure that no unauthorized program on your computer tries to access the internet or another computer. Sometimes people may put trojans, or backdoors, into programs. A trojan infects the computer it is loaded on and dials out to the internet to carry out it’s objective. Computers infected with trojans are called zombies if they are used to perform an attack on websites, such as the semi-recent string of Denial of Service (DoS) attacks on websites like CNN and Yahoo. Some trojans will collect your personal information, such as credit card numbers, and then send them to the virus creator. A firewall can alert you when a program is trying to access the internet and if it as legitimate program such as Internet Explorer or AOL Instant Messenger you can allow it to connect to the internet. Otherwise you can choose to deny the program access if you do not know what it is. (Note: Some programs are used by windows and denying them access to the internet can cause your internet connection to not work properly. All you would have to do is allow the connection the next time the program asks to connect to the internet.)
One thing to make sure when choosing a firewall is whether it blocks both incoming and outgoing connections on your computer. Tiny Personal Firewall and Zone Alarm will allow you to block both types of connections, while Black ICE Defender will only block incoming traffic. Tiny Personal Firewall is free for home use, as is a scaled down version of Zone Alarm; while Black ICE is not free.
Note: Tiny Software no longer offers a free firewall, though Zone Alarm still does.
Originally posted on Infohuts.com and TechHelpCenter.com, which has been folded into Shiwej.com.
Mar 29
Shiwej.com has compiled a list of some necessary programs to secure your Windows computer. Together, these programs fulfill almost all security functions that you will need to perform on your computer.
Index
Microsoft Baseline Security Analyzer (MBSA)
One particularly important element of operating a secure system is staying up to date on security patches. It’s critical to know which patches have been applied to your system and, more importantly, which haven’t. Microsoft has released a tool called MBSA that will significantly aid system administrators in this task, as well as regular computer users.
MBSA is a graphical tool that enables an administrator to check the patch status of all the machines in a network from a central location. The tool does this by referring to an XML database that’s constantly updated by Microsoft. MBSA can be run on Windows NT 4.0, Windows 2000, Windows XP or Windows Server 2003 systems, and will scan either the local system or remote ones for patches available for the following products:
- Windows NT 4.0
- Windows 2000
- Windows XP
- Windows Server 2003
- All system services, including Internet Information Server 4.0 and 5.0
- SQL Server 7.0 and 2000 (including Microsoft Data Engine)
- Internet Explorer 5.01 and later
Home
Download
Hotfix Reporter 3.2
Hotfix Reporter is a free utility that works in conjunction with the Microsoft Network Security Hotfix Checker (HfNetChk) tool to scan your Windows NT 4, Windows 2000, or Windows XP server for missing patches.
HfNetChk scans your system for missing patches, but displays the results in a raw, plain-text, unfriendly format. Hotfix Reporter converts the HfNetChk raw output into an HTML page, complete with clickable links, making it easy to download the necessary patches from Microsoft.
After installing Hotfix Reporter (and HfNetChk), just choose the Hotfix Reporter command from your Administrative Tools menu. Hotfix Reporter will run HfNetChk, convert the results into HTML, and launch a browser to show you the results.
If you don’t already have the Microsoft HfNetChk tool, you should download and install it as well. It is now built into the MBSA mentioned above.
Hotfix Reporter Home
Download Hotfix Reporter
Active Ports
Active Ports is an easy-to-use tool for Windows NT/2000/XP that enables you to monitor all open TCP/IP and UDP ports on the local computer. Active Ports enables you to view which process has opened which port. It also displays a local and remote IP address for each connection and allows you to terminate the owning process.
Active Ports can help you detect Trojans and other malicious programs. When running the program, you might see a process that you never heard of listening to a port. You can then perform a web search on the file name to discover whether it is malicious or necessary for your computer’s operation.
Home
GFI LANguard Network Security Scanner v2.0
LANguard Network Security Scanner is a tool that checks your network for all potential methods that a hacker might use to attack your network. By analysing the operating system and the applications running on your network machines, LANguard Network Security Scanner identifies all the possible security holes in your network. In other words, it plays the devil’s advocate and alerts you to weaknesses before a hacker can find them, enabling you to deal with the issues before the hacker can exploit them.
LANguard Network Security Scanner scans your entire network, IP by IP, and provides information such as service pack level of the machine, open shares, open ports, services/applications active on the computer, key registry entries, weak passwords, users and groups, and more. The results are outputted to an HTML report, enabling you to deal with the issues LANguard Network Security Scanner finds and proactively secure your network - for example by shutting down unnecessary ports, closing shares, installing service packs and hotfixes, etc.
The normal version of LANguard Network Security Scanner is Freeware! No license fees are due and it is not limited in any way.
Use LANguard Network Security Scanner to:
- Check for known & unknown vulnerabilities
- Check for service pack levels of your servers & workstations
- Make an inventory of your network
- Detect unnecessary shares
- Detect unnecessary open ports
- Detect potential Trojans installed on users’ workstations
- Check for unused user accounts on workstations
- Find out if the OS is advertising too much information
Home
Download (1.71 MB)
Sygate Online Services
Sygate Online Services performs detailed online scans of your computer to detect any vulnerable areas. You need a firewall, otherwise the site and hackers will find that your computer’s ports are open, it is sending out valuable information about itself, and it is allowing traffic through that it should not. Take a look at our article on Securing Your Computer with a Firewall to find out how firewalls secure your computer and where you can get one.
Sygate Online Services Home
Sygate Online Services FAQ
Securing Your Computer with a Firewall
Useful tools
Microsoft QChain tool — reboot your server only once after installing multiple hotfixes
Useful security sites
Microsoft security home page — bulletins, security checklists, and information on security best practices
Gibson Research Corporation — keep up to date with Steve Gibson’s research into leading-edge security issues
CERT
SANS Institute
NTBugtraq
Originally posted on Infohuts.com and TechHelpCenter.com, which has been folded into Shiwej.com.
Mar 28
The Windows NT/2000 Security Scoring Tool is based on sets of standards agreed upon by the Center for Internet Security (CIS), the SANA Institute, the National Security Agency (NSA), the Defense Information Systems Agency (DISA), the National Institute of Standards and Technology (NIST), and the General Services Agency (GSA). The application The tool first runs a comprehensive scan that scores a computer based on a set of security standards. After the scan runs, there are multiple reports to view.
The Summary Report lists a summary of the scan with your score in each area of the scan (an html copy of the information on the main window of the tool after a scan). The Hotfix Report finds the Hotfixes you need and gives links to the MS download pages for those Hotfixes. The User Report displays accounts with passwords older than 90 days and gives detailed information about each account. The Service Report shows all non-default installed services. The Scan Log gives a detailed list of all items the scan went through and which were not configured correctly. The Debug Log displays the different processes the program went through.
The Good
The program comes with a detailed implementation guide that is a must read. There are multiple security templates, so after reading the included pdf files you can select the one that is right for the level of security you want. You can configure the program to not check the registry, to not evaluate file checksums, and to give verbose output. Also, the program can export an effective group policy that conforms to the security template’s standards.
The Bad
Two minor faults we found were the inability to save scan reports easily and the inability to stop a scan while it is being performed. Also, you can only run the tool on the local machine and not other computers connected to a network. This means that network administrators would have to run the test on each machine individually and while physically at a machine, or leave it up to a user to run the test on his/her own. Furthermore, The Center for Internet Security’s agreement only allows you to download the files from their site and not distribute them (unless you are a member).
More Information
The CIS website also has tools for Solaris, Linux, HP-UX and Cisco IOS Routers.
The Center for Internet Security
Download the Windows 2000 Benchmark and Scoring Tools
Originally posted on Infohuts.com and TechHelpCenter.com, which has been folded into Shiwej.com.
Mar 28
Index
Introduction
What is P3P?
AT&T Privacy Bird
How can the average consumer protect their information?
Introduction
The current downturn in the online advertising market is forcing some websites to transform their businesses into ones which are driven by the almighty dollar. Many sites are now selling detailed information cultivated from you, the unsuspecting web surfer, in an effort to make money. Your email address, home address and telephone number could be among some of the information that websites are using for their own corporate gain.
What is P3P?
The Platform for Privacy Preferences Project (P3P) is emerging as an industry standard providing a simple, automated way for users to gain more control over the use of personal information on Web sites they visit. P3P is a standardized set of multiple-choice questions, covering all the major aspects of a Web site’s privacy policies. They present a clear snapshot of how a site handles personal information about its users. P3P-enabled Web sites make this information available in a standard, machine-readable format. P3P enabled browsers can “read” this snapshot automatically and compare it to the consumer’s own set of privacy preferences. P3P enhances user control by putting privacy policies where users can find them, in a form users can understand, and, most importantly, enables users to act on what they see.
AT&T Privacy Bird
AT&T is one of the first companies to develop an application which takes advantage of a site’s P3P policy. The AT&T Privacy Bird reads P3P privacy policies and compares them with the level of privacy which you have set in the AT&T Privacy Bird preferences. AT&T Privacy Bird allows you to ask for warnings at Web sites that may: Sell your name and address to other companies without your permission, use your health or medical information for marketing, put you on mailing lists that you can’t get off of, and more. The AT&T Privacy Bird works with Internet Explorer 5+ and Windows 98/NT/2000/ME/XP.
Download Now
Take the Tour
How can the average consumer ensure that their information is not being abused?
- Always read privacy policies - many sites provide a link to a privacy policy that outlines what information they collect and how they use that information.
- Utilize a P3P enabled program - programs such as the AT&T Privacy Bird allow you to set what type of information you want collected and will alert you when a site does or does not comply with your settings.
Originally posted on Infohuts.com and TechHelpCenter.com, which has been folded into Shiwej.com.
Feb 28
The EarthLink Protection Blog is a nice blog from a company that is developing an image as a protector of all Internet users and EarthLink customers. The site has many useful tips and tricks on how to protect yourself from Fraud, Spam, Spyware, Viruses, and other nasty aspects of the Internet age. They also encourage comments and have a very personable feel to their posts.
Of interest is a line in their About page that says “Although this blog is sanctioned by EarthLink, none of the stuff we write has been filtered through our PR guys or approved by a team of lawyers.” This seems to be a new trend for corporate blogs.
© 2006-2007 Jason Schramm. Site design by
Jason Schramm.
Jason Schramm is the man.
subscribe
Posts (RSS)